Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft
File:                     yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft (raw, json)
Hash identifier:          mf7URYd9OsfBu3O7TuqwUdw9r2oWs2mQTD4KtMtAk+U=
Subject key identifier:   BF:A3:EE:61:6D:C8:45:66:C6:BF:B6:14:C4:01:8C:F1:43:90:5D:7C
Authority key identifier: C8:DA:89:FB:15:2D:43:C6:3E:3D:A2:FD:6A:0B:0D:FB:22:A0:65:81
Certificate issuer:       /CN=c8da89fb152d43c63e3da2fd6a0b0dfb22a06581
Certificate serial:       0197B96AAF1F82CEFC40A429D61C95AF1D7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft
Manifest number:          0D84
Signing time:             Sun 29 Jun 2025 02:01:05 +0000
Manifest this update:     Sun 29 Jun 2025 02:01:05 +0000
Manifest next update:     Mon 30 Jun 2025 02:01:05 +0000
Files and hashes:         1: yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.crl (hash: IHYOsVP05xZslR551JDiZFhBf6kDeeP7pb57YXipXww=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 00:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:6a:af:1f:82:ce:fc:40:a4:29:d6:1c:95:af:1d:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8da89fb152d43c63e3da2fd6a0b0dfb22a06581
        Validity
            Not Before: Jun 29 02:01:05 2025 GMT
            Not After : Jun 30 02:01:05 2025 GMT
        Subject: CN=bfa3ee616dc84566c6bfb614c4018cf143905d7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:8a:4c:74:8c:74:4a:9f:7e:49:fe:27:35:d6:
                    1a:12:86:a5:8d:54:e9:67:a6:0e:0d:c8:91:f4:e3:
                    7e:af:38:73:08:54:d0:06:9d:bc:29:c4:90:b6:e6:
                    32:a6:86:43:0f:d8:b5:30:a3:7d:8c:a8:b7:bc:78:
                    64:9b:f5:6c:39:db:4d:1b:4d:87:ec:41:cf:2b:77:
                    2d:38:ca:87:25:c4:a6:b2:c0:df:bb:85:ac:16:be:
                    b0:78:bc:64:08:51:86:ae:16:78:ea:0c:57:e6:b4:
                    bd:08:cf:9b:de:b7:0d:79:bc:5f:8f:fa:88:fd:b7:
                    08:24:db:27:d1:49:8c:21:ad:f4:c5:dd:8e:e1:fd:
                    93:8e:88:7b:49:40:70:9e:d2:8e:ae:1a:9a:53:78:
                    11:26:98:0a:20:d1:59:0a:49:44:63:fc:8f:29:3e:
                    60:af:b8:a6:ad:71:8b:a4:10:36:6d:f2:b5:45:ca:
                    6d:e9:69:37:c4:92:6f:dc:d7:42:a7:6a:9d:80:49:
                    58:4f:c3:ff:fc:42:4c:1a:94:43:f3:ed:74:40:c0:
                    f8:49:8e:60:fb:c8:87:61:d3:06:ad:ab:56:7f:08:
                    c7:b0:30:5e:0b:00:1e:02:b9:e3:e8:46:c8:a8:3c:
                    a5:82:cf:85:82:2c:7f:fc:af:30:34:15:59:10:bf:
                    b1:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:A3:EE:61:6D:C8:45:66:C6:BF:B6:14:C4:01:8C:F1:43:90:5D:7C
            X509v3 Authority Key Identifier:
