Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
File:                     yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft (raw, json)
Hash identifier:          fCotPh0+g8WfGnckwtN2MEmynHurwXNRh9xSEZjdc/o=
Subject key identifier:   85:57:D8:30:FE:E3:14:AD:1A:BA:D7:42:B4:47:7C:51:67:A6:14:4C
Authority key identifier: CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13
Certificate issuer:       /CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
Certificate serial:       0197B77CB18806A24C4053383413758559EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
Manifest number:          08CD
Signing time:             Sat 28 Jun 2025 17:01:31 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:31 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:31 +0000
Files and hashes:         1: yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl (hash: vV5Rnjt284e9qsBmamfinCK0Zn+ynU8qdlGKClk4fso=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:b1:88:06:a2:4c:40:53:38:34:13:75:85:59:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
        Validity
            Not Before: Jun 28 17:01:31 2025 GMT
            Not After : Jun 29 17:01:31 2025 GMT
        Subject: CN=8557d830fee314ad1abad742b4477c5167a6144c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:b8:a8:6d:06:f8:40:73:7c:11:8d:57:f1:3f:
                    76:47:78:98:c7:d4:01:e3:6b:35:6d:02:5f:f0:63:
                    96:c3:30:46:cf:c8:7e:ac:42:30:f7:35:f9:cd:06:
                    78:f6:68:f5:38:63:fc:89:3f:8e:67:41:3e:39:8d:
                    4b:34:84:fe:e0:6f:c1:46:e0:1d:4e:cd:4d:b5:aa:
                    76:de:ef:8c:1e:7c:41:dd:44:77:10:2b:ad:1b:65:
                    4c:bc:b6:4e:e7:ff:10:ef:51:14:a4:32:11:37:fa:
                    62:cb:c8:d0:f4:2d:ee:92:19:46:b7:70:cb:6f:b6:
                    da:27:ee:93:36:ce:fb:f3:6e:55:f7:d0:19:ae:bf:
                    a3:cb:0e:d9:16:b3:79:6e:b3:6e:1f:90:f3:b7:86:
                    d1:e8:c7:0e:22:07:4f:83:51:ff:8d:4b:93:c7:04:
                    6a:80:17:16:61:0d:17:c7:0d:cb:4e:a5:32:a5:6b:
                    e9:c0:2b:f0:51:1a:b3:72:26:39:10:af:ac:75:05:
                    76:48:79:9e:12:b0:f1:49:d2:16:41:c4:78:87:ec:
                    47:aa:00:27:62:f6:76:be:8a:2c:42:c7:19:f7:1f:
                    45:d0:e7:b9:d6:47:a4:99:a1:1e:f9:ac:5a:05:56:
                    0f:06:6b:52:9d:66:47:fa:ee:7a:cc:54:9e:1c:e1:
                    6c:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:57:D8:30:FE:E3:14:AD:1A:BA:D7:42:B4:47:7C:51:67:A6:14:4C
            X509v3 Authority Key Identifier:
                keyid:CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:1c:f5:28:b6:2c:1e:bd:24:64:1f:8c:54:96:3a:aa:07:bb:
         8e:73:62:d1:66:d6:05:bf:15:db:86:0e:17:5f:7e:ca:8e:da:
         17:64:ca:b8:96:75:be:c4:33:98:49:af:52:34:69:77:2a:30:
         a1:29:ab:6a:fe:eb:1b:33:9c:ae:8b:18:9c:5c:d0:a7:23:61:
         db:ca:a6:96:53:52:0b:3c:d6:6c:87:b6:46:95:33:c3:a9:9c:
         21:fa:d1:ba:0d:6f:c0:b3:95:88:52:45:51:f0:7f:ac:02:00:
         e8:2a:20:e4:e5:46:fa:cc:26:90:e1:32:41:97:20:15:76:f4:
         85:ca:8e:ba:80:34:81:e8:83:44:0a:26:a0:3d:c2:3e:29:00:
         f4:b3:10:e8:dc:88:36:4b:24:55:dd:c2:ba:03:92:0d:db:7d:
         4f:77:db:c3:e5:01:7e:3c:c5:76:0b:18:ac:78:75:bd:80:54:
         1d:20:f2:db:f7:0f:a0:b6:84:3f:02:cb:dc:4a:90:15:be:ad:
         8c:dc:07:cb:29:6f:c5:91:b8:40:bd:d3:e2:8a:82:29:4d:4b:
         e6:e3:a9:ff:c5:ef:f7:d2:7f:99:cb:e2:0e:52:bc:df:08:f9:
         e8:34:d6:1f:7c:a8:d2:e5:a7:aa:ec:05:27:21:ca:93:1c:95:
         15:14:c9:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fLGIBqJMQFM4NBN1hVnsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWExYTYyYzgwYjBmMzMzNGM1ZGMxOGRjNjRiN2JmOTc4
ODkwMTMwHhcNMjUwNjI4MTcwMTMxWhcNMjUwNjI5MTcwMTMxWjAzMTEwLwYDVQQD
Eyg4NTU3ZDgzMGZlZTMxNGFkMWFiYWQ3NDJiNDQ3N2M1MTY3YTYxNDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07iobQb4QHN8EY1X8T92R3iYx9QB
42s1bQJf8GOWwzBGz8h+rEIw9zX5zQZ49mj1OGP8iT+OZ0E+OY1LNIT+4G/BRuAd
Ts1Ntap23u+MHnxB3UR3ECutG2VMvLZO5/8Q71EUpDIRN/piy8jQ9C3ukhlGt3DL
b7baJ+6TNs77825V99AZrr+jyw7ZFrN5brNuH5Dzt4bR6McOIgdPg1H/jUuTxwRq
gBcWYQ0Xxw3LTqUypWvpwCvwURqzciY5EK+sdQV2SHmeErDxSdIWQcR4h+xHqgAn
YvZ2voosQscZ9x9F0Oe51kekmaEe+axaBVYPBmtSnWZH+u56zFSeHOFstQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIVX2DD+4xStGrrXQrRHfFFnphRMMB8GA1UdIwQY
MBaAFMoaGmLICw8zNMXcGNxkt7+XiJATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2Qt
YTA5ODU0YWI2NWEyLzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2QtYTA5ODU0YWI2NWEy
LzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADRz1KLYs
Hr0kZB+MVJY6qge7jnNi0WbWBb8V24YOF19+yo7aF2TKuJZ1vsQzmEmvUjRpdyow
oSmrav7rGzOcrosYnFzQpyNh28qmllNSCzzWbIe2RpUzw6mcIfrRug1vwLOViFJF
UfB/rAIA6Cog5OVG+swmkOEyQZcgFXb0hcqOuoA0geiDRAomoD3CPikA9LMQ6NyI
NkskVd3CugOSDdt9T3fbw+UBfjzFdgsYrHh1vYBUHSDy2/cPoLaEPwLL3EqQFb6t
jNwHyylvxZG4QL3T4oqCKU1L5uOp/8Xv99J/mcviDlK83wj56DTWH3yo0uWnquwF
JyHKkxyVFRTJIg==
-----END CERTIFICATE-----