Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
File:                     yQDj7qi7474R-IxoK9E4wmUH99w.mft (raw, json)
Hash identifier:          EQ0LtzBOsf807ukf3TttTiIKfZkWzmev1BehP+ebj7Y=
Subject key identifier:   FA:B4:A4:93:45:8D:76:8A:8E:03:6F:51:CC:95:04:4C:A3:C7:7A:02
Authority key identifier: C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC
Certificate issuer:       /CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
Certificate serial:       0197B88EB3B02886CEEA863487818A67B189
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
Manifest number:          0C9B
Signing time:             Sat 28 Jun 2025 22:00:49 +0000
Manifest this update:     Sat 28 Jun 2025 22:00:49 +0000
Manifest next update:     Sun 29 Jun 2025 22:00:49 +0000
Files and hashes:         1: yQDj7qi7474R-IxoK9E4wmUH99w.crl (hash: wsPFapDtRtnGxzXYJG1EWc6GdPRTpFE9Eekmi6DtePQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8e:b3:b0:28:86:ce:ea:86:34:87:81:8a:67:b1:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
        Validity
            Not Before: Jun 28 22:00:49 2025 GMT
            Not After : Jun 29 22:00:49 2025 GMT
        Subject: CN=fab4a493458d768a8e036f51cc95044ca3c77a02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:8c:c0:0b:49:52:46:34:26:6a:ca:db:ed:6c:
                    27:c9:69:ae:42:38:ae:a8:c2:d7:a1:73:63:eb:57:
                    5e:52:58:e9:c5:9e:1d:26:70:72:6d:74:53:2d:b1:
                    11:b7:22:d6:11:3b:48:ee:1e:f5:d9:b2:f4:e0:bb:
                    6a:86:f6:4b:32:ae:1f:9f:7e:3b:a8:32:a5:aa:71:
                    53:d7:28:97:d7:a4:87:44:ca:df:7a:9b:38:b6:a5:
                    ed:f7:be:b6:46:60:da:86:35:cd:89:fe:a7:76:66:
                    78:98:8f:dc:b0:71:94:21:cc:f1:84:7f:ae:d6:3b:
                    04:a1:2f:fa:08:03:2a:c2:a8:06:c4:57:a9:c5:06:
                    ff:9c:d9:e7:39:83:61:46:94:50:7a:b0:36:4d:6c:
                    31:58:fc:88:26:91:d6:73:ff:bf:72:29:34:0e:10:
                    9b:e8:87:f1:6c:7c:a2:68:45:3a:1d:b7:18:e6:4b:
                    00:c2:e4:c0:37:73:ff:c1:46:10:8d:78:f1:ea:c1:
                    03:d5:20:71:62:95:94:a7:f6:04:17:c3:6a:6f:45:
                    b8:3a:4d:99:46:de:4f:7c:6d:84:75:bd:01:35:0e:
                    82:1a:59:48:4a:4c:b4:b5:3b:1a:03:6e:c0:9a:25:
                    c7:29:56:90:42:98:fd:73:88:9b:fd:56:13:68:ec:
                    25:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:B4:A4:93:45:8D:76:8A:8E:03:6F:51:CC:95:04:4C:A3:C7:7A:02
            X509v3 Authority Key Identifier:
                keyid:C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:74:3c:7b:7d:46:c8:be:7e:25:27:56:97:50:62:56:35:5e:
         67:d6:2f:47:b0:f2:a0:d7:d7:08:86:63:1d:d8:96:14:07:0a:
         a6:39:ea:1b:0d:d1:cb:ae:c2:cb:88:71:7b:cb:8b:9d:5d:25:
         88:68:af:e3:27:5a:ce:1c:a9:c6:8e:8a:9d:f3:46:66:32:83:
         77:e1:7b:93:10:3d:4b:35:2e:90:05:88:f5:a9:27:ea:7c:97:
         e4:a4:82:48:c0:3f:18:26:fb:0c:f2:13:46:eb:ef:ca:4d:cc:
         66:53:bb:13:1f:0c:7f:cd:b6:85:b9:73:56:2e:61:41:c9:cf:
         b4:0f:70:57:95:d5:55:ab:1c:cf:a2:84:0b:be:35:0c:89:11:
         e6:93:a9:94:6c:b7:03:b0:9c:f0:d8:ca:f2:cf:1e:fd:65:ad:
         34:ca:10:eb:d8:f0:cf:6c:e6:fa:d0:88:94:b5:d4:38:78:25:
         78:6e:90:63:aa:77:07:1b:5c:f1:5b:00:ae:0c:26:07:e6:54:
         e9:aa:75:b4:86:dc:d8:17:07:91:7d:83:ab:fb:48:f1:e4:26:
         b1:0d:92:aa:49:59:cd:34:f1:98:9f:44:cd:a7:81:99:34:07:
         c5:4d:cf:61:3f:db:bd:fd:f3:1e:6b:33:90:66:59:c7:f3:a0:
         26:9b:bf:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4jrOwKIbO6oY0h4GKZ7GJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MDBlM2VlYThiYmUzYmUxMWY4OGM2ODJiZDEzOGMyNjUw
N2Y3ZGMwHhcNMjUwNjI4MjIwMDQ5WhcNMjUwNjI5MjIwMDQ5WjAzMTEwLwYDVQQD
EyhmYWI0YTQ5MzQ1OGQ3NjhhOGUwMzZmNTFjYzk1MDQ0Y2EzYzc3YTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IzAC0lSRjQmasrb7WwnyWmuQjiu
qMLXoXNj61deUljpxZ4dJnBybXRTLbERtyLWETtI7h712bL04LtqhvZLMq4fn347
qDKlqnFT1yiX16SHRMrfeps4tqXt9762RmDahjXNif6ndmZ4mI/csHGUIczxhH+u
1jsEoS/6CAMqwqgGxFepxQb/nNnnOYNhRpRQerA2TWwxWPyIJpHWc/+/cik0DhCb
6IfxbHyiaEU6HbcY5ksAwuTAN3P/wUYQjXjx6sED1SBxYpWUp/YEF8Nqb0W4Ok2Z
Rt5PfG2Edb0BNQ6CGllISky0tTsaA27AmiXHKVaQQpj9c4ib/VYTaOwlzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPq0pJNFjXaKjgNvUcyVBEyjx3oCMB8GA1UdIwQY
MBaAFMkA4+6ou+O+EfiMaCvROMJlB/fcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMt
NDE2MjA0YTAyNzM3LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMtNDE2MjA0YTAyNzM3
LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM3Q8e31G
yL5+JSdWl1BiVjVeZ9YvR7DyoNfXCIZjHdiWFAcKpjnqGw3Ry67Cy4hxe8uLnV0l
iGiv4ydazhypxo6KnfNGZjKDd+F7kxA9SzUukAWI9akn6nyX5KSCSMA/GCb7DPIT
Ruvvyk3MZlO7Ex8Mf822hblzVi5hQcnPtA9wV5XVVascz6KEC741DIkR5pOplGy3
A7Cc8NjK8s8e/WWtNMoQ69jwz2zm+tCIlLXUOHgleG6QY6p3Bxtc8VsArgwmB+ZU
6ap1tIbc2BcHkX2Dq/tI8eQmsQ2SqklZzTTxmJ9EzaeBmTQHxU3PYT/bvf3zHmsz
kGZZx/OgJpu/Dg==
-----END CERTIFICATE-----