Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
File:                     yFiMcrJRDxd7g18gHjNl7PnkWh0.mft (raw, json)
Hash identifier:          gHLDPJjKBCGW1iYJR12lq7TNXsle5mdV7nliEFN6294=
Subject key identifier:   E8:BE:54:3B:F0:BD:A8:8F:B7:06:EF:D5:3D:26:C0:3D:94:A1:AF:21
Authority key identifier: C8:58:8C:72:B2:51:0F:17:7B:83:5F:20:1E:33:65:EC:F9:E4:5A:1D
Certificate issuer:       /CN=c8588c72b2510f177b835f201e3365ecf9e45a1d
Certificate serial:       0197BEFEA4FD6C0280C8F3A3CDC23BA7D584
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
Manifest number:          0F6A
Signing time:             Mon 30 Jun 2025 04:00:48 +0000
Manifest this update:     Mon 30 Jun 2025 04:00:48 +0000
Manifest next update:     Tue 01 Jul 2025 04:00:48 +0000
Files and hashes:         1: yFiMcrJRDxd7g18gHjNl7PnkWh0.crl (hash: b4crs30c/Dy6jxSg7Taqz243I67gtcTBdmBgufDf2o4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 04:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:be:fe:a4:fd:6c:02:80:c8:f3:a3:cd:c2:3b:a7:d5:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8588c72b2510f177b835f201e3365ecf9e45a1d
        Validity
            Not Before: Jun 30 04:00:48 2025 GMT
            Not After : Jul  1 04:00:48 2025 GMT
        Subject: CN=e8be543bf0bda88fb706efd53d26c03d94a1af21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:0d:13:48:c1:1a:5d:be:f7:73:2d:0c:72:83:
                    32:03:6c:43:b5:59:aa:30:59:6d:bc:ba:e4:be:40:
                    2e:3e:4e:2a:1a:4d:79:c9:e0:f0:76:93:45:84:84:
                    26:f1:92:b9:e7:a8:d7:61:74:f7:1e:f0:06:65:52:
                    75:f4:17:c5:54:6c:10:5d:bd:30:32:c2:2d:33:b7:
                    4b:22:35:0c:fb:46:b5:ad:7b:bb:dc:8b:45:2f:61:
                    22:00:37:ea:c1:4a:27:cd:00:d1:28:86:d0:ed:f5:
                    43:45:8b:21:41:0b:d8:ff:0c:bf:d8:35:82:ad:55:
                    5a:f8:9f:c9:f4:ab:e5:02:84:24:89:8b:9a:6d:4e:
                    07:bb:65:95:56:dc:0f:9a:ae:8e:e4:0b:3d:e0:48:
                    cf:59:f6:9f:2d:53:6b:cc:35:ef:bc:e7:1b:e1:e7:
                    9c:8d:44:09:3c:db:3c:89:e2:09:00:83:35:52:e0:
                    89:0e:9a:ab:5f:d4:0f:b5:fb:9e:67:c1:ca:af:44:
                    2f:f3:4b:b4:25:b4:d4:6c:fd:af:4d:7c:9a:63:ad:
                    5e:b8:91:23:b6:46:d4:6c:a6:36:e3:6e:82:ba:ee:
                    aa:5a:2e:db:12:e8:6a:38:e9:44:b4:3d:5d:03:10:
                    ce:d7:14:85:37:e8:7a:fa:30:b2:20:90:b3:19:0d:
                    24:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:BE:54:3B:F0:BD:A8:8F:B7:06:EF:D5:3D:26:C0:3D:94:A1:AF:21
