Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
File:                     ny4CE8HB23M97spK4mFsqv-lFXA.mft (raw, json)
Hash identifier:          4PGA6gXtk4KzYO7wLJFuMkOBIz+9b3t0HLsyGaaMWWQ=
Subject key identifier:   DA:0E:DF:99:5C:FA:8E:CE:E6:EB:9A:E0:7F:A3:65:0B:DA:96:6C:09
Authority key identifier: 9F:2E:02:13:C1:C1:DB:73:3D:EE:CA:4A:E2:61:6C:AA:FF:A5:15:70
Certificate issuer:       /CN=9f2e0213c1c1db733deeca4ae2616caaffa51570
Certificate serial:       0199228C3F4957E8A0941645954AB1E5A9A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
Manifest number:          131F
Signing time:             Sun 07 Sep 2025 05:00:40 +0000
Manifest this update:     Sun 07 Sep 2025 05:00:40 +0000
Manifest next update:     Mon 08 Sep 2025 05:00:40 +0000
Files and hashes:         1: ny4CE8HB23M97spK4mFsqv-lFXA.crl (hash: g8ctW1dJJblcZhaVYEb3KKjVuWfuUsFyV4Fq7fxo3+E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:3f:49:57:e8:a0:94:16:45:95:4a:b1:e5:a9:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2e0213c1c1db733deeca4ae2616caaffa51570
        Validity
            Not Before: Sep  7 05:00:40 2025 GMT
            Not After : Sep  8 05:00:40 2025 GMT
        Subject: CN=da0edf995cfa8ecee6eb9ae07fa3650bda966c09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:3a:3d:e8:f1:eb:c4:35:85:5a:06:48:6c:0a:
                    29:1a:bc:24:81:8d:2f:e6:8a:50:db:07:9c:43:92:
                    65:06:e4:42:68:6a:c1:da:aa:b1:b5:3e:c4:db:9e:
                    ef:52:67:4a:42:d6:65:b5:63:f7:7e:7d:be:81:88:
                    e9:07:db:b2:1a:01:17:11:f1:b5:f7:e7:c8:ac:e7:
                    c0:e1:be:ed:ed:e3:b2:6c:ac:32:42:53:d4:54:98:
                    59:fa:91:80:92:06:09:c2:ae:4b:00:b1:11:47:96:
                    2a:f6:ec:45:52:8f:10:3d:29:3c:14:a4:29:e9:b0:
                    87:92:18:a3:7c:5a:49:a0:10:e1:d6:53:e1:52:a0:
                    1c:4f:7f:82:76:fd:cd:f4:e2:06:51:8b:2b:fe:5b:
                    05:f2:81:40:3a:72:bf:49:12:97:f9:72:ce:6d:fc:
                    df:12:55:53:66:6f:0a:cc:ed:18:8c:f0:2e:62:0d:
                    b9:db:ad:f3:82:ea:a0:81:b8:4b:d5:47:87:4c:32:
                    da:69:63:e3:36:45:04:f8:5c:f1:f0:57:92:10:41:
                    db:08:f1:93:fc:17:f0:ef:01:d8:0b:33:20:51:1d:
                    5a:42:20:30:f0:40:f7:8a:43:37:c9:92:8e:b9:12:
                    f7:34:42:cb:05:c0:5b:1d:26:d2:ca:e6:93:e6:1a:
                    e6:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:0E:DF:99:5C:FA:8E:CE:E6:EB:9A:E0:7F:A3:65:0B:DA:96:6C:09
