Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
File:                     yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft (raw, json)
Hash identifier:          /cu+mkz5gdSQfHlrlC4jdmH9s5/xTRpDt9f7aRIHL48=
Subject key identifier:   2C:45:14:1B:62:2B:FB:F5:44:C6:26:40:66:14:DC:1D:E7:0A:49:3D
Authority key identifier: CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13
Certificate issuer:       /CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
Certificate serial:       0198D54DF3DB26B499DCE0BE13F6202A0088
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
Manifest number:          0961
Signing time:             Sat 23 Aug 2025 05:01:52 +0000
Manifest this update:     Sat 23 Aug 2025 05:01:52 +0000
Manifest next update:     Sun 24 Aug 2025 05:01:52 +0000
Files and hashes:         1: yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl (hash: Hs4F6CrI96sbsKyTSjbJNGCuHFofL1KkbYVd81TMjTM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4d:f3:db:26:b4:99:dc:e0:be:13:f6:20:2a:00:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
        Validity
            Not Before: Aug 23 05:01:52 2025 GMT
            Not After : Aug 24 05:01:52 2025 GMT
        Subject: CN=2c45141b622bfbf544c626406614dc1de70a493d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:bf:5c:43:27:f3:92:9f:42:ca:4a:cd:31:c6:
                    c5:19:80:57:99:da:6a:ac:d2:67:6c:df:50:9f:9a:
                    3a:58:87:39:17:36:d8:7f:ad:0d:0a:44:9b:7d:df:
                    5e:76:4d:12:d5:0c:ff:4b:15:ac:b1:a3:61:08:09:
                    d0:f7:2d:be:82:f9:2d:0c:70:3c:81:21:06:7f:72:
                    4a:33:b4:c3:f6:5e:24:d0:8d:42:76:33:ea:bc:92:
                    fc:d9:82:c4:a7:2f:a8:92:56:4e:24:4a:0a:1b:cf:
                    6e:68:f9:13:00:a3:a0:52:a6:e1:ee:38:eb:87:82:
                    4a:08:d5:9d:6c:5f:33:04:e4:d5:fb:91:50:cd:98:
                    cd:c5:c8:b2:80:5d:79:df:e2:f9:c8:7b:a8:56:bb:
                    b3:69:b2:94:e4:a6:4f:55:30:9f:8f:c8:0a:67:b1:
                    84:4b:d9:d8:fe:5c:a6:42:fa:98:af:ad:1b:be:d8:
                    4b:9a:8c:1f:c8:64:4a:cd:79:69:2d:89:5a:6d:f1:
                    0b:ad:fb:9a:f4:1d:56:ed:f3:2d:da:ce:5c:78:65:
                    bf:0c:c9:f0:38:12:e7:2e:b3:14:67:3c:b3:99:0e:
                    6e:6f:b5:86:24:d9:de:f4:98:dd:3b:fa:e3:c3:75:
                    b6:1c:7e:e2:64:7d:ed:7e:c7:d8:75:d6:b6:f7:67:
                    22:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:45:14:1B:62:2B:FB:F5:44:C6:26:40:66:14:DC:1D:E7:0A:49:3D
            X509v3 Authority Key Identifier:
                keyid:CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:e7:73:09:e5:20:d6:60:93:6a:f4:ed:6e:74:88:b7:29:5c:
         5f:e0:90:6f:75:dd:48:e9:28:43:6c:de:48:0f:7b:47:a3:30:
         13:57:70:21:97:1d:cb:64:55:bb:ae:74:30:00:2c:0d:5f:78:
         17:17:4a:ef:e0:ff:d7:e7:2b:f3:17:4f:96:64:dd:7b:c9:f0:
         90:08:c5:95:b7:33:f4:ca:65:6c:2d:3f:a4:3d:9d:81:b0:72:
         1e:67:77:91:72:a9:51:34:86:35:0b:be:23:fd:0b:96:dc:b2:
         79:10:b2:90:ac:3f:53:e9:d2:4e:46:a5:4f:29:38:92:55:7c:
         30:53:a4:68:da:d5:6f:d7:57:99:34:f9:d7:da:7b:15:f7:81:
         16:8d:9b:3e:26:e8:a6:64:81:ae:52:88:a6:a2:dc:06:86:74:
         32:05:ad:61:42:03:ce:37:4f:a7:bf:1a:35:2d:0c:b2:40:c1:
         6b:06:dd:c2:8e:71:42:54:0e:63:73:0b:23:77:d3:da:b3:d7:
         e7:07:11:c7:48:e1:7c:9d:31:58:31:d8:a2:53:7d:33:66:20:
         9f:d2:c6:91:a2:06:37:9e:d7:59:32:52:c1:4e:cc:88:09:55:
         2c:18:95:ae:a8:e6:76:bd:c0:46:83:0d:38:89:46:9a:40:ca:
         40:6c:79:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTfPbJrSZ3OC+E/YgKgCIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWExYTYyYzgwYjBmMzMzNGM1ZGMxOGRjNjRiN2JmOTc4
ODkwMTMwHhcNMjUwODIzMDUwMTUyWhcNMjUwODI0MDUwMTUyWjAzMTEwLwYDVQQD
EygyYzQ1MTQxYjYyMmJmYmY1NDRjNjI2NDA2NjE0ZGMxZGU3MGE0OTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1r9cQyfzkp9CykrNMcbFGYBXmdpq
rNJnbN9Qn5o6WIc5FzbYf60NCkSbfd9edk0S1Qz/SxWssaNhCAnQ9y2+gvktDHA8
gSEGf3JKM7TD9l4k0I1CdjPqvJL82YLEpy+oklZOJEoKG89uaPkTAKOgUqbh7jjr
h4JKCNWdbF8zBOTV+5FQzZjNxciygF153+L5yHuoVruzabKU5KZPVTCfj8gKZ7GE
S9nY/lymQvqYr60bvthLmowfyGRKzXlpLYlabfELrfua9B1W7fMt2s5ceGW/DMnw
OBLnLrMUZzyzmQ5ub7WGJNne9JjdO/rjw3W2HH7iZH3tfsfYdda292cinQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCxFFBtiK/v1RMYmQGYU3B3nCkk9MB8GA1UdIwQY
MBaAFMoaGmLICw8zNMXcGNxkt7+XiJATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2Qt
YTA5ODU0YWI2NWEyLzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2QtYTA5ODU0YWI2NWEy
LzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADudzCeUg
1mCTavTtbnSItylcX+CQb3XdSOkoQ2zeSA97R6MwE1dwIZcdy2RVu650MAAsDV94
FxdK7+D/1+cr8xdPlmTde8nwkAjFlbcz9MplbC0/pD2dgbByHmd3kXKpUTSGNQu+
I/0LltyyeRCykKw/U+nSTkalTyk4klV8MFOkaNrVb9dXmTT519p7FfeBFo2bPibo
pmSBrlKIpqLcBoZ0MgWtYUIDzjdPp78aNS0MskDBawbdwo5xQlQOY3MLI3fT2rPX
5wcRx0jhfJ0xWDHYolN9M2Ygn9LGkaIGN57XWTJSwU7MiAlVLBiVrqjmdr3ARoMN
OIlGmkDKQGx5nQ==
-----END CERTIFICATE-----