Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
File:                     Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft (raw, json)
Hash identifier:          JRLSx/O1jzyrkbK+9fI6gDUnGHpveOnrihdaLv4fwZU=
Subject key identifier:   AF:50:76:52:37:63:19:51:40:7A:79:A8:98:E6:3E:E5:5E:F3:B0:5F
Authority key identifier: 63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF
Certificate issuer:       /CN=63ef6bdbc42ad06defdad72679414346d8d048df
Certificate serial:       0198D473BDD48065B1684B2355BC5A044A5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
Manifest number:          1644
Signing time:             Sat 23 Aug 2025 01:03:31 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:31 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:31 +0000
Files and hashes:         1: Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl (hash: FdyT7UWxOqQigaCWeqqJg5JzoBQSItRP7a++4cRzbRU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:03:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:bd:d4:80:65:b1:68:4b:23:55:bc:5a:04:4a:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63ef6bdbc42ad06defdad72679414346d8d048df
        Validity
            Not Before: Aug 23 01:03:31 2025 GMT
            Not After : Aug 24 01:03:31 2025 GMT
        Subject: CN=af50765237631951407a79a898e63ee55ef3b05f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:08:38:33:cb:c8:db:91:80:cb:76:02:d5:4d:
                    6a:2e:83:8e:ac:3b:73:7b:41:8f:a5:be:cf:eb:66:
                    49:66:6a:7b:0c:ad:30:ed:48:28:7c:74:8f:70:ba:
                    a5:a6:99:51:49:7f:17:d7:0a:26:e9:b3:6e:4a:59:
                    6d:97:46:7f:8c:b9:12:8e:ab:31:11:10:ab:e2:ee:
                    fd:1a:d6:99:90:c4:ce:63:5a:21:7f:c1:55:71:a5:
                    f5:c0:00:47:0b:2c:fe:aa:75:09:3e:9d:6b:25:7c:
                    b2:be:87:b4:78:3c:d8:7b:29:c9:27:ba:80:b4:4c:
                    fc:d9:c0:e6:89:f2:4f:98:db:df:f2:63:7e:09:a6:
                    f1:09:84:a9:4e:5a:de:c5:10:6e:a9:4d:51:f5:c5:
                    92:48:2d:bb:f4:88:94:ff:be:19:d6:3c:e2:35:6b:
                    26:47:78:93:f4:b2:e0:6b:f1:77:88:3d:ce:92:20:
                    66:ba:0e:fc:d7:db:cc:4e:3c:40:79:45:4a:06:4a:
                    4d:35:7f:10:7b:33:59:ac:4b:ea:20:6c:1b:9f:bb:
                    03:98:01:ad:a3:dd:24:f3:97:45:f8:80:93:eb:33:
                    ad:7f:cc:9d:d6:76:a1:7a:91:ce:82:14:29:71:59:
                    1b:4a:d0:c4:1f:8e:69:0d:4c:8f:a6:ed:e9:d6:3f:
                    56:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:50:76:52:37:63:19:51:40:7A:79:A8:98:E6:3E:E5:5E:F3:B0:5F
            X509v3 Authority Key Identifier:
                keyid:63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:a9:68:ee:e9:71:95:89:55:aa:2a:03:67:e7:5d:b3:fd:95:
         19:bc:92:5f:05:92:a3:05:b5:c4:72:36:b1:9d:3b:c2:1a:e7:
         6c:65:79:92:ce:0c:6a:29:58:dc:71:ca:7a:f3:b3:5e:01:95:
         d6:37:65:6b:fe:97:10:0e:b3:8f:a9:25:ea:0b:7f:b4:e3:bf:
         4e:0b:a0:e4:5b:72:e0:cd:be:d4:49:8f:2a:05:ed:26:28:e5:
         3a:0a:69:c5:30:43:38:ee:84:d5:94:ee:40:ed:8e:b4:6d:b1:
         60:8e:aa:80:64:ea:5a:78:82:e7:6e:e3:bd:df:f4:22:b4:6f:
         cd:0f:7e:f9:34:12:bb:06:25:a0:83:66:d5:51:7a:fb:34:27:
         5c:8c:68:83:cb:ce:d8:1d:d4:18:30:e7:ca:1b:eb:a4:97:dd:
         bb:c8:86:f5:42:ea:48:03:cb:3e:0c:f8:81:cc:21:92:1d:d2:
         89:c5:dd:fa:7f:8c:7f:3d:18:eb:77:18:5e:81:3f:2c:ad:92:
         f7:24:79:b0:10:27:0d:12:89:0e:60:f8:f6:23:4f:7a:33:a2:
         0c:89:0f:88:67:dc:79:08:1f:cb:e0:34:0f:f7:86:46:8a:23:
         0f:92:f0:29:ed:59:0a:ce:c6:1e:83:cd:21:5a:2e:26:b8:59:
         10:fc:03:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc73UgGWxaEsjVbxaBEpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZWY2YmRiYzQyYWQwNmRlZmRhZDcyNjc5NDE0MzQ2ZDhk
MDQ4ZGYwHhcNMjUwODIzMDEwMzMxWhcNMjUwODI0MDEwMzMxWjAzMTEwLwYDVQQD
EyhhZjUwNzY1MjM3NjMxOTUxNDA3YTc5YTg5OGU2M2VlNTVlZjNiMDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+wg4M8vI25GAy3YC1U1qLoOOrDtz
e0GPpb7P62ZJZmp7DK0w7UgofHSPcLqlpplRSX8X1wom6bNuSlltl0Z/jLkSjqsx
ERCr4u79GtaZkMTOY1ohf8FVcaX1wABHCyz+qnUJPp1rJXyyvoe0eDzYeynJJ7qA
tEz82cDmifJPmNvf8mN+CabxCYSpTlrexRBuqU1R9cWSSC279IiU/74Z1jziNWsm
R3iT9LLga/F3iD3OkiBmug7819vMTjxAeUVKBkpNNX8QezNZrEvqIGwbn7sDmAGt
o90k85dF+ICT6zOtf8yd1nahepHOghQpcVkbStDEH45pDUyPpu3p1j9WSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK9QdlI3YxlRQHp5qJjmPuVe87BfMB8GA1UdIwQY
MBaAFGPva9vEKtBt79rXJnlBQ0bY0EjfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUt
MGM4MzY4ZGI5NTYzLzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUtMGM4MzY4ZGI5NTYz
LzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYqlo7ulx
lYlVqioDZ+dds/2VGbySXwWSowW1xHI2sZ07whrnbGV5ks4MailY3HHKevOzXgGV
1jdla/6XEA6zj6kl6gt/tOO/Tgug5Fty4M2+1EmPKgXtJijlOgppxTBDOO6E1ZTu
QO2OtG2xYI6qgGTqWniC527jvd/0IrRvzQ9++TQSuwYloINm1VF6+zQnXIxog8vO
2B3UGDDnyhvrpJfdu8iG9ULqSAPLPgz4gcwhkh3SicXd+n+Mfz0Y63cYXoE/LK2S
9yR5sBAnDRKJDmD49iNPejOiDIkPiGfceQgfy+A0D/eGRoojD5LwKe1ZCs7GHoPN
IVouJrhZEPwDow==
-----END CERTIFICATE-----