                keyid:C8:DA:89:FB:15:2D:43:C6:3E:3D:A2:FD:6A:0B:0D:FB:22:A0:65:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:55:17:54:8d:c9:79:02:1a:1c:ba:ee:37:d6:b7:5b:39:2d:
         24:78:96:7f:0a:e5:bc:03:29:56:e8:a2:07:23:b0:1f:f3:5d:
         fe:52:9d:a4:91:23:01:87:22:ec:4e:ab:a0:ef:b4:8c:40:27:
         03:a6:b7:42:60:fa:e2:7b:2b:4e:e6:6c:04:2b:47:d1:1a:21:
         a9:55:52:04:b0:e7:d4:eb:b1:d8:d2:b3:a9:37:87:49:a7:08:
         f9:fa:d9:28:24:d6:10:b8:52:ec:71:6d:2f:f0:64:0a:ca:1a:
         37:69:b9:5c:f6:61:e5:a5:27:b5:ab:c1:c8:df:7d:9a:56:3e:
         1e:9a:9e:d6:f6:db:e9:4d:a7:97:c3:7d:f5:d1:f0:0b:79:87:
         44:53:ff:bb:90:f9:e5:79:b5:86:b5:f1:71:96:68:77:8f:7e:
         e9:fe:10:7b:ea:51:2a:ac:14:be:b7:1a:57:07:58:21:fb:c9:
         c1:01:b5:e2:e9:62:8c:2b:3e:60:04:0b:77:39:47:24:43:d2:
         c4:5b:b8:2f:cd:3c:9c:17:27:36:4e:6a:bb:f3:33:78:9e:84:
         66:e5:37:44:4e:b8:23:7e:24:ec:da:0f:63:fa:f6:8a:e0:a0:
         61:30:29:f8:d5:e1:4c:3f:2c:5e:21:13:dc:d9:45:3f:8e:cb:
         27:71:43:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe5aq8fgs78QKQp1hyVrx1+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZGE4OWZiMTUyZDQzYzYzZTNkYTJmZDZhMGIwZGZiMjJh
MDY1ODEwHhcNMjUwNjI5MDIwMTA1WhcNMjUwNjMwMDIwMTA1WjAzMTEwLwYDVQQD
EyhiZmEzZWU2MTZkYzg0NTY2YzZiZmI2MTRjNDAxOGNmMTQzOTA1ZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIpMdIx0Sp9+Sf4nNdYaEoaljVTp
Z6YODciR9ON+rzhzCFTQBp28KcSQtuYypoZDD9i1MKN9jKi3vHhkm/VsOdtNG02H
7EHPK3ctOMqHJcSmssDfu4WsFr6weLxkCFGGrhZ46gxX5rS9CM+b3rcNebxfj/qI
/bcIJNsn0UmMIa30xd2O4f2Tjoh7SUBwntKOrhqaU3gRJpgKINFZCklEY/yPKT5g
r7imrXGLpBA2bfK1Rcpt6Wk3xJJv3NdCp2qdgElYT8P//EJMGpRD8+10QMD4SY5g
+8iHYdMGratWfwjHsDBeCwAeArnj6EbIqDylgs+Fgix//K8wNBVZEL+x+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+j7mFtyEVmxr+2FMQBjPFDkF18MB8GA1UdIwQY
MBaAFMjaifsVLUPGPj2i/WoLDfsioGWBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5xSi14VXRROFktUGFMOWFnc04teUtnWllFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iNTUwMDUtMDA1ZC00YTY0LWJlMWEt
ZGQyYjA2MWJkNGYyLzEveU5xSi14VXRROFktUGFMOWFnc04teUtnWllFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iNTUwMDUtMDA1ZC00YTY0LWJlMWEtZGQyYjA2MWJkNGYy
LzEveU5xSi14VXRROFktUGFMOWFnc04teUtnWllFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh1UXVI3J
eQIaHLruN9a3WzktJHiWfwrlvAMpVuiiByOwH/Nd/lKdpJEjAYci7E6roO+0jEAn
A6a3QmD64nsrTuZsBCtH0RohqVVSBLDn1Oux2NKzqTeHSacI+frZKCTWELhS7HFt
L/BkCsoaN2m5XPZh5aUntavByN99mlY+Hpqe1vbb6U2nl8N99dHwC3mHRFP/u5D5
5Xm1hrXxcZZod49+6f4Qe+pRKqwUvrcaVwdYIfvJwQG14ulijCs+YAQLdzlHJEPS
xFu4L808nBcnNk5qu/MzeJ6EZuU3RE64I34k7NoPY/r2iuCgYTAp+NXhTD8sXiET
3NlFP47LJ3FDnA==
-----END CERTIFICATE-----