Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
File:                     yO91rieylt0KS84TZH2LWJv06cM.mft (raw, json)
Hash identifier:          irg4sr/t6MAohAafFWdaZ7uTXORwizzm8GGg+Oc/y4o=
Subject key identifier:   C9:77:CC:4E:6B:61:2A:8F:B2:0D:47:FD:1D:CB:FC:88:D2:29:52:E9
Authority key identifier: C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3
Certificate issuer:       /CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
Certificate serial:       0198D850FC7F78A40FA754AABB4E17DC9A3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
Manifest number:          11B8
Signing time:             Sat 23 Aug 2025 19:04:02 +0000
Manifest this update:     Sat 23 Aug 2025 19:04:02 +0000
Manifest next update:     Sun 24 Aug 2025 19:04:02 +0000
Files and hashes:         1: yO91rieylt0KS84TZH2LWJv06cM.crl (hash: NnUpe433cF3rKzrYNoFk3eJdnlqETP97fNZyPK45Mjg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d8:50:fc:7f:78:a4:0f:a7:54:aa:bb:4e:17:dc:9a:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
        Validity
            Not Before: Aug 23 19:04:02 2025 GMT
            Not After : Aug 24 19:04:02 2025 GMT
        Subject: CN=c977cc4e6b612a8fb20d47fd1dcbfc88d22952e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:29:f7:70:95:52:71:2d:0e:c1:be:50:d6:66:
                    ee:b0:ae:1c:23:f2:04:0e:9b:96:28:59:a5:9b:70:
                    5c:c6:8e:76:21:e7:63:c2:4f:0c:c2:e5:fd:bc:e5:
                    63:74:f7:6f:87:93:08:fe:ec:fb:4a:04:22:61:87:
                    83:c6:c5:64:7d:ae:20:da:a3:cd:3e:88:76:49:5e:
                    ea:0d:7e:46:f4:ce:3e:dd:fb:3b:0d:fd:53:f3:14:
                    7d:39:26:bd:29:14:53:67:dd:eb:27:e0:2c:dd:17:
                    82:67:ce:1d:41:ed:61:33:94:76:3e:46:0f:fe:f8:
                    cf:f5:bc:d3:e6:64:f9:86:92:4c:ac:63:79:51:b2:
                    a5:4f:70:00:76:24:b7:51:9c:b4:0e:c7:da:23:82:
                    78:a1:5c:9e:ad:18:37:58:eb:c4:64:07:01:2e:93:
                    27:7f:65:2b:bf:3c:20:14:73:d3:8e:ca:0d:0a:03:
                    bd:7a:2f:bd:ab:53:df:6c:56:1d:75:bd:95:d5:53:
                    51:93:e7:da:ef:56:b5:d9:3b:e4:58:0b:79:24:02:
                    00:09:98:0f:55:7b:2a:69:cc:7f:0e:69:f3:19:0d:
                    c9:62:6f:ab:1f:4b:2c:a3:97:07:d4:b7:03:20:27:
                    48:30:5c:d1:71:5c:c2:24:30:a5:f0:9e:a8:4f:b1:
                    6f:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:77:CC:4E:6B:61:2A:8F:B2:0D:47:FD:1D:CB:FC:88:D2:29:52:E9
            X509v3 Authority Key Identifier:
                keyid:C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:86:04:2c:cc:5a:94:5a:3a:fc:cb:3c:8d:f2:8c:9c:0a:8f:
         c9:63:c4:b8:c6:b8:59:08:77:75:3f:e0:9a:2a:e7:47:c8:65:
         f8:9a:f4:b6:97:3e:61:8b:c3:8f:6c:0f:bb:3a:b4:93:58:60:
         33:af:2b:50:39:d5:03:79:d2:0a:32:a9:43:98:99:0b:36:db:
         53:99:24:78:58:30:72:02:ed:a1:70:c5:25:bb:5f:38:a4:74:
         66:46:9b:8e:ad:7e:03:38:51:d7:fc:31:58:9b:4c:8a:21:1e:
         62:a6:29:41:51:fa:dd:43:43:94:98:2d:a0:7a:5d:92:59:fb:
         e7:46:ce:ad:94:86:6b:db:6e:1e:52:4b:0b:3e:ca:8a:c0:61:
         f1:4f:e1:79:b3:fb:1f:1c:3f:c5:aa:a6:44:a8:33:83:bf:6a:
         6b:4b:f9:e0:d0:40:a1:85:3d:c5:26:cc:2c:ce:bc:a7:6f:6c:
         6a:9f:9f:b3:13:44:e2:b1:dd:27:a6:00:d1:d9:12:99:2f:2d:
         bb:c9:43:f0:3a:bf:6a:77:b6:37:fc:f9:28:b1:27:cb:a1:ee:
         25:31:9e:bf:b8:72:88:20:f0:97:33:0c:02:7a:f8:d7:7f:6e:
         11:72:14:fa:6e:ee:b6:5b:60:52:bf:e3:1c:78:4e:1b:f5:2f:
         0a:bb:9d:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYUPx/eKQPp1Squ04X3Jo/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWY3NWFlMjdiMjk2ZGQwYTRiY2UxMzY0N2Q4YjU4OWJm
NGU5YzMwHhcNMjUwODIzMTkwNDAyWhcNMjUwODI0MTkwNDAyWjAzMTEwLwYDVQQD
EyhjOTc3Y2M0ZTZiNjEyYThmYjIwZDQ3ZmQxZGNiZmM4OGQyMjk1MmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtin3cJVScS0Owb5Q1mbusK4cI/IE
DpuWKFmlm3Bcxo52Iedjwk8MwuX9vOVjdPdvh5MI/uz7SgQiYYeDxsVkfa4g2qPN
Poh2SV7qDX5G9M4+3fs7Df1T8xR9OSa9KRRTZ93rJ+As3ReCZ84dQe1hM5R2PkYP
/vjP9bzT5mT5hpJMrGN5UbKlT3AAdiS3UZy0DsfaI4J4oVyerRg3WOvEZAcBLpMn
f2UrvzwgFHPTjsoNCgO9ei+9q1PfbFYddb2V1VNRk+fa71a12TvkWAt5JAIACZgP
VXsqacx/DmnzGQ3JYm+rH0sso5cH1LcDICdIMFzRcVzCJDCl8J6oT7FvvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMl3zE5rYSqPsg1H/R3L/IjSKVLpMB8GA1UdIwQY
MBaAFMjvda4nspbdCkvOE2R9i1ib9OnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYt
NzczNTFkMDg1MGM5LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYtNzczNTFkMDg1MGM5
LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp4YELMxa
lFo6/Ms8jfKMnAqPyWPEuMa4WQh3dT/gmirnR8hl+Jr0tpc+YYvDj2wPuzq0k1hg
M68rUDnVA3nSCjKpQ5iZCzbbU5kkeFgwcgLtoXDFJbtfOKR0Zkabjq1+AzhR1/wx
WJtMiiEeYqYpQVH63UNDlJgtoHpdkln750bOrZSGa9tuHlJLCz7KisBh8U/hebP7
Hxw/xaqmRKgzg79qa0v54NBAoYU9xSbMLM68p29sap+fsxNE4rHdJ6YA0dkSmS8t
u8lD8Dq/ane2N/z5KLEny6HuJTGev7hyiCDwlzMMAnr4139uEXIU+m7utltgUr/j
HHhOG/UvCrudYA==
-----END CERTIFICATE-----