Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
File:                     y_nNJDztaTe2vqVxAoFP-bpCZiE.mft (raw, json)
Hash identifier:          A2pjTi7alsFMxllxrYlzeEYQtXdTFioE/YlViYu/wDI=
Subject key identifier:   12:18:92:F3:29:EA:22:E8:7D:97:1F:DC:4B:FE:21:EA:EB:1E:77:60
Authority key identifier: CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21
Certificate issuer:       /CN=cbf9cd243ced6937b6bea57102814ff9ba426621
Certificate serial:       0198D4E0338AA12B9E8C1966CB47F071B3D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 03:01:59 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:59 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:59 +0000
Files and hashes:         1: y_nNJDztaTe2vqVxAoFP-bpCZiE.crl (hash: UTtKVXtjeZB8RYaNcGIBy9viPB3HcQcZ4cHOmrBnuAc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:01:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:33:8a:a1:2b:9e:8c:19:66:cb:47:f0:71:b3:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbf9cd243ced6937b6bea57102814ff9ba426621
        Validity
            Not Before: Aug 23 03:01:59 2025 GMT
            Not After : Aug 24 03:01:59 2025 GMT
        Subject: CN=121892f329ea22e87d971fdc4bfe21eaeb1e7760
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:b4:f7:ca:35:72:d6:77:7e:d4:f9:12:cc:50:
                    ee:a6:21:45:01:4f:80:dd:54:13:50:3d:17:9a:42:
                    87:ab:18:35:af:b3:a3:1d:07:6c:3c:f6:92:e0:e6:
                    6d:3f:48:8e:ed:95:72:eb:6a:d6:bc:f8:7f:bb:1b:
                    8c:61:3a:fd:6b:a8:53:8a:23:e2:28:cc:11:b2:25:
                    0b:55:f2:60:37:d4:83:6f:19:ed:d7:1c:d8:4e:b6:
                    26:e0:7c:3c:3e:13:87:96:8e:18:bf:9b:57:93:65:
                    67:f6:33:4f:4c:df:21:e9:14:fb:90:83:a9:64:78:
                    88:cc:30:ab:64:99:f6:47:af:52:f1:af:b1:8e:d3:
                    64:4d:03:23:03:7b:0d:ec:e8:24:17:1c:89:7e:b9:
                    63:83:aa:3e:19:5f:e5:02:58:46:c5:83:df:36:b8:
                    5c:b5:26:40:6a:d5:32:04:bd:ee:dd:78:e2:38:db:
                    ba:83:38:33:4c:91:b8:87:b8:51:5c:1a:d8:18:4b:
                    c1:55:e9:a3:e7:8d:3b:d3:5c:13:27:6a:b7:d7:53:
                    96:ce:db:bd:9a:3e:c6:64:5b:0d:a7:f5:38:f1:f0:
                    b6:af:45:62:a1:83:1e:72:42:02:01:60:9c:ac:67:
                    d7:1c:5e:81:17:1e:43:ee:6f:70:eb:e8:7d:6e:5a:
                    23:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:18:92:F3:29:EA:22:E8:7D:97:1F:DC:4B:FE:21:EA:EB:1E:77:60
            X509v3 Authority Key Identifier:
                keyid:CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:a7:d4:e0:de:dd:45:c8:ff:8c:24:ab:19:cb:d8:f2:60:9f:
         2e:c1:3d:83:9f:2b:54:54:36:da:41:86:d8:a4:a1:c8:2c:2c:
         a5:fa:d9:b1:8e:07:3a:62:81:36:1f:e8:80:51:cb:60:2c:bb:
         1a:e0:90:28:bc:c4:2a:87:58:d1:9b:39:63:30:8e:3d:0c:bf:
         7f:06:01:9d:aa:b3:7d:81:6d:e3:cb:d2:c9:ca:cb:48:35:e4:
         94:38:e9:9d:b6:ea:cb:15:50:df:3a:0c:1a:77:a1:87:30:67:
         a3:9e:fe:f5:17:3e:55:1d:92:8b:55:9a:c1:a2:2b:c0:41:30:
         a0:74:bd:25:5c:92:99:43:6d:8b:a0:74:d9:bb:1e:00:20:5c:
         5b:f9:a2:5d:41:13:b5:7b:cb:15:b2:ba:6b:69:3c:89:94:3d:
         65:d2:a0:44:46:3a:67:39:74:da:08:6c:da:85:aa:d5:bb:3f:
         6a:ae:c2:64:2c:ae:db:d3:0f:4e:70:d3:93:f1:9d:27:32:1e:
         06:db:13:ac:43:d9:03:92:92:5a:ad:cd:e4:91:42:85:2b:89:
         44:15:8d:97:48:ff:e7:3d:f4:a4:d6:74:ec:af:7f:f0:59:51:
         96:10:04:93:1b:24:d7:8a:dd:5d:18:9a:d4:18:6d:fb:25:c8:
         b2:36:29:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4DOKoSuejBlmy0fwcbPUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjljZDI0M2NlZDY5MzdiNmJlYTU3MTAyODE0ZmY5YmE0
MjY2MjEwHhcNMjUwODIzMDMwMTU5WhcNMjUwODI0MDMwMTU5WjAzMTEwLwYDVQQD
EygxMjE4OTJmMzI5ZWEyMmU4N2Q5NzFmZGM0YmZlMjFlYWViMWU3NzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17T3yjVy1nd+1PkSzFDupiFFAU+A
3VQTUD0XmkKHqxg1r7OjHQdsPPaS4OZtP0iO7ZVy62rWvPh/uxuMYTr9a6hTiiPi
KMwRsiULVfJgN9SDbxnt1xzYTrYm4Hw8PhOHlo4Yv5tXk2Vn9jNPTN8h6RT7kIOp
ZHiIzDCrZJn2R69S8a+xjtNkTQMjA3sN7OgkFxyJfrljg6o+GV/lAlhGxYPfNrhc
tSZAatUyBL3u3XjiONu6gzgzTJG4h7hRXBrYGEvBVemj540701wTJ2q311OWztu9
mj7GZFsNp/U48fC2r0VioYMeckICAWCcrGfXHF6BFx5D7m9w6+h9blojhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBIYkvMp6iLofZcf3Ev+IerrHndgMB8GA1UdIwQY
MBaAFMv5zSQ87Wk3tr6lcQKBT/m6QmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQt
MWMxMzI1MGE2YTNjLzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQtMWMxMzI1MGE2YTNj
LzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW6fU4N7d
Rcj/jCSrGcvY8mCfLsE9g58rVFQ22kGG2KShyCwspfrZsY4HOmKBNh/ogFHLYCy7
GuCQKLzEKodY0Zs5YzCOPQy/fwYBnaqzfYFt48vSycrLSDXklDjpnbbqyxVQ3zoM
GnehhzBno57+9Rc+VR2Si1WawaIrwEEwoHS9JVySmUNti6B02bseACBcW/miXUET
tXvLFbK6a2k8iZQ9ZdKgREY6Zzl02ghs2oWq1bs/aq7CZCyu29MPTnDTk/GdJzIe
BtsTrEPZA5KSWq3N5JFChSuJRBWNl0j/5z30pNZ07K9/8FlRlhAEkxsk14rdXRia
1Bht+yXIsjYpCA==
-----END CERTIFICATE-----