Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
File:                     yyDpqru2GRVGEQI1z3bEg4S0UdA.mft (raw, json)
Hash identifier:          Xed2IeJI6qa61xtulO/y4wpHMYzL5qOipsekRJAgw7w=
Subject key identifier:   1D:C6:65:6F:92:15:BA:E9:A4:85:EB:BC:32:3C:5C:FE:4D:44:AE:F8
Authority key identifier: CB:20:E9:AA:BB:B6:19:15:46:11:02:35:CF:76:C4:83:84:B4:51:D0
Certificate issuer:       /CN=cb20e9aabbb6191546110235cf76c48384b451d0
Certificate serial:       0197BA7E6CD54E0C4CB20D46A5C0D76DCC18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
Manifest number:          0504
Signing time:             Sun 29 Jun 2025 07:02:16 +0000
Manifest this update:     Sun 29 Jun 2025 07:02:16 +0000
Manifest next update:     Mon 30 Jun 2025 07:02:16 +0000
Files and hashes:         1: yyDpqru2GRVGEQI1z3bEg4S0UdA.crl (hash: 1xmQL4XxPBTBGerM9QDpQctgunAyXLMgOhk54Y/aSVs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:7e:6c:d5:4e:0c:4c:b2:0d:46:a5:c0:d7:6d:cc:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb20e9aabbb6191546110235cf76c48384b451d0
        Validity
            Not Before: Jun 29 07:02:16 2025 GMT
            Not After : Jun 30 07:02:16 2025 GMT
        Subject: CN=1dc6656f9215bae9a485ebbc323c5cfe4d44aef8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:74:3b:90:a5:30:65:46:43:61:b4:1c:db:68:
                    b7:91:47:69:47:13:43:52:45:fe:4d:01:50:be:29:
                    64:b1:0d:4a:03:11:2e:5d:f9:a2:e0:51:3f:3c:34:
                    b5:70:ee:56:78:54:fe:61:cd:6b:bb:3b:d1:94:f5:
                    a2:df:95:5e:8b:3d:60:98:61:33:dd:28:f6:a7:a6:
                    85:08:21:7a:1d:ff:23:f7:87:97:17:52:58:62:e3:
                    6e:fe:cd:68:11:93:80:2c:34:f7:e9:b0:cf:2e:d9:
                    bf:b6:84:d5:fb:e2:51:c2:6e:6f:ac:70:43:9b:a1:
                    2b:fd:46:68:10:43:8d:a3:e5:1a:67:9f:41:cf:e8:
                    77:c9:a7:c7:01:a4:6d:b4:80:fc:b8:4d:21:65:c7:
                    b7:2a:8c:7c:ef:8f:62:c9:a2:be:36:ea:43:94:fc:
                    5c:97:93:8f:a3:87:3f:53:51:b2:7b:f4:34:ee:2b:
                    78:cd:79:b4:44:46:bd:e5:e5:ea:42:64:6f:29:b9:
                    33:72:f4:91:b2:5b:cf:25:4c:d3:dd:81:b3:43:02:
                    eb:34:2e:7b:58:3b:03:ea:8e:a7:00:ac:24:13:53:
                    c9:7b:58:52:f0:bb:47:27:d5:71:98:88:43:c5:ab:
                    e4:c8:ee:d9:2c:b8:60:72:01:9d:fe:40:7e:fa:3e:
                    bc:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:C6:65:6F:92:15:BA:E9:A4:85:EB:BC:32:3C:5C:FE:4D:44:AE:F8
