Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
File:                     Y31k1HJWO36HP1t5-RydP__D2_k.mft (raw, json)
Hash identifier:          JMFXrkhvn7xjxdseTZbFFbO8oCpbB2w3UvGa8ea8zT8=
Subject key identifier:   3C:80:F9:23:B1:E0:95:1E:69:F1:C9:44:6E:96:2C:3C:70:9B:B4:0F
Authority key identifier: 63:7D:64:D4:72:56:3B:7E:87:3F:5B:79:F9:1C:9D:3F:FF:C3:DB:F9
Certificate issuer:       /CN=637d64d472563b7e873f5b79f91c9d3fffc3dbf9
Certificate serial:       0197B70F5B8E85A8E049EDA031786F0CACE9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
Manifest number:          0E70
Signing time:             Sat 28 Jun 2025 15:02:06 +0000
Manifest this update:     Sat 28 Jun 2025 15:02:06 +0000
Manifest next update:     Sun 29 Jun 2025 15:02:06 +0000
Files and hashes:         1: Y31k1HJWO36HP1t5-RydP__D2_k.crl (hash: NkCu3JGRuZQzaKIbA7krAbNXMndfDFuNvm2ybpA1a8w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0f:5b:8e:85:a8:e0:49:ed:a0:31:78:6f:0c:ac:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=637d64d472563b7e873f5b79f91c9d3fffc3dbf9
        Validity
            Not Before: Jun 28 15:02:06 2025 GMT
            Not After : Jun 29 15:02:06 2025 GMT
        Subject: CN=3c80f923b1e0951e69f1c9446e962c3c709bb40f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:b9:ac:65:01:fa:b5:49:65:9e:97:82:db:9c:
                    8c:6a:67:3d:e9:2a:52:c4:90:b0:90:d5:f9:a0:55:
                    0d:54:af:de:98:4e:f5:b0:aa:f0:2a:6f:7c:73:23:
                    7f:50:64:ef:48:03:cf:43:05:d8:9b:00:5d:ef:25:
                    0d:e0:31:c0:e0:5e:6c:67:91:3e:33:62:6f:ad:35:
                    94:74:bd:85:33:64:94:32:55:cd:b8:42:cc:59:82:
                    94:80:fe:1d:8f:bc:17:af:94:a8:6e:41:e6:7e:25:
                    bb:5c:17:fd:bf:9b:f7:18:e1:6d:1c:81:84:d8:df:
                    bd:50:11:4f:44:1d:39:ac:2c:d1:d3:0d:7c:53:86:
                    7f:bf:94:d7:6e:57:48:1d:49:b9:8a:f4:27:9f:61:
                    e7:42:db:54:19:4c:f8:81:75:0e:b0:99:55:0a:1a:
                    42:27:29:db:05:0f:6c:1e:a3:47:e6:20:59:c4:c7:
                    7e:ff:88:e6:91:c6:34:26:35:f4:e8:e3:52:e6:a0:
                    f1:7e:cb:df:e0:27:28:7d:db:dc:45:70:49:c2:ca:
                    d0:f6:fa:c1:f5:2b:4f:6e:79:5e:ac:32:2e:82:9d:
                    a3:a1:36:00:07:ed:e7:5e:24:f4:60:b6:e8:9f:20:
                    ae:f2:33:1f:ba:2c:26:d9:8f:f4:d3:d6:b2:94:9e:
                    40:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:80:F9:23:B1:E0:95:1E:69:F1:C9:44:6E:96:2C:3C:70:9B:B4:0F
