Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
File:                     YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft (raw, json)
Hash identifier:          7AfhBXRM3YwzH9QIVgDC3cBeKJxgW3pk182J9Vjb9jU=
Subject key identifier:   BB:AD:25:0A:EE:D9:BF:A7:18:59:9E:42:94:BC:3D:1B:92:1D:DD:C8
Authority key identifier: 60:5A:BB:25:3B:76:6D:CD:7F:16:D9:F0:1B:C1:19:69:18:48:EB:0E
Certificate issuer:       /CN=605abb253b766dcd7f16d9f01bc119691848eb0e
Certificate serial:       0197B7B312C5D7282F187A0F15FF5BE243B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
Manifest number:          0212
Signing time:             Sat 28 Jun 2025 18:00:55 +0000
Manifest this update:     Sat 28 Jun 2025 18:00:55 +0000
Manifest next update:     Sun 29 Jun 2025 18:00:55 +0000
Files and hashes:         1: YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl (hash: YYRHpukDgzglMqoyR8d2Thq9CTbkMGj7uhmg+GKUQrE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b3:12:c5:d7:28:2f:18:7a:0f:15:ff:5b:e2:43:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=605abb253b766dcd7f16d9f01bc119691848eb0e
        Validity
            Not Before: Jun 28 18:00:55 2025 GMT
            Not After : Jun 29 18:00:55 2025 GMT
        Subject: CN=bbad250aeed9bfa718599e4294bc3d1b921dddc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:e2:6d:31:57:65:5e:31:d8:68:16:75:86:6d:
                    2b:80:b1:e9:07:41:5e:8b:ef:c5:f0:85:94:71:7a:
                    93:5c:cc:7e:74:78:18:69:b0:dc:f7:f9:19:bf:7b:
                    ae:c1:65:04:e6:fc:a1:08:5d:cc:c9:29:b0:59:99:
                    4d:6d:f2:44:c2:40:0d:76:52:c0:20:14:20:cb:fc:
                    d1:75:5c:fd:9d:63:16:a0:71:66:b4:df:37:56:b9:
                    6f:53:9d:07:11:3a:2b:f5:1c:d8:f1:fb:64:43:22:
                    2a:97:12:11:40:65:de:00:9b:e5:b5:2e:32:e8:d6:
                    1d:ec:5b:96:bb:84:03:56:28:1f:25:9d:81:39:2e:
                    cb:86:fe:43:99:f9:f8:75:62:3d:4a:21:78:db:47:
                    da:33:66:65:01:ef:84:94:d7:d1:ed:87:3d:79:96:
                    ae:8b:1e:66:49:54:d8:02:36:c1:8d:e8:50:98:ba:
                    2f:4a:f7:bd:fb:42:c9:51:49:d6:cc:6f:64:26:63:
                    d0:2e:9f:42:30:ee:b9:61:e8:4a:ba:e6:0f:fe:d2:
                    cc:a9:77:3c:46:83:e8:dd:7e:be:02:39:0b:c5:b9:
                    ba:23:bb:79:f6:1e:b2:5f:26:72:8d:8d:05:23:80:
                    64:5b:8c:64:e8:45:08:dd:85:6c:00:aa:3f:a6:bd:
                    29:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:AD:25:0A:EE:D9:BF:A7:18:59:9E:42:94:BC:3D:1B:92:1D:DD:C8
