Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft
File:                     yM7BO9bzBCDedNLDFWTa3aCOAU0.mft (raw, json)
Hash identifier:          VkTgdGk5y9FZyds4k2BpjDwtgNJlPb2DjGUqlR4XN5o=
Subject key identifier:   10:C0:97:19:90:51:63:B3:63:44:32:51:F3:BC:1E:12:53:1F:0D:50
Authority key identifier: C8:CE:C1:3B:D6:F3:04:20:DE:74:D2:C3:15:64:DA:DD:A0:8E:01:4D
Certificate issuer:       /CN=c8cec13bd6f30420de74d2c31564dadda08e014d
Certificate serial:       0198D4A837D685EE185876B882231B54ACE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft
Manifest number:          73
Signing time:             Sat 23 Aug 2025 02:00:50 +0000
Manifest this update:     Sat 23 Aug 2025 02:00:50 +0000
Manifest next update:     Sun 24 Aug 2025 02:00:50 +0000
Files and hashes:         1: yM7BO9bzBCDedNLDFWTa3aCOAU0.crl (hash: x0TcOK3z4mtB67euDyLfDJDSURStDW9GtQO5gBRHfBg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:a8:37:d6:85:ee:18:58:76:b8:82:23:1b:54:ac:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8cec13bd6f30420de74d2c31564dadda08e014d
        Validity
            Not Before: Aug 23 02:00:50 2025 GMT
            Not After : Aug 24 02:00:50 2025 GMT
        Subject: CN=10c09719905163b363443251f3bc1e12531f0d50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:2e:7f:a4:c9:cd:f4:e3:c1:b9:f1:e8:88:d3:
                    b2:40:f6:54:2a:37:38:e7:38:23:d9:4c:0e:60:d2:
                    de:d2:a7:21:7c:6c:ef:d6:47:26:8e:d4:07:13:d4:
                    8f:0d:3f:93:ed:f2:44:ad:cf:2e:44:d7:3d:75:0b:
                    95:7d:17:1b:d0:4b:92:cf:80:0f:a7:cc:5c:d0:9e:
                    d0:82:bc:bf:4d:4a:02:8e:03:55:19:2d:5e:20:15:
                    76:13:bd:63:d1:e8:2e:a9:5a:c0:83:4a:81:8f:65:
                    c7:09:bf:88:a0:1e:f2:44:48:d7:a0:a9:fb:15:f3:
                    07:d1:c5:c9:4b:51:ae:a9:5b:94:68:d3:90:8c:88:
                    25:fa:f5:c1:d2:9d:49:eb:0e:72:8e:a9:3f:e6:05:
                    35:52:0d:75:26:99:69:8d:06:b9:4e:c4:06:df:45:
                    a4:44:d3:88:45:55:41:65:84:b6:5d:e0:13:8d:fb:
                    42:ec:55:1c:51:f9:5b:29:ab:f2:c2:b2:46:ef:90:
                    72:b1:62:b9:1a:74:57:0e:6c:4f:03:ca:90:c2:9d:
                    dd:17:e6:b0:18:ff:c9:e3:c6:dd:e9:55:9c:7a:82:
                    f0:d5:37:aa:f1:02:79:e0:32:4d:ed:dc:2d:2d:96:
                    82:3c:c6:62:cf:2d:b2:92:e0:36:fd:60:ca:9d:46:
                    c7:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:C0:97:19:90:51:63:B3:63:44:32:51:F3:BC:1E:12:53:1F:0D:50
