Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
File:                     nyHqqnvQ7mfKYwLj16quZNcpQC0.mft (raw, json)
Hash identifier:          Cfai2raqgoosSGaSjA9xaGSML5cd3mwLOjd7KKmMfw0=
Subject key identifier:   56:9C:DD:A1:21:9E:43:14:B8:F3:B3:A4:04:7A:04:90:E3:E7:FF:21
Authority key identifier: 9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D
Certificate issuer:       /CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
Certificate serial:       019A51BE8E7F386BD5E4482235BB0CE12A1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
Manifest number:          07F3
Signing time:             Wed 05 Nov 2025 02:00:34 +0000
Manifest this update:     Wed 05 Nov 2025 02:00:34 +0000
Manifest next update:     Thu 06 Nov 2025 02:00:34 +0000
Files and hashes:         1: nyHqqnvQ7mfKYwLj16quZNcpQC0.crl (hash: CTFvlq5ymC/29TUPpo3+a+vLSrS7KYGgkY5hBzKl48E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 02:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:be:8e:7f:38:6b:d5:e4:48:22:35:bb:0c:e1:2a:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
        Validity
            Not Before: Nov  5 02:00:34 2025 GMT
            Not After : Nov  6 02:00:34 2025 GMT
        Subject: CN=569cdda1219e4314b8f3b3a4047a0490e3e7ff21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:f0:cc:51:99:51:d9:73:48:c4:5a:91:48:ad:
                    84:c6:a0:51:ab:b6:b9:fc:47:6c:d8:20:f6:23:3e:
                    be:1c:c1:62:b0:cb:38:bf:af:e3:36:0f:7d:f7:84:
                    cc:c8:4c:b3:83:f7:98:8b:cd:b7:18:2f:a0:1f:0c:
                    30:27:a2:6d:53:77:a1:59:b9:ad:da:18:63:2c:92:
                    21:79:a2:83:83:43:9c:b8:c7:27:aa:b9:bd:52:a1:
                    9a:17:57:02:7b:85:0c:10:b6:2b:50:df:bb:7e:40:
                    f1:85:5e:af:2a:5d:9e:fc:15:a8:b5:6a:cb:a0:44:
                    b8:7b:c2:5c:97:bc:60:31:a3:b3:b6:a5:17:59:7e:
                    fe:25:84:19:d0:cc:5b:bf:32:ae:9c:98:15:78:6c:
                    4e:f5:2d:20:58:a5:13:50:c4:3f:3f:e9:2f:4b:70:
                    b1:96:83:fc:dc:ad:69:e5:f2:61:56:ba:b5:8a:a3:
                    3b:e2:0e:82:55:f8:42:07:5f:35:b5:81:30:4c:72:
                    ea:4e:a5:ca:87:ae:29:58:a5:c5:89:95:97:d2:44:
                    ef:8f:35:c0:13:bb:f5:9d:5f:75:be:9d:3c:d7:96:
                    47:16:e4:95:74:a9:8b:3e:7f:2b:63:a5:df:fb:b6:
                    90:38:7c:41:63:ed:3c:e1:90:eb:72:56:77:3e:0b:
                    53:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:9C:DD:A1:21:9E:43:14:B8:F3:B3:A4:04:7A:04:90:E3:E7:FF:21
            X509v3 Authority Key Identifier:
                keyid:9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:2d:b6:ec:85:3b:34:ce:f1:66:81:36:8b:f5:02:77:e8:9c:
         ea:4f:a0:45:f6:53:48:0b:3d:2b:e1:98:2e:45:6e:fa:f0:53:
         de:4f:8b:03:17:b3:43:cf:ab:42:06:5a:9b:9e:8c:88:16:ac:
         8d:c5:4f:a2:40:d2:77:91:88:d7:f6:99:a6:09:ff:a4:47:8e:
         40:2c:68:fa:a8:2d:92:ce:15:fe:49:2c:40:75:dc:61:38:26:
         5a:fb:eb:0c:27:a0:4a:bb:aa:3a:9f:2b:02:9a:b5:99:ef:6c:
         31:ed:36:0e:d8:7a:4b:46:db:99:05:5a:36:36:75:7e:fd:c5:
         7d:d6:9d:41:9a:40:4e:e3:00:95:d6:cb:fa:34:21:60:1b:a6:
         57:b4:af:8c:c4:fc:0c:26:fe:4a:e2:30:75:1a:7d:5b:fd:90:
         c8:89:1d:46:27:39:15:69:81:3f:56:37:b3:4e:57:97:72:10:
         24:dd:66:6d:c0:3c:d4:2e:2d:af:bb:67:e0:59:7e:eb:69:46:
         3c:f1:98:76:8e:14:78:e6:c1:d4:e6:72:5b:98:40:5a:6a:93:
         59:b2:ff:12:ed:c6:31:26:2a:ae:59:56:c1:d0:88:4c:bc:01:
         93:da:e8:d6:1f:59:de:9a:83:14:5a:0c:c1:48:de:86:3c:2e:
         9e:bd:b2:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRvo5/OGvV5EgiNbsM4SofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjFlYWFhN2JkMGVlNjdjYTYzMDJlM2Q3YWFhZTY0ZDcy
OTQwMmQwHhcNMjUxMTA1MDIwMDM0WhcNMjUxMTA2MDIwMDM0WjAzMTEwLwYDVQQD
Eyg1NjljZGRhMTIxOWU0MzE0YjhmM2IzYTQwNDdhMDQ5MGUzZTdmZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPDMUZlR2XNIxFqRSK2ExqBRq7a5
/Eds2CD2Iz6+HMFisMs4v6/jNg9994TMyEyzg/eYi823GC+gHwwwJ6JtU3ehWbmt
2hhjLJIheaKDg0OcuMcnqrm9UqGaF1cCe4UMELYrUN+7fkDxhV6vKl2e/BWotWrL
oES4e8Jcl7xgMaOztqUXWX7+JYQZ0MxbvzKunJgVeGxO9S0gWKUTUMQ/P+kvS3Cx
loP83K1p5fJhVrq1iqM74g6CVfhCB181tYEwTHLqTqXKh64pWKXFiZWX0kTvjzXA
E7v1nV91vp0815ZHFuSVdKmLPn8rY6Xf+7aQOHxBY+084ZDrclZ3PgtTbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFac3aEhnkMUuPOzpAR6BJDj5/8hMB8GA1UdIwQY
MBaAFJ8h6qp70O5nymMC49eqrmTXKUAtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGIt
YTk2ZjYxYzBjMWRhLzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGItYTk2ZjYxYzBjMWRh
LzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANC227IU7
NM7xZoE2i/UCd+ic6k+gRfZTSAs9K+GYLkVu+vBT3k+LAxezQ8+rQgZam56MiBas
jcVPokDSd5GI1/aZpgn/pEeOQCxo+qgtks4V/kksQHXcYTgmWvvrDCegSruqOp8r
Apq1me9sMe02Dth6S0bbmQVaNjZ1fv3FfdadQZpATuMAldbL+jQhYBumV7SvjMT8
DCb+SuIwdRp9W/2QyIkdRic5FWmBP1Y3s05Xl3IQJN1mbcA81C4tr7tn4Fl+62lG
PPGYdo4UeObB1OZyW5hAWmqTWbL/Eu3GMSYqrllWwdCITLwBk9ro1h9Z3pqDFFoM
wUjehjwunr2yDg==
-----END CERTIFICATE-----