Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft
File:                     ny83TJpzj63o-FDKq11507kARYQ.mft (raw, json)
Hash identifier:          8eP8wZQcf7ESVyzRG8GZvoJvfcDAeQc7RGsyuHq3sQo=
Subject key identifier:   F1:12:FE:BA:20:25:34:23:76:C8:49:86:11:87:48:D0:7E:F3:99:5F
Authority key identifier: 9F:2F:37:4C:9A:73:8F:AD:E8:F8:50:CA:AB:5D:79:D3:B9:00:45:84
Certificate issuer:       /CN=9f2f374c9a738fade8f850caab5d79d3b9004584
Certificate serial:       0199FBEA85549B9B351445B3C556A1BCD54E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny83TJpzj63o-FDKq11507kARYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 10:01:14 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:14 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:14 +0000
Files and hashes:         1: ny83TJpzj63o-FDKq11507kARYQ.crl (hash: Efg5bJUAtaW7pZpiwN5pbcwXg+Bp1YrIr8HHJ/0fSeQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny83TJpzj63o-FDKq11507kARYQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:85:54:9b:9b:35:14:45:b3:c5:56:a1:bc:d5:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2f374c9a738fade8f850caab5d79d3b9004584
        Validity
            Not Before: Oct 19 10:01:14 2025 GMT
            Not After : Oct 20 10:01:14 2025 GMT
        Subject: CN=f112feba2025342376c84986118748d07ef3995f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:92:b4:53:8a:18:c9:f6:36:a1:b0:a5:55:b4:
                    c8:ea:2a:9d:bd:3d:21:bd:15:09:59:9d:3c:4d:00:
                    27:6a:6e:32:bc:47:4b:58:f5:6c:ee:a8:5d:92:a0:
                    89:84:55:1f:9d:e3:56:ed:ff:7d:fa:73:86:c5:07:
                    e4:87:38:40:a7:af:a9:c3:c1:d1:4b:dc:ec:66:52:
                    2f:3b:d0:b0:bc:28:d9:2e:40:33:3f:3f:e0:74:18:
                    e8:8b:59:0d:8c:20:09:b5:9f:e7:99:a8:80:55:a3:
                    c9:ef:e6:12:00:68:95:56:d5:37:b0:ff:b6:79:68:
                    15:3d:ea:e7:c5:4c:c5:3f:25:16:07:a5:d0:55:61:
                    46:d5:1f:a5:34:3f:d9:00:6a:23:4a:00:58:4e:e0:
                    2f:98:0e:96:9e:46:50:78:cb:4e:ad:60:c3:51:70:
                    54:53:25:90:e4:3a:48:e7:28:80:2a:27:fb:a4:85:
                    7d:61:a8:47:ab:11:18:c9:f6:0f:54:48:16:e4:5d:
                    b7:f8:5d:cb:51:15:a6:6a:52:d3:d3:a6:a8:73:c3:
                    71:29:0e:59:d8:00:a0:d7:3f:c4:12:82:c1:d3:fc:
                    21:2f:14:c9:ec:f7:c7:c2:b2:52:fe:7b:64:d4:f1:
                    4c:43:77:eb:d4:73:74:c0:dd:60:87:f6:44:9a:4a:
                    79:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:12:FE:BA:20:25:34:23:76:C8:49:86:11:87:48:D0:7E:F3:99:5F
            X509v3 Authority Key Identifier:
