Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
File:                     ny4CE8HB23M97spK4mFsqv-lFXA.mft (raw, json)
Hash identifier:          KhDe/6FlWoH73ytZTSachdOnc0U3M6xFQ/h2+JfRM3o=
Subject key identifier:   EA:59:72:4E:6F:33:69:B9:91:BC:EF:7E:65:C5:92:F3:A1:22:8A:7C
Authority key identifier: 9F:2E:02:13:C1:C1:DB:73:3D:EE:CA:4A:E2:61:6C:AA:FF:A5:15:70
Certificate issuer:       /CN=9f2e0213c1c1db733deeca4ae2616caaffa51570
Certificate serial:       01988BEABCE3701D856AA926059C8136F913
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
Manifest number:          12D1
Signing time:             Fri 08 Aug 2025 23:01:13 +0000
Manifest this update:     Fri 08 Aug 2025 23:01:13 +0000
Manifest next update:     Sat 09 Aug 2025 23:01:13 +0000
Files and hashes:         1: ny4CE8HB23M97spK4mFsqv-lFXA.crl (hash: pQlgqGFI5J+Ltj+sIdY5H+0XdTcpWIRyEypcCr74x78=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:ea:bc:e3:70:1d:85:6a:a9:26:05:9c:81:36:f9:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2e0213c1c1db733deeca4ae2616caaffa51570
        Validity
            Not Before: Aug  8 23:01:13 2025 GMT
            Not After : Aug  9 23:01:13 2025 GMT
        Subject: CN=ea59724e6f3369b991bcef7e65c592f3a1228a7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:9d:d3:90:37:87:22:b5:65:47:26:d2:2c:07:
                    0b:5f:b4:08:94:3c:ae:5a:35:3b:e8:53:b5:e5:86:
                    b1:d0:e8:f5:6a:8a:54:3d:8d:bf:79:9a:87:7f:ac:
                    65:55:14:4a:61:c2:4d:6f:0a:56:e8:d9:45:82:d9:
                    86:9b:1a:c0:08:3d:07:2a:15:2c:19:dd:09:f6:cf:
                    a3:5a:8d:ea:1f:10:c8:0d:1e:ac:de:d1:8e:3d:fb:
                    be:37:af:e1:50:ca:7b:57:0b:9a:51:d3:5e:88:af:
                    9d:18:6b:e9:cf:c2:f4:c4:30:ad:ad:16:2b:9d:a8:
                    bc:d6:b2:2d:74:6e:ca:89:ef:18:a5:25:39:3a:69:
                    db:fb:fb:db:d1:9e:9b:05:9d:b0:08:79:6f:8e:a6:
                    e6:bc:d0:fc:4f:e9:6d:4e:ab:f1:f2:29:c3:d7:0c:
                    d6:ab:6c:3b:f7:74:3d:83:f3:21:e4:06:cd:4f:ba:
                    a3:79:bf:c0:cb:2a:42:62:87:b1:c5:b8:c4:25:15:
                    b2:4f:a5:4b:6e:fa:50:78:fe:27:d5:c9:63:61:fc:
                    fc:1a:c0:f6:88:92:c8:7e:b6:ef:c1:77:ca:91:9d:
                    32:3b:21:6f:d5:47:3a:38:23:b4:53:78:ba:09:0d:
                    80:23:f9:61:53:85:4f:14:4b:50:9e:8f:b5:79:73:
                    1e:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:59:72:4E:6F:33:69:B9:91:BC:EF:7E:65:C5:92:F3:A1:22:8A:7C
