Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
File:                     ny8WbQXql29prtWORqQfflBSRHU.mft (raw, json)
Hash identifier:          AJOxp6zRcvKgARJYJQxUb7kTfsMLYU9zpNR/7kT6W64=
Subject key identifier:   03:D0:30:D8:67:5F:72:A6:5D:F4:8F:97:A6:3C:49:46:61:CF:97:F9
Authority key identifier: 9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75
Certificate issuer:       /CN=9f2f166d05ea976f69aed58e46a41f7e50524475
Certificate serial:       0197496840F69211317A0414DE475068A770
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
Manifest number:          12F3
Signing time:             Sat 07 Jun 2025 08:00:58 +0000
Manifest this update:     Sat 07 Jun 2025 08:00:58 +0000
Manifest next update:     Sun 08 Jun 2025 08:00:58 +0000
Files and hashes:         1: ny8WbQXql29prtWORqQfflBSRHU.crl (hash: k0FKdOwLnkFCpPmrjYnF0OTQsKVUHZHaKAadZeeeWiw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 08:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:68:40:f6:92:11:31:7a:04:14:de:47:50:68:a7:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2f166d05ea976f69aed58e46a41f7e50524475
        Validity
            Not Before: Jun  7 08:00:58 2025 GMT
            Not After : Jun  8 08:00:58 2025 GMT
        Subject: CN=03d030d8675f72a65df48f97a63c494661cf97f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:7e:ba:09:71:3e:6c:23:e2:f8:e7:b6:2c:ec:
                    50:2c:5e:a2:3a:1d:26:8c:55:3a:54:14:8a:86:58:
                    a8:d9:60:9d:a0:20:61:a6:8d:60:1e:7c:f8:05:65:
                    c1:f1:f1:56:17:85:7d:c4:a8:c5:94:f7:01:7e:47:
                    cf:7f:6e:ff:c2:c1:6d:96:66:b1:b8:cc:c7:ed:ea:
                    d9:dc:54:91:45:e4:58:09:db:11:6a:84:82:63:d2:
                    22:41:0f:a2:d5:2f:4e:0c:9c:b4:d7:ff:c8:21:10:
                    41:bd:52:ee:7b:c4:ef:cd:5c:19:08:8e:4a:68:11:
                    ff:48:48:67:44:46:d0:e2:2e:c1:74:68:cb:64:e7:
                    31:6d:ea:0d:14:f4:2b:07:3f:45:8c:72:67:6a:05:
                    28:57:83:df:f8:1d:7f:86:58:14:e6:d3:ed:1c:a2:
                    12:3a:e0:e5:eb:a5:04:84:3e:dc:bf:21:d6:d6:ab:
                    c8:93:2b:5f:fc:ea:54:86:b8:a6:f1:00:04:d1:38:
                    14:bd:05:7f:51:96:b3:18:d6:81:98:80:e3:41:1b:
                    8c:83:c7:06:29:bb:da:d3:0a:fe:f9:64:50:de:11:
                    8c:88:45:7f:c7:b4:e6:fa:ab:01:9e:f9:d0:c4:8e:
                    85:91:c4:c0:71:26:26:77:6f:f3:d5:9e:d3:51:8f:
                    c8:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:D0:30:D8:67:5F:72:A6:5D:F4:8F:97:A6:3C:49:46:61:CF:97:F9
            X509v3 Authority Key Identifier:
                keyid:9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:56:f7:ca:58:3e:f9:b7:72:78:77:5b:20:d5:2f:93:b4:15:
         88:dd:9e:18:93:ef:47:21:5b:30:7c:0d:eb:9b:f0:d3:b7:26:
         af:14:7a:8c:5a:95:2f:30:e0:1e:30:75:25:b7:20:3f:03:ef:
         73:12:51:7a:1a:1c:fb:50:06:3e:ed:60:0c:6e:98:36:3d:79:
         f8:ac:da:38:ec:c4:e1:cb:98:57:e1:5d:c8:5b:1a:5c:7c:b4:
         dc:29:ac:31:8e:ee:a9:7c:ab:67:c9:5f:62:ad:14:9f:e0:a1:
         81:7d:a1:aa:d7:a1:ba:af:64:83:65:db:05:9b:93:ed:2d:54:
         f0:bf:e6:dd:78:34:fc:6d:eb:f1:93:e4:05:57:20:c5:c7:d9:
         0e:f4:5d:20:fe:49:fa:62:ff:dd:ff:92:07:d2:20:84:c3:0f:
         e0:31:b9:0a:80:fc:9d:f3:8e:fd:2e:3a:4c:77:1e:18:37:50:
         5e:55:e0:62:6b:a3:b0:58:d3:d9:44:2b:e4:70:ba:73:ff:c8:
         c4:06:23:da:b3:a4:af:0e:94:0a:d1:94:0d:cf:7c:61:63:77:
         06:fc:25:6a:92:6a:28:d4:50:cc:97:d6:11:d2:02:99:6e:b9:
         a2:e8:71:63:e2:ae:ec:a6:51:28:5a:fd:a4:d0:07:e0:5d:46:
         39:45:94:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJaED2khExegQU3kdQaKdwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmYxNjZkMDVlYTk3NmY2OWFlZDU4ZTQ2YTQxZjdlNTA1
MjQ0NzUwHhcNMjUwNjA3MDgwMDU4WhcNMjUwNjA4MDgwMDU4WjAzMTEwLwYDVQQD
EygwM2QwMzBkODY3NWY3MmE2NWRmNDhmOTdhNjNjNDk0NjYxY2Y5N2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3H66CXE+bCPi+Oe2LOxQLF6iOh0m
jFU6VBSKhlio2WCdoCBhpo1gHnz4BWXB8fFWF4V9xKjFlPcBfkfPf27/wsFtlmax
uMzH7erZ3FSRReRYCdsRaoSCY9IiQQ+i1S9ODJy01//IIRBBvVLue8TvzVwZCI5K
aBH/SEhnREbQ4i7BdGjLZOcxbeoNFPQrBz9FjHJnagUoV4Pf+B1/hlgU5tPtHKIS
OuDl66UEhD7cvyHW1qvIkytf/OpUhrim8QAE0TgUvQV/UZazGNaBmIDjQRuMg8cG
Kbva0wr++WRQ3hGMiEV/x7Tm+qsBnvnQxI6FkcTAcSYmd2/z1Z7TUY/I4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAPQMNhnX3KmXfSPl6Y8SUZhz5f5MB8GA1UdIwQY
MBaAFJ8vFm0F6pdvaa7VjkakH35QUkR1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQt
OTYyZDRmMGMyOWIwLzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQtOTYyZDRmMGMyOWIw
LzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVVb3ylg+
+bdyeHdbINUvk7QViN2eGJPvRyFbMHwN65vw07cmrxR6jFqVLzDgHjB1JbcgPwPv
cxJRehoc+1AGPu1gDG6YNj15+KzaOOzE4cuYV+FdyFsaXHy03CmsMY7uqXyrZ8lf
Yq0Un+ChgX2hqtehuq9kg2XbBZuT7S1U8L/m3Xg0/G3r8ZPkBVcgxcfZDvRdIP5J
+mL/3f+SB9IghMMP4DG5CoD8nfOO/S46THceGDdQXlXgYmujsFjT2UQr5HC6c//I
xAYj2rOkrw6UCtGUDc98YWN3BvwlapJqKNRQzJfWEdICmW65ouhxY+Ku7KZRKFr9
pNAH4F1GOUWU6w==
-----END CERTIFICATE-----