Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
File:                     y_nNJDztaTe2vqVxAoFP-bpCZiE.mft (raw, json)
Hash identifier:          VOFxooa15kJcb63i1FP4mtT0K1w9+g9ZvcE1fSV3RWg=
Subject key identifier:   33:93:58:F4:ED:C9:55:81:BF:FC:1B:EC:84:1F:B5:08:E9:63:7B:A8
Authority key identifier: CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21
Certificate issuer:       /CN=cbf9cd243ced6937b6bea57102814ff9ba426621
Certificate serial:       0197B8FD78DC4049F3523F6BB592217019E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
Manifest number:          15B3
Signing time:             Sun 29 Jun 2025 00:01:48 +0000
Manifest this update:     Sun 29 Jun 2025 00:01:48 +0000
Manifest next update:     Mon 30 Jun 2025 00:01:48 +0000
Files and hashes:         1: y_nNJDztaTe2vqVxAoFP-bpCZiE.crl (hash: 0m6Z4g3QxOi7/xLoQIuBJKDdpfF22zCwXSB6p6Nji7Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:fd:78:dc:40:49:f3:52:3f:6b:b5:92:21:70:19:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbf9cd243ced6937b6bea57102814ff9ba426621
        Validity
            Not Before: Jun 29 00:01:48 2025 GMT
            Not After : Jun 30 00:01:48 2025 GMT
        Subject: CN=339358f4edc95581bffc1bec841fb508e9637ba8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:05:9f:35:f5:7a:3a:42:74:35:a7:07:86:d2:
                    1d:4d:c4:87:d2:8e:0a:24:6f:44:59:17:d6:58:8e:
                    13:3c:28:ba:1a:65:7a:10:a0:26:4c:bb:aa:cf:7b:
                    2b:cb:42:b5:fb:76:c1:dc:50:0c:e6:7a:e4:aa:83:
                    54:4d:6b:05:fa:9e:70:27:e5:c2:1c:1d:fb:09:86:
                    f7:45:e6:cb:19:80:b8:fb:c1:e3:27:75:d9:0d:11:
                    34:d9:85:83:50:b7:70:be:7e:56:ea:61:d5:7c:af:
                    1d:cb:99:1c:c7:92:b6:bc:d0:aa:5d:e0:96:84:45:
                    2a:50:21:7e:49:a1:b9:47:7e:4c:6f:65:4e:64:54:
                    53:20:28:15:d2:73:eb:39:07:af:42:9f:d3:bd:e3:
                    a5:39:60:40:af:77:0c:73:7d:6a:5f:a9:63:69:99:
                    14:64:73:1e:6b:05:20:8a:44:97:16:9d:0e:cd:f5:
                    a1:c9:66:86:d1:6c:8c:ac:7e:51:57:65:0f:23:57:
                    3d:29:50:f7:15:bd:b7:cd:5b:2d:65:09:06:cf:1a:
                    d3:77:ae:42:b6:d9:e1:d8:86:2d:39:33:63:b8:5f:
                    2c:50:9d:6d:7f:1a:71:8a:d5:73:b6:61:9a:2b:cf:
                    5d:19:18:da:68:62:61:db:5f:c1:c5:0a:26:f6:d7:
                    b0:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:93:58:F4:ED:C9:55:81:BF:FC:1B:EC:84:1F:B5:08:E9:63:7B:A8
            X509v3 Authority Key Identifier:
                keyid:CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:a2:99:ee:d0:b7:12:df:14:6d:2c:5a:4f:ff:8a:30:4f:64:
         bd:49:e6:05:de:77:0b:7f:c9:5d:52:fb:2a:84:17:8c:bb:8c:
         0f:c1:7e:e4:ba:bf:e4:af:7e:a9:68:9c:33:51:9c:54:08:6d:
         36:12:5b:5e:a2:0a:69:61:5c:43:a7:7f:54:bd:69:21:37:75:
         56:56:46:25:50:4c:ad:38:cb:42:7a:94:b3:b5:9f:ed:ad:8d:
         80:3d:90:71:92:42:3c:29:fb:f7:f1:ba:03:e1:3f:27:39:e1:
         ea:f7:30:e6:37:e3:1d:62:b5:6b:40:51:20:f6:98:17:7e:f6:
         bc:be:57:b0:f5:6e:22:38:cd:2c:7e:8f:7a:be:ec:ec:eb:0b:
         4c:71:a1:0d:f5:7a:f3:9c:3d:1d:9b:8e:39:ef:c6:84:ee:a5:
         dd:57:86:33:fc:11:89:cb:85:48:5d:d8:30:5a:f7:85:82:72:
         23:95:dc:e3:87:10:de:cb:30:9a:52:1c:3f:8f:18:8a:da:32:
         89:7e:46:9c:47:6f:34:a9:f0:84:3d:5a:e6:16:76:1b:b7:32:
         cd:64:02:46:d2:d6:ac:ae:ff:6b:76:27:8e:71:56:98:38:ae:
         66:68:bb:8c:c4:09:dc:77:62:29:23:54:a5:22:46:14:65:98:
         4a:37:a6:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4/XjcQEnzUj9rtZIhcBnhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjljZDI0M2NlZDY5MzdiNmJlYTU3MTAyODE0ZmY5YmE0
MjY2MjEwHhcNMjUwNjI5MDAwMTQ4WhcNMjUwNjMwMDAwMTQ4WjAzMTEwLwYDVQQD
EygzMzkzNThmNGVkYzk1NTgxYmZmYzFiZWM4NDFmYjUwOGU5NjM3YmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAWfNfV6OkJ0NacHhtIdTcSH0o4K
JG9EWRfWWI4TPCi6GmV6EKAmTLuqz3sry0K1+3bB3FAM5nrkqoNUTWsF+p5wJ+XC
HB37CYb3RebLGYC4+8HjJ3XZDRE02YWDULdwvn5W6mHVfK8dy5kcx5K2vNCqXeCW
hEUqUCF+SaG5R35Mb2VOZFRTICgV0nPrOQevQp/TveOlOWBAr3cMc31qX6ljaZkU
ZHMeawUgikSXFp0OzfWhyWaG0WyMrH5RV2UPI1c9KVD3Fb23zVstZQkGzxrTd65C
ttnh2IYtOTNjuF8sUJ1tfxpxitVztmGaK89dGRjaaGJh21/BxQom9tew2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDOTWPTtyVWBv/wb7IQftQjpY3uoMB8GA1UdIwQY
MBaAFMv5zSQ87Wk3tr6lcQKBT/m6QmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQt
MWMxMzI1MGE2YTNjLzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQtMWMxMzI1MGE2YTNj
LzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdaKZ7tC3
Et8UbSxaT/+KME9kvUnmBd53C3/JXVL7KoQXjLuMD8F+5Lq/5K9+qWicM1GcVAht
NhJbXqIKaWFcQ6d/VL1pITd1VlZGJVBMrTjLQnqUs7Wf7a2NgD2QcZJCPCn79/G6
A+E/Jznh6vcw5jfjHWK1a0BRIPaYF372vL5XsPVuIjjNLH6Per7s7OsLTHGhDfV6
85w9HZuOOe/GhO6l3VeGM/wRicuFSF3YMFr3hYJyI5Xc44cQ3sswmlIcP48Yitoy
iX5GnEdvNKnwhD1a5hZ2G7cyzWQCRtLWrK7/a3YnjnFWmDiuZmi7jMQJ3HdiKSNU
pSJGFGWYSjem+w==
-----END CERTIFICATE-----