Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
File:                     yO91rieylt0KS84TZH2LWJv06cM.mft (raw, json)
Hash identifier:          Q741nM/3XgcddSTz7ToMMO8Nbk8WmOKolQTwGTD73n8=
Subject key identifier:   4B:63:67:A4:A8:5E:7D:51:BF:A1:5B:78:EB:C1:CE:7C:53:91:34:D4
Authority key identifier: C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3
Certificate issuer:       /CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
Certificate serial:       019A017E8AA3372C8B18BFA0F0B75AAE9ABB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
Manifest number:          1252
Signing time:             Mon 20 Oct 2025 12:01:01 +0000
Manifest this update:     Mon 20 Oct 2025 12:01:01 +0000
Manifest next update:     Tue 21 Oct 2025 12:01:01 +0000
Files and hashes:         1: yO91rieylt0KS84TZH2LWJv06cM.crl (hash: d+ltutAA50k1TF28SqlIFyS7Febn1EJya0yIuBv8ck8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 09:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:7e:8a:a3:37:2c:8b:18:bf:a0:f0:b7:5a:ae:9a:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
        Validity
            Not Before: Oct 20 12:01:01 2025 GMT
            Not After : Oct 21 12:01:01 2025 GMT
        Subject: CN=4b6367a4a85e7d51bfa15b78ebc1ce7c539134d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:c8:ac:9e:d1:f2:d7:d5:ab:40:ea:bb:b9:72:
                    f2:51:63:63:1e:6e:6b:23:c6:b0:ad:66:30:f0:ce:
                    04:cc:b6:6f:73:96:54:0d:3b:7e:a3:3a:68:80:b9:
                    96:5d:29:8b:e9:4e:cd:3d:0b:ad:27:7a:7c:03:1a:
                    1c:36:58:4d:20:54:ac:cd:70:f5:41:d2:f0:af:aa:
                    fc:be:88:81:30:07:80:2d:99:a8:57:7e:4d:ec:5a:
                    f3:c4:ae:b3:6b:cc:14:c7:15:10:b5:33:37:41:46:
                    d2:77:e0:91:14:5a:b2:05:f6:39:bf:cc:d3:92:f9:
                    f7:76:b4:4a:79:9d:90:c1:85:6d:f7:14:78:40:8e:
                    6f:27:08:0f:bc:d1:78:24:45:c7:7c:c5:7f:a8:14:
                    d1:a0:c6:61:ff:a6:92:29:1b:5e:be:a1:0d:56:db:
                    68:07:b1:de:1e:57:86:3a:e3:a6:f1:a9:bc:58:58:
                    13:c9:85:c3:f7:f9:c4:f9:73:8f:60:d8:51:a4:28:
                    2d:f9:cd:28:9a:38:bb:6d:21:35:95:43:58:36:6b:
                    0e:ba:8c:ec:a5:95:86:9c:d3:89:33:98:40:26:b7:
                    35:7c:96:57:52:3e:31:eb:56:25:50:f2:50:78:da:
                    14:f4:bd:27:c3:85:74:75:4e:89:60:22:bd:6a:29:
                    bd:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:63:67:A4:A8:5E:7D:51:BF:A1:5B:78:EB:C1:CE:7C:53:91:34:D4
            X509v3 Authority Key Identifier:
                keyid:C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:88:e8:60:d8:76:19:39:a7:7e:98:9c:94:ef:70:6e:23:96:
         4c:0a:f0:57:b1:e3:f6:17:f5:46:b0:d6:7d:7c:6c:14:38:32:
         b0:6f:9b:13:75:c0:28:7a:d7:36:b7:c5:c8:4e:70:e4:13:f2:
         12:b2:37:5f:78:e7:58:ee:de:60:25:7a:78:67:f5:66:2a:66:
         67:a0:18:04:ca:2d:d1:e0:8e:0f:50:6e:cc:7a:02:3c:e3:98:
         06:50:e3:8f:4a:ea:8a:05:f2:b0:01:82:8a:22:13:8c:6b:10:
         db:51:0a:71:16:03:71:d2:ec:e1:91:ab:93:16:0b:19:cb:c5:
         fc:d2:44:c1:ff:f1:ab:37:77:c3:74:cd:3d:e3:78:00:f7:c6:
         73:95:37:75:b6:af:db:fc:07:8d:33:6b:f4:4c:f9:c9:ed:13:
         fb:83:66:50:69:f4:af:5d:9c:fd:29:db:5e:f5:31:b6:fc:aa:
         42:5f:da:04:d2:b3:5b:bb:de:c0:ab:81:2d:cf:3d:b4:01:43:
         1d:d4:f1:00:b1:6d:3c:b5:9b:9a:5e:e8:78:2d:5d:3e:fc:f4:
         04:30:1e:7f:1e:d6:00:da:f3:c3:4c:62:2a:f6:3a:bf:68:f0:
         53:0f:ea:a4:37:40:69:51:a7:c3:ce:4c:c7:21:e4:06:7a:7f:
         40:3a:ac:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBfoqjNyyLGL+g8Ldarpq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWY3NWFlMjdiMjk2ZGQwYTRiY2UxMzY0N2Q4YjU4OWJm
NGU5YzMwHhcNMjUxMDIwMTIwMTAxWhcNMjUxMDIxMTIwMTAxWjAzMTEwLwYDVQQD
Eyg0YjYzNjdhNGE4NWU3ZDUxYmZhMTViNzhlYmMxY2U3YzUzOTEzNGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MisntHy19WrQOq7uXLyUWNjHm5r
I8awrWYw8M4EzLZvc5ZUDTt+ozpogLmWXSmL6U7NPQutJ3p8AxocNlhNIFSszXD1
QdLwr6r8voiBMAeALZmoV35N7FrzxK6za8wUxxUQtTM3QUbSd+CRFFqyBfY5v8zT
kvn3drRKeZ2QwYVt9xR4QI5vJwgPvNF4JEXHfMV/qBTRoMZh/6aSKRtevqENVtto
B7HeHleGOuOm8am8WFgTyYXD9/nE+XOPYNhRpCgt+c0omji7bSE1lUNYNmsOuozs
pZWGnNOJM5hAJrc1fJZXUj4x61YlUPJQeNoU9L0nw4V0dU6JYCK9aim9FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEtjZ6SoXn1Rv6FbeOvBznxTkTTUMB8GA1UdIwQY
MBaAFMjvda4nspbdCkvOE2R9i1ib9OnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYt
NzczNTFkMDg1MGM5LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYtNzczNTFkMDg1MGM5
LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPYjoYNh2
GTmnfpiclO9wbiOWTArwV7Hj9hf1RrDWfXxsFDgysG+bE3XAKHrXNrfFyE5w5BPy
ErI3X3jnWO7eYCV6eGf1ZipmZ6AYBMot0eCOD1BuzHoCPOOYBlDjj0rqigXysAGC
iiITjGsQ21EKcRYDcdLs4ZGrkxYLGcvF/NJEwf/xqzd3w3TNPeN4APfGc5U3dbav
2/wHjTNr9Ez5ye0T+4NmUGn0r12c/SnbXvUxtvyqQl/aBNKzW7vewKuBLc89tAFD
HdTxALFtPLWbml7oeC1dPvz0BDAefx7WANrzw0xiKvY6v2jwUw/qpDdAaVGnw85M
xyHkBnp/QDqsqg==
-----END CERTIFICATE-----