Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
File:                     nyHqqnvQ7mfKYwLj16quZNcpQC0.mft (raw, json)
Hash identifier:          K3YwJI4oO0ayifV2Vx45oBwG4l7RJHACyYmfix77/ak=
Subject key identifier:   22:D6:CA:82:C9:2D:8F:12:50:A5:24:A5:8E:0D:E7:3B:47:0E:48:1D
Authority key identifier: 9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D
Certificate issuer:       /CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
Certificate serial:       019678D674A30AC0DFB5B5D7D765A4BB7F05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
Manifest number:          05F5
Signing time:             Sun 27 Apr 2025 20:00:42 +0000
Manifest this update:     Sun 27 Apr 2025 20:00:42 +0000
Manifest next update:     Mon 28 Apr 2025 20:00:42 +0000
Files and hashes:         1: nyHqqnvQ7mfKYwLj16quZNcpQC0.crl (hash: a/dJmKev03oC74pu/kQhu8V92F+UgY/PxQgdKAk7eDo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:d6:74:a3:0a:c0:df:b5:b5:d7:d7:65:a4:bb:7f:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
        Validity
            Not Before: Apr 27 20:00:42 2025 GMT
            Not After : Apr 28 20:00:42 2025 GMT
        Subject: CN=22d6ca82c92d8f1250a524a58e0de73b470e481d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:05:e7:d5:05:2a:c9:c4:9e:88:75:64:65:4c:
                    e2:fe:7b:4b:ee:6e:f2:cb:1e:1d:b3:88:8a:a4:2e:
                    45:6f:1b:09:de:c0:86:17:d3:5c:7f:f2:93:b4:84:
                    f1:c0:22:24:59:06:bd:d6:fd:02:dc:1b:6a:09:57:
                    39:af:12:f4:7c:e4:11:4d:1a:31:17:44:91:47:e0:
                    08:eb:a2:ff:01:aa:1d:5e:d5:41:8f:02:3d:19:04:
                    93:cb:1e:19:fe:48:4d:e2:9a:af:ca:1b:13:1f:b1:
                    ea:71:fe:eb:92:9c:0b:3c:f0:d7:1f:ec:c5:c0:36:
                    58:11:68:3d:d3:d8:93:a4:86:54:0a:1e:85:41:62:
                    06:f8:6c:f2:25:63:0e:f3:91:cf:35:eb:ee:71:0e:
                    2c:18:fe:5e:1e:34:a8:e7:ec:b7:e0:b2:0f:f4:14:
                    2c:4f:f4:9a:6a:92:14:3d:dd:70:70:b6:71:09:d0:
                    6f:1d:d8:27:38:97:73:b2:07:32:55:b0:7b:b4:be:
                    b3:cd:99:db:7b:0c:eb:9f:1e:8c:c7:cd:0b:88:85:
                    aa:e5:40:41:7e:7c:29:f3:bb:88:46:d7:47:20:77:
                    66:06:6d:93:46:bd:28:e1:98:ff:fd:bc:fb:20:93:
                    2f:c7:c6:b3:13:d3:b7:9e:4e:2c:3e:07:d0:1e:c8:
                    a9:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:D6:CA:82:C9:2D:8F:12:50:A5:24:A5:8E:0D:E7:3B:47:0E:48:1D
            X509v3 Authority Key Identifier:
                keyid:9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:92:ea:b7:cf:a2:ee:01:7e:c8:ab:ca:71:4d:9b:02:39:e0:
         28:b7:ad:94:40:2c:eb:b9:d2:55:38:fd:f9:9b:a0:32:8c:cf:
         71:84:80:87:51:bd:47:64:fa:7b:94:91:ab:81:d0:29:8f:65:
         6d:a7:9b:7a:c1:e4:63:c5:b8:89:44:c9:8d:02:38:80:f4:7f:
         30:87:0b:3d:74:7e:2d:c1:e6:7f:75:60:95:ba:d6:92:ee:6f:
         24:ee:26:ba:e9:16:1b:23:3d:bc:65:f4:10:87:9e:70:17:4a:
         99:1a:7a:ec:83:ca:af:95:ed:2f:b0:1d:54:56:c1:69:3e:81:
         de:20:2f:df:1f:b8:4d:52:4f:8c:17:e3:fd:aa:1f:e6:0b:c1:
         ad:a4:f6:02:7f:d4:a1:c7:fc:9d:b8:28:d3:e9:0c:25:2f:f3:
         6c:04:b1:02:44:2a:67:88:18:97:a3:8c:c9:bd:20:36:7b:0d:
         e9:bc:31:17:3d:5c:25:db:54:0c:de:b6:fa:63:d3:cf:c6:c3:
         03:21:74:78:1c:b4:c5:f9:8c:81:ed:ec:c5:c3:7b:92:1c:30:
         7a:d9:34:47:66:3f:57:24:3d:08:9d:9e:2c:cc:1e:3a:38:4e:
         b1:73:3a:da:ee:01:13:31:41:c9:07:c9:40:be:27:8d:7c:f8:
         6d:e6:da:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ41nSjCsDftbXX12Wku38FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjFlYWFhN2JkMGVlNjdjYTYzMDJlM2Q3YWFhZTY0ZDcy
OTQwMmQwHhcNMjUwNDI3MjAwMDQyWhcNMjUwNDI4MjAwMDQyWjAzMTEwLwYDVQQD
EygyMmQ2Y2E4MmM5MmQ4ZjEyNTBhNTI0YTU4ZTBkZTczYjQ3MGU0ODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygXn1QUqycSeiHVkZUzi/ntL7m7y
yx4ds4iKpC5FbxsJ3sCGF9Ncf/KTtITxwCIkWQa91v0C3BtqCVc5rxL0fOQRTRox
F0SRR+AI66L/AaodXtVBjwI9GQSTyx4Z/khN4pqvyhsTH7Hqcf7rkpwLPPDXH+zF
wDZYEWg909iTpIZUCh6FQWIG+GzyJWMO85HPNevucQ4sGP5eHjSo5+y34LIP9BQs
T/SaapIUPd1wcLZxCdBvHdgnOJdzsgcyVbB7tL6zzZnbewzrnx6Mx80LiIWq5UBB
fnwp87uIRtdHIHdmBm2TRr0o4Zj//bz7IJMvx8azE9O3nk4sPgfQHsipVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCLWyoLJLY8SUKUkpY4N5ztHDkgdMB8GA1UdIwQY
MBaAFJ8h6qp70O5nymMC49eqrmTXKUAtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGIt
YTk2ZjYxYzBjMWRhLzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGItYTk2ZjYxYzBjMWRh
LzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaJLqt8+i
7gF+yKvKcU2bAjngKLetlEAs67nSVTj9+ZugMozPcYSAh1G9R2T6e5SRq4HQKY9l
baebesHkY8W4iUTJjQI4gPR/MIcLPXR+LcHmf3VglbrWku5vJO4muukWGyM9vGX0
EIeecBdKmRp67IPKr5XtL7AdVFbBaT6B3iAv3x+4TVJPjBfj/aof5gvBraT2An/U
ocf8nbgo0+kMJS/zbASxAkQqZ4gYl6OMyb0gNnsN6bwxFz1cJdtUDN62+mPTz8bD
AyF0eBy0xfmMge3sxcN7khwwetk0R2Y/VyQ9CJ2eLMweOjhOsXM62u4BEzFByQfJ
QL4njXz4bebaYw==
-----END CERTIFICATE-----