                keyid:9F:2F:37:4C:9A:73:8F:AD:E8:F8:50:CA:AB:5D:79:D3:B9:00:45:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny83TJpzj63o-FDKq11507kARYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:0f:e5:a2:fb:0f:06:49:b6:c1:38:54:f4:e9:d7:f7:0f:52:
         6b:b7:e3:4a:72:de:82:c8:ed:fa:09:ae:cb:08:a7:aa:e0:d2:
         25:3a:99:93:ea:f3:6e:cb:ff:53:cf:aa:5d:8f:06:9d:61:bb:
         7b:54:41:02:69:e9:51:29:97:01:d7:b8:52:b6:86:c4:5f:82:
         10:f7:8b:99:8c:be:90:ae:1f:d4:f6:73:7e:03:38:33:2f:60:
         66:ed:41:29:db:5d:89:04:97:31:34:15:36:6e:4b:5b:31:28:
         2d:b8:a2:8f:b1:16:d2:9a:78:0a:a1:87:86:af:43:a6:6b:1f:
         51:8b:a9:c3:2a:6f:7d:fe:7d:fa:2e:0f:30:a0:5a:a9:9c:42:
         2a:c6:11:cc:26:8f:ff:f6:b1:47:dd:eb:42:3b:9f:09:8b:86:
         7f:71:08:e6:8e:05:1b:48:12:12:46:9b:95:16:03:1f:bf:2d:
         10:d7:8f:3e:7b:90:7c:79:ff:6f:2b:bf:a6:76:d8:3f:63:b0:
         3c:fa:20:3f:27:19:6b:c5:59:55:4e:ba:07:19:72:4f:02:16:
         21:9a:4d:83:95:dc:aa:59:06:5e:4a:b4:1a:11:bc:f7:10:c0:
         66:dc:5d:a2:44:18:79:24:bb:18:4a:97:e9:3a:c1:38:a3:d8:
         bd:48:5b:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76oVUm5s1FEWzxVahvNVOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmYzNzRjOWE3MzhmYWRlOGY4NTBjYWFiNWQ3OWQzYjkw
MDQ1ODQwHhcNMjUxMDE5MTAwMTE0WhcNMjUxMDIwMTAwMTE0WjAzMTEwLwYDVQQD
EyhmMTEyZmViYTIwMjUzNDIzNzZjODQ5ODYxMTg3NDhkMDdlZjM5OTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pK0U4oYyfY2obClVbTI6iqdvT0h
vRUJWZ08TQAnam4yvEdLWPVs7qhdkqCJhFUfneNW7f99+nOGxQfkhzhAp6+pw8HR
S9zsZlIvO9CwvCjZLkAzPz/gdBjoi1kNjCAJtZ/nmaiAVaPJ7+YSAGiVVtU3sP+2
eWgVPernxUzFPyUWB6XQVWFG1R+lND/ZAGojSgBYTuAvmA6WnkZQeMtOrWDDUXBU
UyWQ5DpI5yiAKif7pIV9YahHqxEYyfYPVEgW5F23+F3LURWmalLT06aoc8NxKQ5Z
2ACg1z/EEoLB0/whLxTJ7PfHwrJS/ntk1PFMQ3fr1HN0wN1gh/ZEmkp5BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPES/rogJTQjdshJhhGHSNB+85lfMB8GA1UdIwQY
MBaAFJ8vN0yac4+t6PhQyqtdedO5AEWEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk4M1RKcHpqNjNvLUZES3ExMTUwN2tBUllRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS82MzRlNzYtNWM1Zi00NGM0LWI4YTQt
NTI0ZTkzMGU1ZmQxLzEvbnk4M1RKcHpqNjNvLUZES3ExMTUwN2tBUllRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS82MzRlNzYtNWM1Zi00NGM0LWI4YTQtNTI0ZTkzMGU1ZmQx
LzEvbnk4M1RKcHpqNjNvLUZES3ExMTUwN2tBUllRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMw/lovsP
Bkm2wThU9OnX9w9Sa7fjSnLegsjt+gmuywinquDSJTqZk+rzbsv/U8+qXY8GnWG7
e1RBAmnpUSmXAde4UraGxF+CEPeLmYy+kK4f1PZzfgM4My9gZu1BKdtdiQSXMTQV
Nm5LWzEoLbiij7EW0pp4CqGHhq9DpmsfUYupwypvff59+i4PMKBaqZxCKsYRzCaP
//axR93rQjufCYuGf3EI5o4FG0gSEkablRYDH78tENePPnuQfHn/byu/pnbYP2Ow
PPogPycZa8VZVU66BxlyTwIWIZpNg5XcqlkGXkq0GhG89xDAZtxdokQYeSS7GEqX
6TrBOKPYvUhbew==
-----END CERTIFICATE-----