Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
File:                     ny8WbQXql29prtWORqQfflBSRHU.mft (raw, json)
Hash identifier:          Y5XqYIDdmzE6f7ncVpHx/X8vYTDX4N5MytOljwsrl/I=
Subject key identifier:   A0:CE:5B:60:9A:E3:B4:54:B8:BC:FB:45:42:99:7A:BD:C3:18:B0:0A
Authority key identifier: 9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75
Certificate issuer:       /CN=9f2f166d05ea976f69aed58e46a41f7e50524475
Certificate serial:       019650480F94D9D450AF17087A0B2FE27DB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
Manifest number:          1272
Signing time:             Sat 19 Apr 2025 23:00:21 +0000
Manifest this update:     Sat 19 Apr 2025 23:00:21 +0000
Manifest next update:     Sun 20 Apr 2025 23:00:21 +0000
Files and hashes:         1: ny8WbQXql29prtWORqQfflBSRHU.crl (hash: 0OHx8oB5KC8ZlFUFCAozUmZQuZIgFZE9X3/P1HjImtA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 16:41:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:50:48:0f:94:d9:d4:50:af:17:08:7a:0b:2f:e2:7d:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2f166d05ea976f69aed58e46a41f7e50524475
        Validity
            Not Before: Apr 19 23:00:21 2025 GMT
            Not After : Apr 20 23:00:21 2025 GMT
        Subject: CN=a0ce5b609ae3b454b8bcfb4542997abdc318b00a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:ca:f0:94:58:c4:a3:06:42:13:3d:64:ab:47:
                    26:ac:24:d3:e9:84:8c:07:63:e9:58:7e:c7:56:8f:
                    f6:a7:e9:c1:4d:b1:2a:f7:31:88:4e:37:44:4c:7a:
                    3a:e0:f5:c6:02:64:75:99:0a:74:c9:41:66:aa:25:
                    be:9e:e9:63:ad:c9:b6:cd:c5:50:ee:c0:6b:a2:1d:
                    57:30:d1:25:15:67:36:db:f1:f6:d0:f9:ce:26:e0:
                    9e:bb:e7:57:74:98:1f:7f:ed:55:ee:e0:4c:68:4f:
                    39:6d:38:d4:cd:d2:73:7f:61:06:21:32:77:72:a5:
                    c3:a3:0f:1a:d7:13:8d:eb:12:64:54:24:b9:3f:57:
                    72:41:d0:81:ef:b9:cb:89:0c:82:31:5c:74:de:8d:
                    f7:22:9c:94:c7:8c:17:8f:eb:ea:78:74:23:40:09:
                    05:d4:b1:46:6c:56:53:7a:69:45:fe:cd:bb:43:90:
                    c0:05:b3:6e:a8:5d:08:2c:54:d0:30:95:df:80:b6:
                    69:b2:33:c5:b5:f3:b7:0f:82:25:59:6e:61:ef:16:
                    78:65:6a:7d:59:ee:ee:c6:a1:40:7b:94:4c:2a:a8:
                    31:d5:aa:94:25:41:d9:af:58:7d:19:a8:f7:cf:82:
                    19:7e:8a:ae:0b:e9:37:4d:67:a5:a9:a4:01:90:36:
                    10:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:CE:5B:60:9A:E3:B4:54:B8:BC:FB:45:42:99:7A:BD:C3:18:B0:0A
            X509v3 Authority Key Identifier:
                keyid:9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:4a:25:b3:2e:91:ee:9d:f2:3c:9b:4c:3a:56:ad:0c:da:cb:
         33:53:6d:eb:1a:ad:c9:85:79:60:71:c3:10:5f:af:18:2d:c2:
         3f:55:f7:11:77:39:92:c4:9a:34:6e:f6:de:ba:dc:e8:51:bc:
         74:40:66:28:b1:b6:31:20:de:c4:53:98:ad:24:43:24:0d:9e:
         eb:f9:6d:91:17:bd:ed:46:a0:65:3b:be:9d:a8:74:29:85:e0:
         8b:a6:a4:a7:50:5c:7c:fc:e0:5b:2e:5e:cf:22:b8:8f:29:6f:
         77:11:d8:30:d2:2d:6b:a4:7c:26:e1:19:86:78:6c:a3:c3:bf:
         be:27:76:b6:42:64:d6:b0:24:d3:77:b2:c3:31:ee:4c:36:35:
         c0:24:9d:b1:0f:ec:37:f6:6b:3c:ab:12:ab:03:8f:16:16:8a:
         fc:3c:78:b9:51:e0:fa:33:c2:80:1d:f0:09:aa:d0:1c:27:49:
         2e:c9:72:9a:a4:e7:6c:ea:a8:d9:b4:d5:d3:7c:21:58:15:16:
         8e:3c:07:a2:d0:7b:34:e6:55:ef:cd:8f:df:32:31:03:02:58:
         33:c7:8c:d2:5c:0e:eb:0f:77:78:ba:f6:5b:ac:88:48:77:fb:
         75:ed:6b:be:3c:ab:40:57:1f:e9:7d:af:33:f5:a4:f5:c4:2c:
         21:a2:7d:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQSA+U2dRQrxcIegsv4n20MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmYxNjZkMDVlYTk3NmY2OWFlZDU4ZTQ2YTQxZjdlNTA1
MjQ0NzUwHhcNMjUwNDE5MjMwMDIxWhcNMjUwNDIwMjMwMDIxWjAzMTEwLwYDVQQD
EyhhMGNlNWI2MDlhZTNiNDU0YjhiY2ZiNDU0Mjk5N2FiZGMzMThiMDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMrwlFjEowZCEz1kq0cmrCTT6YSM
B2PpWH7HVo/2p+nBTbEq9zGITjdETHo64PXGAmR1mQp0yUFmqiW+nuljrcm2zcVQ
7sBroh1XMNElFWc22/H20PnOJuCeu+dXdJgff+1V7uBMaE85bTjUzdJzf2EGITJ3
cqXDow8a1xON6xJkVCS5P1dyQdCB77nLiQyCMVx03o33IpyUx4wXj+vqeHQjQAkF
1LFGbFZTemlF/s27Q5DABbNuqF0ILFTQMJXfgLZpsjPFtfO3D4IlWW5h7xZ4ZWp9
We7uxqFAe5RMKqgx1aqUJUHZr1h9Gaj3z4IZfoquC+k3TWelqaQBkDYQVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKDOW2Ca47RUuLz7RUKZer3DGLAKMB8GA1UdIwQY
MBaAFJ8vFm0F6pdvaa7VjkakH35QUkR1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQt
OTYyZDRmMGMyOWIwLzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQtOTYyZDRmMGMyOWIw
LzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmUolsy6R
7p3yPJtMOlatDNrLM1Nt6xqtyYV5YHHDEF+vGC3CP1X3EXc5ksSaNG723rrc6FG8
dEBmKLG2MSDexFOYrSRDJA2e6/ltkRe97UagZTu+nah0KYXgi6akp1BcfPzgWy5e
zyK4jylvdxHYMNIta6R8JuEZhnhso8O/vid2tkJk1rAk03eywzHuTDY1wCSdsQ/s
N/ZrPKsSqwOPFhaK/Dx4uVHg+jPCgB3wCarQHCdJLslymqTnbOqo2bTV03whWBUW
jjwHotB7NOZV782P3zIxAwJYM8eM0lwO6w93eLr2W6yISHf7de1rvjyrQFcf6X2v
M/Wk9cQsIaJ9bw==
-----END CERTIFICATE-----