Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
File:                     PYyo-vPO4aXlGlxc2_lIKgACe2U.mft (raw, json)
Hash identifier:          iZCb5TJeKC1KnuBFbYNP4Em4SpWkFH1uzlEdRA3fMkk=
Subject key identifier:   16:18:28:B6:DE:C1:6E:6D:F9:04:E7:F4:56:1E:D3:91:2C:89:F4:1A
Authority key identifier: 3D:8C:A8:FA:F3:CE:E1:A5:E5:1A:5C:5C:DB:F9:48:2A:00:02:7B:65
Certificate issuer:       /CN=3d8ca8faf3cee1a5e51a5c5cdbf9482a00027b65
Certificate serial:       0197B6A05A21C03A1758315EF76A2F41787C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
Manifest number:          0B22
Signing time:             Sat 28 Jun 2025 13:00:51 +0000
Manifest this update:     Sat 28 Jun 2025 13:00:51 +0000
Manifest next update:     Sun 29 Jun 2025 13:00:51 +0000
Files and hashes:         1: PYyo-vPO4aXlGlxc2_lIKgACe2U.crl (hash: xAfO6efpNAH7xka1bxwKzB4minmcRuaMbWrDpNAb+fk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:5a:21:c0:3a:17:58:31:5e:f7:6a:2f:41:78:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d8ca8faf3cee1a5e51a5c5cdbf9482a00027b65
        Validity
            Not Before: Jun 28 13:00:51 2025 GMT
            Not After : Jun 29 13:00:51 2025 GMT
        Subject: CN=161828b6dec16e6df904e7f4561ed3912c89f41a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:91:24:7f:9d:a5:a1:f8:7e:97:aa:7f:20:4c:
                    f6:9d:47:6d:ec:ae:5a:35:e5:24:bd:e3:a9:6e:94:
                    c5:d4:81:bf:55:8b:1d:e0:4e:5d:40:b9:d6:4f:c7:
                    de:99:c1:71:ef:98:78:8c:2a:be:7d:3f:7e:e4:87:
                    ea:ce:b8:fe:bc:f7:bc:b0:8f:ba:08:32:57:c8:fe:
                    69:1a:8e:aa:ee:59:20:e8:2d:1d:ae:1e:87:23:94:
                    ba:8e:b4:c3:79:e7:ff:cd:09:cd:08:d6:e1:c8:a8:
                    5c:46:6c:29:a9:29:af:54:77:96:27:7e:58:bf:28:
                    17:e4:1b:e2:a7:2e:b2:38:b2:3f:39:53:8a:02:f3:
                    fc:ee:c7:4f:48:e1:eb:68:8e:f9:7e:b9:10:e8:bf:
                    2a:2e:5d:62:d1:a5:33:28:8f:83:d4:cb:2b:dc:2b:
                    f0:3c:ef:5c:e8:4d:7e:d5:55:f4:27:91:af:b3:ee:
                    bc:f9:fa:4f:e0:d9:fb:b1:bf:4b:fe:4f:a8:69:ca:
                    5b:55:9c:79:af:0e:55:9c:38:46:15:5e:23:ff:87:
                    ab:51:46:d1:88:43:3b:c3:93:9a:76:85:f3:e7:0d:
                    30:a8:32:7f:ba:d5:9a:9c:d2:50:de:2a:03:5d:84:
                    a5:00:f6:4a:2d:dd:de:6c:36:af:bf:df:6f:84:a2:
                    72:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:18:28:B6:DE:C1:6E:6D:F9:04:E7:F4:56:1E:D3:91:2C:89:F4:1A
