Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft
File:                     YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft (raw, json)
Hash identifier:          je0u3/EX+Z6WwP2kVvqrrf23JHHA1kx3OLAAu/3CjY4=
Subject key identifier:   F5:02:F7:CA:2E:B7:93:5F:BC:25:CD:5F:B1:20:BE:B1:28:FC:93:6D
Authority key identifier: 60:F3:1D:82:0C:32:40:0D:EC:0C:60:49:61:78:99:4D:57:75:2A:CC
Certificate issuer:       /CN=60f31d820c32400dec0c60496178994d57752acc
Certificate serial:       0198D84F6172C00CA11E5E64AFD0A7D67940
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 19:02:17 +0000
Manifest this update:     Sat 23 Aug 2025 19:02:17 +0000
Manifest next update:     Sun 24 Aug 2025 19:02:17 +0000
Files and hashes:         1: YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl (hash: 5tUfVH0sw3uris+dn2uvLWzUGMRqV0DrRlmKP0ia16k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d8:4f:61:72:c0:0c:a1:1e:5e:64:af:d0:a7:d6:79:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60f31d820c32400dec0c60496178994d57752acc
        Validity
            Not Before: Aug 23 19:02:17 2025 GMT
            Not After : Aug 24 19:02:17 2025 GMT
        Subject: CN=f502f7ca2eb7935fbc25cd5fb120beb128fc936d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:02:6c:78:63:f5:09:97:47:cd:04:99:e0:d5:
                    dd:59:bc:2b:cb:85:01:e5:61:fe:8b:9c:2f:0b:08:
                    0b:4c:4a:3a:8a:40:5e:a2:dd:e7:ef:96:f2:e4:e2:
                    98:c1:9c:43:93:64:f9:70:ad:c0:dc:9b:48:82:36:
                    94:b3:3f:d2:88:2e:9a:43:21:51:96:c8:62:8a:aa:
                    bf:9b:97:6c:85:38:5a:86:78:b1:a9:e7:5c:2e:33:
                    1d:bb:8b:53:ce:08:e6:29:8e:dd:da:0f:15:7b:2d:
                    35:dc:72:19:71:76:9f:e7:13:28:f6:7f:67:21:1e:
                    3b:6f:f2:f9:7b:10:a8:1d:b8:db:1c:d0:9b:64:ec:
                    ca:02:7d:38:a1:71:77:0d:03:4c:eb:93:d8:2b:e8:
                    0e:89:ba:08:18:5d:d2:a7:83:df:a1:68:51:d4:8b:
                    fc:85:9b:34:00:5a:d4:95:d0:16:9a:6a:6b:07:ea:
                    be:b6:f3:75:47:9c:e8:32:2d:d2:d5:03:cf:8a:98:
                    24:b4:e4:d9:41:79:e3:f8:59:b8:c7:eb:27:22:16:
                    53:d9:77:e7:80:f9:67:68:92:cd:76:a3:0e:a2:02:
                    57:fc:04:4c:c4:d5:cc:4b:9a:c1:9a:c8:ff:96:6f:
                    6e:fb:04:4c:1c:ea:cd:9e:9f:e2:c3:75:b2:5c:f7:
                    73:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:02:F7:CA:2E:B7:93:5F:BC:25:CD:5F:B1:20:BE:B1:28:FC:93:6D
