Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
File:                     y3yVUPThoer5UHL7G5q7JpVNJj0.mft (raw, json)
Hash identifier:          Bm3lkrtf3f8SiYq1fVzXqzOnjpkTCXwWMjvuT7PRp5Q=
Subject key identifier:   A0:52:37:23:1A:9A:BD:25:C9:AD:60:B7:9B:EF:77:C0:06:CD:80:90
Authority key identifier: CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D
Certificate issuer:       /CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d
Certificate serial:       0197B96AEDCBECFE987A21C8ACE3DDF2437F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
Manifest number:          0C5E
Signing time:             Sun 29 Jun 2025 02:01:22 +0000
Manifest this update:     Sun 29 Jun 2025 02:01:22 +0000
Manifest next update:     Mon 30 Jun 2025 02:01:22 +0000
Files and hashes:         1: y3yVUPThoer5UHL7G5q7JpVNJj0.crl (hash: 6o41MvMNFWRIVZn6EKXOAS9xr3cem5EX4ktRlzTaVug=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 02:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:6a:ed:cb:ec:fe:98:7a:21:c8:ac:e3:dd:f2:43:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d
        Validity
            Not Before: Jun 29 02:01:22 2025 GMT
            Not After : Jun 30 02:01:22 2025 GMT
        Subject: CN=a05237231a9abd25c9ad60b79bef77c006cd8090
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:05:d5:49:3e:c7:89:fe:a3:b0:4b:c3:da:e7:
                    bd:bb:6f:0f:c9:e6:d8:2f:b4:a0:db:65:81:34:76:
                    a3:d2:e6:ff:1b:be:b1:77:2b:15:a3:fd:f1:a8:17:
                    91:85:7c:f7:62:35:6f:54:d9:6d:64:c9:51:d7:60:
                    33:93:b8:ae:0f:0c:7a:d2:f1:4c:74:58:cf:bd:f4:
                    32:be:19:9a:71:0b:de:e2:b9:fa:27:07:e0:11:f3:
                    43:bb:f4:ec:80:99:b0:d5:06:7e:38:94:11:a6:b9:
                    aa:3b:59:db:a1:f8:dd:1b:7d:5d:34:5a:52:f3:34:
                    e5:a5:c5:9f:79:1c:12:73:83:99:3d:18:8d:cd:0c:
                    62:ad:e7:fe:c1:19:c8:8f:bc:c3:9e:83:49:a7:8f:
                    7d:03:c0:fb:8f:2e:cf:e9:f9:88:45:95:3b:d1:a1:
                    46:84:87:a8:a3:8f:8c:e1:4c:42:b4:4f:b1:65:62:
                    37:d9:81:a7:fe:a0:6a:fe:c7:fe:eb:3c:7c:3d:c6:
                    bd:cb:81:83:76:76:14:62:12:d6:72:81:b4:6c:84:
                    55:dc:32:5c:38:d5:f5:03:77:1a:be:50:c1:c9:b6:
                    75:c1:7b:48:13:4b:ce:1a:38:98:00:3e:e2:a0:17:
                    08:cc:89:50:d6:33:46:f5:e3:ff:86:71:44:24:1b:
                    7b:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:52:37:23:1A:9A:BD:25:C9:AD:60:B7:9B:EF:77:C0:06:CD:80:90
            X509v3 Authority Key Identifier:
                keyid:CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:c8:5a:48:f6:3e:45:c1:6d:31:25:be:a2:84:2e:b0:77:84:
         8c:44:f2:56:c5:8e:7c:93:10:65:2f:f5:be:8f:41:c4:6f:8b:
         fb:84:dc:56:ef:46:52:55:1e:8c:30:43:73:4f:ad:48:54:9b:
         2f:c4:cf:46:c6:a3:eb:83:e8:63:fc:85:1c:f4:46:e3:b7:a8:
         df:8f:bc:31:fa:5c:62:f7:9e:8e:c6:1d:0c:fa:1e:3c:dd:32:
         62:09:16:8d:e0:31:51:c6:9f:09:b9:c2:b6:6e:1b:dc:e1:32:
         eb:5a:51:fd:a1:0b:2a:fd:26:35:7a:39:a6:51:b8:f7:02:94:
         14:09:0c:c1:4e:96:eb:12:7d:45:26:b6:d9:74:5b:6a:a3:37:
         75:ac:00:60:4f:83:01:09:44:d9:08:35:75:55:aa:e1:64:be:
         62:01:7b:de:07:45:05:40:4e:2e:af:c9:4b:77:46:2a:50:f4:
         95:6c:f4:a5:9a:08:6f:17:64:21:86:bb:06:62:0c:3e:5a:4f:
         f9:c5:34:77:c0:51:45:88:b4:89:93:1c:bb:58:84:22:4b:04:
         2c:e7:07:17:21:19:21:17:c6:0f:27:e6:87:6e:89:2a:54:07:
         99:e8:6b:88:62:3f:63:9c:9a:ed:f1:9c:df:a5:57:de:64:ed:
         6d:e9:3d:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe5au3L7P6YeiHIrOPd8kN/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiN2M5NTUwZjRlMWExZWFmOTUwNzJmYjFiOWFiYjI2OTU0
ZDI2M2QwHhcNMjUwNjI5MDIwMTIyWhcNMjUwNjMwMDIwMTIyWjAzMTEwLwYDVQQD
EyhhMDUyMzcyMzFhOWFiZDI1YzlhZDYwYjc5YmVmNzdjMDA2Y2Q4MDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwXVST7Hif6jsEvD2ue9u28PyebY
L7Sg22WBNHaj0ub/G76xdysVo/3xqBeRhXz3YjVvVNltZMlR12Azk7iuDwx60vFM
dFjPvfQyvhmacQve4rn6JwfgEfNDu/TsgJmw1QZ+OJQRprmqO1nbofjdG31dNFpS
8zTlpcWfeRwSc4OZPRiNzQxiref+wRnIj7zDnoNJp499A8D7jy7P6fmIRZU70aFG
hIeoo4+M4UxCtE+xZWI32YGn/qBq/sf+6zx8Pca9y4GDdnYUYhLWcoG0bIRV3DJc
ONX1A3cavlDBybZ1wXtIE0vOGjiYAD7ioBcIzIlQ1jNG9eP/hnFEJBt7KwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKBSNyMamr0lya1gt5vvd8AGzYCQMB8GA1UdIwQY
MBaAFMt8lVD04aHq+VBy+xuauyaVTSY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTkt
OTYyNmY5ZjZjZGEyLzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTktOTYyNmY5ZjZjZGEy
LzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfMhaSPY+
RcFtMSW+ooQusHeEjETyVsWOfJMQZS/1vo9BxG+L+4TcVu9GUlUejDBDc0+tSFSb
L8TPRsaj64PoY/yFHPRG47eo34+8MfpcYveejsYdDPoePN0yYgkWjeAxUcafCbnC
tm4b3OEy61pR/aELKv0mNXo5plG49wKUFAkMwU6W6xJ9RSa22XRbaqM3dawAYE+D
AQlE2Qg1dVWq4WS+YgF73gdFBUBOLq/JS3dGKlD0lWz0pZoIbxdkIYa7BmIMPlpP
+cU0d8BRRYi0iZMcu1iEIksELOcHFyEZIRfGDyfmh26JKlQHmehriGI/Y5ya7fGc
36VX3mTtbek9vg==
-----END CERTIFICATE-----