Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/a7b265-5476-49f4-bd4a-2f9f81e93298/1/yfcvcKzNptLmEzWoFzDm9u5RPMU.mft
File:                     yfcvcKzNptLmEzWoFzDm9u5RPMU.mft (raw, json)
Hash identifier:          RqNruNT21ppXPlB4GBbg0RcNKgl/iQTMyLwcUmo0uCI=
Subject key identifier:   97:49:57:3C:06:9E:40:C0:94:93:29:F5:22:99:85:37:7D:D7:0D:28
Authority key identifier: C9:F7:2F:70:AC:CD:A6:D2:E6:13:35:A8:17:30:E6:F6:EE:51:3C:C5
Certificate issuer:       /CN=c9f72f70accda6d2e61335a81730e6f6ee513cc5
Certificate serial:       0197B89003BA7180C57ACE5A7F3F440220FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yfcvcKzNptLmEzWoFzDm9u5RPMU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/a7b265-5476-49f4-bd4a-2f9f81e93298/1/yfcvcKzNptLmEzWoFzDm9u5RPMU.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 22:02:15 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:15 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:15 +0000
Files and hashes:         1: yfcvcKzNptLmEzWoFzDm9u5RPMU.crl (hash: FG+rTj5dy3KKjX62Y2nHdVLE9yzQcxbZD5SsxGtLKWU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/a7b265-5476-49f4-bd4a-2f9f81e93298/1/yfcvcKzNptLmEzWoFzDm9u5RPMU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/a7b265-5476-49f4-bd4a-2f9f81e93298/1/yfcvcKzNptLmEzWoFzDm9u5RPMU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yfcvcKzNptLmEzWoFzDm9u5RPMU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:03:ba:71:80:c5:7a:ce:5a:7f:3f:44:02:20:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9f72f70accda6d2e61335a81730e6f6ee513cc5
        Validity
            Not Before: Jun 28 22:02:15 2025 GMT
            Not After : Jun 29 22:02:15 2025 GMT
        Subject: CN=9749573c069e40c0949329f5229985377dd70d28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:d6:91:7a:a0:e2:9c:7e:9c:c2:ca:92:b7:9d:
                    e2:4f:51:26:8c:fe:f3:94:dd:8e:1b:4e:44:b8:2f:
                    95:39:8e:fa:fb:0f:d8:7c:78:6f:cb:1c:d3:4e:5d:
                    3a:c6:a1:e7:3a:67:60:df:45:18:96:df:77:57:a5:
                    e4:6b:3f:98:c6:74:39:b4:44:51:4e:80:90:51:cf:
                    3d:02:63:50:a9:b9:5e:12:25:c6:78:f0:db:10:b1:
                    d2:5f:e9:a5:88:0f:10:c1:c6:1b:78:17:06:63:1c:
                    be:a7:64:c3:78:f2:8f:7c:55:25:3a:ce:45:17:51:
                    56:38:67:2b:2d:20:13:49:1a:7d:4c:46:5f:66:0d:
                    b3:83:56:74:1c:27:ce:06:2d:af:0e:b6:de:a9:0f:
                    74:6f:a1:b4:06:48:4f:97:96:03:4c:26:a6:62:99:
                    aa:b4:09:0a:f8:8a:19:ed:50:9e:16:be:f7:6d:6f:
                    fb:ad:c3:1c:77:69:71:a5:fe:d2:28:b6:2b:0f:c0:
                    69:a0:63:5e:eb:80:57:fd:03:2f:b6:44:61:a3:bf:
                    c2:e4:e5:86:7f:0c:5b:a9:94:f0:37:fb:d8:a7:bb:
                    6c:3e:5f:df:ab:c8:40:a4:08:de:d9:dc:d2:32:3a:
                    17:07:f9:69:0a:15:00:69:88:ce:75:28:a0:15:53:
                    90:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:49:57:3C:06:9E:40:C0:94:93:29:F5:22:99:85:37:7D:D7:0D:28
