Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
File:                     nyHqqnvQ7mfKYwLj16quZNcpQC0.mft (raw, json)
Hash identifier:          nUagwFSP+rNKyRXyPo6hrRZaUGFd8wfcfIFE0EvZr6U=
Subject key identifier:   C5:31:BA:E6:CD:C4:91:AE:8C:73:E6:3E:EB:7C:B8:CA:1A:39:2F:D6
Authority key identifier: 9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D
Certificate issuer:       /CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
Certificate serial:       019A70A525F6D20C331D9A49EF45B36D21F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
Manifest number:          0803
Signing time:             Tue 11 Nov 2025 02:01:02 +0000
Manifest this update:     Tue 11 Nov 2025 02:01:02 +0000
Manifest next update:     Wed 12 Nov 2025 02:01:02 +0000
Files and hashes:         1: nyHqqnvQ7mfKYwLj16quZNcpQC0.crl (hash: p8WQbDcG0rS2AV0kVHpcfwUnAMPFuqdGTfMBXrIyE74=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a5:25:f6:d2:0c:33:1d:9a:49:ef:45:b3:6d:21:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
        Validity
            Not Before: Nov 11 02:01:02 2025 GMT
            Not After : Nov 12 02:01:02 2025 GMT
        Subject: CN=c531bae6cdc491ae8c73e63eeb7cb8ca1a392fd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ea:db:81:50:ce:cb:1d:f2:e8:c2:50:f1:73:
                    b6:86:5a:42:18:08:da:7c:d4:4b:1f:3d:aa:63:3c:
                    d4:1b:74:6b:86:44:2a:b7:3d:1c:0c:92:05:8f:b8:
                    f6:99:5b:aa:b4:3e:4d:74:56:77:47:4f:65:68:1f:
                    31:39:da:2c:2c:9e:f3:a4:ad:70:3e:92:c2:1b:28:
                    b6:7c:6d:02:37:1f:dc:09:ca:04:19:56:2d:b8:97:
                    c9:3f:41:2f:ed:42:93:59:c7:02:c1:74:52:1f:0d:
                    75:19:77:c6:2b:36:ec:aa:f9:3d:b9:6c:f2:7b:35:
                    cc:58:2d:91:e3:d1:98:f9:9c:1e:15:cf:bc:e4:3e:
                    fe:f9:39:2c:1a:42:4a:6c:01:df:d8:76:da:fd:91:
                    da:f3:cb:f9:60:8c:84:ec:25:7f:bd:27:05:8e:e5:
                    be:f5:73:a6:6e:e5:cb:7c:ab:60:ee:dd:c3:e3:17:
                    b3:1f:2e:89:72:02:13:77:9f:15:94:20:7b:26:97:
                    ca:ac:d9:2e:5f:a8:ed:e6:bd:c8:6d:19:a6:3f:5f:
                    5f:4f:75:3c:a9:a8:3c:04:c6:4d:e0:21:73:34:7f:
                    29:12:49:57:6a:8a:8d:06:fb:3b:e4:be:cc:47:04:
                    37:e2:9f:3e:15:49:12:ff:01:67:14:3c:79:1a:4e:
                    fb:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:31:BA:E6:CD:C4:91:AE:8C:73:E6:3E:EB:7C:B8:CA:1A:39:2F:D6
            X509v3 Authority Key Identifier:
                keyid:9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:ca:65:2a:f0:28:15:b0:bc:ba:77:82:62:db:7f:d9:8a:c2:
         a4:00:3c:01:df:30:19:9b:35:0e:96:94:ca:df:5f:c8:38:47:
         1a:05:a4:11:29:e6:f8:c9:ea:a7:aa:0d:f1:7d:1f:40:f4:83:
         08:bb:63:5c:de:8f:a5:6c:10:16:3e:9c:b9:77:15:9e:19:cc:
         ae:5e:15:24:d4:69:6a:d8:29:05:b4:10:e1:94:ac:f0:a1:55:
         92:42:d1:14:a8:80:dc:53:c0:24:98:53:3c:53:cf:43:1d:e3:
         4c:34:66:d7:00:8c:9b:2f:b6:f3:54:01:3b:3a:80:72:98:3a:
         7b:e1:25:ae:ff:af:c0:4a:2e:9c:5b:ef:6e:b1:87:8c:9c:b1:
         ad:f9:bd:02:fe:bc:8e:35:5e:26:aa:d5:11:18:62:37:2d:11:
         32:94:e2:5b:30:dd:d2:bb:f4:32:a7:89:cc:27:a7:cb:26:9a:
         f3:53:4d:76:89:ac:3c:47:14:2e:d8:c8:29:2e:6e:76:0b:31:
         d2:7b:27:73:31:ca:94:b0:b2:d9:ac:01:2e:4d:8b:af:4e:04:
         e2:17:d1:fa:99:58:8d:ed:13:1e:99:ca:d4:b7:78:89:ce:18:
         24:69:ec:ad:47:48:97:f0:ea:3d:2a:74:ab:89:a3:41:84:0b:
         bf:ab:0f:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpSX20gwzHZpJ70WzbSH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjFlYWFhN2JkMGVlNjdjYTYzMDJlM2Q3YWFhZTY0ZDcy
OTQwMmQwHhcNMjUxMTExMDIwMTAyWhcNMjUxMTEyMDIwMTAyWjAzMTEwLwYDVQQD
EyhjNTMxYmFlNmNkYzQ5MWFlOGM3M2U2M2VlYjdjYjhjYTFhMzkyZmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAverbgVDOyx3y6MJQ8XO2hlpCGAja
fNRLHz2qYzzUG3RrhkQqtz0cDJIFj7j2mVuqtD5NdFZ3R09laB8xOdosLJ7zpK1w
PpLCGyi2fG0CNx/cCcoEGVYtuJfJP0Ev7UKTWccCwXRSHw11GXfGKzbsqvk9uWzy
ezXMWC2R49GY+ZweFc+85D7++TksGkJKbAHf2Hba/ZHa88v5YIyE7CV/vScFjuW+
9XOmbuXLfKtg7t3D4xezHy6JcgITd58VlCB7JpfKrNkuX6jt5r3IbRmmP19fT3U8
qag8BMZN4CFzNH8pEklXaoqNBvs75L7MRwQ34p8+FUkS/wFnFDx5Gk77zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMUxuubNxJGujHPmPut8uMoaOS/WMB8GA1UdIwQY
MBaAFJ8h6qp70O5nymMC49eqrmTXKUAtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGIt
YTk2ZjYxYzBjMWRhLzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGItYTk2ZjYxYzBjMWRh
LzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANMplKvAo
FbC8uneCYtt/2YrCpAA8Ad8wGZs1DpaUyt9fyDhHGgWkESnm+Mnqp6oN8X0fQPSD
CLtjXN6PpWwQFj6cuXcVnhnMrl4VJNRpatgpBbQQ4ZSs8KFVkkLRFKiA3FPAJJhT
PFPPQx3jTDRm1wCMmy+281QBOzqAcpg6e+Elrv+vwEounFvvbrGHjJyxrfm9Av68
jjVeJqrVERhiNy0RMpTiWzDd0rv0MqeJzCenyyaa81NNdomsPEcULtjIKS5udgsx
0nsnczHKlLCy2awBLk2Lr04E4hfR+plYje0THpnK1Ld4ic4YJGnsrUdIl/DqPSp0
q4mjQYQLv6sPug==
-----END CERTIFICATE-----