Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft
File:                     ny83TJpzj63o-FDKq11507kARYQ.mft (raw, json)
Hash identifier:          USXnxKcKvO5a+kBHmTAw1cqNtCzhoFzgD5xhkaf8iAg=
Subject key identifier:   BF:73:91:A1:E0:7D:04:3D:A6:52:70:67:4A:DF:3E:93:CC:36:EC:67
Authority key identifier: 9F:2F:37:4C:9A:73:8F:AD:E8:F8:50:CA:AB:5D:79:D3:B9:00:45:84
Certificate issuer:       /CN=9f2f374c9a738fade8f850caab5d79d3b9004584
Certificate serial:       0199239F0DDE7D6F975CD622CD9B72EB51FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny83TJpzj63o-FDKq11507kARYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 10:00:50 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:50 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:50 +0000
Files and hashes:         1: ny83TJpzj63o-FDKq11507kARYQ.crl (hash: 3P97S1Cqdr4XdhfnIthm214OGipW+I2rASFr00BnDFQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny83TJpzj63o-FDKq11507kARYQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:0d:de:7d:6f:97:5c:d6:22:cd:9b:72:eb:51:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2f374c9a738fade8f850caab5d79d3b9004584
        Validity
            Not Before: Sep  7 10:00:50 2025 GMT
            Not After : Sep  8 10:00:50 2025 GMT
        Subject: CN=bf7391a1e07d043da65270674adf3e93cc36ec67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:a2:85:99:04:6d:e9:19:80:bd:f5:c9:8d:8c:
                    e3:7b:af:22:06:1e:f9:63:d8:8a:8a:7d:92:75:35:
                    f6:5b:df:dd:f2:44:fa:50:2e:67:c8:ec:bf:99:d4:
                    c3:a8:3a:87:87:3e:12:34:65:94:b7:73:ce:cc:67:
                    ab:7d:78:0f:5a:2f:17:3f:f0:6f:d7:ae:0b:4a:f6:
                    7e:2e:73:1c:0f:c9:8d:21:2c:46:64:48:88:3b:67:
                    28:98:ad:8b:e7:ff:7d:6c:45:02:30:56:be:a4:77:
                    19:61:54:4e:82:71:33:1f:37:c9:8a:26:ef:94:e3:
                    bc:b1:a2:a7:01:8a:6d:92:62:08:fd:60:55:83:91:
                    f9:3b:b5:e5:6e:61:7c:ae:02:cd:48:a6:71:1c:bf:
                    a6:88:56:45:8a:e9:a1:ba:24:d4:84:53:fa:1f:72:
                    ab:17:7f:78:f0:28:fe:ed:5b:35:04:14:6d:1b:ec:
                    d8:27:ce:d3:a3:7e:a6:d6:99:ba:47:c3:af:76:67:
                    a0:e2:19:16:d4:56:e4:1e:d5:9c:22:46:4b:cc:fc:
                    49:c2:e1:06:d6:dc:6a:2b:2b:75:5e:31:77:2a:ca:
                    7c:6c:6c:ed:2d:d5:ef:a7:56:0d:dd:9a:1f:80:db:
                    a9:94:98:f7:39:a2:30:25:0a:84:4a:be:f8:69:d8:
                    bf:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:73:91:A1:E0:7D:04:3D:A6:52:70:67:4A:DF:3E:93:CC:36:EC:67
            X509v3 Authority Key Identifier:
