Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
File:                     Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft (raw, json)
Hash identifier:          VJZJNg+BXexDBJdqVq/GpDsStkmPB/eFMrYnQcDvgo4=
Subject key identifier:   D4:B0:E4:15:1B:0D:4A:3A:FA:F8:5F:50:84:E6:BA:3E:56:7A:7D:F1
Authority key identifier: 63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF
Certificate issuer:       /CN=63ef6bdbc42ad06defdad72679414346d8d048df
Certificate serial:       0197B88FE69815C532EF7FE8C99A3415E4C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
Manifest number:          15B1
Signing time:             Sat 28 Jun 2025 22:02:07 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:07 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:07 +0000
Files and hashes:         1: Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl (hash: UII/8nJKnH+HmurQQQDFlGInCZzSPHWob9P61kpNCVA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:e6:98:15:c5:32:ef:7f:e8:c9:9a:34:15:e4:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63ef6bdbc42ad06defdad72679414346d8d048df
        Validity
            Not Before: Jun 28 22:02:07 2025 GMT
            Not After : Jun 29 22:02:07 2025 GMT
        Subject: CN=d4b0e4151b0d4a3afaf85f5084e6ba3e567a7df1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:d9:f2:46:c1:fb:05:2e:17:3b:e0:d7:21:7d:
                    2f:74:8a:a8:08:66:7b:30:aa:04:52:56:9b:f4:76:
                    a7:b9:36:56:1b:1a:98:97:88:e8:89:88:6b:35:af:
                    90:8b:fe:3e:4c:e0:21:57:4a:9c:31:46:0d:55:c8:
                    41:80:76:62:95:b3:c8:83:57:44:bf:9a:7c:c9:8d:
                    9a:a2:c0:32:28:6b:eb:4f:3b:00:97:37:99:3c:21:
                    59:42:24:54:60:61:45:2e:eb:9d:64:cf:ef:14:9a:
                    4a:81:7f:7b:f1:7d:e8:66:85:e6:ad:ae:a6:08:b1:
                    6a:f1:6b:84:a9:65:a4:c7:83:03:ef:f0:aa:ff:7d:
                    66:d4:8d:b8:1a:17:f2:c2:7a:d9:af:e0:11:f1:8b:
                    d8:0a:84:04:c7:b6:d8:3c:95:c2:28:b7:8f:b3:b5:
                    1f:67:e2:4e:52:e5:30:6d:5e:0a:b5:47:b8:97:66:
                    d1:e6:ba:e5:7b:29:d3:86:48:34:e2:49:d2:ae:a0:
                    36:cd:c2:13:7e:d9:f7:01:19:0c:44:bb:e8:3c:67:
                    a9:4c:62:29:c9:ab:2d:6b:24:05:4b:51:6f:06:39:
                    1e:3f:2d:68:6c:59:75:15:7d:f5:7e:ef:43:1a:c0:
                    a3:50:61:63:20:25:d0:fa:ff:da:6d:91:58:86:fb:
                    0a:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:B0:E4:15:1B:0D:4A:3A:FA:F8:5F:50:84:E6:BA:3E:56:7A:7D:F1
            X509v3 Authority Key Identifier:
                keyid:63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:68:b9:77:6b:c9:a2:07:3e:0c:b3:52:92:2c:31:f9:f7:88:
         a2:c9:a9:72:3c:33:59:45:c8:c9:3a:65:09:9f:f9:be:af:63:
         90:24:f5:a4:b1:8b:9d:21:20:cd:28:11:a4:80:0c:33:71:d4:
         90:06:9c:f5:7e:b8:22:30:6c:e3:08:43:e4:e3:ff:88:fe:d6:
         72:5e:be:bc:77:1a:39:dc:14:f4:90:4b:fa:9b:72:d5:05:48:
         ed:a0:3f:c2:80:7f:aa:f7:79:ed:a3:c9:17:3f:e9:7a:76:af:
         73:72:a9:67:0e:40:17:b2:d0:8a:2d:88:e7:cc:1b:8c:99:c8:
         fd:b4:63:40:3a:19:3b:85:1c:b6:c5:12:aa:95:e0:1d:32:fd:
         f1:51:3e:80:1f:e6:15:30:ca:3b:39:53:33:99:e1:57:bf:c2:
         16:07:20:44:19:c1:02:d7:6f:38:fb:0b:99:d6:21:80:22:44:
         7d:83:16:f0:35:23:fb:50:0e:49:12:f7:80:21:e6:33:04:78:
         80:02:83:bf:11:55:c9:ca:d9:e7:1e:3a:bf:62:64:ac:b5:4e:
         fa:d8:9d:e7:e9:02:fe:0d:f4:ae:2e:fb:4e:b1:68:04:ef:42:
         bd:7a:6f:5f:6e:6c:06:9e:1b:e0:bc:cd:ae:d2:cd:1b:07:f5:
         1d:80:a6:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j+aYFcUy73/oyZo0FeTIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZWY2YmRiYzQyYWQwNmRlZmRhZDcyNjc5NDE0MzQ2ZDhk
MDQ4ZGYwHhcNMjUwNjI4MjIwMjA3WhcNMjUwNjI5MjIwMjA3WjAzMTEwLwYDVQQD
EyhkNGIwZTQxNTFiMGQ0YTNhZmFmODVmNTA4NGU2YmEzZTU2N2E3ZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tnyRsH7BS4XO+DXIX0vdIqoCGZ7
MKoEUlab9HanuTZWGxqYl4joiYhrNa+Qi/4+TOAhV0qcMUYNVchBgHZilbPIg1dE
v5p8yY2aosAyKGvrTzsAlzeZPCFZQiRUYGFFLuudZM/vFJpKgX978X3oZoXmra6m
CLFq8WuEqWWkx4MD7/Cq/31m1I24GhfywnrZr+AR8YvYCoQEx7bYPJXCKLePs7Uf
Z+JOUuUwbV4KtUe4l2bR5rrleynThkg04knSrqA2zcITftn3ARkMRLvoPGepTGIp
yastayQFS1FvBjkePy1obFl1FX31fu9DGsCjUGFjICXQ+v/abZFYhvsKQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNSw5BUbDUo6+vhfUITmuj5Wen3xMB8GA1UdIwQY
MBaAFGPva9vEKtBt79rXJnlBQ0bY0EjfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUt
MGM4MzY4ZGI5NTYzLzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUtMGM4MzY4ZGI5NTYz
LzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlWi5d2vJ
ogc+DLNSkiwx+feIosmpcjwzWUXIyTplCZ/5vq9jkCT1pLGLnSEgzSgRpIAMM3HU
kAac9X64IjBs4whD5OP/iP7Wcl6+vHcaOdwU9JBL+pty1QVI7aA/woB/qvd57aPJ
Fz/penavc3KpZw5AF7LQii2I58wbjJnI/bRjQDoZO4UctsUSqpXgHTL98VE+gB/m
FTDKOzlTM5nhV7/CFgcgRBnBAtdvOPsLmdYhgCJEfYMW8DUj+1AOSRL3gCHmMwR4
gAKDvxFVycrZ5x46v2JkrLVO+tid5+kC/g30ri77TrFoBO9CvXpvX25sBp4b4LzN
rtLNGwf1HYCmKw==
-----END CERTIFICATE-----