Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
File:                     y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft (raw, json)
Hash identifier:          +4BYlLG/6Sq/BHoEUl+cqqUbfqSMW8CzgLl1vppZDis=
Subject key identifier:   DB:03:30:02:7E:47:ED:CE:71:AB:1A:32:39:EC:67:91:F5:9E:B7:89
Authority key identifier: CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42
Certificate issuer:       /CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
Certificate serial:       0198D4742C5D203F825FC2019138C5020F6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
Manifest number:          1645
Signing time:             Sat 23 Aug 2025 01:04:00 +0000
Manifest this update:     Sat 23 Aug 2025 01:04:00 +0000
Manifest next update:     Sun 24 Aug 2025 01:04:00 +0000
Files and hashes:         1: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl (hash: Y3AbB2n1J9M293mtzNFxir1yha2QHa18EN2Vqdx/Noo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:04:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:74:2c:5d:20:3f:82:5f:c2:01:91:38:c5:02:0f:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
        Validity
            Not Before: Aug 23 01:04:00 2025 GMT
            Not After : Aug 24 01:04:00 2025 GMT
        Subject: CN=db0330027e47edce71ab1a3239ec6791f59eb789
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:c0:ba:84:9b:3f:22:31:67:da:ed:5f:56:d6:
                    bd:f2:f2:e2:b4:5b:96:42:57:57:ca:6b:4c:60:b4:
                    04:1e:9b:a8:22:ec:ec:8f:75:7b:bb:85:13:25:a0:
                    d5:45:bc:d7:ab:5a:ec:9b:43:4d:62:a3:6f:41:b9:
                    24:b0:db:dd:b4:43:9b:e3:37:99:51:34:1c:77:39:
                    14:31:74:59:50:c6:6c:12:d7:ad:0a:f9:45:82:e8:
                    dd:e6:18:c5:f6:7f:f8:32:99:f2:48:95:68:a0:74:
                    1c:a3:0c:19:dd:81:e0:87:8c:2a:18:12:06:d8:7c:
                    79:b7:b3:37:7c:e5:a7:d8:60:ba:ac:61:01:f3:61:
                    ca:b6:a1:20:a4:d9:84:5d:ae:8b:78:1e:95:44:0d:
                    22:86:76:76:34:4b:bf:a5:f1:ee:1f:08:e0:6e:1e:
                    04:bc:18:9a:98:60:cb:3c:88:4b:49:88:e4:17:ce:
                    64:a0:96:60:41:f0:2c:81:6d:3e:cb:7d:7a:0c:0b:
                    44:c7:ab:6c:d5:61:c6:b4:4b:01:3b:7c:3f:68:3b:
                    f3:08:92:34:b9:cd:05:c9:09:ae:e5:82:64:76:19:
                    cf:ff:b6:5b:d7:a5:e1:c3:46:30:ad:1e:30:b5:7f:
                    ee:f2:84:a7:10:40:29:75:54:65:36:eb:a9:ad:e5:
                    9b:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:03:30:02:7E:47:ED:CE:71:AB:1A:32:39:EC:67:91:F5:9E:B7:89
            X509v3 Authority Key Identifier:
                keyid:CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:7e:19:28:c4:1e:27:21:d5:4a:d9:03:5e:55:3e:5b:94:a5:
         1e:94:d2:04:9b:d7:4e:f5:89:df:72:62:3a:ec:ea:8f:2d:26:
         7c:73:76:3f:ba:7f:d1:be:10:97:f7:2e:f1:1f:8b:de:e7:26:
         28:23:1d:1f:34:5b:f1:dc:b0:4e:f8:31:2c:b8:25:09:88:82:
         02:06:7c:d0:82:f9:24:fd:6f:f2:b7:05:d8:fd:4c:9e:71:e0:
         83:a3:ba:16:fa:99:71:4c:d6:97:c5:78:6e:d2:a3:fe:aa:ce:
         c7:a9:a7:10:8b:9f:8e:91:a5:5e:bb:13:50:e5:32:36:36:78:
         98:b3:20:9e:0e:a3:27:91:60:e2:6e:ab:f0:43:d9:fd:64:02:
         e1:4f:4a:3a:d0:33:b3:b9:48:04:0a:84:9e:65:82:2d:0e:60:
         43:34:24:7f:6f:d3:2e:ed:61:e8:07:48:f9:1a:80:6a:f8:d6:
         88:59:cb:c3:80:f0:4b:6e:67:a3:8c:71:9b:e6:2e:93:ad:99:
         c0:7f:e5:ef:30:4b:9a:d6:c6:a7:af:32:14:95:30:f6:e3:c9:
         de:c7:94:1d:c4:24:1e:42:1a:ee:00:9c:9c:de:ba:9d:98:a9:
         f5:6f:75:31:56:6c:37:79:04:5a:d9:ba:3e:92:8c:fb:df:26:
         fa:39:20:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdCxdID+CX8IBkTjFAg9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYzJlYmRhM2FiMDg1MTBlYmU5YTEwZTYwYmUyMzE2MDIy
OGE5NDIwHhcNMjUwODIzMDEwNDAwWhcNMjUwODI0MDEwNDAwWjAzMTEwLwYDVQQD
EyhkYjAzMzAwMjdlNDdlZGNlNzFhYjFhMzIzOWVjNjc5MWY1OWViNzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MC6hJs/IjFn2u1fVta98vLitFuW
QldXymtMYLQEHpuoIuzsj3V7u4UTJaDVRbzXq1rsm0NNYqNvQbkksNvdtEOb4zeZ
UTQcdzkUMXRZUMZsEtetCvlFgujd5hjF9n/4MpnySJVooHQcowwZ3YHgh4wqGBIG
2Hx5t7M3fOWn2GC6rGEB82HKtqEgpNmEXa6LeB6VRA0ihnZ2NEu/pfHuHwjgbh4E
vBiamGDLPIhLSYjkF85koJZgQfAsgW0+y316DAtEx6ts1WHGtEsBO3w/aDvzCJI0
uc0FyQmu5YJkdhnP/7Zb16Xhw0YwrR4wtX/u8oSnEEApdVRlNuupreWbKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNsDMAJ+R+3OcasaMjnsZ5H1nreJMB8GA1UdIwQY
MBaAFMvC69o6sIUQ6+mhDmC+IxYCKKlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2Et
NzQ2MzgxNWEzZjRlLzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2EtNzQ2MzgxNWEzZjRl
LzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAn4ZKMQe
JyHVStkDXlU+W5SlHpTSBJvXTvWJ33JiOuzqjy0mfHN2P7p/0b4Ql/cu8R+L3ucm
KCMdHzRb8dywTvgxLLglCYiCAgZ80IL5JP1v8rcF2P1MnnHgg6O6FvqZcUzWl8V4
btKj/qrOx6mnEIufjpGlXrsTUOUyNjZ4mLMgng6jJ5Fg4m6r8EPZ/WQC4U9KOtAz
s7lIBAqEnmWCLQ5gQzQkf2/TLu1h6AdI+RqAavjWiFnLw4DwS25no4xxm+Yuk62Z
wH/l7zBLmtbGp68yFJUw9uPJ3seUHcQkHkIa7gCcnN66nZip9W91MVZsN3kEWtm6
PpKM+98m+jkghQ==
-----END CERTIFICATE-----