            X509v3 Authority Key Identifier:
                keyid:9F:2E:02:13:C1:C1:DB:73:3D:EE:CA:4A:E2:61:6C:AA:FF:A5:15:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:fc:da:65:5c:f6:c2:14:3c:b9:2e:82:cc:fd:ec:4b:61:19:
         1b:70:98:19:6f:37:92:ff:03:99:d7:24:73:01:30:22:7c:45:
         d2:05:3c:62:80:0f:79:49:d5:5d:b9:13:57:d6:59:4b:0c:aa:
         c4:7d:db:75:ac:a4:77:d6:c4:63:39:3e:dd:e5:36:6b:0a:2a:
         19:54:98:bb:07:46:de:0b:eb:5f:14:c3:14:1c:cd:44:cf:03:
         3e:5e:2f:4b:fd:57:d8:da:6c:48:8f:3b:74:da:68:64:86:b3:
         dc:ad:b0:a0:39:b8:41:57:de:3f:93:88:e9:fd:dc:6f:ff:eb:
         0c:6f:7e:80:04:74:9e:e8:61:e4:4d:75:9f:b2:3a:f3:ae:b9:
         3c:c5:6a:9e:91:f6:10:46:65:24:e7:21:22:0f:17:41:db:b0:
         b3:8c:e2:ba:2e:1a:69:fd:43:e1:91:45:43:f6:7e:6c:a3:16:
         f6:d4:e7:28:b4:f4:c4:03:92:f3:fc:55:1e:49:f1:19:9e:39:
         19:93:3d:82:32:4d:50:51:9f:22:f2:f7:83:54:d0:72:da:c9:
         06:cb:64:37:70:45:f9:a8:9e:ac:dc:4b:02:70:30:9c:58:4a:
         fb:a8:65:8d:4f:6b:10:4d:e8:ac:d2:1e:b8:b3:1c:fe:20:46:
         c7:a9:e4:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijD9JV+iglBZFlUqx5amlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmUwMjEzYzFjMWRiNzMzZGVlY2E0YWUyNjE2Y2FhZmZh
NTE1NzAwHhcNMjUwOTA3MDUwMDQwWhcNMjUwOTA4MDUwMDQwWjAzMTEwLwYDVQQD
EyhkYTBlZGY5OTVjZmE4ZWNlZTZlYjlhZTA3ZmEzNjUwYmRhOTY2YzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zo96PHrxDWFWgZIbAopGrwkgY0v
5opQ2wecQ5JlBuRCaGrB2qqxtT7E257vUmdKQtZltWP3fn2+gYjpB9uyGgEXEfG1
9+fIrOfA4b7t7eOybKwyQlPUVJhZ+pGAkgYJwq5LALERR5Yq9uxFUo8QPSk8FKQp
6bCHkhijfFpJoBDh1lPhUqAcT3+Cdv3N9OIGUYsr/lsF8oFAOnK/SRKX+XLObfzf
ElVTZm8KzO0YjPAuYg25263zguqggbhL1UeHTDLaaWPjNkUE+Fzx8FeSEEHbCPGT
/Bfw7wHYCzMgUR1aQiAw8ED3ikM3yZKOuRL3NELLBcBbHSbSyuaT5hrmVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNoO35lc+o7O5uua4H+jZQvalmwJMB8GA1UdIwQY
MBaAFJ8uAhPBwdtzPe7KSuJhbKr/pRVwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iMTM4OGYtM2FlYi00MGQ2LWI0Yjct
OWU4NTJmMzMwMWMwLzEvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iMTM4OGYtM2FlYi00MGQ2LWI0YjctOWU4NTJmMzMwMWMw
LzEvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArPzaZVz2
whQ8uS6CzP3sS2EZG3CYGW83kv8DmdckcwEwInxF0gU8YoAPeUnVXbkTV9ZZSwyq
xH3bdaykd9bEYzk+3eU2awoqGVSYuwdG3gvrXxTDFBzNRM8DPl4vS/1X2NpsSI87
dNpoZIaz3K2woDm4QVfeP5OI6f3cb//rDG9+gAR0nuhh5E11n7I68665PMVqnpH2
EEZlJOchIg8XQduws4ziui4aaf1D4ZFFQ/Z+bKMW9tTnKLT0xAOS8/xVHknxGZ45
GZM9gjJNUFGfIvL3g1TQctrJBstkN3BF+aierNxLAnAwnFhK+6hljU9rEE3orNIe
uLMc/iBGx6nkQQ==
-----END CERTIFICATE-----