Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
File:                     ny8WbQXql29prtWORqQfflBSRHU.mft (raw, json)
Hash identifier:          QjXuEmzjsoVukMfQ54zhInoJ3eIMt6T87h4fzd+rSBA=
Subject key identifier:   FE:A2:14:4A:97:96:78:A8:2E:09:77:88:33:EF:3E:31:C0:0A:E5:E6
Authority key identifier: 9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75
Certificate issuer:       /CN=9f2f166d05ea976f69aed58e46a41f7e50524475
Certificate serial:       0198D73B7490D31C19511B17C41EE4F88009
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
Manifest number:          13C1
Signing time:             Sat 23 Aug 2025 14:00:54 +0000
Manifest this update:     Sat 23 Aug 2025 14:00:54 +0000
Manifest next update:     Sun 24 Aug 2025 14:00:54 +0000
Files and hashes:         1: ny8WbQXql29prtWORqQfflBSRHU.crl (hash: bxoLFdGat++8m897g6jByzH6G3Z4Up4Fw2PRIGN+Lec=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:3b:74:90:d3:1c:19:51:1b:17:c4:1e:e4:f8:80:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2f166d05ea976f69aed58e46a41f7e50524475
        Validity
            Not Before: Aug 23 14:00:54 2025 GMT
            Not After : Aug 24 14:00:54 2025 GMT
        Subject: CN=fea2144a979678a82e09778833ef3e31c00ae5e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ed:79:77:a0:f2:f4:57:bd:1c:3f:89:ef:ec:
                    02:d2:fd:58:85:ee:df:f6:6a:f5:c0:9b:13:1a:88:
                    e6:d1:b3:bf:05:ae:8f:21:47:f5:47:a8:51:cc:09:
                    20:39:0e:9e:e7:c3:bb:d0:21:bd:60:7e:14:8f:68:
                    74:8d:0d:c8:32:c2:43:b4:6a:24:e9:10:bf:ee:51:
                    ee:e5:c1:02:c5:99:42:fa:fb:05:7f:98:8f:2b:bf:
                    85:47:51:46:ba:b5:94:13:2e:fc:3e:ea:27:25:1a:
                    ae:bb:db:ed:40:17:ac:f2:25:a8:e7:df:37:84:64:
                    74:42:45:cf:c3:3f:fa:ff:4c:5b:2c:8c:89:66:4f:
                    d9:4e:b1:6b:8f:5e:8b:8f:8c:58:e8:00:bc:44:61:
                    ab:ee:47:83:f1:0e:ac:4f:ca:b8:82:e2:e6:61:f3:
                    98:80:64:08:3b:20:3a:e7:1f:18:33:2b:15:15:bf:
                    86:95:49:7f:6d:f1:5a:62:40:65:82:44:56:73:02:
                    25:62:56:02:fc:62:1f:c8:65:e9:91:4c:5c:de:c9:
                    39:30:11:97:a1:ac:58:ec:52:6e:26:d0:97:1a:5a:
                    09:b0:1d:8e:ac:3d:fc:00:56:08:43:5a:6a:f4:08:
                    78:b3:9f:fe:1f:72:6d:94:ff:19:18:e7:bf:da:96:
                    7b:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:A2:14:4A:97:96:78:A8:2E:09:77:88:33:EF:3E:31:C0:0A:E5:E6
            X509v3 Authority Key Identifier:
                keyid:9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:e7:17:e4:db:95:45:d9:ac:b9:98:40:fd:01:e5:f0:95:03:
         69:6c:e9:40:ed:cc:73:69:fd:74:57:4a:df:83:8f:54:c5:af:
         30:a0:14:0b:1c:54:b4:66:0b:42:18:e1:dd:d3:16:6f:4e:69:
         71:25:e6:71:81:8e:18:a4:1a:46:33:c0:b4:ff:a3:57:b2:38:
         1a:09:9b:36:c8:b0:6b:15:f2:33:e1:f6:14:2f:10:e5:1b:23:
         df:72:88:40:ca:89:2a:de:c7:41:66:74:b0:98:e8:a4:97:12:
         f1:ae:c9:25:6c:32:95:70:06:86:e9:d8:ad:be:5f:96:65:98:
         15:c8:e3:9a:15:13:e0:e4:aa:6a:b7:3a:c7:3e:74:44:09:f6:
         2e:61:e8:3c:26:26:59:a4:53:d9:b8:f1:0c:5d:b5:38:de:85:
         37:2d:9e:cb:be:aa:69:a1:6c:e5:8e:2b:25:85:ad:0d:f7:d5:
         b6:b5:b8:ea:e0:bb:a8:8b:bf:91:7d:ee:be:d6:e5:e0:e7:2b:
         6e:86:d0:a4:fa:bf:7a:40:e3:3c:68:4c:28:f6:b4:e8:ed:e2:
         74:f5:fa:89:52:cd:3a:95:e3:90:31:4f:28:ad:8d:ba:45:6a:
         b3:f2:67:a9:c6:f0:50:5c:a1:3c:d9:17:5a:4d:5d:26:75:f0:
         f8:d4:e2:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXO3SQ0xwZURsXxB7k+IAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmYxNjZkMDVlYTk3NmY2OWFlZDU4ZTQ2YTQxZjdlNTA1
MjQ0NzUwHhcNMjUwODIzMTQwMDU0WhcNMjUwODI0MTQwMDU0WjAzMTEwLwYDVQQD
EyhmZWEyMTQ0YTk3OTY3OGE4MmUwOTc3ODgzM2VmM2UzMWMwMGFlNWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAse15d6Dy9Fe9HD+J7+wC0v1Yhe7f
9mr1wJsTGojm0bO/Ba6PIUf1R6hRzAkgOQ6e58O70CG9YH4Uj2h0jQ3IMsJDtGok
6RC/7lHu5cECxZlC+vsFf5iPK7+FR1FGurWUEy78PuonJRquu9vtQBes8iWo5983
hGR0QkXPwz/6/0xbLIyJZk/ZTrFrj16Lj4xY6AC8RGGr7keD8Q6sT8q4guLmYfOY
gGQIOyA65x8YMysVFb+GlUl/bfFaYkBlgkRWcwIlYlYC/GIfyGXpkUxc3sk5MBGX
oaxY7FJuJtCXGloJsB2OrD38AFYIQ1pq9Ah4s5/+H3JtlP8ZGOe/2pZ7nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP6iFEqXlnioLgl3iDPvPjHACuXmMB8GA1UdIwQY
MBaAFJ8vFm0F6pdvaa7VjkakH35QUkR1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQt
OTYyZDRmMGMyOWIwLzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQtOTYyZDRmMGMyOWIw
LzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt+cX5NuV
RdmsuZhA/QHl8JUDaWzpQO3Mc2n9dFdK34OPVMWvMKAUCxxUtGYLQhjh3dMWb05p
cSXmcYGOGKQaRjPAtP+jV7I4GgmbNsiwaxXyM+H2FC8Q5Rsj33KIQMqJKt7HQWZ0
sJjopJcS8a7JJWwylXAGhunYrb5flmWYFcjjmhUT4OSqarc6xz50RAn2LmHoPCYm
WaRT2bjxDF21ON6FNy2ey76qaaFs5Y4rJYWtDffVtrW46uC7qIu/kX3uvtbl4Ocr
bobQpPq/ekDjPGhMKPa06O3idPX6iVLNOpXjkDFPKK2NukVqs/JnqcbwUFyhPNkX
Wk1dJnXw+NTiog==
-----END CERTIFICATE-----