            X509v3 Authority Key Identifier:
                keyid:3D:8C:A8:FA:F3:CE:E1:A5:E5:1A:5C:5C:DB:F9:48:2A:00:02:7B:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:4c:b7:48:36:d5:ad:d6:59:e7:53:0b:09:db:79:15:e2:84:
         15:18:ee:39:5c:09:1c:8d:9a:72:49:73:aa:a1:70:0e:47:48:
         b9:28:03:06:bc:fa:42:28:6e:c2:61:61:a1:dd:32:10:8f:9b:
         6d:97:9b:eb:47:97:c5:71:8a:0f:7e:1e:30:0a:5c:17:83:19:
         3c:8f:8b:db:c2:df:7d:87:0a:6c:7e:0b:ce:d5:40:e8:f2:98:
         e7:40:4a:04:c3:64:a2:5e:67:6f:3f:58:82:d8:57:9a:5d:48:
         02:6e:8c:c7:b7:6a:b2:bd:e0:ac:8e:79:58:35:21:c8:a3:95:
         95:a3:fd:ee:8a:4f:81:c4:5d:3c:c6:24:23:05:6f:71:5e:ab:
         4f:94:6e:a2:10:ba:96:67:da:3c:51:1e:b0:05:89:fc:82:a6:
         d8:32:e6:09:bc:63:ee:39:8e:cf:0d:d5:3a:27:f7:e9:63:7a:
         74:ee:15:27:93:c1:7b:94:2f:91:3e:12:c4:f3:6c:39:3c:c5:
         e3:39:39:15:7a:85:3e:1b:53:e5:3a:85:12:14:59:b0:db:92:
         1f:a4:d4:f2:c4:e4:f2:3a:53:c9:9b:22:05:1a:cf:6b:97:e2:
         e6:08:fa:33:8c:e8:6e:23:92:c9:32:30:bc:d4:59:af:cb:78:
         aa:18:96:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oFohwDoXWDFe92ovQXh8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGNhOGZhZjNjZWUxYTVlNTFhNWM1Y2RiZjk0ODJhMDAw
MjdiNjUwHhcNMjUwNjI4MTMwMDUxWhcNMjUwNjI5MTMwMDUxWjAzMTEwLwYDVQQD
EygxNjE4MjhiNmRlYzE2ZTZkZjkwNGU3ZjQ1NjFlZDM5MTJjODlmNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJEkf52lofh+l6p/IEz2nUdt7K5a
NeUkveOpbpTF1IG/VYsd4E5dQLnWT8femcFx75h4jCq+fT9+5Ifqzrj+vPe8sI+6
CDJXyP5pGo6q7lkg6C0drh6HI5S6jrTDeef/zQnNCNbhyKhcRmwpqSmvVHeWJ35Y
vygX5Bvipy6yOLI/OVOKAvP87sdPSOHraI75frkQ6L8qLl1i0aUzKI+D1Msr3Cvw
PO9c6E1+1VX0J5Gvs+68+fpP4Nn7sb9L/k+oacpbVZx5rw5VnDhGFV4j/4erUUbR
iEM7w5OadoXz5w0wqDJ/utWanNJQ3ioDXYSlAPZKLd3ebDavv99vhKJyQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBYYKLbewW5t+QTn9FYe05EsifQaMB8GA1UdIwQY
MBaAFD2MqPrzzuGl5RpcXNv5SCoAAntlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8xMTIzN2QtYzY5ZC00MGQ0LWI0ZDct
NGUxNWI4NGVlNzA2LzEvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8xMTIzN2QtYzY5ZC00MGQ0LWI0ZDctNGUxNWI4NGVlNzA2
LzEvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnky3SDbV
rdZZ51MLCdt5FeKEFRjuOVwJHI2acklzqqFwDkdIuSgDBrz6QihuwmFhod0yEI+b
bZeb60eXxXGKD34eMApcF4MZPI+L28LffYcKbH4LztVA6PKY50BKBMNkol5nbz9Y
gthXml1IAm6Mx7dqsr3grI55WDUhyKOVlaP97opPgcRdPMYkIwVvcV6rT5RuohC6
lmfaPFEesAWJ/IKm2DLmCbxj7jmOzw3VOif36WN6dO4VJ5PBe5QvkT4SxPNsOTzF
4zk5FXqFPhtT5TqFEhRZsNuSH6TU8sTk8jpTyZsiBRrPa5fi5gj6M4zobiOSyTIw
vNRZr8t4qhiWRg==
-----END CERTIFICATE-----