Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
File:                     yAH8mVpSGvH1Atnq8S1mIaZMr00.mft (raw, json)
Hash identifier:          rrqjI/GDPh5hQ0wEr0IvWF9RHEr29yB5A7bVAz1XjG0=
Subject key identifier:   BA:F0:CB:E6:90:9C:17:C2:F6:CB:D2:73:00:CE:F5:30:CC:AA:B3:CE
Authority key identifier: C8:01:FC:99:5A:52:1A:F1:F5:02:D9:EA:F1:2D:66:21:A6:4C:AF:4D
Certificate issuer:       /CN=c801fc995a521af1f502d9eaf12d6621a64caf4d
Certificate serial:       0198D66145DD624A59EADC11A5CB98682110
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 10:02:35 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:35 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:35 +0000
Files and hashes:         1: yAH8mVpSGvH1Atnq8S1mIaZMr00.crl (hash: ySE0frvvzNFw+3nQiWxGOUa9v72H4eU9shZQ94hmjeY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:61:45:dd:62:4a:59:ea:dc:11:a5:cb:98:68:21:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c801fc995a521af1f502d9eaf12d6621a64caf4d
        Validity
            Not Before: Aug 23 10:02:35 2025 GMT
            Not After : Aug 24 10:02:35 2025 GMT
        Subject: CN=baf0cbe6909c17c2f6cbd27300cef530ccaab3ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:70:ea:02:c1:64:a8:ce:90:e5:27:96:db:a3:
                    42:12:a4:32:24:9b:b0:3c:b3:96:f0:d1:15:62:30:
                    14:75:0d:12:eb:c6:33:cc:02:cd:0d:31:6f:a7:19:
                    b9:cf:0c:ef:c1:46:9b:95:07:3c:f0:1f:72:37:cb:
                    d8:39:49:a6:ce:a3:72:b6:56:b9:92:c2:49:85:cd:
                    37:f7:30:b8:5e:a0:cc:da:97:43:e1:3a:f1:f3:30:
                    2a:7b:57:4c:6a:dd:92:da:72:cf:62:9e:26:11:11:
                    c0:bf:7f:ef:5d:fb:b1:4f:71:97:e0:9c:74:77:d2:
                    1b:ca:a3:e2:3c:d5:a1:7e:71:e0:b2:30:21:dc:ea:
                    be:5e:00:3f:53:3c:aa:e9:8d:03:3a:1e:71:75:3a:
                    56:c8:89:5a:1e:cf:03:d4:a4:32:36:69:61:40:4e:
                    26:53:3b:e5:e6:03:4a:cf:02:50:36:d0:e0:da:8a:
                    34:12:01:9d:d9:6c:2f:7c:75:e0:ef:31:ef:4c:f4:
                    8b:34:69:4f:48:be:c2:72:ba:18:96:47:1e:f5:29:
                    a3:23:52:0e:fb:07:e4:f8:70:92:21:57:36:80:41:
                    b8:c6:8e:ef:5d:c7:7c:15:24:7b:b4:78:be:f3:b6:
                    be:96:79:07:91:4e:de:29:55:3f:c5:43:1b:05:19:
                    e9:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:F0:CB:E6:90:9C:17:C2:F6:CB:D2:73:00:CE:F5:30:CC:AA:B3:CE
            X509v3 Authority Key Identifier:
