Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.mft
File:                     YxB3zMSCuRtFmfUslKiJABOSSf8.mft (raw, json)
Hash identifier:          TbdHPdsOpqNZ81ndzRcgWmbEMoZDok3Px8KACa37aZY=
Subject key identifier:   06:77:76:F9:FD:EF:A3:42:47:76:98:90:19:8C:61:98:D2:DF:A5:76
Authority key identifier: 63:10:77:CC:C4:82:B9:1B:45:99:F5:2C:94:A8:89:00:13:92:49:FF
Certificate issuer:       /CN=631077ccc482b91b4599f52c94a88900139249ff
Certificate serial:       0197B77C373EEBEFA684F6F04B06C268D3D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YxB3zMSCuRtFmfUslKiJABOSSf8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.mft
Manifest number:          2E
Signing time:             Sat 28 Jun 2025 17:01:00 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:00 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:00 +0000
Files and hashes:         1: YxB3zMSCuRtFmfUslKiJABOSSf8.crl (hash: F/PWJ1TDHMq5lfUec58kJatM4KUKzs90TK3SScmh7U8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YxB3zMSCuRtFmfUslKiJABOSSf8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:37:3e:eb:ef:a6:84:f6:f0:4b:06:c2:68:d3:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=631077ccc482b91b4599f52c94a88900139249ff
        Validity
            Not Before: Jun 28 17:01:00 2025 GMT
            Not After : Jun 29 17:01:00 2025 GMT
        Subject: CN=067776f9fdefa34247769890198c6198d2dfa576
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:fa:2b:20:0a:0d:12:29:11:e1:6f:81:f3:d1:
                    9b:1d:fa:52:20:8c:38:64:8c:27:f5:4b:34:8b:84:
                    40:60:51:76:64:da:ad:78:2e:55:4a:d6:58:de:a3:
                    82:f7:d7:ea:42:f9:9c:07:58:d7:57:27:50:29:c3:
                    f9:28:3a:b7:77:e1:e8:9b:a4:5f:8d:66:01:ef:64:
                    b6:17:82:7f:a0:f5:07:9a:03:bb:63:b4:1d:a1:91:
                    ba:98:65:e1:d0:4e:d4:cb:4f:9f:88:81:04:0a:03:
                    6c:32:47:26:a4:6d:ff:4e:a0:bc:b2:2f:8c:c0:5a:
                    ca:a0:08:6e:b4:82:d8:03:19:ed:35:71:23:92:03:
                    ff:7f:60:51:0a:37:e1:ba:45:9e:a4:f2:d4:af:59:
                    b1:97:6d:2e:75:c7:30:e0:a6:c8:ee:11:3a:08:45:
                    1e:98:33:cc:04:fd:1c:89:a3:2b:d9:50:f9:4e:b7:
                    55:27:53:a5:7a:b0:8f:5b:a2:93:79:80:a4:04:18:
                    2e:82:98:92:37:6a:a5:8a:1e:a4:a3:cd:11:91:4f:
                    7c:ca:72:8c:dc:c3:1e:78:e2:7e:2f:41:bb:e1:0b:
                    58:8a:ec:29:4f:37:dd:cc:1e:a0:6e:e7:4b:ce:4b:
                    8f:2e:85:33:8d:5b:3a:c8:fe:7e:48:63:54:6f:70:
                    c8:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:77:76:F9:FD:EF:A3:42:47:76:98:90:19:8C:61:98:D2:DF:A5:76
            X509v3 Authority Key Identifier:
