Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/8bdd00-7943-4584-84f3-3b242d54e788/1/YwYjArQ4WSN2xCZPSdxeZz7bLPs.mft
File:                     YwYjArQ4WSN2xCZPSdxeZz7bLPs.mft (raw, json)
Hash identifier:          uHgoWebutyntxFGAzXZexuRrCzR0EMc3dO6YHmEjQqw=
Subject key identifier:   C7:85:BE:EF:E3:1E:10:3A:43:92:0B:B4:BA:D4:5E:E6:35:16:7B:81
Authority key identifier: 63:06:23:02:B4:38:59:23:76:C4:26:4F:49:DC:5E:67:3E:DB:2C:FB
Certificate issuer:       /CN=63062302b438592376c4264f49dc5e673edb2cfb
Certificate serial:       0197B88EF852701BA9A6542DE2F2B731679C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YwYjArQ4WSN2xCZPSdxeZz7bLPs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/8bdd00-7943-4584-84f3-3b242d54e788/1/YwYjArQ4WSN2xCZPSdxeZz7bLPs.mft
Manifest number:          09A0
Signing time:             Sat 28 Jun 2025 22:01:06 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:06 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:06 +0000
Files and hashes:         1: YwYjArQ4WSN2xCZPSdxeZz7bLPs.crl (hash: FC3MJBtnrTYqd/2JjfWldzM3kykcDRnwacPJe3ndkpQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/8bdd00-7943-4584-84f3-3b242d54e788/1/YwYjArQ4WSN2xCZPSdxeZz7bLPs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/8bdd00-7943-4584-84f3-3b242d54e788/1/YwYjArQ4WSN2xCZPSdxeZz7bLPs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YwYjArQ4WSN2xCZPSdxeZz7bLPs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8e:f8:52:70:1b:a9:a6:54:2d:e2:f2:b7:31:67:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63062302b438592376c4264f49dc5e673edb2cfb
        Validity
            Not Before: Jun 28 22:01:06 2025 GMT
            Not After : Jun 29 22:01:06 2025 GMT
        Subject: CN=c785beefe31e103a43920bb4bad45ee635167b81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:c0:44:f7:96:6e:44:70:de:e5:34:bd:78:a5:
                    5c:b1:54:94:e0:ac:ca:84:44:a8:65:65:db:0d:d2:
                    ad:c6:9c:ac:a2:73:d2:c0:14:70:59:a8:aa:bc:ef:
                    6a:e8:19:eb:30:2f:44:cd:ba:14:14:93:ff:1c:9c:
                    b2:50:a9:d8:9d:17:76:b1:01:c1:e1:ba:b7:9b:ca:
                    8e:46:a6:69:5e:9f:91:36:e4:d6:8d:c0:2d:72:53:
                    3a:33:8f:d4:1a:90:48:cb:6a:8c:0f:10:e5:77:63:
                    1c:fa:d6:a5:8d:ac:ed:6f:98:cf:db:68:46:5e:67:
                    33:68:5a:fc:ac:02:64:2e:21:0f:10:04:2a:1c:cc:
                    93:07:d1:48:75:30:58:7b:1f:90:22:89:3b:d3:81:
                    28:34:71:70:9a:17:af:24:ba:11:3f:78:e1:0a:2e:
                    15:f3:01:3c:da:ef:60:2b:a2:87:9b:0b:75:f4:23:
                    5f:15:5e:94:ad:3f:ce:a0:e3:3f:58:0f:eb:78:2e:
                    35:c7:1b:63:9b:98:b1:f2:98:87:73:2b:0e:24:53:
                    cb:53:51:35:28:ff:b1:d1:a7:59:e9:3d:52:70:bb:
                    89:50:b8:ec:25:62:8f:3d:44:7f:45:ba:fc:54:c1:
                    a8:e4:c4:6e:8f:f6:58:7f:77:20:76:38:1b:66:4f:
                    f1:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:85:BE:EF:E3:1E:10:3A:43:92:0B:B4:BA:D4:5E:E6:35:16:7B:81
