Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
File:                     ny4CE8HB23M97spK4mFsqv-lFXA.mft (raw, json)
Hash identifier:          2ogs19QyVvdWOWyedEjUsuTg5D6ySZr3OWTs+0SlnPw=
Subject key identifier:   FD:D4:F4:5D:22:A9:88:5A:DC:82:A2:CC:E8:E1:BF:1A:21:5E:40:A9
Authority key identifier: 9F:2E:02:13:C1:C1:DB:73:3D:EE:CA:4A:E2:61:6C:AA:FF:A5:15:70
Certificate issuer:       /CN=9f2e0213c1c1db733deeca4ae2616caaffa51570
Certificate serial:       019644B2629437B919715C8BB548CD26ECE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
Manifest number:          11A3
Signing time:             Thu 17 Apr 2025 17:01:03 +0000
Manifest this update:     Thu 17 Apr 2025 17:01:03 +0000
Manifest next update:     Fri 18 Apr 2025 17:01:03 +0000
Files and hashes:         1: ny4CE8HB23M97spK4mFsqv-lFXA.crl (hash: vZrfFzACESPAJeYBpea591XzZUZb8xpZiO1IYUBPOGM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:44:b2:62:94:37:b9:19:71:5c:8b:b5:48:cd:26:ec:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2e0213c1c1db733deeca4ae2616caaffa51570
        Validity
            Not Before: Apr 17 17:01:03 2025 GMT
            Not After : Apr 18 17:01:03 2025 GMT
        Subject: CN=fdd4f45d22a9885adc82a2cce8e1bf1a215e40a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:e3:58:3c:5e:7e:04:32:99:37:49:de:d3:ff:
                    99:58:20:22:c5:be:53:e8:7b:33:99:b0:d5:0c:f2:
                    3c:37:d6:26:b8:ca:5b:e1:d6:09:16:c9:28:70:ca:
                    cf:bf:1e:2f:f2:54:4f:85:62:df:72:b8:1b:40:52:
                    eb:cf:c1:09:9c:64:75:f3:26:ff:cf:f6:63:19:a1:
                    bd:d1:5d:47:cb:13:89:d4:c8:51:b9:bd:18:b1:e3:
                    8e:65:d7:22:80:18:83:14:35:32:0c:9d:e6:97:d5:
                    b4:44:3f:38:3d:b1:65:df:57:fd:e8:9a:84:fd:8d:
                    9c:31:38:e7:5e:b1:db:d4:4e:3b:50:16:44:bc:8d:
                    58:f9:45:91:76:10:6a:52:4a:a0:09:95:49:eb:f1:
                    91:24:5e:95:04:47:1e:5c:e2:9b:13:15:ef:1f:b1:
                    47:d6:19:bc:4f:33:a1:99:91:89:2b:1d:8c:2d:2c:
                    06:e8:71:3a:73:4a:e9:1c:10:56:76:5c:85:7e:b2:
                    e7:60:c8:24:71:e1:28:38:38:38:05:69:8f:77:dd:
                    47:52:b2:18:4e:80:2c:fe:ec:d8:41:e6:82:68:b3:
                    03:9e:14:83:3a:8f:f9:b3:c2:c4:41:99:24:1e:bd:
                    fe:4c:74:10:4a:29:08:fc:c5:86:d0:f4:3e:68:ed:
                    0f:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:D4:F4:5D:22:A9:88:5A:DC:82:A2:CC:E8:E1:BF:1A:21:5E:40:A9
