Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
File:                     ny4CE8HB23M97spK4mFsqv-lFXA.mft (raw, json)
Hash identifier:          tPBssnCRd7a0e92j6PjyC0ZVP38MYOdJDJ+eRYu+hiY=
Subject key identifier:   E6:93:04:3E:63:DC:59:86:60:26:E3:23:7C:36:B7:AE:06:42:BD:56
Authority key identifier: 9F:2E:02:13:C1:C1:DB:73:3D:EE:CA:4A:E2:61:6C:AA:FF:A5:15:70
Certificate issuer:       /CN=9f2e0213c1c1db733deeca4ae2616caaffa51570
Certificate serial:       01974967D06DD6B9AABE36ECF6755FB4D128
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
Manifest number:          122A
Signing time:             Sat 07 Jun 2025 08:00:29 +0000
Manifest this update:     Sat 07 Jun 2025 08:00:29 +0000
Manifest next update:     Sun 08 Jun 2025 08:00:29 +0000
Files and hashes:         1: ny4CE8HB23M97spK4mFsqv-lFXA.crl (hash: VGDcdFO0bT9t+dV+JTusoPdrVuZXfwD3GDGKpxsT/gY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 08:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:67:d0:6d:d6:b9:aa:be:36:ec:f6:75:5f:b4:d1:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2e0213c1c1db733deeca4ae2616caaffa51570
        Validity
            Not Before: Jun  7 08:00:29 2025 GMT
            Not After : Jun  8 08:00:29 2025 GMT
        Subject: CN=e693043e63dc59866026e3237c36b7ae0642bd56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:2b:bf:3a:7f:3c:0d:ec:01:10:97:16:63:45:
                    5a:0f:ce:d2:65:9b:9c:b3:49:2d:cc:72:fc:8e:7e:
                    ab:7c:60:c0:26:58:98:7f:0e:6d:2c:c6:08:1f:72:
                    41:fd:32:06:06:c0:db:b0:eb:0a:86:c1:ed:c5:ea:
                    eb:da:12:4d:38:36:89:28:e4:de:ec:73:67:e2:a3:
                    36:78:da:2b:a5:fb:23:02:14:f3:c3:96:0e:c3:89:
                    89:3e:3e:ef:57:f5:55:c3:46:6f:78:90:6e:30:1d:
                    4d:f7:11:5b:c0:86:ad:ce:78:01:58:a8:b9:8b:f8:
                    3e:e4:7d:79:93:99:47:46:cc:40:08:3e:9f:1d:8d:
                    2d:33:81:5b:69:25:48:11:21:a6:8f:e5:56:9e:09:
                    a3:5f:9a:3a:92:ad:2a:55:9f:1c:ce:aa:0e:0b:96:
                    91:7a:3e:1e:4d:3b:3e:56:3b:4b:c8:4c:4c:f3:05:
                    6a:45:4d:23:40:34:af:61:79:ef:d1:97:18:20:c7:
                    b8:65:be:3d:12:fe:f9:ff:16:97:f1:06:2d:9a:a4:
                    e5:72:38:dd:7d:dd:b9:35:f5:75:af:f2:e5:45:15:
                    68:ed:83:48:6c:d0:d1:e6:63:4f:1e:0d:50:44:8a:
                    11:d7:81:95:30:49:12:f4:33:aa:b6:85:e1:f5:82:
                    de:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:93:04:3E:63:DC:59:86:60:26:E3:23:7C:36:B7:AE:06:42:BD:56