            X509v3 Authority Key Identifier:
                keyid:C9:F7:2F:70:AC:CD:A6:D2:E6:13:35:A8:17:30:E6:F6:EE:51:3C:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yfcvcKzNptLmEzWoFzDm9u5RPMU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/a7b265-5476-49f4-bd4a-2f9f81e93298/1/yfcvcKzNptLmEzWoFzDm9u5RPMU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/a7b265-5476-49f4-bd4a-2f9f81e93298/1/yfcvcKzNptLmEzWoFzDm9u5RPMU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:e3:bb:ba:07:3e:3e:1a:17:c9:29:cb:d7:c7:db:7f:6e:1e:
         b4:c9:b8:6e:0f:e5:e3:33:f7:2e:60:e6:04:d2:c2:b6:45:56:
         26:d1:96:a8:6e:6d:80:0f:a1:7b:06:ea:24:03:ac:53:66:ca:
         34:be:ea:1e:65:9c:2b:32:15:25:7a:d0:3c:fe:d9:db:28:85:
         cc:63:92:28:f0:d5:d0:88:3e:6c:1d:a3:3f:1e:19:06:ba:60:
         1e:69:3e:95:1e:27:2a:38:6d:c6:ab:e7:1d:20:82:16:c9:4e:
         1d:a9:d5:75:ac:8b:94:3d:eb:f7:38:0f:49:a1:fb:ce:f3:01:
         13:b4:02:69:d7:4b:d5:65:b4:5e:a3:0a:84:69:15:35:47:bd:
         12:68:0e:51:95:60:c1:a9:65:00:33:9a:f2:d6:1c:9a:67:c8:
         86:be:65:96:38:aa:3b:0f:e5:1a:b3:26:f4:bb:76:1e:64:6a:
         7b:9c:68:2d:5d:3d:65:b3:82:d8:b9:8d:1e:3a:8c:01:06:35:
         de:d0:2b:6c:b2:d5:f4:45:e8:04:29:2d:89:fe:51:6c:bb:d7:
         45:e5:af:f9:7d:b1:45:75:a8:0a:79:ff:22:11:75:aa:65:7a:
         90:32:9f:e5:fa:dc:2c:a2:36:a3:b2:8f:66:1e:96:04:11:3f:
         94:e5:01:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kAO6cYDFes5afz9EAiD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZjcyZjcwYWNjZGE2ZDJlNjEzMzVhODE3MzBlNmY2ZWU1
MTNjYzUwHhcNMjUwNjI4MjIwMjE1WhcNMjUwNjI5MjIwMjE1WjAzMTEwLwYDVQQD
Eyg5NzQ5NTczYzA2OWU0MGMwOTQ5MzI5ZjUyMjk5ODUzNzdkZDcwZDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNaReqDinH6cwsqSt53iT1EmjP7z
lN2OG05EuC+VOY76+w/YfHhvyxzTTl06xqHnOmdg30UYlt93V6Xkaz+YxnQ5tERR
ToCQUc89AmNQqbleEiXGePDbELHSX+mliA8QwcYbeBcGYxy+p2TDePKPfFUlOs5F
F1FWOGcrLSATSRp9TEZfZg2zg1Z0HCfOBi2vDrbeqQ90b6G0BkhPl5YDTCamYpmq
tAkK+IoZ7VCeFr73bW/7rcMcd2lxpf7SKLYrD8BpoGNe64BX/QMvtkRho7/C5OWG
fwxbqZTwN/vYp7tsPl/fq8hApAje2dzSMjoXB/lpChUAaYjOdSigFVOQ5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdJVzwGnkDAlJMp9SKZhTd91w0oMB8GA1UdIwQY
MBaAFMn3L3CszabS5hM1qBcw5vbuUTzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWZjdmNLek5wdExtRXpXb0Z6RG05dTVSUE1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hN2IyNjUtNTQ3Ni00OWY0LWJkNGEt
MmY5ZjgxZTkzMjk4LzEveWZjdmNLek5wdExtRXpXb0Z6RG05dTVSUE1VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hN2IyNjUtNTQ3Ni00OWY0LWJkNGEtMmY5ZjgxZTkzMjk4
LzEveWZjdmNLek5wdExtRXpXb0Z6RG05dTVSUE1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZeO7ugc+
PhoXySnL18fbf24etMm4bg/l4zP3LmDmBNLCtkVWJtGWqG5tgA+hewbqJAOsU2bK
NL7qHmWcKzIVJXrQPP7Z2yiFzGOSKPDV0Ig+bB2jPx4ZBrpgHmk+lR4nKjhtxqvn
HSCCFslOHanVdayLlD3r9zgPSaH7zvMBE7QCaddL1WW0XqMKhGkVNUe9EmgOUZVg
wallADOa8tYcmmfIhr5lljiqOw/lGrMm9Lt2HmRqe5xoLV09ZbOC2LmNHjqMAQY1
3tArbLLV9EXoBCktif5RbLvXReWv+X2xRXWoCnn/IhF1qmV6kDKf5frcLKI2o7KP
Zh6WBBE/lOUB4A==
-----END CERTIFICATE-----