Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
File:                     nyHqqnvQ7mfKYwLj16quZNcpQC0.mft (raw, json)
Hash identifier:          V8p//a+EA7V8oLS/XIbH8qbeLAekoOrIkoYjKSlGoAg=
Subject key identifier:   F7:BD:6C:2F:31:86:D7:20:53:90:43:32:E5:B7:D4:07:49:F1:AE:3B
Authority key identifier: 9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D
Certificate issuer:       /CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
Certificate serial:       019A559B9DACB36EA037D0EA2CB6F159C856
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
Manifest number:          07F5
Signing time:             Wed 05 Nov 2025 20:00:53 +0000
Manifest this update:     Wed 05 Nov 2025 20:00:53 +0000
Manifest next update:     Thu 06 Nov 2025 20:00:53 +0000
Files and hashes:         1: nyHqqnvQ7mfKYwLj16quZNcpQC0.crl (hash: 2UFLHfklLio+CDKuswKV3EYilUUVIdWmjrA04vbJrCM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 20:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:55:9b:9d:ac:b3:6e:a0:37:d0:ea:2c:b6:f1:59:c8:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
        Validity
            Not Before: Nov  5 20:00:53 2025 GMT
            Not After : Nov  6 20:00:53 2025 GMT
        Subject: CN=f7bd6c2f3186d72053904332e5b7d40749f1ae3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:96:28:a8:ad:7a:06:6d:99:19:4c:84:62:29:
                    a0:87:fa:ea:1b:a9:d7:34:0c:6c:66:19:47:a9:9d:
                    69:f9:fd:e7:fc:ee:ec:b1:70:de:85:23:bb:94:e4:
                    6c:cf:8c:b9:95:c0:f3:32:ca:50:e1:50:6a:35:c2:
                    17:39:b2:e9:79:12:af:ba:96:40:54:fe:2a:67:a3:
                    4e:63:4e:f4:eb:80:2f:5f:11:a8:38:66:3f:14:2c:
                    1f:7f:56:fa:3c:c5:41:c6:5e:ab:d7:60:9a:2b:ee:
                    39:2b:ba:cb:d1:ee:b8:6c:ed:39:c1:c2:c5:65:91:
                    70:14:a5:c1:c0:35:d5:a0:dc:7c:9e:f0:38:ce:17:
                    fa:47:a4:bf:bf:d9:09:70:11:64:c5:78:ab:cf:00:
                    51:d8:ae:4a:29:72:80:db:78:2c:c5:37:18:49:07:
                    7a:38:56:97:aa:e7:76:22:f3:71:36:51:cc:53:c0:
                    d6:60:f0:8b:1f:e0:40:5d:09:a5:db:be:4f:82:f7:
                    72:b9:92:86:33:c5:f7:16:ba:92:2d:30:8f:37:21:
                    90:97:a3:65:96:84:1a:8c:d3:78:76:13:78:0e:ca:
                    b5:1c:0a:20:de:1a:12:94:83:c6:0b:0b:39:96:9d:
                    5f:ad:43:d6:60:e9:cd:ce:f8:79:e5:6f:e5:75:be:
                    6d:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:BD:6C:2F:31:86:D7:20:53:90:43:32:E5:B7:D4:07:49:F1:AE:3B
            X509v3 Authority Key Identifier:
                keyid:9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:76:87:98:df:11:92:cd:d9:ba:2a:ea:69:cd:0b:b3:2c:cf:
         0b:d4:f9:20:56:6f:02:84:31:0c:18:96:19:de:72:48:68:3b:
         bd:60:89:26:db:57:69:20:8c:f8:7f:27:8c:8a:af:df:1b:ce:
         68:49:4d:a9:4f:24:9c:e0:88:a6:c5:5f:ba:3e:67:18:95:62:
         1f:7a:f9:7b:88:c3:a3:dc:9a:09:ef:ab:d4:10:eb:aa:2d:63:
         bb:3b:8e:04:a9:54:5e:54:ff:7d:23:31:88:e1:23:66:d9:29:
         9a:51:1d:35:ed:e8:ed:97:7f:32:1a:3a:37:03:2b:e7:ee:a5:
         4c:3e:b9:c2:d7:47:c7:f3:c2:4d:01:1b:05:7f:1d:d5:1b:ec:
         d6:65:ce:9c:f6:06:be:b0:14:a8:19:b2:5c:9c:a4:05:2b:67:
         8d:f9:b4:52:28:75:35:ec:05:ea:bc:c9:04:78:55:3d:3c:51:
         84:9d:38:a5:97:f1:16:99:42:d8:52:2f:09:07:99:84:80:11:
         50:32:fc:83:6a:35:36:09:2b:e5:8c:9d:5a:d4:fa:f7:89:c7:
         4d:f1:c2:8b:31:ad:50:e0:16:d0:b4:46:48:74:62:fe:62:83:
         ef:e5:2d:08:60:0c:6e:f8:ee:0a:7c:bb:8c:3b:11:0b:15:58:
         1c:eb:9c:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpVm52ss26gN9DqLLbxWchWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjFlYWFhN2JkMGVlNjdjYTYzMDJlM2Q3YWFhZTY0ZDcy
OTQwMmQwHhcNMjUxMTA1MjAwMDUzWhcNMjUxMTA2MjAwMDUzWjAzMTEwLwYDVQQD
EyhmN2JkNmMyZjMxODZkNzIwNTM5MDQzMzJlNWI3ZDQwNzQ5ZjFhZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5YoqK16Bm2ZGUyEYimgh/rqG6nX
NAxsZhlHqZ1p+f3n/O7ssXDehSO7lORsz4y5lcDzMspQ4VBqNcIXObLpeRKvupZA
VP4qZ6NOY07064AvXxGoOGY/FCwff1b6PMVBxl6r12CaK+45K7rL0e64bO05wcLF
ZZFwFKXBwDXVoNx8nvA4zhf6R6S/v9kJcBFkxXirzwBR2K5KKXKA23gsxTcYSQd6
OFaXqud2IvNxNlHMU8DWYPCLH+BAXQml275PgvdyuZKGM8X3FrqSLTCPNyGQl6Nl
loQajNN4dhN4Dsq1HAog3hoSlIPGCws5lp1frUPWYOnNzvh55W/ldb5tJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPe9bC8xhtcgU5BDMuW31AdJ8a47MB8GA1UdIwQY
MBaAFJ8h6qp70O5nymMC49eqrmTXKUAtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGIt
YTk2ZjYxYzBjMWRhLzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGItYTk2ZjYxYzBjMWRh
LzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV3aHmN8R
ks3Zuirqac0LsyzPC9T5IFZvAoQxDBiWGd5ySGg7vWCJJttXaSCM+H8njIqv3xvO
aElNqU8knOCIpsVfuj5nGJViH3r5e4jDo9yaCe+r1BDrqi1juzuOBKlUXlT/fSMx
iOEjZtkpmlEdNe3o7Zd/Mho6NwMr5+6lTD65wtdHx/PCTQEbBX8d1Rvs1mXOnPYG
vrAUqBmyXJykBStnjfm0Uih1NewF6rzJBHhVPTxRhJ04pZfxFplC2FIvCQeZhIAR
UDL8g2o1Ngkr5YydWtT694nHTfHCizGtUOAW0LRGSHRi/mKD7+UtCGAMbvjuCny7
jDsRCxVYHOucvg==
-----END CERTIFICATE-----