Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
File:                     yuDyZX221YxEden7gXNW4u3SzA8.mft (raw, json)
Hash identifier:          oAmJFHEfUsvvjVq2cWXw0KXQtAd0SSW0/gUHAEPKodQ=
Subject key identifier:   DD:07:C9:91:0A:F1:56:04:73:E0:DF:34:0F:E5:16:A0:B3:E7:B9:98
Authority key identifier: CA:E0:F2:65:7D:B6:D5:8C:44:75:E9:FB:81:73:56:E2:ED:D2:CC:0F
Certificate issuer:       /CN=cae0f2657db6d58c4475e9fb817356e2edd2cc0f
Certificate serial:       0198D6CD46FDF219AA8E7DF422F62356411A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
Manifest number:          1226
Signing time:             Sat 23 Aug 2025 12:00:33 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:33 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:33 +0000
Files and hashes:         1: yuDyZX221YxEden7gXNW4u3SzA8.crl (hash: F0ZVc0s9a5mLFNnR+O9fgYEe3cnfHrzsjPGue9TQoQ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:46:fd:f2:19:aa:8e:7d:f4:22:f6:23:56:41:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cae0f2657db6d58c4475e9fb817356e2edd2cc0f
        Validity
            Not Before: Aug 23 12:00:33 2025 GMT
            Not After : Aug 24 12:00:33 2025 GMT
        Subject: CN=dd07c9910af1560473e0df340fe516a0b3e7b998
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:f5:70:a9:c3:d0:20:60:bb:eb:c1:11:fd:66:
                    b5:d9:ad:23:e4:49:5b:e3:09:d7:4b:cd:58:7e:d8:
                    65:a1:91:cc:1b:54:db:2f:f8:f3:c4:ed:e7:0a:14:
                    d6:da:3f:91:bc:a8:da:46:44:43:2d:f1:d9:4d:40:
                    49:93:52:d7:39:78:85:3b:e7:fe:14:70:3c:10:0a:
                    93:36:32:33:53:b5:9f:48:81:33:f5:f0:c2:37:ca:
                    0b:1f:19:4c:44:eb:6a:d9:51:41:98:be:d4:81:ca:
                    11:b6:93:7f:51:cc:24:b6:68:88:f3:5a:61:46:cd:
                    a6:b9:40:4a:71:31:38:f4:99:63:6b:bc:c9:a4:6e:
                    fc:7f:61:55:a0:4b:4a:53:45:1d:1e:78:7c:f6:58:
                    06:f3:5c:dd:86:91:27:1f:75:f2:a2:06:14:56:39:
                    1a:eb:89:10:1d:37:c1:6a:17:9b:d1:5d:a6:fd:cc:
                    2a:48:43:f0:28:4e:df:d4:85:c5:db:93:07:ab:10:
                    9b:f4:9a:d1:47:26:6f:d0:fc:a3:93:36:e3:fc:a9:
                    83:93:87:c0:8f:09:f3:94:dd:ec:db:8f:6c:c0:dc:
                    84:83:3d:37:d6:e8:9f:21:9c:85:fa:4b:3f:65:13:
                    0a:52:65:c6:fe:60:c2:94:d8:0a:63:93:8c:33:6a:
                    52:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:07:C9:91:0A:F1:56:04:73:E0:DF:34:0F:E5:16:A0:B3:E7:B9:98
