Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
File:                     nyHqqnvQ7mfKYwLj16quZNcpQC0.mft (raw, json)
Hash identifier:          ISOSQvU3lgRYg1UKGeJ+DZZJuGvtFRGX99kPXO6DuuA=
Subject key identifier:   3A:F1:BA:2F:8F:BE:E6:36:65:ED:35:12:20:67:B0:51:CA:F1:D4:89
Authority key identifier: 9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D
Certificate issuer:       /CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
Certificate serial:       01976C2AD014670DDFFD67A44B03E75EEA94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
Manifest number:          0673
Signing time:             Sat 14 Jun 2025 02:00:34 +0000
Manifest this update:     Sat 14 Jun 2025 02:00:34 +0000
Manifest next update:     Sun 15 Jun 2025 02:00:34 +0000
Files and hashes:         1: nyHqqnvQ7mfKYwLj16quZNcpQC0.crl (hash: HtRUvT0sJHBg4zCkLGNW2bTdQXHILPbmHXM/p3IVwqw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:2a:d0:14:67:0d:df:fd:67:a4:4b:03:e7:5e:ea:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
        Validity
            Not Before: Jun 14 02:00:34 2025 GMT
            Not After : Jun 15 02:00:34 2025 GMT
        Subject: CN=3af1ba2f8fbee63665ed35122067b051caf1d489
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fd:3b:dd:b1:f9:60:5b:d8:f6:80:f4:e0:9d:6a:
                    45:b1:68:e9:aa:df:8b:b2:d3:e3:a0:63:a2:fd:e4:
                    cc:9f:d7:17:c7:ea:19:85:d4:bf:0f:a3:14:e4:df:
                    80:bd:32:f9:35:3b:24:db:57:2f:a9:ba:94:b8:43:
                    5e:49:14:78:72:d8:a4:52:a9:ed:b2:92:ef:16:19:
                    cf:f6:20:35:ea:a9:2b:8a:45:98:fb:40:8f:d5:c2:
                    61:82:d8:10:d2:43:6b:f4:6b:97:b8:1b:ad:00:68:
                    7b:d4:de:54:de:de:dd:c4:25:0d:03:ca:27:c2:24:
                    12:79:a1:0c:06:a5:66:a9:13:6d:3a:50:82:e0:2b:
                    8c:57:21:0d:25:8e:4e:04:67:bf:f0:4f:26:c5:d5:
                    20:81:c4:da:11:93:6e:15:49:84:a3:4f:18:6c:43:
                    0b:e2:48:ad:0f:e5:b6:75:ef:7a:14:d4:e8:a3:1d:
                    5c:7d:9e:ad:65:88:18:1a:71:0b:c4:20:f7:e2:f4:
                    14:fc:f2:a8:dc:25:d1:09:24:39:ed:76:87:e2:14:
                    ea:f2:f7:a6:e2:4b:56:1d:72:84:05:c5:f1:1e:51:
                    1f:03:cb:2f:b5:15:b8:c7:57:0d:92:bf:a0:b9:e2:
                    c6:d3:ae:21:06:70:2c:33:bd:75:65:d1:76:b0:33:
                    2d:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:F1:BA:2F:8F:BE:E6:36:65:ED:35:12:20:67:B0:51:CA:F1:D4:89
            X509v3 Authority Key Identifier:
                keyid:9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:e1:97:f4:f7:a7:ad:76:13:0f:8b:59:99:52:19:0f:1f:b5:
         0d:f1:5c:e7:23:39:de:3d:10:74:db:49:ee:a8:e6:51:4e:01:
         76:bf:df:3b:d4:9d:57:eb:38:21:1e:f6:e5:a7:97:19:a1:09:
         b2:1a:8b:82:af:6b:b9:82:25:d3:70:9b:f0:16:f9:3c:fe:6f:
         11:d0:fe:ed:b6:4c:3c:76:3e:68:5c:fe:97:89:3d:fd:7f:ac:
         a7:b0:6b:6a:a2:70:98:91:72:a6:2d:72:b6:d3:a2:27:f6:69:
         e6:10:94:a5:bc:fa:67:2c:32:08:72:85:0d:0e:d9:68:3d:33:
         35:dd:ce:71:df:ba:5e:d0:9d:68:e3:6a:6b:1a:fc:8b:c9:9f:
         9a:1a:d0:fa:0d:f9:ee:21:48:b3:ca:4e:82:cd:75:bc:3d:35:
         f6:3b:90:ad:e7:e8:b6:8f:e5:f6:51:8a:4f:92:a3:5f:bf:a2:
         d6:d5:98:97:9d:85:cc:3f:e8:37:ba:04:14:00:bf:90:73:48:
         12:61:84:54:9f:be:f5:8c:53:83:33:b5:62:58:02:e8:f7:9e:
         73:c3:d7:48:ab:b6:2f:2d:63:e4:95:38:c5:8b:12:e7:c3:7c:
         0c:09:98:89:d1:32:62:ed:a8:6f:29:2e:ca:02:81:4d:e3:9f:
         24:df:9b:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsKtAUZw3f/WekSwPnXuqUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjFlYWFhN2JkMGVlNjdjYTYzMDJlM2Q3YWFhZTY0ZDcy
OTQwMmQwHhcNMjUwNjE0MDIwMDM0WhcNMjUwNjE1MDIwMDM0WjAzMTEwLwYDVQQD
EygzYWYxYmEyZjhmYmVlNjM2NjVlZDM1MTIyMDY3YjA1MWNhZjFkNDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/TvdsflgW9j2gPTgnWpFsWjpqt+L
stPjoGOi/eTMn9cXx+oZhdS/D6MU5N+AvTL5NTsk21cvqbqUuENeSRR4ctikUqnt
spLvFhnP9iA16qkrikWY+0CP1cJhgtgQ0kNr9GuXuButAGh71N5U3t7dxCUNA8on
wiQSeaEMBqVmqRNtOlCC4CuMVyENJY5OBGe/8E8mxdUggcTaEZNuFUmEo08YbEML
4kitD+W2de96FNToox1cfZ6tZYgYGnELxCD34vQU/PKo3CXRCSQ57XaH4hTq8vem
4ktWHXKEBcXxHlEfA8svtRW4x1cNkr+gueLG064hBnAsM711ZdF2sDMt+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDrxui+PvuY2Ze01EiBnsFHK8dSJMB8GA1UdIwQY
MBaAFJ8h6qp70O5nymMC49eqrmTXKUAtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGIt
YTk2ZjYxYzBjMWRhLzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGItYTk2ZjYxYzBjMWRh
LzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlOGX9Pen
rXYTD4tZmVIZDx+1DfFc5yM53j0QdNtJ7qjmUU4Bdr/fO9SdV+s4IR725aeXGaEJ
shqLgq9ruYIl03Cb8Bb5PP5vEdD+7bZMPHY+aFz+l4k9/X+sp7BraqJwmJFypi1y
ttOiJ/Zp5hCUpbz6ZywyCHKFDQ7ZaD0zNd3Ocd+6XtCdaONqaxr8i8mfmhrQ+g35
7iFIs8pOgs11vD019juQrefoto/l9lGKT5KjX7+i1tWYl52FzD/oN7oEFAC/kHNI
EmGEVJ++9YxTgzO1YlgC6Peec8PXSKu2Ly1j5JU4xYsS58N8DAmYidEyYu2obyku
ygKBTeOfJN+bwA==
-----END CERTIFICATE-----