Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
File:                     yFiMcrJRDxd7g18gHjNl7PnkWh0.mft (raw, json)
Hash identifier:          Jy3yxZIbl2sBPreVMsm1qxdnp56VA9vUaoBni05Rq90=
Subject key identifier:   76:8C:71:69:D7:36:C8:19:D3:0C:E9:D2:80:18:3A:2F:80:13:F4:9D
Authority key identifier: C8:58:8C:72:B2:51:0F:17:7B:83:5F:20:1E:33:65:EC:F9:E4:5A:1D
Certificate issuer:       /CN=c8588c72b2510f177b835f201e3365ecf9e45a1d
Certificate serial:       0198D515DFE1862ECD8E5F1EFC64121CE2B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
Manifest number:          0FFA
Signing time:             Sat 23 Aug 2025 04:00:37 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:37 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:37 +0000
Files and hashes:         1: yFiMcrJRDxd7g18gHjNl7PnkWh0.crl (hash: y+HK75UbMAYev/hXQznGYKQfEQi7PCN+WSQLvHmq+eo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:df:e1:86:2e:cd:8e:5f:1e:fc:64:12:1c:e2:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8588c72b2510f177b835f201e3365ecf9e45a1d
        Validity
            Not Before: Aug 23 04:00:37 2025 GMT
            Not After : Aug 24 04:00:37 2025 GMT
        Subject: CN=768c7169d736c819d30ce9d280183a2f8013f49d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:33:e2:a9:0f:6d:34:42:bb:98:4d:c8:80:45:
                    3d:50:41:91:72:0b:69:08:89:93:48:8a:10:4e:35:
                    6a:e7:13:d1:e7:68:32:b4:c8:3f:ee:e4:c8:d9:43:
                    dd:83:88:df:b8:ba:62:38:96:54:36:7c:f7:e9:88:
                    6c:b0:44:a9:8d:45:83:b1:5b:b2:85:48:16:b5:37:
                    5b:1a:46:09:07:94:22:70:1d:9f:0c:57:18:2d:a0:
                    6d:60:69:e8:96:06:72:f7:e2:06:90:88:cb:0d:97:
                    6b:f3:e1:b2:cd:a1:34:b5:c3:62:97:a9:99:6d:4c:
                    15:8c:1c:bf:67:36:36:cf:0b:8f:e7:3f:5e:00:e4:
                    25:fa:5d:d5:ab:94:f2:97:25:03:69:16:a5:de:b5:
                    59:6f:35:aa:3a:a1:45:ac:b8:0c:6a:57:11:14:3f:
                    8e:76:49:a3:6a:77:35:81:6f:00:97:1f:56:6e:51:
                    3d:7d:47:50:ad:63:db:b2:46:71:cd:65:f5:3d:6d:
                    4f:40:74:a9:bb:b4:26:5c:4e:ba:2f:7f:a4:87:5c:
                    e6:70:27:4c:0d:2d:e7:cb:24:8e:74:6d:fe:27:56:
                    91:15:cb:f6:ce:1e:cc:d2:73:35:1d:28:1a:59:5e:
                    2b:a4:1d:92:58:5d:27:24:d1:8a:e0:70:a9:01:f9:
                    d9:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:8C:71:69:D7:36:C8:19:D3:0C:E9:D2:80:18:3A:2F:80:13:F4:9D