            X509v3 Authority Key Identifier:
                keyid:CA:E0:F2:65:7D:B6:D5:8C:44:75:E9:FB:81:73:56:E2:ED:D2:CC:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:1f:31:fa:da:0a:9f:c7:84:c8:7e:cb:fc:73:2b:a4:71:7f:
         dc:a7:58:bb:2d:50:89:32:c0:bf:1b:00:34:bc:42:82:43:cc:
         a4:9e:54:1f:5f:46:5e:57:1d:a2:a0:62:c1:a8:c1:cf:f6:c1:
         46:a8:51:f0:34:19:5d:09:48:f0:39:cf:20:a5:b8:48:f2:4d:
         e3:06:d3:ef:65:e0:92:6f:cf:43:e2:e0:63:93:e7:2a:e6:9a:
         dd:1a:89:22:56:f3:92:33:2a:9d:78:ac:61:4a:4e:a1:64:f2:
         5b:34:e4:38:bb:8a:f1:75:40:1d:24:4c:7e:5d:e7:95:34:03:
         3e:04:31:52:7f:1c:0c:86:28:f3:f1:6d:d3:72:08:fc:4b:4f:
         f1:70:d9:84:98:cb:f7:2b:dc:bf:82:04:59:32:ac:db:9f:3c:
         a8:29:98:6f:6b:30:78:87:be:d6:7a:c0:a8:91:89:1b:5e:b0:
         90:22:01:57:e8:e3:82:97:2a:c9:96:b5:34:38:3e:e4:ef:36:
         ae:4c:0a:b4:34:a0:8e:78:de:e5:d1:ea:b2:63:31:52:f8:12:
         22:af:be:44:88:9b:c6:8b:e2:95:5a:93:ad:2a:25:63:3f:15:
         b8:2c:4f:a0:4b:89:30:a7:05:bf:20:5f:08:c2:6b:89:e8:1d:
         bc:1b:db:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzUb98hmqjn30IvYjVkEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZTBmMjY1N2RiNmQ1OGM0NDc1ZTlmYjgxNzM1NmUyZWRk
MmNjMGYwHhcNMjUwODIzMTIwMDMzWhcNMjUwODI0MTIwMDMzWjAzMTEwLwYDVQQD
EyhkZDA3Yzk5MTBhZjE1NjA0NzNlMGRmMzQwZmU1MTZhMGIzZTdiOTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfVwqcPQIGC768ER/Wa12a0j5Elb
4wnXS81YfthloZHMG1TbL/jzxO3nChTW2j+RvKjaRkRDLfHZTUBJk1LXOXiFO+f+
FHA8EAqTNjIzU7WfSIEz9fDCN8oLHxlMROtq2VFBmL7UgcoRtpN/UcwktmiI81ph
Rs2muUBKcTE49Jlja7zJpG78f2FVoEtKU0UdHnh89lgG81zdhpEnH3XyogYUVjka
64kQHTfBaheb0V2m/cwqSEPwKE7f1IXF25MHqxCb9JrRRyZv0Pyjkzbj/KmDk4fA
jwnzlN3s249swNyEgz031uifIZyF+ks/ZRMKUmXG/mDClNgKY5OMM2pSCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN0HyZEK8VYEc+DfNA/lFqCz57mYMB8GA1UdIwQY
MBaAFMrg8mV9ttWMRHXp+4FzVuLt0swPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8wMzdmZjEtNjliOS00NGI0LThjMGUt
YTE5YTNiZWIxNWIyLzEveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8wMzdmZjEtNjliOS00NGI0LThjMGUtYTE5YTNiZWIxNWIy
LzEveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIB8x+toK
n8eEyH7L/HMrpHF/3KdYuy1QiTLAvxsANLxCgkPMpJ5UH19GXlcdoqBiwajBz/bB
RqhR8DQZXQlI8DnPIKW4SPJN4wbT72Xgkm/PQ+LgY5PnKuaa3RqJIlbzkjMqnXis
YUpOoWTyWzTkOLuK8XVAHSRMfl3nlTQDPgQxUn8cDIYo8/Ft03II/EtP8XDZhJjL
9yvcv4IEWTKs2588qCmYb2sweIe+1nrAqJGJG16wkCIBV+jjgpcqyZa1NDg+5O82
rkwKtDSgjnje5dHqsmMxUvgSIq++RIibxovilVqTrSolYz8VuCxPoEuJMKcFvyBf
CMJriegdvBvb3Q==
-----END CERTIFICATE-----