Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/4c31f2-8f30-4dbe-938d-b2f0b1bcae5c/1/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.mft
File:                     NeZ2RZTgDZq4AXiTxxCSz1FrEB8.mft (raw, json)
Hash identifier:          Ym08NIPGyF2BsbJPwrxw4ykQrUYGGxEUugyo1n+5EUY=
Subject key identifier:   B5:65:B6:DE:E1:17:38:BB:D5:44:B3:02:CD:F3:FD:49:6E:21:3B:81
Authority key identifier: 35:E6:76:45:94:E0:0D:9A:B8:01:78:93:C7:10:92:CF:51:6B:10:1F
Certificate issuer:       /CN=35e6764594e00d9ab8017893c71092cf516b101f
Certificate serial:       01976FD16463443E873D9BEE9632A187934A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/4c31f2-8f30-4dbe-938d-b2f0b1bcae5c/1/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.mft
Manifest number:          151E
Signing time:             Sat 14 Jun 2025 19:01:23 +0000
Manifest this update:     Sat 14 Jun 2025 19:01:23 +0000
Manifest next update:     Sun 15 Jun 2025 19:01:23 +0000
Files and hashes:         1: NeZ2RZTgDZq4AXiTxxCSz1FrEB8.crl (hash: mhcKAAgyh+uXw4kJzbttlL2OtofsXIbaSpIfKYPXMjo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fc/4c31f2-8f30-4dbe-938d-b2f0b1bcae5c/1/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fc/4c31f2-8f30-4dbe-938d-b2f0b1bcae5c/1/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:d1:64:63:44:3e:87:3d:9b:ee:96:32:a1:87:93:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35e6764594e00d9ab8017893c71092cf516b101f
        Validity
            Not Before: Jun 14 19:01:23 2025 GMT
            Not After : Jun 15 19:01:23 2025 GMT
        Subject: CN=b565b6dee11738bbd544b302cdf3fd496e213b81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:6b:14:39:c8:9b:e2:b4:c3:33:e3:2f:5d:f7:
                    18:a5:43:97:1d:4e:76:0b:f7:99:bb:24:a5:6b:33:
                    70:c4:88:67:05:a6:11:5d:03:82:6e:8a:f9:13:85:
                    9f:d0:61:7a:af:ee:eb:60:16:9b:f9:f9:1a:7b:9d:
                    75:c6:b9:54:d8:53:7c:c7:e6:29:50:ed:ab:32:c1:
                    4d:7f:03:ef:0f:bb:31:94:df:ef:b8:e3:a8:95:b9:
                    90:fb:41:a2:fe:19:b9:bc:0a:2a:7b:1d:2f:c4:2d:
                    48:7a:11:47:69:41:4a:2b:44:3d:54:63:8e:6a:47:
                    e0:be:b1:8a:f7:5b:ea:9f:b1:58:36:0e:84:e0:be:
                    02:68:b4:bf:97:61:63:63:5c:06:a7:53:c1:e2:07:
                    7c:ab:52:b3:36:e2:04:78:3e:49:17:6b:62:06:ef:
                    45:43:da:66:2f:97:21:34:e9:af:8b:a2:21:13:fd:
                    ab:e1:41:d8:e8:de:9f:63:2d:94:37:c8:af:49:78:
                    66:52:e4:12:ef:f3:4d:b9:4b:d1:f6:b6:e2:17:06:
                    e1:06:33:b6:a8:1f:1e:0a:b9:e0:1f:ae:47:05:a0:
                    2a:b9:ad:7b:37:b6:92:ea:c2:39:51:62:04:b4:12:
                    13:02:d7:a8:8c:de:c8:41:5c:9e:a7:45:12:f1:40:
                    fc:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:65:B6:DE:E1:17:38:BB:D5:44:B3:02:CD:F3:FD:49:6E:21:3B:81
