Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft
File:                     ny83TJpzj63o-FDKq11507kARYQ.mft (raw, json)
Hash identifier:          qX0r3dU0xn0Jj8eUMHv9fXbkehIIutR71D0xfQiHJaI=
Subject key identifier:   4D:9E:EB:D6:AF:2F:51:11:9B:5D:65:C6:93:50:B2:F8:E5:8D:02:F3
Authority key identifier: 9F:2F:37:4C:9A:73:8F:AD:E8:F8:50:CA:AB:5D:79:D3:B9:00:45:84
Certificate issuer:       /CN=9f2f374c9a738fade8f850caab5d79d3b9004584
Certificate serial:       0196C917AC8B972B22D635B541831694DC04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny83TJpzj63o-FDKq11507kARYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft
Manifest number:          1536
Signing time:             Tue 13 May 2025 10:01:34 +0000
Manifest this update:     Tue 13 May 2025 10:01:34 +0000
Manifest next update:     Wed 14 May 2025 10:01:34 +0000
Files and hashes:         1: ny83TJpzj63o-FDKq11507kARYQ.crl (hash: 6B8CtCUwyeXqOjVKydNGpkOfNZSAFUwYNQEGn/hL8l4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny83TJpzj63o-FDKq11507kARYQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 10:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c9:17:ac:8b:97:2b:22:d6:35:b5:41:83:16:94:dc:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2f374c9a738fade8f850caab5d79d3b9004584
        Validity
            Not Before: May 13 10:01:34 2025 GMT
            Not After : May 14 10:01:34 2025 GMT
        Subject: CN=4d9eebd6af2f51119b5d65c69350b2f8e58d02f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:d8:ce:f9:0a:45:14:fa:06:93:b7:79:8c:ef:
                    be:8b:d1:85:fd:0f:7d:15:bd:40:b9:a3:5b:a0:04:
                    b6:8c:e9:71:42:bf:0c:24:84:28:b7:46:b5:bb:62:
                    23:6c:93:0d:3a:bb:18:b3:fa:dc:01:b0:3b:c8:96:
                    69:f2:53:a3:24:e9:a6:cb:90:e3:91:ab:2a:c8:41:
                    fc:f5:72:c3:19:f5:45:9d:1f:4a:40:6b:ac:eb:58:
                    dc:70:b7:5e:fa:5c:3c:92:41:df:6d:b5:0b:3f:13:
                    67:5e:24:63:7d:d3:a9:17:ab:fd:0d:51:c3:51:89:
                    0e:85:6b:3e:11:83:e5:b7:24:e4:18:cb:19:34:f3:
                    14:26:59:3f:00:79:e4:42:e3:66:b9:09:ff:92:43:
                    57:75:29:d3:ff:0d:fa:29:f6:42:2a:18:b0:71:fa:
                    3f:0b:3f:cc:7c:8d:b9:51:d3:45:7b:5b:01:c9:da:
                    f8:54:da:da:9e:ef:aa:58:95:63:3e:22:f7:44:20:
                    d5:69:ef:c8:06:15:ef:9b:ff:e9:ef:c6:34:35:59:
                    91:3c:66:e6:a4:6c:39:fd:c3:63:5d:8b:cb:ff:b3:
                    4e:31:d3:fd:74:08:05:a5:10:31:ae:17:2e:9b:ab:
                    ef:3a:09:6f:c3:98:c0:78:c1:ec:b9:31:97:b2:ab:
                    a8:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:9E:EB:D6:AF:2F:51:11:9B:5D:65:C6:93:50:B2:F8:E5:8D:02:F3