            X509v3 Authority Key Identifier:
                keyid:C8:CE:C1:3B:D6:F3:04:20:DE:74:D2:C3:15:64:DA:DD:A0:8E:01:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:d6:48:40:a9:e1:d8:3a:a5:72:1a:64:dd:53:50:41:dd:66:
         2a:8e:6a:3a:9e:1f:52:e5:37:1c:92:b9:7c:cb:bf:35:2b:d1:
         95:c5:02:85:7f:40:d7:fd:ab:36:26:09:32:49:db:c5:b0:ab:
         97:26:ce:ad:bb:fe:cf:e3:19:a6:58:d7:19:7a:64:55:37:88:
         45:d8:99:c9:41:bc:a7:5b:80:39:15:7c:59:e6:ad:50:3b:a1:
         24:26:ac:d8:6f:62:4c:43:a6:ce:ef:36:16:95:9d:f0:cf:5d:
         1d:10:fa:76:44:62:e0:9e:b1:dd:12:e1:f7:f4:8a:a0:b0:84:
         c0:7c:06:08:8c:06:7c:c2:e8:7e:e5:f0:27:ae:ba:67:f0:15:
         d9:8c:a7:38:54:89:0d:aa:73:59:e4:b7:51:88:5f:0e:36:99:
         1a:2c:3d:42:35:35:20:ad:3a:fa:d0:b1:e3:d1:5c:6c:44:b5:
         f3:09:fe:62:0e:65:3f:95:f4:c3:49:60:61:e2:ff:fc:3c:a3:
         19:f5:ec:53:83:3a:bd:ad:e9:3f:d9:43:78:33:f4:cc:8e:48:
         6f:46:d7:9a:04:ba:57:06:d6:65:85:c2:62:45:f8:7b:6a:36:
         ec:fe:07:d2:4e:2d:51:c0:e9:02:b9:66:f8:de:48:45:55:24:
         d7:80:3d:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUqDfWhe4YWHa4giMbVKzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4Y2VjMTNiZDZmMzA0MjBkZTc0ZDJjMzE1NjRkYWRkYTA4
ZTAxNGQwHhcNMjUwODIzMDIwMDUwWhcNMjUwODI0MDIwMDUwWjAzMTEwLwYDVQQD
EygxMGMwOTcxOTkwNTE2M2IzNjM0NDMyNTFmM2JjMWUxMjUzMWYwZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzC5/pMnN9OPBufHoiNOyQPZUKjc4
5zgj2UwOYNLe0qchfGzv1kcmjtQHE9SPDT+T7fJErc8uRNc9dQuVfRcb0EuSz4AP
p8xc0J7Qgry/TUoCjgNVGS1eIBV2E71j0eguqVrAg0qBj2XHCb+IoB7yREjXoKn7
FfMH0cXJS1GuqVuUaNOQjIgl+vXB0p1J6w5yjqk/5gU1Ug11JplpjQa5TsQG30Wk
RNOIRVVBZYS2XeATjftC7FUcUflbKavywrJG75BysWK5GnRXDmxPA8qQwp3dF+aw
GP/J48bd6VWceoLw1Teq8QJ54DJN7dwtLZaCPMZizy2ykuA2/WDKnUbHMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBDAlxmQUWOzY0QyUfO8HhJTHw1QMB8GA1UdIwQY
MBaAFMjOwTvW8wQg3nTSwxVk2t2gjgFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84NWRmMTQtYTgxNS00NjkxLWE5MjMt
NDZlNjVjOTVmODNhLzEveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84NWRmMTQtYTgxNS00NjkxLWE5MjMtNDZlNjVjOTVmODNh
LzEveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANNZIQKnh
2Dqlchpk3VNQQd1mKo5qOp4fUuU3HJK5fMu/NSvRlcUChX9A1/2rNiYJMknbxbCr
lybOrbv+z+MZpljXGXpkVTeIRdiZyUG8p1uAORV8WeatUDuhJCas2G9iTEOmzu82
FpWd8M9dHRD6dkRi4J6x3RLh9/SKoLCEwHwGCIwGfMLofuXwJ666Z/AV2YynOFSJ
DapzWeS3UYhfDjaZGiw9QjU1IK06+tCx49FcbES18wn+Yg5lP5X0w0lgYeL//Dyj
GfXsU4M6va3pP9lDeDP0zI5Ib0bXmgS6VwbWZYXCYkX4e2o27P4H0k4tUcDpArlm
+N5IRVUk14A9DQ==
-----END CERTIFICATE-----