            X509v3 Authority Key Identifier:
                keyid:35:E6:76:45:94:E0:0D:9A:B8:01:78:93:C7:10:92:CF:51:6B:10:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/4c31f2-8f30-4dbe-938d-b2f0b1bcae5c/1/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/4c31f2-8f30-4dbe-938d-b2f0b1bcae5c/1/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:1c:ce:79:d8:4c:90:af:74:d7:75:4e:4f:42:ed:1c:70:35:
         09:0f:1b:26:d6:20:82:68:24:a3:ff:47:02:c7:8a:44:d9:68:
         32:9f:ab:0a:f5:bd:45:8a:24:af:18:04:c1:21:be:97:23:5b:
         ec:4a:35:67:07:eb:31:33:4a:8a:60:1a:fc:d1:c8:68:a3:82:
         4e:7a:7f:71:c5:38:93:ee:95:91:9e:5c:0c:6b:bd:1e:2b:bd:
         58:3a:b5:ab:41:ad:a6:d0:36:d0:c1:42:51:eb:29:1f:55:65:
         29:4f:d9:11:93:ed:55:8c:78:3d:3a:80:77:9a:45:cf:e8:5c:
         42:bc:75:0c:b5:b1:b4:2a:3c:b2:77:ef:b3:b3:38:ed:bd:f2:
         e5:33:23:be:c8:a7:1f:fe:3b:58:19:34:8d:0b:db:d7:01:14:
         cf:83:23:a3:3c:ed:24:11:77:46:a7:de:88:0c:77:01:0c:7a:
         e4:bd:88:4f:a7:35:44:eb:27:d6:eb:2f:69:82:78:41:b9:07:
         0c:4c:3c:ae:a8:8b:8c:ca:d5:3a:ac:fa:08:84:34:48:96:d0:
         97:72:82:5d:6b:85:f4:b3:e7:54:26:1f:53:f4:1f:d6:2a:20:
         fb:43:dd:34:11:56:09:d1:50:5a:00:d1:17:f5:d9:83:6e:b7:
         c7:39:1f:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdv0WRjRD6HPZvuljKhh5NKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZTY3NjQ1OTRlMDBkOWFiODAxNzg5M2M3MTA5MmNmNTE2
YjEwMWYwHhcNMjUwNjE0MTkwMTIzWhcNMjUwNjE1MTkwMTIzWjAzMTEwLwYDVQQD
EyhiNTY1YjZkZWUxMTczOGJiZDU0NGIzMDJjZGYzZmQ0OTZlMjEzYjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2sUOcib4rTDM+MvXfcYpUOXHU52
C/eZuySlazNwxIhnBaYRXQOCbor5E4Wf0GF6r+7rYBab+fkae511xrlU2FN8x+Yp
UO2rMsFNfwPvD7sxlN/vuOOolbmQ+0Gi/hm5vAoqex0vxC1IehFHaUFKK0Q9VGOO
akfgvrGK91vqn7FYNg6E4L4CaLS/l2FjY1wGp1PB4gd8q1KzNuIEeD5JF2tiBu9F
Q9pmL5chNOmvi6IhE/2r4UHY6N6fYy2UN8ivSXhmUuQS7/NNuUvR9rbiFwbhBjO2
qB8eCrngH65HBaAqua17N7aS6sI5UWIEtBITAteojN7IQVyep0US8UD8UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLVltt7hFzi71USzAs3z/UluITuBMB8GA1UdIwQY
MBaAFDXmdkWU4A2auAF4k8cQks9RaxAfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmVaMlJaVGdEWnE0QVhpVHh4Q1N6MUZyRUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy80YzMxZjItOGYzMC00ZGJlLTkzOGQt
YjJmMGIxYmNhZTVjLzEvTmVaMlJaVGdEWnE0QVhpVHh4Q1N6MUZyRUI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy80YzMxZjItOGYzMC00ZGJlLTkzOGQtYjJmMGIxYmNhZTVj
LzEvTmVaMlJaVGdEWnE0QVhpVHh4Q1N6MUZyRUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPBzOedhM
kK9013VOT0LtHHA1CQ8bJtYggmgko/9HAseKRNloMp+rCvW9RYokrxgEwSG+lyNb
7Eo1ZwfrMTNKimAa/NHIaKOCTnp/ccU4k+6VkZ5cDGu9Hiu9WDq1q0GtptA20MFC
UespH1VlKU/ZEZPtVYx4PTqAd5pFz+hcQrx1DLWxtCo8snfvs7M47b3y5TMjvsin
H/47WBk0jQvb1wEUz4MjozztJBF3RqfeiAx3AQx65L2IT6c1ROsn1usvaYJ4QbkH
DEw8rqiLjMrVOqz6CIQ0SJbQl3KCXWuF9LPnVCYfU/Qf1iog+0PdNBFWCdFQWgDR
F/XZg263xzkfgw==
-----END CERTIFICATE-----