            X509v3 Authority Key Identifier:
                keyid:C8:58:8C:72:B2:51:0F:17:7B:83:5F:20:1E:33:65:EC:F9:E4:5A:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:f7:63:a3:d8:6f:2c:9f:37:e3:3b:ea:0d:a2:f4:6b:d8:ae:
         28:0c:ed:90:ba:99:c7:47:0e:44:65:fb:8f:74:d9:e6:80:76:
         65:82:c5:4a:e2:d0:a3:5c:9f:d8:76:d2:a6:7e:9d:97:43:ff:
         a6:bc:9d:f2:8b:aa:1f:ab:a7:f1:eb:91:b2:78:9f:55:59:dd:
         a9:8c:af:d2:94:0d:63:5b:ad:5b:70:a8:f9:a7:0f:c1:e2:4e:
         fb:98:ae:63:07:55:11:b5:11:f3:27:a8:38:21:a7:79:53:a8:
         e8:6a:d1:c2:33:e8:65:76:73:ec:3e:f7:57:9c:3f:0f:ff:22:
         74:44:f0:49:5b:7f:22:31:e3:2c:a1:f1:8e:16:d8:6c:45:e3:
         15:09:20:5a:42:e3:21:5d:66:cb:86:7c:56:81:b1:5b:ac:3d:
         2a:a8:61:f6:0d:e8:86:d7:a0:06:e2:aa:9e:b2:e3:c1:cb:ca:
         38:2a:6c:c2:60:ea:af:0d:cd:e2:ea:cb:8f:b0:02:e0:f4:d4:
         7b:4f:99:76:f0:3f:80:7c:58:21:ce:37:1c:c2:4e:f9:4d:cd:
         06:60:c0:89:a0:6e:81:53:74:99:80:5c:3c:31:a8:c4:0b:95:
         91:47:5f:80:07:c1:e3:5b:30:e4:e9:eb:bf:ca:19:ac:3e:0c:
         c2:af:11:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe+/qT9bAKAyPOjzcI7p9WEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NTg4YzcyYjI1MTBmMTc3YjgzNWYyMDFlMzM2NWVjZjll
NDVhMWQwHhcNMjUwNjMwMDQwMDQ4WhcNMjUwNzAxMDQwMDQ4WjAzMTEwLwYDVQQD
EyhlOGJlNTQzYmYwYmRhODhmYjcwNmVmZDUzZDI2YzAzZDk0YTFhZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzg0TSMEaXb73cy0McoMyA2xDtVmq
MFltvLrkvkAuPk4qGk15yeDwdpNFhIQm8ZK556jXYXT3HvAGZVJ19BfFVGwQXb0w
MsItM7dLIjUM+0a1rXu73ItFL2EiADfqwUonzQDRKIbQ7fVDRYshQQvY/wy/2DWC
rVVa+J/J9KvlAoQkiYuabU4Hu2WVVtwPmq6O5As94EjPWfafLVNrzDXvvOcb4eec
jUQJPNs8ieIJAIM1UuCJDpqrX9QPtfueZ8HKr0Qv80u0JbTUbP2vTXyaY61euJEj
tkbUbKY2426Cuu6qWi7bEuhqOOlEtD1dAxDO1xSFN+h6+jCyIJCzGQ0kywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOi+VDvwvaiPtwbv1T0mwD2Uoa8hMB8GA1UdIwQY
MBaAFMhYjHKyUQ8Xe4NfIB4zZez55FodMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi85M2IzOGUtNjQwMC00ZTZkLWEwZWIt
MDQ5Y2MxZmNlMzdlLzEveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi85M2IzOGUtNjQwMC00ZTZkLWEwZWItMDQ5Y2MxZmNlMzdl
LzEveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgvdjo9hv
LJ834zvqDaL0a9iuKAztkLqZx0cORGX7j3TZ5oB2ZYLFSuLQo1yf2HbSpn6dl0P/
pryd8ouqH6un8euRsnifVVndqYyv0pQNY1utW3Co+acPweJO+5iuYwdVEbUR8yeo
OCGneVOo6GrRwjPoZXZz7D73V5w/D/8idETwSVt/IjHjLKHxjhbYbEXjFQkgWkLj
IV1my4Z8VoGxW6w9Kqhh9g3ohtegBuKqnrLjwcvKOCpswmDqrw3N4urLj7AC4PTU
e0+ZdvA/gHxYIc43HMJO+U3NBmDAiaBugVN0mYBcPDGoxAuVkUdfgAfB41sw5Onr
v8oZrD4Mwq8R7w==
-----END CERTIFICATE-----