            X509v3 Authority Key Identifier:
                keyid:9F:2E:02:13:C1:C1:DB:73:3D:EE:CA:4A:E2:61:6C:AA:FF:A5:15:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:a2:9c:40:bc:e5:87:d7:84:ea:58:1c:68:60:22:99:75:c2:
         72:d3:22:35:e0:07:63:61:00:79:a7:0c:4f:3e:c2:0a:b1:36:
         e2:09:62:de:e1:bd:a5:ea:3d:94:bb:88:39:a1:55:4e:78:20:
         a2:e9:a9:67:65:f2:87:f5:55:42:a8:60:99:9d:9f:21:53:b7:
         b0:7d:02:de:09:98:d1:f9:c3:74:60:5d:18:4c:79:0b:69:62:
         2f:03:b3:a6:97:70:4c:6d:8d:60:b9:50:1f:17:94:b7:b7:d4:
         a6:bc:4c:a0:3a:ea:6d:46:58:96:27:a5:7e:00:29:43:b5:c0:
         af:ce:87:ec:e1:70:10:9f:10:87:bb:15:25:e8:15:49:b3:f0:
         02:1f:9f:95:5d:71:f2:9d:da:ed:8b:0e:0b:80:16:08:3f:a9:
         97:00:74:94:19:f0:8f:dd:21:65:2e:91:94:9f:b6:b4:72:b9:
         14:08:a9:61:d2:d9:4f:1c:35:55:46:f5:73:31:81:bb:15:c1:
         9d:51:bd:95:c4:ae:28:81:5a:e5:33:54:70:13:28:08:c6:a5:
         9b:fe:b5:bc:20:4a:9b:9f:cd:a4:3f:cd:06:1f:18:67:77:56:
         5a:6d:e4:f4:eb:24:28:d5:8a:c8:ee:19:e6:6f:60:3a:0e:43:
         92:50:74:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJZ9Bt1rmqvjbs9nVftNEoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmUwMjEzYzFjMWRiNzMzZGVlY2E0YWUyNjE2Y2FhZmZh
NTE1NzAwHhcNMjUwNjA3MDgwMDI5WhcNMjUwNjA4MDgwMDI5WjAzMTEwLwYDVQQD
EyhlNjkzMDQzZTYzZGM1OTg2NjAyNmUzMjM3YzM2YjdhZTA2NDJiZDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSu/On88DewBEJcWY0VaD87SZZuc
s0ktzHL8jn6rfGDAJliYfw5tLMYIH3JB/TIGBsDbsOsKhsHtxerr2hJNODaJKOTe
7HNn4qM2eNorpfsjAhTzw5YOw4mJPj7vV/VVw0ZveJBuMB1N9xFbwIatzngBWKi5
i/g+5H15k5lHRsxACD6fHY0tM4FbaSVIESGmj+VWngmjX5o6kq0qVZ8czqoOC5aR
ej4eTTs+VjtLyExM8wVqRU0jQDSvYXnv0ZcYIMe4Zb49Ev75/xaX8QYtmqTlcjjd
fd25NfV1r/LlRRVo7YNIbNDR5mNPHg1QRIoR14GVMEkS9DOqtoXh9YLeCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOaTBD5j3FmGYCbjI3w2t64GQr1WMB8GA1UdIwQY
MBaAFJ8uAhPBwdtzPe7KSuJhbKr/pRVwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iMTM4OGYtM2FlYi00MGQ2LWI0Yjct
OWU4NTJmMzMwMWMwLzEvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iMTM4OGYtM2FlYi00MGQ2LWI0YjctOWU4NTJmMzMwMWMw
LzEvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbaKcQLzl
h9eE6lgcaGAimXXCctMiNeAHY2EAeacMTz7CCrE24gli3uG9peo9lLuIOaFVTngg
oumpZ2Xyh/VVQqhgmZ2fIVO3sH0C3gmY0fnDdGBdGEx5C2liLwOzppdwTG2NYLlQ
HxeUt7fUprxMoDrqbUZYlielfgApQ7XAr86H7OFwEJ8Qh7sVJegVSbPwAh+flV1x
8p3a7YsOC4AWCD+plwB0lBnwj90hZS6RlJ+2tHK5FAipYdLZTxw1VUb1czGBuxXB
nVG9lcSuKIFa5TNUcBMoCMalm/61vCBKm5/NpD/NBh8YZ3dWWm3k9OskKNWKyO4Z
5m9gOg5DklB07w==
-----END CERTIFICATE-----