            X509v3 Authority Key Identifier:
                keyid:9F:2E:02:13:C1:C1:DB:73:3D:EE:CA:4A:E2:61:6C:AA:FF:A5:15:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:db:2a:05:48:f6:4b:bc:45:d5:84:cb:67:07:c2:d5:6f:62:
         e2:02:c7:a1:0f:05:32:c9:3d:83:67:a7:e1:53:83:5c:51:5c:
         41:0a:89:e9:7c:12:a4:7c:f8:67:e5:94:0b:24:1b:c3:81:46:
         81:dd:86:48:04:41:74:7c:ae:e0:0f:23:2d:ff:97:a0:27:cf:
         f5:89:e2:46:ca:5f:29:fc:1e:2a:98:a5:58:f8:d6:b2:54:e0:
         8e:52:67:6d:ac:48:29:9e:9a:34:0a:82:3d:67:38:6a:53:b3:
         ab:e6:53:1f:31:ca:6b:df:ca:f7:ea:ba:58:c5:8d:ad:ee:dc:
         f8:c8:25:e5:10:37:88:a1:7e:74:ef:84:9b:8c:89:58:79:29:
         52:06:87:e8:44:b0:7d:0e:ae:b7:9f:32:01:bd:e1:2e:af:ed:
         84:48:fd:59:84:64:73:22:b5:7f:7a:02:4c:47:48:eb:4f:32:
         5a:a9:40:06:8e:4c:5d:d1:71:e1:0c:76:ab:67:a7:7f:27:34:
         2e:e8:7d:b6:e5:30:56:f9:2c:fb:77:62:b2:88:2a:7b:04:2c:
         d3:5b:35:b5:b0:5d:bc:85:23:d1:c3:5d:21:35:08:c2:3b:76:
         06:a4:0e:98:5b:d6:43:1a:0c:75:7c:fb:de:62:3c:6c:e3:f5:
         90:b0:08:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZEsmKUN7kZcVyLtUjNJuzgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmUwMjEzYzFjMWRiNzMzZGVlY2E0YWUyNjE2Y2FhZmZh
NTE1NzAwHhcNMjUwNDE3MTcwMTAzWhcNMjUwNDE4MTcwMTAzWjAzMTEwLwYDVQQD
EyhmZGQ0ZjQ1ZDIyYTk4ODVhZGM4MmEyY2NlOGUxYmYxYTIxNWU0MGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnONYPF5+BDKZN0ne0/+ZWCAixb5T
6HszmbDVDPI8N9YmuMpb4dYJFskocMrPvx4v8lRPhWLfcrgbQFLrz8EJnGR18yb/
z/ZjGaG90V1HyxOJ1MhRub0YseOOZdcigBiDFDUyDJ3ml9W0RD84PbFl31f96JqE
/Y2cMTjnXrHb1E47UBZEvI1Y+UWRdhBqUkqgCZVJ6/GRJF6VBEceXOKbExXvH7FH
1hm8TzOhmZGJKx2MLSwG6HE6c0rpHBBWdlyFfrLnYMgkceEoODg4BWmPd91HUrIY
ToAs/uzYQeaCaLMDnhSDOo/5s8LEQZkkHr3+THQQSikI/MWG0PQ+aO0PSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP3U9F0iqYha3IKizOjhvxohXkCpMB8GA1UdIwQY
MBaAFJ8uAhPBwdtzPe7KSuJhbKr/pRVwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iMTM4OGYtM2FlYi00MGQ2LWI0Yjct
OWU4NTJmMzMwMWMwLzEvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iMTM4OGYtM2FlYi00MGQ2LWI0YjctOWU4NTJmMzMwMWMw
LzEvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj9sqBUj2
S7xF1YTLZwfC1W9i4gLHoQ8FMsk9g2en4VODXFFcQQqJ6XwSpHz4Z+WUCyQbw4FG
gd2GSARBdHyu4A8jLf+XoCfP9YniRspfKfweKpilWPjWslTgjlJnbaxIKZ6aNAqC
PWc4alOzq+ZTHzHKa9/K9+q6WMWNre7c+Mgl5RA3iKF+dO+Em4yJWHkpUgaH6ESw
fQ6ut58yAb3hLq/thEj9WYRkcyK1f3oCTEdI608yWqlABo5MXdFx4Qx2q2enfyc0
Luh9tuUwVvks+3disogqewQs01s1tbBdvIUj0cNdITUIwjt2BqQOmFvWQxoMdXz7
3mI8bOP1kLAI8A==
-----END CERTIFICATE-----