Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
File:                     nyHqqnvQ7mfKYwLj16quZNcpQC0.mft (raw, json)
Hash identifier:          CQoSlJDZonx7NvmWz+Ti8j1D5MgdPtj6hPAufkB6MA8=
Subject key identifier:   30:D8:46:34:35:BC:BD:BC:2D:6E:FE:D4:77:A3:EC:4D:46:6E:44:25
Authority key identifier: 9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D
Certificate issuer:       /CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
Certificate serial:       019511A29C150CEC569876C40A8AF03F7D21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
Manifest number:          053B
Signing time:             Mon 17 Feb 2025 02:00:24 +0000
Manifest this update:     Mon 17 Feb 2025 02:00:24 +0000
Manifest next update:     Tue 18 Feb 2025 02:00:24 +0000
Files and hashes:         1: nyHqqnvQ7mfKYwLj16quZNcpQC0.crl (hash: On70A04hPHoboTGvIztsWz9NEoykpMOaxOLEIJpbK9M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:a2:9c:15:0c:ec:56:98:76:c4:0a:8a:f0:3f:7d:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
        Validity
            Not Before: Feb 17 02:00:24 2025 GMT
            Not After : Feb 18 02:00:24 2025 GMT
        Subject: CN=30d8463435bcbdbc2d6efed477a3ec4d466e4425
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:a3:66:d6:66:90:b7:75:44:0e:a7:ff:ea:8d:
                    92:b7:3c:43:1f:93:fa:91:a8:52:63:d9:84:91:27:
                    83:e9:74:3c:49:4f:9c:26:76:9b:c6:a1:ff:e2:75:
                    29:32:92:08:35:97:99:c3:ef:64:8a:7a:dd:e1:18:
                    1d:ec:cc:e6:29:ed:ef:a9:72:c0:aa:f3:12:a2:a5:
                    b1:59:e3:16:70:90:0d:50:75:b0:f4:1a:70:dc:87:
                    a5:9f:f5:19:1d:a6:5f:f6:ba:a3:f3:5e:4e:17:18:
                    8d:e0:e9:67:58:2d:74:27:d6:c3:7b:57:9c:ac:ae:
                    c7:83:d0:73:2a:f1:db:df:5d:1d:a0:fe:7c:51:ce:
                    5c:94:41:3a:02:bf:39:ab:e0:84:53:f0:4d:54:a1:
                    d6:a1:c1:d1:14:d4:a7:10:21:16:87:66:61:23:9d:
                    e8:8f:c2:a4:6d:8b:db:01:e5:35:ae:51:bb:7a:eb:
                    c4:b2:2f:36:e4:71:9c:bf:de:be:e9:94:00:90:52:
                    e9:f9:c8:32:06:24:c8:fc:c1:bd:a5:1c:cb:17:de:
                    28:34:3d:1f:67:78:a7:ba:a5:fc:5f:c9:b2:7d:28:
                    17:f0:f6:74:e5:a6:9d:1c:be:0b:07:ad:1f:8d:c3:
                    59:7c:0a:af:a6:9a:5d:d1:6c:38:3f:e9:bb:10:a2:
                    62:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:D8:46:34:35:BC:BD:BC:2D:6E:FE:D4:77:A3:EC:4D:46:6E:44:25
            X509v3 Authority Key Identifier:
                keyid:9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:64:0f:04:60:4d:42:86:38:b0:bb:40:2c:7c:65:df:54:d7:
         cb:5c:48:d8:8f:d4:b4:8d:bb:cb:f0:2f:39:30:0d:8a:ac:c0:
         9a:63:d9:8c:d9:6f:5d:68:23:9a:16:20:e9:31:83:61:b6:7b:
         ad:9a:20:0f:e5:e4:42:55:8c:5e:94:f1:ed:4a:51:3e:80:60:
         15:ef:7a:5a:1f:9e:12:e1:7d:dd:e6:08:97:24:37:f8:22:33:
         cb:66:08:15:a5:d6:a6:17:d3:3d:8d:6e:61:05:f0:68:c0:47:
         51:58:9d:77:d8:7c:06:27:47:87:dc:43:95:49:45:fc:be:19:
         19:48:ff:6e:70:6d:8b:63:e9:c0:29:a6:86:a8:39:da:e0:5a:
         f5:81:bb:b1:e1:c5:02:39:b6:79:d9:e6:a4:51:16:7f:8f:1c:
         cb:3e:b6:e0:e1:ad:3f:5a:e5:2a:88:1e:8f:75:93:2c:4a:30:
         b8:d1:48:a2:98:c8:a6:1f:88:18:af:19:81:d8:60:37:25:0d:
         47:34:43:f9:93:d0:d3:1d:1e:9d:a4:50:29:90:ab:ea:0f:a6:
         5a:e1:72:ca:b3:de:91:67:4d:9a:ee:5b:a8:7a:7d:60:92:31:
         94:e7:d5:f3:68:48:87:b6:fa:54:c8:96:1c:45:39:cf:78:19:
         e3:28:41:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURopwVDOxWmHbECorwP30hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjFlYWFhN2JkMGVlNjdjYTYzMDJlM2Q3YWFhZTY0ZDcy
OTQwMmQwHhcNMjUwMjE3MDIwMDI0WhcNMjUwMjE4MDIwMDI0WjAzMTEwLwYDVQQD
EygzMGQ4NDYzNDM1YmNiZGJjMmQ2ZWZlZDQ3N2EzZWM0ZDQ2NmU0NDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqNm1maQt3VEDqf/6o2StzxDH5P6
kahSY9mEkSeD6XQ8SU+cJnabxqH/4nUpMpIINZeZw+9kinrd4Rgd7MzmKe3vqXLA
qvMSoqWxWeMWcJANUHWw9Bpw3Ieln/UZHaZf9rqj815OFxiN4OlnWC10J9bDe1ec
rK7Hg9BzKvHb310doP58Uc5clEE6Ar85q+CEU/BNVKHWocHRFNSnECEWh2ZhI53o
j8KkbYvbAeU1rlG7euvEsi825HGcv96+6ZQAkFLp+cgyBiTI/MG9pRzLF94oND0f
Z3inuqX8X8myfSgX8PZ05aadHL4LB60fjcNZfAqvpppd0Ww4P+m7EKJiUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDDYRjQ1vL28LW7+1Hej7E1GbkQlMB8GA1UdIwQY
MBaAFJ8h6qp70O5nymMC49eqrmTXKUAtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGIt
YTk2ZjYxYzBjMWRhLzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGItYTk2ZjYxYzBjMWRh
LzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaWQPBGBN
QoY4sLtALHxl31TXy1xI2I/UtI27y/AvOTANiqzAmmPZjNlvXWgjmhYg6TGDYbZ7
rZogD+XkQlWMXpTx7UpRPoBgFe96Wh+eEuF93eYIlyQ3+CIzy2YIFaXWphfTPY1u
YQXwaMBHUVidd9h8BidHh9xDlUlF/L4ZGUj/bnBti2PpwCmmhqg52uBa9YG7seHF
Ajm2ednmpFEWf48cyz624OGtP1rlKogej3WTLEowuNFIopjIph+IGK8ZgdhgNyUN
RzRD+ZPQ0x0enaRQKZCr6g+mWuFyyrPekWdNmu5bqHp9YJIxlOfV82hIh7b6VMiW
HEU5z3gZ4yhBKw==
-----END CERTIFICATE-----