            X509v3 Authority Key Identifier:
                keyid:60:5A:BB:25:3B:76:6D:CD:7F:16:D9:F0:1B:C1:19:69:18:48:EB:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:3e:1d:68:06:a2:ec:67:d2:3b:20:bc:7e:7f:49:d2:16:8f:
         8a:a7:b6:21:cf:16:2b:08:22:18:e0:d7:96:b5:c7:b8:b5:8b:
         95:f9:f6:dd:74:7c:06:3b:5e:2f:45:c8:cd:8a:8a:a6:d6:f4:
         71:e6:e4:8a:d8:32:74:12:9f:60:1d:4c:ef:2d:d3:0c:87:c9:
         28:ed:f1:da:59:58:ae:0b:d2:4f:aa:dc:7d:75:7b:32:9c:19:
         21:12:e3:09:7f:41:10:3f:43:b0:90:11:a3:0e:49:7c:60:d8:
         50:3b:8a:d5:5b:d5:65:17:7b:7e:ae:c0:a8:b9:7e:db:1d:f4:
         45:c7:c2:96:f1:5d:d3:d8:05:d6:cc:ec:89:5e:6b:6a:ab:b3:
         15:e2:15:77:a9:66:01:80:06:06:4e:22:4e:2d:27:cc:97:61:
         ba:38:92:c8:d1:b3:97:1e:3b:a0:72:cd:f9:52:7f:57:af:3e:
         24:c9:fe:65:fa:a0:97:41:87:d1:89:8b:f1:23:b5:6f:f6:31:
         18:ca:e3:5a:6e:8b:e2:d8:3b:f7:3b:24:80:43:7d:e0:0c:38:
         bf:39:03:c5:8d:85:aa:cb:a8:63:73:20:b0:95:a1:a1:b0:07:
         a1:19:a5:04:b4:1f:dd:2f:5b:3b:3d:d6:da:66:0c:69:6e:62:
         5d:7c:4f:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3sxLF1ygvGHoPFf9b4kOwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNWFiYjI1M2I3NjZkY2Q3ZjE2ZDlmMDFiYzExOTY5MTg0
OGViMGUwHhcNMjUwNjI4MTgwMDU1WhcNMjUwNjI5MTgwMDU1WjAzMTEwLwYDVQQD
EyhiYmFkMjUwYWVlZDliZmE3MTg1OTllNDI5NGJjM2QxYjkyMWRkZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseJtMVdlXjHYaBZ1hm0rgLHpB0Fe
i+/F8IWUcXqTXMx+dHgYabDc9/kZv3uuwWUE5vyhCF3MySmwWZlNbfJEwkANdlLA
IBQgy/zRdVz9nWMWoHFmtN83VrlvU50HETor9RzY8ftkQyIqlxIRQGXeAJvltS4y
6NYd7FuWu4QDVigfJZ2BOS7Lhv5Dmfn4dWI9SiF420faM2ZlAe+ElNfR7Yc9eZau
ix5mSVTYAjbBjehQmLovSve9+0LJUUnWzG9kJmPQLp9CMO65YehKuuYP/tLMqXc8
RoPo3X6+AjkLxbm6I7t59h6yXyZyjY0FI4BkW4xk6EUI3YVsAKo/pr0pyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLutJQru2b+nGFmeQpS8PRuSHd3IMB8GA1UdIwQY
MBaAFGBauyU7dm3NfxbZ8BvBGWkYSOsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82NjY2NzAtZDBmMS00NGEzLWI5M2Et
NTAxMTFjNDI5MmQwLzEvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82NjY2NzAtZDBmMS00NGEzLWI5M2EtNTAxMTFjNDI5MmQw
LzEvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUD4daAai
7GfSOyC8fn9J0haPiqe2Ic8WKwgiGODXlrXHuLWLlfn23XR8BjteL0XIzYqKptb0
cebkitgydBKfYB1M7y3TDIfJKO3x2llYrgvST6rcfXV7MpwZIRLjCX9BED9DsJAR
ow5JfGDYUDuK1VvVZRd7fq7AqLl+2x30RcfClvFd09gF1szsiV5raquzFeIVd6lm
AYAGBk4iTi0nzJdhujiSyNGzlx47oHLN+VJ/V68+JMn+Zfqgl0GH0YmL8SO1b/Yx
GMrjWm6L4tg79zskgEN94Aw4vzkDxY2FqsuoY3MgsJWhobAHoRmlBLQf3S9bOz3W
2mYMaW5iXXxPRg==
-----END CERTIFICATE-----