            X509v3 Authority Key Identifier:
                keyid:63:06:23:02:B4:38:59:23:76:C4:26:4F:49:DC:5E:67:3E:DB:2C:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YwYjArQ4WSN2xCZPSdxeZz7bLPs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8bdd00-7943-4584-84f3-3b242d54e788/1/YwYjArQ4WSN2xCZPSdxeZz7bLPs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8bdd00-7943-4584-84f3-3b242d54e788/1/YwYjArQ4WSN2xCZPSdxeZz7bLPs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:7b:b9:01:b5:fb:f6:80:3d:a4:22:68:d5:bc:81:32:22:b2:
         35:fc:f3:89:50:3d:dd:2b:93:36:9e:e7:ff:c2:39:cd:b1:60:
         54:99:81:fe:99:fb:b7:12:da:4c:7f:3c:15:19:de:b7:b8:a2:
         06:22:45:14:0e:a2:77:20:de:ba:a3:61:7b:cb:8f:68:e6:e9:
         d5:92:77:30:2b:9c:23:a5:8b:c4:3a:b8:61:09:00:98:ab:cf:
         72:7a:1f:1e:cc:2c:b1:f8:8a:d3:8f:ed:b4:52:2f:4e:c3:4f:
         89:5b:d1:0f:f7:7c:4b:5d:fe:6f:12:a0:8c:9d:16:fe:67:88:
         9a:eb:3a:f9:2f:05:fe:c9:6a:8f:12:a8:65:50:5a:a7:fc:93:
         36:a5:5a:06:6f:0f:0f:ba:45:d5:38:5f:30:38:a7:19:b6:fc:
         95:7e:df:9a:23:ed:a6:b7:35:87:b7:de:50:6d:76:81:fa:04:
         6b:d8:5c:a4:0c:12:83:e8:f1:95:4c:3f:09:78:76:6e:82:d6:
         b2:d4:7b:87:78:e0:ec:41:5f:6e:91:40:42:c9:1b:f5:f3:71:
         96:59:cc:1c:81:dc:97:6a:82:d6:d0:e4:55:a9:7a:2a:5c:a1:
         8e:e9:2d:ee:f2:f8:bc:8c:4a:64:bf:a2:58:da:48:bb:27:20:
         36:72:6f:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4jvhScBupplQt4vK3MWecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMDYyMzAyYjQzODU5MjM3NmM0MjY0ZjQ5ZGM1ZTY3M2Vk
YjJjZmIwHhcNMjUwNjI4MjIwMTA2WhcNMjUwNjI5MjIwMTA2WjAzMTEwLwYDVQQD
EyhjNzg1YmVlZmUzMWUxMDNhNDM5MjBiYjRiYWQ0NWVlNjM1MTY3YjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucBE95ZuRHDe5TS9eKVcsVSU4KzK
hESoZWXbDdKtxpysonPSwBRwWaiqvO9q6BnrMC9EzboUFJP/HJyyUKnYnRd2sQHB
4bq3m8qORqZpXp+RNuTWjcAtclM6M4/UGpBIy2qMDxDld2Mc+taljaztb5jP22hG
XmczaFr8rAJkLiEPEAQqHMyTB9FIdTBYex+QIok704EoNHFwmhevJLoRP3jhCi4V
8wE82u9gK6KHmwt19CNfFV6UrT/OoOM/WA/reC41xxtjm5ix8piHcysOJFPLU1E1
KP+x0adZ6T1ScLuJULjsJWKPPUR/Rbr8VMGo5MRuj/ZYf3cgdjgbZk/x0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMeFvu/jHhA6Q5ILtLrUXuY1FnuBMB8GA1UdIwQY
MBaAFGMGIwK0OFkjdsQmT0ncXmc+2yz7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXdZakFyUTRXU04yeENaUFNkeGVaejdiTFBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi84YmRkMDAtNzk0My00NTg0LTg0ZjMt
M2IyNDJkNTRlNzg4LzEvWXdZakFyUTRXU04yeENaUFNkeGVaejdiTFBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi84YmRkMDAtNzk0My00NTg0LTg0ZjMtM2IyNDJkNTRlNzg4
LzEvWXdZakFyUTRXU04yeENaUFNkeGVaejdiTFBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIXu5AbX7
9oA9pCJo1byBMiKyNfzziVA93SuTNp7n/8I5zbFgVJmB/pn7txLaTH88FRnet7ii
BiJFFA6idyDeuqNhe8uPaObp1ZJ3MCucI6WLxDq4YQkAmKvPcnofHswssfiK04/t
tFIvTsNPiVvRD/d8S13+bxKgjJ0W/meImus6+S8F/slqjxKoZVBap/yTNqVaBm8P
D7pF1ThfMDinGbb8lX7fmiPtprc1h7feUG12gfoEa9hcpAwSg+jxlUw/CXh2boLW
stR7h3jg7EFfbpFAQskb9fNxllnMHIHcl2qC1tDkVal6Klyhjukt7vL4vIxKZL+i
WNpIuycgNnJvow==
-----END CERTIFICATE-----