                keyid:C8:01:FC:99:5A:52:1A:F1:F5:02:D9:EA:F1:2D:66:21:A6:4C:AF:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:ac:4c:6c:a4:f2:d4:eb:1c:d4:cb:3b:02:49:ca:4a:47:42:
         07:38:70:a8:a2:3e:12:a2:b7:ea:96:c6:f5:f7:d9:90:c2:ec:
         02:08:bb:95:01:89:b6:f8:76:25:d1:a3:43:86:91:2c:12:92:
         7d:9d:7d:47:e8:5f:bb:75:92:26:20:11:ca:a0:2a:c2:59:a0:
         57:16:4e:c2:d8:84:ae:9a:88:ab:a3:52:56:3e:84:77:b9:42:
         ca:4e:17:61:06:10:2a:09:a5:89:8c:02:19:71:0a:c5:3c:74:
         57:3c:f7:3e:0f:7f:10:55:70:ea:33:f5:a7:c7:f1:b3:93:72:
         f9:49:58:69:0c:22:9e:b8:3d:36:16:95:e3:33:eb:0c:b3:51:
         b7:4a:e3:cb:34:db:6c:f9:7e:9b:db:a1:76:6d:7f:88:54:9a:
         68:0f:3c:7d:34:ec:f3:a2:6b:3a:ac:62:b6:ac:1f:31:4e:2e:
         47:c5:1d:44:d0:25:3c:3c:59:38:ff:85:95:34:f4:f4:ee:ea:
         a3:77:5b:0b:73:34:76:ec:bd:8c:89:18:f6:bc:d9:94:3e:18:
         06:e5:dc:90:2d:5d:42:86:f3:93:14:60:06:d9:91:a6:dd:06:
         dd:c9:b9:52:e9:7b:0a:44:8a:e2:49:17:8d:6b:e0:58:76:d4:
         d4:96:6a:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYUXdYkpZ6twRpcuYaCEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MDFmYzk5NWE1MjFhZjFmNTAyZDllYWYxMmQ2NjIxYTY0
Y2FmNGQwHhcNMjUwODIzMTAwMjM1WhcNMjUwODI0MTAwMjM1WjAzMTEwLwYDVQQD
EyhiYWYwY2JlNjkwOWMxN2MyZjZjYmQyNzMwMGNlZjUzMGNjYWFiM2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3DqAsFkqM6Q5SeW26NCEqQyJJuw
PLOW8NEVYjAUdQ0S68YzzALNDTFvpxm5zwzvwUablQc88B9yN8vYOUmmzqNytla5
ksJJhc039zC4XqDM2pdD4Trx8zAqe1dMat2S2nLPYp4mERHAv3/vXfuxT3GX4Jx0
d9IbyqPiPNWhfnHgsjAh3Oq+XgA/Uzyq6Y0DOh5xdTpWyIlaHs8D1KQyNmlhQE4m
Uzvl5gNKzwJQNtDg2oo0EgGd2WwvfHXg7zHvTPSLNGlPSL7CcroYlkce9SmjI1IO
+wfk+HCSIVc2gEG4xo7vXcd8FSR7tHi+87a+lnkHkU7eKVU/xUMbBRnp2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLrwy+aQnBfC9svScwDO9TDMqrPOMB8GA1UdIwQY
MBaAFMgB/JlaUhrx9QLZ6vEtZiGmTK9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9iMDQxYjgtNmIyNC00NGYzLWE3NDgt
NzJjMGQ1MDkzMzRkLzEveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9iMDQxYjgtNmIyNC00NGYzLWE3NDgtNzJjMGQ1MDkzMzRk
LzEveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAaxMbKTy
1Osc1Ms7AknKSkdCBzhwqKI+EqK36pbG9ffZkMLsAgi7lQGJtvh2JdGjQ4aRLBKS
fZ19R+hfu3WSJiARyqAqwlmgVxZOwtiErpqIq6NSVj6Ed7lCyk4XYQYQKgmliYwC
GXEKxTx0Vzz3Pg9/EFVw6jP1p8fxs5Ny+UlYaQwinrg9NhaV4zPrDLNRt0rjyzTb
bPl+m9uhdm1/iFSaaA88fTTs86JrOqxitqwfMU4uR8UdRNAlPDxZOP+FlTT09O7q
o3dbC3M0duy9jIkY9rzZlD4YBuXckC1dQobzkxRgBtmRpt0G3cm5Uul7CkSK4kkX
jWvgWHbU1JZqqw==
-----END CERTIFICATE-----