            X509v3 Authority Key Identifier:
                keyid:9F:2F:37:4C:9A:73:8F:AD:E8:F8:50:CA:AB:5D:79:D3:B9:00:45:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny83TJpzj63o-FDKq11507kARYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:29:4f:c0:cb:80:8f:d9:61:44:9d:4c:59:7c:f2:9a:7a:31:
         8e:ce:5c:b0:73:98:12:df:a3:9c:f5:e6:57:5d:b8:bf:a2:36:
         7a:eb:24:04:9b:22:ac:ba:6f:96:3f:53:44:9a:15:f9:cd:57:
         56:29:79:a8:d1:28:1a:72:15:1c:f8:1a:b6:6e:ad:a7:a9:80:
         2c:07:29:49:4a:6f:6d:a0:8f:58:4d:9c:df:41:7d:15:a2:2e:
         b1:ff:3d:58:b6:70:f5:8e:53:fd:9a:8b:a5:e6:89:7d:92:b1:
         7d:63:3e:54:c5:d5:f0:c3:4d:93:1f:fa:77:21:20:79:61:d0:
         f0:2b:be:d5:92:c8:e4:f0:3e:5a:26:87:33:95:c2:34:f5:7c:
         c9:7b:49:5b:31:6f:f0:da:73:e6:a3:63:9f:f9:c3:75:13:34:
         ba:96:4c:00:cb:15:5f:8b:ad:d0:4a:9a:3f:d7:f5:9f:4d:3b:
         fb:fe:f3:f7:78:62:b5:0e:0f:cc:3f:24:d4:92:82:7a:c5:8e:
         74:3b:1b:39:5a:df:ee:00:1d:74:0b:43:fb:2f:c8:03:36:f1:
         11:a3:e3:f7:85:61:79:04:5f:f2:6e:dd:54:82:07:29:21:cd:
         30:a6:fb:41:f6:ee:b2:82:1e:1d:1a:5f:67:dd:2e:e5:35:be:
         9b:91:eb:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbJF6yLlysi1jW1QYMWlNwEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmYzNzRjOWE3MzhmYWRlOGY4NTBjYWFiNWQ3OWQzYjkw
MDQ1ODQwHhcNMjUwNTEzMTAwMTM0WhcNMjUwNTE0MTAwMTM0WjAzMTEwLwYDVQQD
Eyg0ZDllZWJkNmFmMmY1MTExOWI1ZDY1YzY5MzUwYjJmOGU1OGQwMmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9jO+QpFFPoGk7d5jO++i9GF/Q99
Fb1AuaNboAS2jOlxQr8MJIQot0a1u2IjbJMNOrsYs/rcAbA7yJZp8lOjJOmmy5Dj
kasqyEH89XLDGfVFnR9KQGus61jccLde+lw8kkHfbbULPxNnXiRjfdOpF6v9DVHD
UYkOhWs+EYPltyTkGMsZNPMUJlk/AHnkQuNmuQn/kkNXdSnT/w36KfZCKhiwcfo/
Cz/MfI25UdNFe1sBydr4VNranu+qWJVjPiL3RCDVae/IBhXvm//p78Y0NVmRPGbm
pGw5/cNjXYvL/7NOMdP9dAgFpRAxrhcum6vvOglvw5jAeMHsuTGXsquoDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE2e69avL1ERm11lxpNQsvjljQLzMB8GA1UdIwQY
MBaAFJ8vN0yac4+t6PhQyqtdedO5AEWEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk4M1RKcHpqNjNvLUZES3ExMTUwN2tBUllRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS82MzRlNzYtNWM1Zi00NGM0LWI4YTQt
NTI0ZTkzMGU1ZmQxLzEvbnk4M1RKcHpqNjNvLUZES3ExMTUwN2tBUllRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS82MzRlNzYtNWM1Zi00NGM0LWI4YTQtNTI0ZTkzMGU1ZmQx
LzEvbnk4M1RKcHpqNjNvLUZES3ExMTUwN2tBUllRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiClPwMuA
j9lhRJ1MWXzymnoxjs5csHOYEt+jnPXmV124v6I2euskBJsirLpvlj9TRJoV+c1X
Vil5qNEoGnIVHPgatm6tp6mALAcpSUpvbaCPWE2c30F9FaIusf89WLZw9Y5T/ZqL
peaJfZKxfWM+VMXV8MNNkx/6dyEgeWHQ8Cu+1ZLI5PA+WiaHM5XCNPV8yXtJWzFv
8Npz5qNjn/nDdRM0upZMAMsVX4ut0EqaP9f1n007+/7z93hitQ4PzD8k1JKCesWO
dDsbOVrf7gAddAtD+y/IAzbxEaPj94VheQRf8m7dVIIHKSHNMKb7QfbusoIeHRpf
Z90u5TW+m5HrDQ==
-----END CERTIFICATE-----