            X509v3 Authority Key Identifier:
                keyid:63:7D:64:D4:72:56:3B:7E:87:3F:5B:79:F9:1C:9D:3F:FF:C3:DB:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:10:06:a5:55:0c:61:23:29:fb:6d:63:ab:ec:c5:3f:ed:85:
         16:99:0e:ca:07:42:b4:76:f9:11:0c:d8:b9:a4:0c:db:d1:2f:
         79:c0:0b:d2:81:54:25:70:49:18:a6:12:c2:26:3a:09:c3:fa:
         12:2c:fc:42:11:ee:53:3c:b6:e8:bc:7c:82:77:ee:3d:04:67:
         c4:f5:94:39:a4:15:46:a6:62:e7:82:c3:e6:66:54:c8:0e:ee:
         7d:02:48:18:e9:55:ea:99:33:4c:a1:28:83:21:4a:c1:0c:c0:
         e0:5b:e8:33:aa:e6:25:9c:5a:d9:3a:39:bd:84:d6:70:82:ac:
         10:1a:b5:39:d4:5e:bf:a3:25:e4:e2:ba:98:4e:81:af:cc:aa:
         a1:9d:1e:46:28:04:68:f6:89:28:67:56:7d:0a:ab:73:2c:e4:
         37:bf:bc:83:4d:35:be:db:93:71:de:85:2d:92:79:b4:97:6c:
         7c:c5:1d:9e:be:14:32:2e:2a:c1:0b:29:99:3a:b4:e0:46:52:
         6f:ad:93:d4:1c:45:0c:73:af:3d:63:05:d3:ba:90:9e:b4:05:
         c6:74:92:0e:e0:cc:77:d8:9c:85:f0:ec:7a:61:34:9a:5f:ba:
         c2:2e:9c:83:e1:22:80:f9:bf:6e:5d:18:24:05:3f:c4:9a:20:
         7b:b3:36:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3D1uOhajgSe2gMXhvDKzpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzN2Q2NGQ0NzI1NjNiN2U4NzNmNWI3OWY5MWM5ZDNmZmZj
M2RiZjkwHhcNMjUwNjI4MTUwMjA2WhcNMjUwNjI5MTUwMjA2WjAzMTEwLwYDVQQD
EygzYzgwZjkyM2IxZTA5NTFlNjlmMWM5NDQ2ZTk2MmMzYzcwOWJiNDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7msZQH6tUllnpeC25yMamc96SpS
xJCwkNX5oFUNVK/emE71sKrwKm98cyN/UGTvSAPPQwXYmwBd7yUN4DHA4F5sZ5E+
M2JvrTWUdL2FM2SUMlXNuELMWYKUgP4dj7wXr5SobkHmfiW7XBf9v5v3GOFtHIGE
2N+9UBFPRB05rCzR0w18U4Z/v5TXbldIHUm5ivQnn2HnQttUGUz4gXUOsJlVChpC
JynbBQ9sHqNH5iBZxMd+/4jmkcY0JjX06ONS5qDxfsvf4CcofdvcRXBJwsrQ9vrB
9StPbnlerDIugp2joTYAB+3nXiT0YLbonyCu8jMfuiwm2Y/009aylJ5AbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDyA+SOx4JUeafHJRG6WLDxwm7QPMB8GA1UdIwQY
MBaAFGN9ZNRyVjt+hz9befkcnT//w9v5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yYmQ2YjQtZWViMi00ZjFiLThhYWYt
ODE3YWY4YTc2MjUwLzEvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yYmQ2YjQtZWViMi00ZjFiLThhYWYtODE3YWY4YTc2MjUw
LzEvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXxAGpVUM
YSMp+21jq+zFP+2FFpkOygdCtHb5EQzYuaQM29EvecAL0oFUJXBJGKYSwiY6CcP6
Eiz8QhHuUzy26Lx8gnfuPQRnxPWUOaQVRqZi54LD5mZUyA7ufQJIGOlV6pkzTKEo
gyFKwQzA4FvoM6rmJZxa2To5vYTWcIKsEBq1OdRev6Ml5OK6mE6Br8yqoZ0eRigE
aPaJKGdWfQqrcyzkN7+8g001vtuTcd6FLZJ5tJdsfMUdnr4UMi4qwQspmTq04EZS
b62T1BxFDHOvPWMF07qQnrQFxnSSDuDMd9ichfDsemE0ml+6wi6cg+EigPm/bl0Y
JAU/xJoge7M2iQ==
-----END CERTIFICATE-----