            X509v3 Authority Key Identifier:
                keyid:9F:2E:02:13:C1:C1:DB:73:3D:EE:CA:4A:E2:61:6C:AA:FF:A5:15:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:c8:fc:0c:75:49:04:01:86:10:49:24:65:e7:6c:3c:21:c3:
         20:5f:8e:3e:3d:e9:ff:3e:79:da:31:b8:47:92:92:37:ed:f0:
         00:07:6b:1b:25:91:26:80:93:de:ad:98:ff:72:ab:f4:7e:1f:
         37:ca:79:a2:9c:a4:ad:a7:8d:81:f8:9c:20:96:b5:2b:04:a2:
         61:6e:e7:35:3e:3c:72:7b:38:56:a5:49:25:04:75:d6:c5:66:
         27:09:7a:3d:6a:0c:e0:fe:b6:6f:c1:6b:da:f3:4c:0d:7e:75:
         35:9b:f6:ef:d0:4e:48:45:be:40:77:54:20:43:1b:bd:08:d8:
         f1:81:b4:26:10:0e:20:35:bc:a4:c9:16:12:93:e4:41:66:f0:
         21:b0:e2:6e:82:e0:4f:db:0a:9e:79:74:01:08:90:84:72:8b:
         27:96:83:bc:8a:92:f0:2d:47:85:46:e0:8e:28:f2:7c:46:7c:
         b4:b0:9d:74:dd:23:6d:c2:e2:75:e3:7b:8c:1a:9f:c6:24:81:
         ca:93:49:b9:ca:4f:d0:73:8a:47:e0:86:1c:ca:a6:3c:6c:88:
         3a:31:1c:e8:71:08:12:bc:be:35:07:68:80:eb:05:d3:f9:08:
         91:27:26:86:d5:dc:a8:47:62:08:ac:f5:13:90:3f:f8:bf:68:
         f4:f6:2a:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiL6rzjcB2FaqkmBZyBNvkTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmUwMjEzYzFjMWRiNzMzZGVlY2E0YWUyNjE2Y2FhZmZh
NTE1NzAwHhcNMjUwODA4MjMwMTEzWhcNMjUwODA5MjMwMTEzWjAzMTEwLwYDVQQD
EyhlYTU5NzI0ZTZmMzM2OWI5OTFiY2VmN2U2NWM1OTJmM2ExMjI4YTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJ3TkDeHIrVlRybSLAcLX7QIlDyu
WjU76FO15Yax0Oj1aopUPY2/eZqHf6xlVRRKYcJNbwpW6NlFgtmGmxrACD0HKhUs
Gd0J9s+jWo3qHxDIDR6s3tGOPfu+N6/hUMp7VwuaUdNeiK+dGGvpz8L0xDCtrRYr
nai81rItdG7Kie8YpSU5Omnb+/vb0Z6bBZ2wCHlvjqbmvND8T+ltTqvx8inD1wzW
q2w793Q9g/Mh5AbNT7qjeb/AyypCYoexxbjEJRWyT6VLbvpQeP4n1cljYfz8GsD2
iJLIfrbvwXfKkZ0yOyFv1Uc6OCO0U3i6CQ2AI/lhU4VPFEtQno+1eXMedwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOpZck5vM2m5kbzvfmXFkvOhIop8MB8GA1UdIwQY
MBaAFJ8uAhPBwdtzPe7KSuJhbKr/pRVwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iMTM4OGYtM2FlYi00MGQ2LWI0Yjct
OWU4NTJmMzMwMWMwLzEvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iMTM4OGYtM2FlYi00MGQ2LWI0YjctOWU4NTJmMzMwMWMw
LzEvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq8j8DHVJ
BAGGEEkkZedsPCHDIF+OPj3p/z552jG4R5KSN+3wAAdrGyWRJoCT3q2Y/3Kr9H4f
N8p5opykraeNgficIJa1KwSiYW7nNT48cns4VqVJJQR11sVmJwl6PWoM4P62b8Fr
2vNMDX51NZv279BOSEW+QHdUIEMbvQjY8YG0JhAOIDW8pMkWEpPkQWbwIbDiboLg
T9sKnnl0AQiQhHKLJ5aDvIqS8C1HhUbgjijyfEZ8tLCddN0jbcLideN7jBqfxiSB
ypNJucpP0HOKR+CGHMqmPGyIOjEc6HEIEry+NQdogOsF0/kIkScmhtXcqEdiCKz1
E5A/+L9o9PYqSQ==
-----END CERTIFICATE-----