Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
File:                     y3yVUPThoer5UHL7G5q7JpVNJj0.mft (raw, json)
Hash identifier:          T78ZYpfG3pHQD22o1jxHQj2eP8aqGtSz0uXqOZYtFek=
Subject key identifier:   57:5A:F4:89:B9:64:44:BA:CC:AF:86:EF:2F:6D:7B:6B:C1:07:BD:C7
Authority key identifier: CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D
Certificate issuer:       /CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d
Certificate serial:       0198D54E3100E6C3CDFB7F80C206FDFC37E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
Manifest number:          0CF1
Signing time:             Sat 23 Aug 2025 05:02:07 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:07 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:07 +0000
Files and hashes:         1: y3yVUPThoer5UHL7G5q7JpVNJj0.crl (hash: D9jB/RHHM6mIVJDNbZrBtPKphl6IRPijpm0QLTJ1VdY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:31:00:e6:c3:cd:fb:7f:80:c2:06:fd:fc:37:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d
        Validity
            Not Before: Aug 23 05:02:07 2025 GMT
            Not After : Aug 24 05:02:07 2025 GMT
        Subject: CN=575af489b96444baccaf86ef2f6d7b6bc107bdc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:13:02:f9:46:00:b9:05:c4:8b:98:24:4d:bd:
                    0d:fa:27:41:4d:56:56:e6:0b:2a:f4:d1:c8:75:b2:
                    b2:50:c3:39:98:51:05:8f:91:04:85:d4:60:48:0d:
                    de:9c:ae:e9:93:19:95:51:e0:13:5d:bd:ac:80:c7:
                    b1:c9:55:19:e4:d3:a0:39:dd:b8:c8:4d:c8:9e:ec:
                    9f:e4:18:99:2d:82:b4:29:78:df:62:db:f8:30:91:
                    6d:01:27:76:4a:a4:48:53:e8:10:07:2f:07:2b:ee:
                    df:72:d4:3c:46:5a:24:49:e3:e9:7e:0f:2b:d3:7b:
                    15:59:8a:1c:9e:a6:ee:e1:f8:22:b3:ee:39:8a:79:
                    c3:36:a5:62:6c:db:95:5d:43:c6:5f:e0:41:5d:3d:
                    25:5b:98:ea:92:d1:28:c6:78:85:a2:8f:fd:02:a8:
                    12:62:a6:3c:c4:cb:d2:1c:1c:a9:01:f2:4e:3b:9d:
                    a1:38:b1:47:5d:3b:6a:af:8b:c5:84:15:c5:7e:23:
                    79:e6:ca:c8:90:d5:f0:9f:bf:6d:11:7b:35:b8:a9:
                    1b:55:06:05:43:ee:09:f7:3f:e7:ed:0f:b0:d7:98:
                    a1:3b:06:09:32:dc:42:fa:57:3f:67:b8:72:32:3e:
                    7d:7e:4a:e5:84:dc:52:d4:ef:7c:d7:90:0a:0f:50:
                    0f:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:5A:F4:89:B9:64:44:BA:CC:AF:86:EF:2F:6D:7B:6B:C1:07:BD:C7
            X509v3 Authority Key Identifier:
                keyid:CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:2a:f7:11:9e:fb:b0:25:ec:d8:68:79:e8:f1:34:f5:37:fd:
         ef:cd:53:4f:ce:c2:57:b2:94:37:ba:76:af:85:9c:46:9d:06:
         56:4c:33:fe:45:6c:90:a5:bf:fc:87:a4:be:85:e6:bf:32:6c:
         48:ed:11:8c:cf:ac:88:c4:e6:a1:31:cb:40:9e:0c:16:74:ca:
         59:4c:23:a0:13:55:de:4f:67:a5:25:0c:1f:84:69:f5:4f:31:
         b9:a3:12:c8:a3:7c:39:ff:01:79:56:df:2d:88:50:53:da:e4:
         18:80:7d:67:36:2e:59:2c:05:29:3d:ef:f0:53:9c:f8:fe:40:
         ea:be:a1:29:67:8c:90:62:48:a0:5e:32:c7:a4:63:49:a2:48:
         30:4f:d6:bc:93:39:ef:56:58:a4:4a:a4:ee:5f:d7:18:c6:4b:
         bf:2e:ae:a7:94:84:15:40:1d:0f:c5:2f:e9:6d:aa:ef:73:e3:
         8f:0b:49:b7:a1:33:b4:f5:de:17:93:08:ea:6f:6f:ef:02:78:
         c1:45:90:2b:81:7a:e5:ba:c5:35:ac:41:e5:9b:59:2e:13:cb:
         f4:76:f2:b0:4c:d9:82:87:2b:b9:a2:30:30:ce:c0:3c:e3:22:
         1c:c5:c9:2c:52:de:20:81:ef:40:aa:61:d9:01:4d:fb:20:53:
         6a:ce:fc:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTjEA5sPN+3+Awgb9/DflMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiN2M5NTUwZjRlMWExZWFmOTUwNzJmYjFiOWFiYjI2OTU0
ZDI2M2QwHhcNMjUwODIzMDUwMjA3WhcNMjUwODI0MDUwMjA3WjAzMTEwLwYDVQQD
Eyg1NzVhZjQ4OWI5NjQ0NGJhY2NhZjg2ZWYyZjZkN2I2YmMxMDdiZGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxMC+UYAuQXEi5gkTb0N+idBTVZW
5gsq9NHIdbKyUMM5mFEFj5EEhdRgSA3enK7pkxmVUeATXb2sgMexyVUZ5NOgOd24
yE3Inuyf5BiZLYK0KXjfYtv4MJFtASd2SqRIU+gQBy8HK+7fctQ8RlokSePpfg8r
03sVWYocnqbu4fgis+45innDNqVibNuVXUPGX+BBXT0lW5jqktEoxniFoo/9AqgS
YqY8xMvSHBypAfJOO52hOLFHXTtqr4vFhBXFfiN55srIkNXwn79tEXs1uKkbVQYF
Q+4J9z/n7Q+w15ihOwYJMtxC+lc/Z7hyMj59fkrlhNxS1O9815AKD1APuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFda9Im5ZES6zK+G7y9te2vBB73HMB8GA1UdIwQY
MBaAFMt8lVD04aHq+VBy+xuauyaVTSY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTkt
OTYyNmY5ZjZjZGEyLzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTktOTYyNmY5ZjZjZGEy
LzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuSr3EZ77
sCXs2Gh56PE09Tf9781TT87CV7KUN7p2r4WcRp0GVkwz/kVskKW//IekvoXmvzJs
SO0RjM+siMTmoTHLQJ4MFnTKWUwjoBNV3k9npSUMH4Rp9U8xuaMSyKN8Of8BeVbf
LYhQU9rkGIB9ZzYuWSwFKT3v8FOc+P5A6r6hKWeMkGJIoF4yx6RjSaJIME/WvJM5
71ZYpEqk7l/XGMZLvy6up5SEFUAdD8Uv6W2q73PjjwtJt6EztPXeF5MI6m9v7wJ4
wUWQK4F65brFNaxB5ZtZLhPL9HbysEzZgocruaIwMM7APOMiHMXJLFLeIIHvQKph
2QFN+yBTas78sA==
-----END CERTIFICATE-----