            X509v3 Authority Key Identifier:
                keyid:C8:58:8C:72:B2:51:0F:17:7B:83:5F:20:1E:33:65:EC:F9:E4:5A:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:a6:07:48:8f:a8:c2:cd:6e:be:59:70:a9:42:a6:a0:74:e5:
         68:24:bb:64:13:1f:56:9c:dc:29:92:b1:93:a0:e8:ec:42:e5:
         6c:da:51:e5:22:d8:98:e9:81:28:d0:1d:12:c5:8e:27:54:36:
         bd:91:c8:25:4a:54:ad:42:c4:84:01:39:dd:cd:a6:8c:a8:be:
         8c:4a:88:68:e6:80:d3:b7:27:0b:99:f1:60:f9:25:99:85:ad:
         9c:be:a2:17:1b:8a:93:d4:a2:a6:0e:9a:27:cb:2d:46:64:12:
         3b:42:54:9f:e6:f3:74:49:d9:f3:45:58:b8:a2:7b:0f:20:e6:
         6e:2b:ab:50:a6:65:77:c7:cf:d9:c0:a4:67:62:c0:a5:7e:71:
         9f:39:53:6d:74:c0:13:40:fa:86:dc:c8:83:48:57:d1:a9:45:
         4e:f0:96:1a:9f:2e:73:7a:41:38:9a:19:f8:cb:2b:8f:2d:11:
         ea:74:09:84:87:9c:6a:9b:aa:b2:a8:f3:9f:e6:ed:32:c8:dd:
         27:2a:e6:9e:24:58:be:34:c9:f2:98:e9:ca:a6:07:58:0e:b2:
         31:e3:c7:85:b4:5b:0f:5e:21:23:90:8d:20:dc:66:43:ab:df:
         2a:10:4e:3e:51:11:e3:33:2f:2d:54:3f:b5:a5:ee:3a:ea:6e:
         77:3f:7d:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFd/hhi7Njl8e/GQSHOKwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NTg4YzcyYjI1MTBmMTc3YjgzNWYyMDFlMzM2NWVjZjll
NDVhMWQwHhcNMjUwODIzMDQwMDM3WhcNMjUwODI0MDQwMDM3WjAzMTEwLwYDVQQD
Eyg3NjhjNzE2OWQ3MzZjODE5ZDMwY2U5ZDI4MDE4M2EyZjgwMTNmNDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zPiqQ9tNEK7mE3IgEU9UEGRcgtp
CImTSIoQTjVq5xPR52gytMg/7uTI2UPdg4jfuLpiOJZUNnz36YhssESpjUWDsVuy
hUgWtTdbGkYJB5QicB2fDFcYLaBtYGnolgZy9+IGkIjLDZdr8+GyzaE0tcNil6mZ
bUwVjBy/ZzY2zwuP5z9eAOQl+l3Vq5TylyUDaRal3rVZbzWqOqFFrLgMalcRFD+O
dkmjanc1gW8Alx9WblE9fUdQrWPbskZxzWX1PW1PQHSpu7QmXE66L3+kh1zmcCdM
DS3nyySOdG3+J1aRFcv2zh7M0nM1HSgaWV4rpB2SWF0nJNGK4HCpAfnZcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHaMcWnXNsgZ0wzp0oAYOi+AE/SdMB8GA1UdIwQY
MBaAFMhYjHKyUQ8Xe4NfIB4zZez55FodMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi85M2IzOGUtNjQwMC00ZTZkLWEwZWIt
MDQ5Y2MxZmNlMzdlLzEveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi85M2IzOGUtNjQwMC00ZTZkLWEwZWItMDQ5Y2MxZmNlMzdl
LzEveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH6YHSI+o
ws1uvllwqUKmoHTlaCS7ZBMfVpzcKZKxk6Do7ELlbNpR5SLYmOmBKNAdEsWOJ1Q2
vZHIJUpUrULEhAE53c2mjKi+jEqIaOaA07cnC5nxYPklmYWtnL6iFxuKk9Sipg6a
J8stRmQSO0JUn+bzdEnZ80VYuKJ7DyDmbiurUKZld8fP2cCkZ2LApX5xnzlTbXTA
E0D6htzIg0hX0alFTvCWGp8uc3pBOJoZ+Msrjy0R6nQJhIecapuqsqjzn+btMsjd
JyrmniRYvjTJ8pjpyqYHWA6yMePHhbRbD14hI5CNINxmQ6vfKhBOPlER4zMvLVQ/
taXuOupudz99ug==
-----END CERTIFICATE-----