Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
File:                     y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft (raw, json)
Hash identifier:          NZier4cuTrZgKUlO+SMjJWRUE6J3pYpGXPzWdvCtMC0=
Subject key identifier:   81:33:F0:74:B7:89:41:C4:69:CA:4D:19:38:D3:ED:C8:58:3D:DD:FE
Authority key identifier: CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42
Certificate issuer:       /CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
Certificate serial:       0197B88F3403CCC30F9D2A584E9B72B2D20F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 22:01:22 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:22 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:22 +0000
Files and hashes:         1: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl (hash: h2AwZ8TevdQt5fxpYvEeeA3EL7MES/h5PMXwrOBeqBc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:34:03:cc:c3:0f:9d:2a:58:4e:9b:72:b2:d2:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
        Validity
            Not Before: Jun 28 22:01:22 2025 GMT
            Not After : Jun 29 22:01:22 2025 GMT
        Subject: CN=8133f074b78941c469ca4d1938d3edc8583dddfe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:6e:48:cd:d8:6f:36:e1:2d:02:b7:bd:17:0f:
                    07:0a:78:0f:e3:48:2d:8e:b0:f0:31:3a:77:e9:d9:
                    f8:fa:5a:2d:ed:a3:5c:da:22:af:d2:f7:6e:42:bd:
                    2b:92:14:3a:96:79:f1:97:05:73:ce:3b:d4:b4:a2:
                    ed:25:51:fa:04:b4:37:ce:99:6f:d1:8e:1f:e8:22:
                    34:24:10:f0:71:19:40:1e:54:52:61:6e:b8:23:28:
                    71:cf:76:17:6c:cc:69:eb:1e:35:d7:75:b6:98:bc:
                    6e:c3:3d:4c:c8:ea:58:80:5a:a7:53:03:1e:8f:d2:
                    80:91:f6:f3:ac:a4:1a:1e:0a:e2:c7:3e:25:ea:7d:
                    91:59:ce:56:29:30:dd:d6:9d:d3:de:1e:62:db:e3:
                    1d:a5:14:d7:1d:cd:fa:f3:27:42:7e:ae:0e:04:88:
                    f1:bb:b2:32:ef:98:51:de:40:e2:9e:a7:32:62:4a:
                    7c:a7:8b:18:94:f1:6d:2e:fc:80:80:54:91:85:5f:
                    77:39:fd:ba:dd:fb:4e:d7:3b:39:20:64:49:d2:90:
                    6f:05:e7:1d:cb:aa:2f:85:ff:43:8d:f7:b3:2a:27:
                    b6:a4:63:36:8a:d2:0a:3d:87:f1:c9:a0:57:aa:b9:
                    41:b8:fd:66:44:ec:c6:c1:85:b7:24:cd:d5:c4:c4:
                    bb:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:33:F0:74:B7:89:41:C4:69:CA:4D:19:38:D3:ED:C8:58:3D:DD:FE
            X509v3 Authority Key Identifier:
                keyid:CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:a2:08:6d:6e:dd:11:93:80:86:ac:47:ec:e2:e5:e4:5d:4a:
         3d:37:9d:d9:6f:21:6b:8b:72:4d:6a:53:e6:57:ec:7d:3f:a2:
         31:b9:12:d7:38:01:1d:59:f6:86:73:59:c5:0d:78:5b:db:1d:
         f8:c7:dc:52:a1:5a:83:5e:07:81:70:d7:a5:66:f3:e4:fe:d7:
         35:21:a8:28:68:cd:7e:e7:a7:7e:17:22:f7:98:d8:13:cf:f5:
         7d:95:e2:ce:32:b3:3b:bb:96:3a:21:a5:ee:03:93:1e:53:b0:
         9c:17:6d:2d:01:56:40:31:25:05:08:95:3f:a7:a7:5c:52:89:
         09:83:a7:26:9b:4b:5a:6d:c7:25:5a:7c:82:c9:1e:c2:e7:e7:
         11:30:c0:18:bd:cb:de:e0:98:ad:e7:4d:f9:cd:f6:d2:11:1f:
         81:d6:5c:45:d2:cd:3b:d4:ae:79:bb:fc:38:34:29:46:8a:5e:
         57:0e:fa:e7:46:99:c5:b8:a2:20:0a:26:0a:69:b5:4a:eb:8b:
         67:3a:6a:01:58:24:65:60:da:36:fd:38:95:f0:7c:0f:ac:bc:
         20:2c:fd:13:2e:67:f1:9c:b6:67:66:33:7c:68:7c:91:f6:51:
         89:ca:91:63:fe:91:32:7a:15:97:44:b2:9c:83:dc:0d:84:e7:
         8e:59:71:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4jzQDzMMPnSpYTptystIPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYzJlYmRhM2FiMDg1MTBlYmU5YTEwZTYwYmUyMzE2MDIy
OGE5NDIwHhcNMjUwNjI4MjIwMTIyWhcNMjUwNjI5MjIwMTIyWjAzMTEwLwYDVQQD
Eyg4MTMzZjA3NGI3ODk0MWM0NjljYTRkMTkzOGQzZWRjODU4M2RkZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4G5IzdhvNuEtAre9Fw8HCngP40gt
jrDwMTp36dn4+lot7aNc2iKv0vduQr0rkhQ6lnnxlwVzzjvUtKLtJVH6BLQ3zplv
0Y4f6CI0JBDwcRlAHlRSYW64Iyhxz3YXbMxp6x4113W2mLxuwz1MyOpYgFqnUwMe
j9KAkfbzrKQaHgrixz4l6n2RWc5WKTDd1p3T3h5i2+MdpRTXHc368ydCfq4OBIjx
u7Iy75hR3kDinqcyYkp8p4sYlPFtLvyAgFSRhV93Of263ftO1zs5IGRJ0pBvBecd
y6ovhf9DjfezKie2pGM2itIKPYfxyaBXqrlBuP1mROzGwYW3JM3VxMS7fwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIEz8HS3iUHEacpNGTjT7chYPd3+MB8GA1UdIwQY
MBaAFMvC69o6sIUQ6+mhDmC+IxYCKKlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2Et
NzQ2MzgxNWEzZjRlLzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2EtNzQ2MzgxNWEzZjRl
LzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK6IIbW7d
EZOAhqxH7OLl5F1KPTed2W8ha4tyTWpT5lfsfT+iMbkS1zgBHVn2hnNZxQ14W9sd
+MfcUqFag14HgXDXpWbz5P7XNSGoKGjNfuenfhci95jYE8/1fZXizjKzO7uWOiGl
7gOTHlOwnBdtLQFWQDElBQiVP6enXFKJCYOnJptLWm3HJVp8gskewufnETDAGL3L
3uCYredN+c320hEfgdZcRdLNO9Suebv8ODQpRopeVw7650aZxbiiIAomCmm1SuuL
ZzpqAVgkZWDaNv04lfB8D6y8ICz9Ey5n8Zy2Z2YzfGh8kfZRicqRY/6RMnoVl0Sy
nIPcDYTnjllxSQ==
-----END CERTIFICATE-----