                keyid:9F:2F:37:4C:9A:73:8F:AD:E8:F8:50:CA:AB:5D:79:D3:B9:00:45:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny83TJpzj63o-FDKq11507kARYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:22:6b:1a:e0:5d:dd:70:b4:81:b0:a6:5c:bb:53:ae:51:ba:
         f6:eb:e1:32:10:25:48:4f:38:a1:ba:d6:bb:8b:65:24:2d:a1:
         54:f6:80:5f:d3:b4:21:92:88:41:90:3d:2d:db:cc:d6:84:40:
         65:c7:30:42:b0:39:52:7e:42:d4:44:4d:b0:fa:f2:7c:7f:1c:
         d8:80:f6:27:f6:ea:28:a4:2b:5f:4f:0a:3c:88:3b:d0:8e:dd:
         13:7b:fc:10:09:01:a7:ce:77:ad:a9:b2:53:67:6e:d7:2c:43:
         53:72:48:28:f3:9b:74:12:b1:b4:6a:36:f7:8d:12:5e:84:a4:
         d0:a1:fc:ba:4d:31:be:b3:58:ac:6b:1e:14:10:59:91:bd:25:
         83:a6:2a:57:e5:7a:d8:0e:97:10:0f:34:62:5f:8f:0d:18:3d:
         8f:09:27:6c:5a:f0:d0:a7:a2:a2:e9:59:c6:9a:ca:ff:24:55:
         8b:31:46:04:d9:e0:b6:eb:ab:48:a5:2c:2f:16:1a:95:31:10:
         bd:eb:51:33:5b:be:9c:62:09:e0:76:69:35:0e:1b:3e:c3:a7:
         8d:10:88:2a:70:29:cf:b3:7e:a2:bb:56:e9:d4:bf:50:27:80:
         0a:f3:6a:1b:7a:a9:fd:1c:89:bc:88:c4:7b:7c:a8:73:7a:d4:
         19:0e:db:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnw3efW+XXNYizZty61H+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmYzNzRjOWE3MzhmYWRlOGY4NTBjYWFiNWQ3OWQzYjkw
MDQ1ODQwHhcNMjUwOTA3MTAwMDUwWhcNMjUwOTA4MTAwMDUwWjAzMTEwLwYDVQQD
EyhiZjczOTFhMWUwN2QwNDNkYTY1MjcwNjc0YWRmM2U5M2NjMzZlYzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qKFmQRt6RmAvfXJjYzje68iBh75
Y9iKin2SdTX2W9/d8kT6UC5nyOy/mdTDqDqHhz4SNGWUt3POzGerfXgPWi8XP/Bv
164LSvZ+LnMcD8mNISxGZEiIO2comK2L5/99bEUCMFa+pHcZYVROgnEzHzfJiibv
lOO8saKnAYptkmII/WBVg5H5O7XlbmF8rgLNSKZxHL+miFZFiumhuiTUhFP6H3Kr
F3948Cj+7Vs1BBRtG+zYJ87To36m1pm6R8Ovdmeg4hkW1FbkHtWcIkZLzPxJwuEG
1txqKyt1XjF3Ksp8bGztLdXvp1YN3ZofgNuplJj3OaIwJQqESr74adi/swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL9zkaHgfQQ9plJwZ0rfPpPMNuxnMB8GA1UdIwQY
MBaAFJ8vN0yac4+t6PhQyqtdedO5AEWEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk4M1RKcHpqNjNvLUZES3ExMTUwN2tBUllRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS82MzRlNzYtNWM1Zi00NGM0LWI4YTQt
NTI0ZTkzMGU1ZmQxLzEvbnk4M1RKcHpqNjNvLUZES3ExMTUwN2tBUllRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS82MzRlNzYtNWM1Zi00NGM0LWI4YTQtNTI0ZTkzMGU1ZmQx
LzEvbnk4M1RKcHpqNjNvLUZES3ExMTUwN2tBUllRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADiJrGuBd
3XC0gbCmXLtTrlG69uvhMhAlSE84obrWu4tlJC2hVPaAX9O0IZKIQZA9LdvM1oRA
ZccwQrA5Un5C1ERNsPryfH8c2ID2J/bqKKQrX08KPIg70I7dE3v8EAkBp853ramy
U2du1yxDU3JIKPObdBKxtGo2940SXoSk0KH8uk0xvrNYrGseFBBZkb0lg6YqV+V6
2A6XEA80Yl+PDRg9jwknbFrw0KeioulZxprK/yRVizFGBNngtuurSKUsLxYalTEQ
vetRM1u+nGIJ4HZpNQ4bPsOnjRCIKnApz7N+ortW6dS/UCeACvNqG3qp/RyJvIjE
e3yoc3rUGQ7bjA==
-----END CERTIFICATE-----