Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
File:                     ny8WbQXql29prtWORqQfflBSRHU.mft (raw, json)
Hash identifier:          Qer7graO0w8veY+mXUl78nZtwgyP6fv57xt2SY4DBeY=
Subject key identifier:   9C:67:F5:A7:EF:54:D8:66:8A:2C:6D:BF:A0:2B:77:AB:FF:A7:F9:E8
Authority key identifier: 9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75
Certificate issuer:       /CN=9f2f166d05ea976f69aed58e46a41f7e50524475
Certificate serial:       019A70A4C41B13AC796F19632BCF68E79252
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
Manifest number:          1495
Signing time:             Tue 11 Nov 2025 02:00:37 +0000
Manifest this update:     Tue 11 Nov 2025 02:00:37 +0000
Manifest next update:     Wed 12 Nov 2025 02:00:37 +0000
Files and hashes:         1: ny8WbQXql29prtWORqQfflBSRHU.crl (hash: epKXPpkF6PwmK49HSXlFvyeZCqkn+ADzfzWRcW/sUjE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a4:c4:1b:13:ac:79:6f:19:63:2b:cf:68:e7:92:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2f166d05ea976f69aed58e46a41f7e50524475
        Validity
            Not Before: Nov 11 02:00:37 2025 GMT
            Not After : Nov 12 02:00:37 2025 GMT
        Subject: CN=9c67f5a7ef54d8668a2c6dbfa02b77abffa7f9e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:36:a6:7d:e2:a6:66:d7:eb:fa:20:02:96:93:
                    23:1e:79:0b:cc:fa:29:31:bf:48:d4:0e:fe:ed:74:
                    d0:46:7a:ce:c3:49:bf:36:5f:12:42:5b:76:05:b0:
                    68:81:2f:2a:b6:0f:34:c9:19:73:aa:69:bc:39:e3:
                    c0:15:43:15:d2:2a:5f:48:5b:86:d8:61:f0:72:6e:
                    6a:b4:3a:f1:5c:7c:ba:5a:67:3b:51:7b:c3:b0:a6:
                    7d:5c:1e:3c:f0:36:dc:32:af:37:79:fa:13:a6:58:
                    23:c9:54:4d:fd:ff:0d:55:17:27:d6:16:b1:6c:a9:
                    ac:42:7c:40:97:13:3a:ac:16:f4:78:86:d5:32:db:
                    6a:b2:72:b6:db:79:2b:d7:d1:9c:92:c7:a6:d8:5f:
                    64:b8:a8:2b:0a:61:7a:d6:a5:27:bc:e9:86:eb:a1:
                    ee:f6:38:fa:d6:73:c3:13:51:3c:a5:50:61:de:70:
                    e4:ed:10:0d:51:69:3d:1d:76:97:31:4b:db:ff:93:
                    bb:f4:73:72:53:44:04:a2:e5:d3:9a:80:d6:73:08:
                    10:9d:da:47:7e:09:93:03:6f:93:a7:0c:5f:b7:f2:
                    bd:d8:0c:09:24:c3:6c:68:55:b8:b5:8a:d6:bb:3e:
                    d7:a4:78:fb:cb:5b:f5:9c:65:89:b8:0c:f8:5c:da:
                    f3:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:67:F5:A7:EF:54:D8:66:8A:2C:6D:BF:A0:2B:77:AB:FF:A7:F9:E8
            X509v3 Authority Key Identifier:
                keyid:9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ce:75:2f:b9:33:91:52:96:37:68:42:17:d2:4a:f7:d8:35:1e:
         eb:83:5e:32:db:64:9c:02:40:ec:a7:b1:2b:b8:24:53:d1:4d:
         10:5e:dc:da:90:ec:31:ff:40:79:24:44:b4:02:e6:88:2b:cc:
         22:6e:7a:3f:57:cb:22:07:8a:35:ae:5d:39:fb:ca:4b:52:10:
         12:7d:46:28:de:53:ef:90:5a:a6:f4:e8:8d:e0:96:df:de:d4:
         8c:66:9d:a2:0a:7b:23:06:a3:e7:c7:59:0a:38:32:db:6f:06:
         61:1e:fd:63:ab:83:e5:e7:03:db:6f:5c:61:c1:51:ee:59:50:
         f9:31:e5:2d:74:06:d7:c7:39:c9:55:2b:00:d6:6d:5d:c5:23:
         b0:93:d3:6b:d0:eb:58:3d:47:e7:3a:10:d1:66:bb:93:f8:63:
         96:33:8d:fc:de:1f:86:12:f7:df:de:17:9f:38:a7:94:15:ab:
         35:26:ce:b5:2c:89:c0:94:be:cb:ed:71:b3:1f:7f:9c:91:88:
         25:b4:62:97:c0:aa:ba:95:74:8e:ad:05:8c:7d:57:c7:f6:60:
         c8:e3:9a:ea:59:07:f9:1b:99:58:a6:c0:a4:3a:3f:02:3d:3e:
         44:ae:d9:50:c6:72:d4:00:cb:b7:17:8b:56:22:ad:b7:52:8e:
         fc:65:fb:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpMQbE6x5bxljK89o55JSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmYxNjZkMDVlYTk3NmY2OWFlZDU4ZTQ2YTQxZjdlNTA1
MjQ0NzUwHhcNMjUxMTExMDIwMDM3WhcNMjUxMTEyMDIwMDM3WjAzMTEwLwYDVQQD
Eyg5YzY3ZjVhN2VmNTRkODY2OGEyYzZkYmZhMDJiNzdhYmZmYTdmOWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjamfeKmZtfr+iAClpMjHnkLzPop
Mb9I1A7+7XTQRnrOw0m/Nl8SQlt2BbBogS8qtg80yRlzqmm8OePAFUMV0ipfSFuG
2GHwcm5qtDrxXHy6Wmc7UXvDsKZ9XB488DbcMq83efoTplgjyVRN/f8NVRcn1hax
bKmsQnxAlxM6rBb0eIbVMttqsnK223kr19Gcksem2F9kuKgrCmF61qUnvOmG66Hu
9jj61nPDE1E8pVBh3nDk7RANUWk9HXaXMUvb/5O79HNyU0QEouXTmoDWcwgQndpH
fgmTA2+Tpwxft/K92AwJJMNsaFW4tYrWuz7XpHj7y1v1nGWJuAz4XNrz4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJxn9afvVNhmiixtv6Ard6v/p/noMB8GA1UdIwQY
MBaAFJ8vFm0F6pdvaa7VjkakH35QUkR1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQt
OTYyZDRmMGMyOWIwLzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQtOTYyZDRmMGMyOWIw
LzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAznUvuTOR
UpY3aEIX0kr32DUe64NeMttknAJA7KexK7gkU9FNEF7c2pDsMf9AeSREtALmiCvM
Im56P1fLIgeKNa5dOfvKS1IQEn1GKN5T75BapvTojeCW397UjGadogp7Iwaj58dZ
Cjgy228GYR79Y6uD5ecD229cYcFR7llQ+THlLXQG18c5yVUrANZtXcUjsJPTa9Dr
WD1H5zoQ0Wa7k/hjljON/N4fhhL3394XnzinlBWrNSbOtSyJwJS+y+1xsx9/nJGI
JbRil8CqupV0jq0FjH1Xx/ZgyOOa6lkH+RuZWKbApDo/Aj0+RK7ZUMZy1ADLtxeL
ViKtt1KO/GX7eg==
-----END CERTIFICATE-----