                keyid:63:10:77:CC:C4:82:B9:1B:45:99:F5:2C:94:A8:89:00:13:92:49:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YxB3zMSCuRtFmfUslKiJABOSSf8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:91:3b:b3:48:f7:c1:a3:53:df:a5:aa:52:cf:ce:96:38:98:
         74:fa:8a:da:b2:0e:f5:70:80:80:9a:b7:5e:60:16:e9:25:de:
         7e:f2:58:e3:9c:56:49:6d:9d:9b:94:1d:79:87:a5:e7:ba:73:
         0f:96:ee:fd:90:db:12:2f:56:5a:21:dd:c6:92:88:37:0a:c1:
         ee:05:d5:e8:bb:2f:cf:fc:3c:e6:d6:ef:9f:9f:c9:d0:14:2f:
         87:90:cc:8c:a5:2d:72:69:7a:4a:24:b3:3e:6a:b0:e4:a5:68:
         0f:ec:90:50:b5:f1:49:90:1d:28:03:88:c5:f8:6d:50:9e:1f:
         8c:70:0b:86:05:95:db:8d:97:e8:2e:b3:87:5b:01:49:bc:60:
         6f:73:3a:4d:62:c3:b1:4c:31:5c:1d:23:45:e8:ce:b3:1d:42:
         fc:7e:b1:e5:db:e9:bc:29:a8:43:96:3f:62:66:56:1b:5c:06:
         1a:2b:0e:83:ec:f0:5b:36:8a:b3:92:7b:24:5c:bb:97:26:75:
         a1:30:29:83:bd:63:0c:43:15:77:64:f6:5c:66:46:6c:03:c9:
         88:23:8c:53:79:54:a0:a2:51:d2:11:5e:9d:27:dc:51:5a:df:
         bf:ed:2c:ed:a9:86:bc:83:f9:19:20:fd:33:15:9d:63:b4:83:
         21:0a:0d:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fDc+6++mhPbwSwbCaNPQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMTA3N2NjYzQ4MmI5MWI0NTk5ZjUyYzk0YTg4OTAwMTM5
MjQ5ZmYwHhcNMjUwNjI4MTcwMTAwWhcNMjUwNjI5MTcwMTAwWjAzMTEwLwYDVQQD
EygwNjc3NzZmOWZkZWZhMzQyNDc3Njk4OTAxOThjNjE5OGQyZGZhNTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvorIAoNEikR4W+B89GbHfpSIIw4
ZIwn9Us0i4RAYFF2ZNqteC5VStZY3qOC99fqQvmcB1jXVydQKcP5KDq3d+Hom6Rf
jWYB72S2F4J/oPUHmgO7Y7QdoZG6mGXh0E7Uy0+fiIEECgNsMkcmpG3/TqC8si+M
wFrKoAhutILYAxntNXEjkgP/f2BRCjfhukWepPLUr1mxl20udccw4KbI7hE6CEUe
mDPMBP0ciaMr2VD5TrdVJ1OlerCPW6KTeYCkBBgugpiSN2qlih6ko80RkU98ynKM
3MMeeOJ+L0G74QtYiuwpTzfdzB6gbudLzkuPLoUzjVs6yP5+SGNUb3DI9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAZ3dvn976NCR3aYkBmMYZjS36V2MB8GA1UdIwQY
MBaAFGMQd8zEgrkbRZn1LJSoiQATkkn/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXhCM3pNU0N1UnRGbWZVc2xLaUpBQk9TU2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC84MTQyNTMtZjIxZi00YmM4LWI3Njgt
ODA0Yjc2MGRkODc5LzEvWXhCM3pNU0N1UnRGbWZVc2xLaUpBQk9TU2Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC84MTQyNTMtZjIxZi00YmM4LWI3NjgtODA0Yjc2MGRkODc5
LzEvWXhCM3pNU0N1UnRGbWZVc2xLaUpBQk9TU2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQpE7s0j3
waNT36WqUs/OljiYdPqK2rIO9XCAgJq3XmAW6SXefvJY45xWSW2dm5QdeYel57pz
D5bu/ZDbEi9WWiHdxpKINwrB7gXV6Lsvz/w85tbvn5/J0BQvh5DMjKUtcml6SiSz
Pmqw5KVoD+yQULXxSZAdKAOIxfhtUJ4fjHALhgWV242X6C6zh1sBSbxgb3M6TWLD
sUwxXB0jRejOsx1C/H6x5dvpvCmoQ5Y/YmZWG1wGGisOg+zwWzaKs5J7JFy7lyZ1
oTApg71jDEMVd2T2XGZGbAPJiCOMU3lUoKJR0hFenSfcUVrfv+0s7amGvIP5GSD9
MxWdY7SDIQoNhw==
-----END CERTIFICATE-----