Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
File:                     YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft (raw, json)
Hash identifier:          8sf1XlXRHyqF0MJHFWKI8NC5zQKiU1yrxEtzdbdrUKM=
Subject key identifier:   F0:12:5C:88:1E:E1:D1:73:1B:5F:B1:4D:91:3C:A6:83:54:FC:03:CF
Authority key identifier: 60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30
Certificate issuer:       /CN=6062b21fb6655b897923e29d6fcb644ab10ac530
Certificate serial:       0198D54DF546E0C3202CF0E61F9B03578526
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 05:01:52 +0000
Manifest this update:     Sat 23 Aug 2025 05:01:52 +0000
Manifest next update:     Sun 24 Aug 2025 05:01:52 +0000
Files and hashes:         1: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl (hash: GtLh0avyYgHSFN3ZLHiwmhobfm4+ulvFIGopSnGzU70=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4d:f5:46:e0:c3:20:2c:f0:e6:1f:9b:03:57:85:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6062b21fb6655b897923e29d6fcb644ab10ac530
        Validity
            Not Before: Aug 23 05:01:52 2025 GMT
            Not After : Aug 24 05:01:52 2025 GMT
        Subject: CN=f0125c881ee1d1731b5fb14d913ca68354fc03cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:af:3a:aa:8f:70:d0:02:8d:ec:e3:87:ac:50:
                    45:c0:f8:ac:a0:94:e6:35:f5:c3:c4:88:22:fb:96:
                    20:07:f9:5b:3a:70:1c:31:54:4e:36:0d:b9:6d:cc:
                    2d:44:34:41:23:73:a5:c4:80:33:90:33:cc:f4:f8:
                    65:af:3b:d6:d0:66:e3:8b:15:48:17:1d:3a:d8:22:
                    52:3d:26:9d:26:30:51:3d:60:a1:fd:dc:96:9d:c9:
                    72:03:34:b6:4b:62:f5:14:04:e2:7a:ad:12:9c:df:
                    b6:11:7e:48:75:e3:03:35:ca:0c:a9:30:64:3a:7a:
                    d0:cf:de:76:59:94:d2:0a:74:93:fe:47:86:e5:38:
                    9d:bd:54:02:1d:6f:7f:32:06:af:d1:02:7f:cb:92:
                    c3:89:79:b5:aa:cf:65:bb:cc:79:af:24:34:08:b2:
                    9f:b8:6c:68:5f:74:32:1c:fe:06:fa:62:ee:a0:8b:
                    6e:3e:c7:f5:d6:d1:de:17:48:3f:f0:95:bf:fd:30:
                    9a:7d:3d:f1:63:db:3a:26:42:21:30:2e:a4:a9:b0:
                    65:4f:2d:b2:83:e0:fc:f8:ab:d4:ad:6e:6d:de:6d:
                    96:e8:3b:e9:16:e1:c1:02:65:48:29:5d:fc:8a:21:
                    19:64:0a:72:16:d4:13:0b:fe:ca:50:5b:37:5a:86:
                    c1:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:12:5C:88:1E:E1:D1:73:1B:5F:B1:4D:91:3C:A6:83:54:FC:03:CF
            X509v3 Authority Key Identifier:
                keyid:60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:21:98:f2:9d:ff:74:8c:45:f9:35:b5:fb:66:63:a7:e1:e2:
         af:3d:11:60:66:92:3e:5b:c3:c0:19:78:a0:59:dd:ed:1d:66:
         7a:2c:d5:bf:3d:11:04:b8:79:72:60:16:7d:c2:e4:b1:0b:67:
         2a:b9:6f:a9:24:ce:60:5a:fe:e2:93:99:35:07:31:e3:35:f6:
         86:1d:c1:81:c2:a8:bc:d5:15:bc:73:b1:39:10:c0:53:3f:fc:
         3e:bc:f7:0e:0e:18:99:b4:f6:cc:3a:29:51:50:89:a4:db:fa:
         dc:61:48:fe:1a:72:4e:d3:09:12:3c:0a:9a:03:e1:e7:57:b5:
         86:20:ea:63:e0:40:d8:f2:01:6a:8b:b9:5a:47:0d:86:b0:a7:
         cb:57:65:b3:bc:a7:06:7e:ed:1a:0f:50:a4:99:eb:4a:b4:cb:
         58:cb:2c:d7:a5:a6:98:1a:76:b9:be:1b:eb:58:c0:42:e8:35:
         91:07:3a:60:67:9d:37:37:f1:08:1d:a2:61:eb:93:41:ca:72:
         d7:a7:fe:b5:90:ef:41:8e:91:3f:37:7c:9d:57:09:b5:ea:81:
         ad:20:42:dc:9a:a4:8b:14:39:9e:54:a9:a1:3e:d8:cc:bb:ed:
         f9:97:03:68:1e:c2:c7:80:2d:fa:24:91:15:38:ed:1f:3f:43:
         3e:c6:ec:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTfVG4MMgLPDmH5sDV4UmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjJiMjFmYjY2NTViODk3OTIzZTI5ZDZmY2I2NDRhYjEw
YWM1MzAwHhcNMjUwODIzMDUwMTUyWhcNMjUwODI0MDUwMTUyWjAzMTEwLwYDVQQD
EyhmMDEyNWM4ODFlZTFkMTczMWI1ZmIxNGQ5MTNjYTY4MzU0ZmMwM2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0K86qo9w0AKN7OOHrFBFwPisoJTm
NfXDxIgi+5YgB/lbOnAcMVRONg25bcwtRDRBI3OlxIAzkDPM9PhlrzvW0GbjixVI
Fx062CJSPSadJjBRPWCh/dyWnclyAzS2S2L1FATieq0SnN+2EX5IdeMDNcoMqTBk
OnrQz952WZTSCnST/keG5TidvVQCHW9/Mgav0QJ/y5LDiXm1qs9lu8x5ryQ0CLKf
uGxoX3QyHP4G+mLuoItuPsf11tHeF0g/8JW//TCafT3xY9s6JkIhMC6kqbBlTy2y
g+D8+KvUrW5t3m2W6DvpFuHBAmVIKV38iiEZZApyFtQTC/7KUFs3WobBwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPASXIge4dFzG1+xTZE8poNU/APPMB8GA1UdIwQY
MBaAFGBish+2ZVuJeSPinW/LZEqxCsUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYt
YjUyMGJlZGE2NjI2LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYtYjUyMGJlZGE2NjI2
LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZCGY8p3/
dIxF+TW1+2Zjp+Hirz0RYGaSPlvDwBl4oFnd7R1meizVvz0RBLh5cmAWfcLksQtn
KrlvqSTOYFr+4pOZNQcx4zX2hh3BgcKovNUVvHOxORDAUz/8Prz3Dg4YmbT2zDop
UVCJpNv63GFI/hpyTtMJEjwKmgPh51e1hiDqY+BA2PIBaou5WkcNhrCny1dls7yn
Bn7tGg9QpJnrSrTLWMss16WmmBp2ub4b61jAQug1kQc6YGedNzfxCB2iYeuTQcpy
16f+tZDvQY6RPzd8nVcJteqBrSBC3JqkixQ5nlSpoT7YzLvt+ZcDaB7Cx4At+iSR
FTjtHz9DPsbshg==
-----END CERTIFICATE-----