Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
File:                     YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft (raw, json)
Hash identifier:          XGGownb5uEnZzEorX/1JUIFJDc9gZGY0Z0nsaUcZyqw=
Subject key identifier:   66:D3:00:26:A7:30:B7:FC:BD:06:37:79:7F:9E:C4:68:8E:9F:94:67
Authority key identifier: 60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30
Certificate issuer:       /CN=6062b21fb6655b897923e29d6fcb644ab10ac530
Certificate serial:       0197B77C2C34B7A0AFC2A6A531EE8A81FE0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 17:00:57 +0000
Manifest this update:     Sat 28 Jun 2025 17:00:57 +0000
Manifest next update:     Sun 29 Jun 2025 17:00:57 +0000
Files and hashes:         1: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl (hash: BkP59K3R+dBqYi8uASd5gp6wzFW+SfRM6g8wzhgA6Do=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:2c:34:b7:a0:af:c2:a6:a5:31:ee:8a:81:fe:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6062b21fb6655b897923e29d6fcb644ab10ac530
        Validity
            Not Before: Jun 28 17:00:57 2025 GMT
            Not After : Jun 29 17:00:57 2025 GMT
        Subject: CN=66d30026a730b7fcbd0637797f9ec4688e9f9467
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:7d:e9:77:54:41:b7:62:10:32:98:27:d3:34:
                    71:cf:a9:95:ce:d2:db:0e:02:5c:25:0c:ea:43:c2:
                    e4:f5:1c:9f:28:f1:1d:df:69:d7:32:76:71:ba:69:
                    0f:af:0c:dd:4b:e3:c5:08:3a:4d:fa:b2:1d:64:13:
                    42:af:4b:a2:b2:46:5b:c5:ea:90:a7:1c:b1:46:bd:
                    aa:8a:b4:91:e1:5d:d8:5c:50:79:38:bc:69:bd:99:
                    9a:7f:f0:e4:81:0e:bf:83:1e:c9:47:a1:d0:09:01:
                    6c:42:28:be:ef:32:6b:48:6a:42:22:7f:3e:a0:ec:
                    9b:14:50:8b:1b:d7:f6:01:f4:18:b6:a8:3e:5a:e8:
                    ba:3b:ff:a2:93:08:37:41:3b:34:87:22:8f:da:05:
                    db:9a:d1:23:18:6b:28:a4:47:ee:fe:82:33:de:7e:
                    bc:05:6d:b9:2a:fe:f1:a7:0b:21:e2:b7:8f:f4:10:
                    b1:57:88:4c:7d:8a:2b:7c:bf:fc:ab:f3:1c:ed:55:
                    bf:72:08:39:9c:1a:57:c3:23:d4:8e:39:a8:ba:50:
                    3c:1e:08:9a:b5:0b:a8:67:73:b6:29:9e:ef:b2:38:
                    27:55:b2:d5:80:11:05:aa:f3:bd:5c:32:45:ef:af:
                    e6:d2:05:a8:c5:b8:14:06:33:f2:3d:3f:8d:53:43:
                    5c:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:D3:00:26:A7:30:B7:FC:BD:06:37:79:7F:9E:C4:68:8E:9F:94:67
            X509v3 Authority Key Identifier:
                keyid:60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:42:d7:24:38:51:4c:7e:d2:97:e3:62:58:63:7f:0f:c8:4b:
         89:7a:82:3a:cc:c5:3a:b9:39:c8:3f:0a:2d:0c:f6:85:59:ee:
         85:b6:58:4f:13:3f:82:f7:51:f5:ce:80:0f:4c:9a:57:7e:34:
         2d:13:20:bc:49:c8:f2:0e:66:e6:da:fe:2b:cd:d4:fa:94:e6:
         bb:cc:2e:a8:2e:98:c1:ca:b6:b0:b6:0c:ac:d6:93:bd:d3:b0:
         6f:1a:db:d7:62:cd:81:37:a9:28:b0:c8:d0:13:8d:98:7f:51:
         cb:58:c8:c4:7f:c1:75:0a:24:5e:3d:3a:07:7d:63:73:8b:d8:
         c7:65:c5:a4:97:f5:5a:64:95:9f:81:64:4d:c7:9f:c5:8d:11:
         bf:b5:fb:2f:8a:69:75:1e:84:7a:7f:0c:c4:e2:e5:d9:70:79:
         9d:c9:24:cc:fb:d3:cc:90:82:9d:a4:07:e9:0c:9e:fb:3b:50:
         54:f3:30:99:6b:b9:f3:92:7c:6e:c5:ed:a4:af:80:39:87:1e:
         1e:fa:62:80:97:38:40:f1:0f:db:47:d2:01:08:c2:36:3a:20:
         11:ee:fd:af:0a:a3:68:59:e9:2c:8c:71:fc:83:d9:f4:8f:c0:
         74:d1:64:6f:e3:05:14:97:88:76:72:5a:4e:e3:9e:2c:ac:a9:
         da:40:4b:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fCw0t6CvwqalMe6Kgf4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjJiMjFmYjY2NTViODk3OTIzZTI5ZDZmY2I2NDRhYjEw
YWM1MzAwHhcNMjUwNjI4MTcwMDU3WhcNMjUwNjI5MTcwMDU3WjAzMTEwLwYDVQQD
Eyg2NmQzMDAyNmE3MzBiN2ZjYmQwNjM3Nzk3ZjllYzQ2ODhlOWY5NDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH3pd1RBt2IQMpgn0zRxz6mVztLb
DgJcJQzqQ8Lk9RyfKPEd32nXMnZxumkPrwzdS+PFCDpN+rIdZBNCr0uiskZbxeqQ
pxyxRr2qirSR4V3YXFB5OLxpvZmaf/DkgQ6/gx7JR6HQCQFsQii+7zJrSGpCIn8+
oOybFFCLG9f2AfQYtqg+Wui6O/+ikwg3QTs0hyKP2gXbmtEjGGsopEfu/oIz3n68
BW25Kv7xpwsh4reP9BCxV4hMfYorfL/8q/Mc7VW/cgg5nBpXwyPUjjmoulA8Hgia
tQuoZ3O2KZ7vsjgnVbLVgBEFqvO9XDJF76/m0gWoxbgUBjPyPT+NU0NctwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbTACanMLf8vQY3eX+exGiOn5RnMB8GA1UdIwQY
MBaAFGBish+2ZVuJeSPinW/LZEqxCsUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYt
YjUyMGJlZGE2NjI2LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYtYjUyMGJlZGE2NjI2
LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEULXJDhR
TH7Sl+NiWGN/D8hLiXqCOszFOrk5yD8KLQz2hVnuhbZYTxM/gvdR9c6AD0yaV340
LRMgvEnI8g5m5tr+K83U+pTmu8wuqC6Ywcq2sLYMrNaTvdOwbxrb12LNgTepKLDI
0BONmH9Ry1jIxH/BdQokXj06B31jc4vYx2XFpJf1WmSVn4FkTcefxY0Rv7X7L4pp
dR6Een8MxOLl2XB5nckkzPvTzJCCnaQH6Qye+ztQVPMwmWu585J8bsXtpK+AOYce
HvpigJc4QPEP20fSAQjCNjogEe79rwqjaFnpLIxx/IPZ9I/AdNFkb+MFFJeIdnJa
TuOeLKyp2kBLIg==
-----END CERTIFICATE-----