            X509v3 Authority Key Identifier:
                keyid:60:F3:1D:82:0C:32:40:0D:EC:0C:60:49:61:78:99:4D:57:75:2A:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:52:b2:42:34:89:10:10:f6:96:07:ad:9f:66:93:47:ff:83:
         48:6c:b7:ed:62:07:df:0d:ff:40:4d:dc:3f:2c:6f:7a:f0:d6:
         c0:7f:65:6f:8e:81:34:40:ee:c0:0f:98:50:bb:c8:64:9a:41:
         a1:da:df:63:60:8f:64:0f:64:0a:39:0c:84:af:83:bd:0a:64:
         b0:87:12:c9:a1:d8:e3:10:98:f3:85:b0:e2:d0:15:86:d1:fa:
         35:d2:b2:2d:3b:b1:69:2f:5a:0d:6c:03:cb:01:b8:54:c3:9a:
         e2:84:11:d7:bf:56:15:97:33:d6:74:5e:ad:a3:f0:cf:d9:73:
         98:f1:11:04:a2:26:82:5c:dc:f0:ce:ef:11:19:01:8f:10:60:
         7e:ea:a3:2e:50:82:19:7e:d4:39:29:7a:49:fc:51:1e:f2:b9:
         16:d4:aa:a7:e6:5c:d9:24:41:a1:64:5d:50:6b:be:98:6b:55:
         2e:a1:66:c6:e1:17:ef:d5:7b:7d:ce:b1:e6:7a:a6:d5:c3:76:
         79:01:4e:8e:af:57:0d:d2:7a:3c:4d:8f:48:3d:8c:12:fe:0e:
         17:ff:a9:4a:a2:d7:b5:0b:4e:2e:41:4e:2b:57:5f:c9:d7:97:
         cc:a9:aa:56:8e:9c:02:e2:bf:02:4e:fe:1b:51:c4:2a:c3:b0:
         d0:37:a9:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYT2FywAyhHl5kr9Cn1nlAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZjMxZDgyMGMzMjQwMGRlYzBjNjA0OTYxNzg5OTRkNTc3
NTJhY2MwHhcNMjUwODIzMTkwMjE3WhcNMjUwODI0MTkwMjE3WjAzMTEwLwYDVQQD
EyhmNTAyZjdjYTJlYjc5MzVmYmMyNWNkNWZiMTIwYmViMTI4ZmM5MzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQJseGP1CZdHzQSZ4NXdWbwry4UB
5WH+i5wvCwgLTEo6ikBeot3n75by5OKYwZxDk2T5cK3A3JtIgjaUsz/SiC6aQyFR
lshiiqq/m5dshThahnixqedcLjMdu4tTzgjmKY7d2g8Vey013HIZcXaf5xMo9n9n
IR47b/L5exCoHbjbHNCbZOzKAn04oXF3DQNM65PYK+gOiboIGF3Sp4PfoWhR1Iv8
hZs0AFrUldAWmmprB+q+tvN1R5zoMi3S1QPPipgktOTZQXnj+Fm4x+snIhZT2Xfn
gPlnaJLNdqMOogJX/ARMxNXMS5rBmsj/lm9u+wRMHOrNnp/iw3WyXPdzCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPUC98out5NfvCXNX7EgvrEo/JNtMB8GA1UdIwQY
MBaAFGDzHYIMMkAN7AxgSWF4mU1XdSrMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9hMjg1NTMtODk5Yy00MDY4LTk2NzMt
ZGVkMjExM2I5MDYwLzEvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9hMjg1NTMtODk5Yy00MDY4LTk2NzMtZGVkMjExM2I5MDYw
LzEvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOlKyQjSJ
EBD2lgetn2aTR/+DSGy37WIH3w3/QE3cPyxvevDWwH9lb46BNEDuwA+YULvIZJpB
odrfY2CPZA9kCjkMhK+DvQpksIcSyaHY4xCY84Ww4tAVhtH6NdKyLTuxaS9aDWwD
ywG4VMOa4oQR179WFZcz1nReraPwz9lzmPERBKImglzc8M7vERkBjxBgfuqjLlCC
GX7UOSl6SfxRHvK5FtSqp+Zc2SRBoWRdUGu+mGtVLqFmxuEX79V7fc6x5nqm1cN2
eQFOjq9XDdJ6PE2PSD2MEv4OF/+pSqLXtQtOLkFOK1dfydeXzKmqVo6cAuK/Ak7+
G1HEKsOw0Deppg==
-----END CERTIFICATE-----