Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
File:                     yO91rieylt0KS84TZH2LWJv06cM.mft (raw, json)
Hash identifier:          Ly7M8K0T9K9kRDpmPbDHxc73McymF5kw2sPwTbkgEpg=
Subject key identifier:   57:5A:AA:89:EC:7E:2E:DB:4A:AF:43:3E:30:A0:75:6D:3C:B8:76:BD
Authority key identifier: C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3
Certificate issuer:       /CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
Certificate serial:       0197B88FCE186CFED3999D9A35508A3C0357
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
Manifest number:          1123
Signing time:             Sat 28 Jun 2025 22:02:01 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:01 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:01 +0000
Files and hashes:         1: yO91rieylt0KS84TZH2LWJv06cM.crl (hash: G48g1RkWevbU7fZ+DB64tiKwbwaP5JylkPwUSYDExrw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:ce:18:6c:fe:d3:99:9d:9a:35:50:8a:3c:03:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
        Validity
            Not Before: Jun 28 22:02:01 2025 GMT
            Not After : Jun 29 22:02:01 2025 GMT
        Subject: CN=575aaa89ec7e2edb4aaf433e30a0756d3cb876bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:ab:d1:29:6c:03:ab:66:0f:d1:bc:9a:d2:d4:
                    14:ca:cc:fa:f2:ae:bf:8a:ff:76:dc:57:87:cb:ba:
                    b6:62:5f:14:c6:19:2b:41:64:7c:5d:28:fc:24:3f:
                    0d:3d:92:29:07:37:8a:05:c5:7c:b6:ea:77:08:26:
                    4c:93:2c:5b:34:ab:4c:a4:e8:6b:3f:8d:3d:b7:94:
                    2b:6f:93:ab:8f:31:82:1d:7b:f6:34:59:de:75:93:
                    03:ce:53:8b:a4:c1:6e:8a:5a:33:ce:a5:80:c8:f7:
                    e2:56:ce:26:44:5a:59:47:87:e5:bd:0f:c2:2d:57:
                    cf:e8:59:2d:35:2d:41:eb:87:8d:3f:7d:66:2a:7b:
                    f8:aa:8e:a6:26:9b:49:7c:b9:75:a4:85:87:4e:7f:
                    ce:13:be:4e:03:52:07:27:6b:f7:e9:e3:9e:07:96:
                    54:19:e0:7a:f2:74:31:44:fe:bd:76:56:d7:31:93:
                    18:78:c7:94:9d:b7:2f:82:00:83:4a:7c:2d:32:49:
                    64:72:07:52:16:b6:37:46:3d:79:b4:8a:b9:1e:71:
                    53:f6:1a:af:13:c5:ae:8b:20:06:7c:18:61:6e:72:
                    ed:21:cd:2f:80:2b:21:ea:dc:0d:4d:a0:1e:0f:24:
                    18:6d:74:1c:ab:57:d7:6f:87:a6:bb:ea:84:ba:7d:
                    a6:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:5A:AA:89:EC:7E:2E:DB:4A:AF:43:3E:30:A0:75:6D:3C:B8:76:BD
            X509v3 Authority Key Identifier:
                keyid:C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:cc:c1:2d:3b:a8:6c:4b:e2:12:1e:57:aa:b5:c0:14:50:e9:
         87:d9:ae:dc:f3:eb:ae:13:2d:29:27:5e:a7:00:fe:9e:cc:e2:
         3a:f4:b4:f8:65:84:29:18:e9:03:6c:69:b2:98:cb:59:d1:3f:
         0f:49:41:48:c8:c7:59:38:0e:aa:d4:ee:88:14:4e:04:46:89:
         e5:ee:3f:d8:b0:6a:c0:3f:ff:bc:b3:9e:3c:17:ac:29:62:ea:
         c4:7e:92:ea:80:4e:9f:00:03:55:c9:08:64:2d:06:e3:ec:53:
         a8:48:01:c5:3a:10:08:fd:00:f8:ee:13:05:7c:82:57:72:62:
         e2:22:d9:e0:09:35:ca:20:66:e2:7c:87:2f:a2:16:76:48:c6:
         8c:17:89:27:91:78:53:7c:52:e9:ad:80:83:e2:5f:48:60:8d:
         bf:9d:32:6d:c4:d2:fb:e8:d7:26:ea:b3:a4:ce:a3:69:42:68:
         3e:2d:27:af:c1:9a:e6:a9:3a:2b:26:b3:cd:6a:ed:b6:81:9a:
         f7:2e:8a:b3:80:cd:6b:2c:17:6e:73:64:4e:b0:df:5f:f3:39:
         28:96:56:27:5c:88:a7:54:6f:f8:1d:62:d8:fa:bd:df:a1:89:
         27:0c:cc:3a:f8:d2:4b:10:55:99:e6:5a:a6:5c:b3:0d:f1:18:
         c9:21:65:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j84YbP7TmZ2aNVCKPANXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWY3NWFlMjdiMjk2ZGQwYTRiY2UxMzY0N2Q4YjU4OWJm
NGU5YzMwHhcNMjUwNjI4MjIwMjAxWhcNMjUwNjI5MjIwMjAxWjAzMTEwLwYDVQQD
Eyg1NzVhYWE4OWVjN2UyZWRiNGFhZjQzM2UzMGEwNzU2ZDNjYjg3NmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6avRKWwDq2YP0bya0tQUysz68q6/
iv923FeHy7q2Yl8UxhkrQWR8XSj8JD8NPZIpBzeKBcV8tup3CCZMkyxbNKtMpOhr
P409t5Qrb5OrjzGCHXv2NFnedZMDzlOLpMFuilozzqWAyPfiVs4mRFpZR4flvQ/C
LVfP6FktNS1B64eNP31mKnv4qo6mJptJfLl1pIWHTn/OE75OA1IHJ2v36eOeB5ZU
GeB68nQxRP69dlbXMZMYeMeUnbcvggCDSnwtMklkcgdSFrY3Rj15tIq5HnFT9hqv
E8WuiyAGfBhhbnLtIc0vgCsh6twNTaAeDyQYbXQcq1fXb4emu+qEun2mcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFdaqonsfi7bSq9DPjCgdW08uHa9MB8GA1UdIwQY
MBaAFMjvda4nspbdCkvOE2R9i1ib9OnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYt
NzczNTFkMDg1MGM5LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYtNzczNTFkMDg1MGM5
LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAszBLTuo
bEviEh5XqrXAFFDph9mu3PPrrhMtKSdepwD+nsziOvS0+GWEKRjpA2xpspjLWdE/
D0lBSMjHWTgOqtTuiBROBEaJ5e4/2LBqwD//vLOePBesKWLqxH6S6oBOnwADVckI
ZC0G4+xTqEgBxToQCP0A+O4TBXyCV3Ji4iLZ4Ak1yiBm4nyHL6IWdkjGjBeJJ5F4
U3xS6a2Ag+JfSGCNv50ybcTS++jXJuqzpM6jaUJoPi0nr8Ga5qk6KyazzWrttoGa
9y6Ks4DNaywXbnNkTrDfX/M5KJZWJ1yIp1Rv+B1i2Pq936GJJwzMOvjSSxBVmeZa
plyzDfEYySFlBA==
-----END CERTIFICATE-----