            X509v3 Authority Key Identifier:
                keyid:CB:20:E9:AA:BB:B6:19:15:46:11:02:35:CF:76:C4:83:84:B4:51:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:da:4f:c1:cc:a5:d8:f1:b4:2f:c5:af:9e:cd:38:7a:e9:33:
         5c:e9:c0:73:ac:cb:9a:20:58:95:17:61:61:08:13:40:49:9a:
         dd:3f:bb:df:bb:b4:f6:22:6e:bf:b8:2b:9d:61:09:fe:d7:81:
         06:10:5a:4f:a1:a4:70:76:29:63:75:d8:a3:19:df:56:6c:1e:
         49:36:05:d5:0d:ad:69:3f:ea:37:ef:29:0e:c4:e5:8b:25:e8:
         63:53:6c:f0:ea:22:ec:c3:d3:15:fd:66:b1:43:ab:6d:2b:84:
         e8:cc:d3:87:cb:dc:62:69:e2:19:53:e6:1e:2b:90:b1:39:70:
         58:ad:34:fa:1b:45:94:57:31:42:21:95:52:37:c6:fe:df:2e:
         07:eb:22:b0:c3:6d:b4:08:04:32:d3:ee:57:2b:d4:fb:c1:1b:
         04:26:29:6b:b5:84:2f:0d:cd:0e:03:74:87:f9:e2:87:f6:94:
         eb:2a:91:4a:c5:a3:ae:f5:39:31:c9:bb:ef:6b:b6:21:ef:be:
         0d:89:c2:6c:36:47:cd:5b:5e:b0:77:18:98:77:84:1c:5c:52:
         eb:c4:2c:6a:8a:85:6c:70:7e:e3:66:86:bc:9f:45:4c:0d:2d:
         05:49:a8:af:3c:f9:a0:2d:35:f8:a3:af:57:2f:81:39:ae:23:
         43:e4:1a:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6fmzVTgxMsg1GpcDXbcwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMjBlOWFhYmJiNjE5MTU0NjExMDIzNWNmNzZjNDgzODRi
NDUxZDAwHhcNMjUwNjI5MDcwMjE2WhcNMjUwNjMwMDcwMjE2WjAzMTEwLwYDVQQD
EygxZGM2NjU2ZjkyMTViYWU5YTQ4NWViYmMzMjNjNWNmZTRkNDRhZWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXQ7kKUwZUZDYbQc22i3kUdpRxND
UkX+TQFQvilksQ1KAxEuXfmi4FE/PDS1cO5WeFT+Yc1ruzvRlPWi35Veiz1gmGEz
3Sj2p6aFCCF6Hf8j94eXF1JYYuNu/s1oEZOALDT36bDPLtm/toTV++JRwm5vrHBD
m6Er/UZoEEONo+UaZ59Bz+h3yafHAaRttID8uE0hZce3Kox8749iyaK+NupDlPxc
l5OPo4c/U1Gye/Q07it4zXm0REa95eXqQmRvKbkzcvSRslvPJUzT3YGzQwLrNC57
WDsD6o6nAKwkE1PJe1hS8LtHJ9VxmIhDxavkyO7ZLLhgcgGd/kB++j68DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB3GZW+SFbrppIXrvDI8XP5NRK74MB8GA1UdIwQY
MBaAFMsg6aq7thkVRhECNc92xIOEtFHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84ZDliYjUtYjRlNS00MzQ0LTg5MWIt
MDgwN2Y5NmNhNGEyLzEveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84ZDliYjUtYjRlNS00MzQ0LTg5MWItMDgwN2Y5NmNhNGEy
LzEveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATNpPwcyl
2PG0L8Wvns04eukzXOnAc6zLmiBYlRdhYQgTQEma3T+737u09iJuv7grnWEJ/teB
BhBaT6GkcHYpY3XYoxnfVmweSTYF1Q2taT/qN+8pDsTliyXoY1Ns8Ooi7MPTFf1m
sUOrbSuE6MzTh8vcYmniGVPmHiuQsTlwWK00+htFlFcxQiGVUjfG/t8uB+sisMNt
tAgEMtPuVyvU+8EbBCYpa7WELw3NDgN0h/nih/aU6yqRSsWjrvU5Mcm772u2Ie++
DYnCbDZHzVtesHcYmHeEHFxS68QsaoqFbHB+42aGvJ9FTA0tBUmorzz5oC01+KOv
Vy+BOa4jQ+QahQ==
-----END CERTIFICATE-----