Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
File:                     nyHqqnvQ7mfKYwLj16quZNcpQC0.mft (raw, json)
Hash identifier:          7eZBVyaHAmIX6gwE3wnf4xivhrxVfVNFA3WF4sGznq4=
Subject key identifier:   15:A5:1C:8A:43:58:DD:8B:A4:92:06:FF:DD:7C:4A:78:C1:FE:F7:28
Authority key identifier: 9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D
Certificate issuer:       /CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
Certificate serial:       01964A7CEE3EC8244213138898E71CA3810F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
Manifest number:          05DD
Signing time:             Fri 18 Apr 2025 20:00:23 +0000
Manifest this update:     Fri 18 Apr 2025 20:00:23 +0000
Manifest next update:     Sat 19 Apr 2025 20:00:23 +0000
Files and hashes:         1: nyHqqnvQ7mfKYwLj16quZNcpQC0.crl (hash: rQLKBuAOyrRWMa5UTtVxoPbc+WBfQA1gAR0WLeghdyM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4a:7c:ee:3e:c8:24:42:13:13:88:98:e7:1c:a3:81:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
        Validity
            Not Before: Apr 18 20:00:23 2025 GMT
            Not After : Apr 19 20:00:23 2025 GMT
        Subject: CN=15a51c8a4358dd8ba49206ffdd7c4a78c1fef728
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:8a:74:54:7d:3c:e7:5a:0f:38:80:e6:40:24:
                    f1:46:bb:bd:66:e7:38:fd:ee:ee:51:f6:8d:90:03:
                    73:a0:f4:6f:ed:93:14:48:8c:07:16:2f:7c:6a:75:
                    2a:f5:87:dc:e3:71:ad:d8:02:2b:cc:b1:f8:84:cf:
                    39:7c:84:8d:81:d4:52:5f:a9:9a:f0:9b:b9:69:50:
                    c5:e1:0f:c9:0a:40:f3:06:1c:37:6d:33:28:27:12:
                    2f:af:bd:3d:6c:13:df:38:62:f8:57:a0:dc:35:ef:
                    d3:3a:d3:5f:bd:1d:57:e8:2b:7e:83:2f:65:87:80:
                    9a:7a:12:3d:f2:02:e3:94:97:28:a2:b5:f5:4c:b0:
                    9f:73:bc:8a:a9:3b:5b:30:bd:b1:fd:d1:32:12:77:
                    0e:76:da:0d:49:f6:b4:ce:05:cc:33:58:82:bf:af:
                    38:bd:f9:2f:d4:a0:fd:82:62:c7:cb:63:04:60:b2:
                    02:14:d8:c6:9b:67:60:3e:73:a8:f8:34:34:be:b9:
                    dd:52:88:d1:82:a8:fb:fe:45:ec:ad:58:83:dc:17:
                    2a:25:77:00:1f:11:62:b8:57:bc:c6:d1:77:38:b4:
                    c4:2e:0c:f4:63:02:17:9e:f2:79:10:3f:21:38:84:
                    87:b5:57:7f:ee:4f:80:c6:4d:f3:3e:d2:82:c7:15:
                    f6:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:A5:1C:8A:43:58:DD:8B:A4:92:06:FF:DD:7C:4A:78:C1:FE:F7:28
            X509v3 Authority Key Identifier:
                keyid:9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:73:42:fb:f6:32:41:14:e0:b6:80:85:dd:5b:fa:65:46:31:
         93:24:db:f4:3b:62:dc:ee:59:a1:dc:56:5d:86:d8:f6:01:70:
         76:cb:67:68:c2:f6:6f:56:75:17:1c:87:dc:d8:22:20:61:e1:
         45:5c:8f:06:81:b6:18:43:75:d8:d9:86:69:4a:17:54:07:fe:
         07:7c:b7:5d:bd:ef:9d:01:e6:99:e6:5a:e6:7a:e5:70:52:13:
         8c:e5:b5:c2:2d:e0:67:5f:d3:ae:4e:90:df:87:8b:df:0b:ff:
         43:b0:b6:a1:c2:d7:28:12:42:d6:69:80:56:ed:f8:01:c3:ee:
         09:e2:2c:93:40:8e:15:d5:3b:6e:db:ad:ca:6d:ef:fd:92:78:
         a8:aa:a7:57:6e:32:b8:9e:4d:df:e0:8e:11:4a:89:e0:09:8a:
         13:e4:b2:1a:17:78:f1:45:c5:22:39:ab:29:7d:7a:1c:b5:6d:
         9a:a7:c3:23:4a:8e:b7:11:fa:fa:23:85:1c:95:0b:fe:a5:a0:
         05:ab:c7:95:92:2c:e9:20:5c:48:f9:b2:91:73:e8:be:9f:2c:
         4b:02:a7:46:3a:a2:2a:d8:54:65:d2:94:80:83:b6:cd:16:4f:
         d6:0c:6b:e3:22:48:2d:cf:f8:d1:90:71:97:57:24:f8:c7:8f:
         0a:3d:d5:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZKfO4+yCRCExOImOcco4EPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjFlYWFhN2JkMGVlNjdjYTYzMDJlM2Q3YWFhZTY0ZDcy
OTQwMmQwHhcNMjUwNDE4MjAwMDIzWhcNMjUwNDE5MjAwMDIzWjAzMTEwLwYDVQQD
EygxNWE1MWM4YTQzNThkZDhiYTQ5MjA2ZmZkZDdjNGE3OGMxZmVmNzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIp0VH0851oPOIDmQCTxRru9Zuc4
/e7uUfaNkANzoPRv7ZMUSIwHFi98anUq9Yfc43Gt2AIrzLH4hM85fISNgdRSX6ma
8Ju5aVDF4Q/JCkDzBhw3bTMoJxIvr709bBPfOGL4V6DcNe/TOtNfvR1X6Ct+gy9l
h4CaehI98gLjlJcoorX1TLCfc7yKqTtbML2x/dEyEncOdtoNSfa0zgXMM1iCv684
vfkv1KD9gmLHy2MEYLICFNjGm2dgPnOo+DQ0vrndUojRgqj7/kXsrViD3BcqJXcA
HxFiuFe8xtF3OLTELgz0YwIXnvJ5ED8hOISHtVd/7k+Axk3zPtKCxxX2ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBWlHIpDWN2LpJIG/918SnjB/vcoMB8GA1UdIwQY
MBaAFJ8h6qp70O5nymMC49eqrmTXKUAtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGIt
YTk2ZjYxYzBjMWRhLzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGItYTk2ZjYxYzBjMWRh
LzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPXNC+/Yy
QRTgtoCF3Vv6ZUYxkyTb9Dti3O5ZodxWXYbY9gFwdstnaML2b1Z1FxyH3NgiIGHh
RVyPBoG2GEN12NmGaUoXVAf+B3y3Xb3vnQHmmeZa5nrlcFITjOW1wi3gZ1/Trk6Q
34eL3wv/Q7C2ocLXKBJC1mmAVu34AcPuCeIsk0COFdU7btutym3v/ZJ4qKqnV24y
uJ5N3+COEUqJ4AmKE+SyGhd48UXFIjmrKX16HLVtmqfDI0qOtxH6+iOFHJUL/qWg
BavHlZIs6SBcSPmykXPovp8sSwKnRjqiKthUZdKUgIO2zRZP1gxr4yJILc/40ZBx
l1ck+MePCj3VLw==
-----END CERTIFICATE-----