Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
File:                     pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft (raw, json)
Hash identifier:          vRo39mbtm8tH/jEOujzk8Mmc+hwJ2qZM28cYozlos5g=
Subject key identifier:   87:DF:85:8C:37:4F:A0:64:5B:F2:F3:3C:8C:48:E4:08:D9:9A:EB:57
Authority key identifier: A5:8D:49:83:C9:C6:3B:D8:A1:58:00:3C:58:5F:43:D9:94:C1:2D:C2
Certificate issuer:       /CN=a58d4983c9c63bd8a158003c585f43d994c12dc2
Certificate serial:       0198D7A8B68F3D438D7E10B06B07880488E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
Manifest number:          0AA9
Signing time:             Sat 23 Aug 2025 16:00:14 +0000
Manifest this update:     Sat 23 Aug 2025 16:00:14 +0000
Manifest next update:     Sun 24 Aug 2025 16:00:14 +0000
Files and hashes:         1: pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl (hash: PycEfQLgeBH1Ei7omJwazjifzSXC1x91Ru462Ea84K4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:a8:b6:8f:3d:43:8d:7e:10:b0:6b:07:88:04:88:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a58d4983c9c63bd8a158003c585f43d994c12dc2
        Validity
            Not Before: Aug 23 16:00:14 2025 GMT
            Not After : Aug 24 16:00:14 2025 GMT
        Subject: CN=87df858c374fa0645bf2f33c8c48e408d99aeb57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:23:e5:03:59:af:15:b9:8e:d8:49:53:17:46:
                    ed:45:e4:21:0c:0b:60:5a:38:2a:5f:a6:04:26:7d:
                    17:1d:0e:dc:96:70:d9:e7:58:27:14:11:61:3e:43:
                    c7:d3:c6:9d:23:fa:eb:6e:58:c6:88:8d:8b:04:76:
                    36:c0:21:e0:56:b3:05:70:f7:fd:11:3b:dd:92:a1:
                    03:4c:2a:08:bf:56:47:28:17:57:86:d1:c3:a5:d7:
                    87:79:3d:7b:19:df:91:98:b2:2a:f3:b8:d9:04:ca:
                    19:74:55:6d:e9:28:d1:3c:de:08:b9:b1:9c:15:89:
                    b5:e9:34:0c:55:dc:6f:eb:25:b3:74:07:3a:b7:63:
                    98:5e:ae:5b:b0:b6:56:85:1d:69:b6:06:d0:86:8a:
                    3a:16:22:24:0d:75:6f:10:5d:46:3d:e6:63:40:a9:
                    59:47:19:6f:10:8e:7e:e2:04:8b:a2:24:0d:1e:97:
                    be:77:c8:20:41:46:0e:b7:a6:7f:08:f6:0b:e8:d8:
                    8c:7d:e8:7a:71:59:b0:5d:03:9a:c4:7d:c1:a0:94:
                    fe:8e:b3:5d:00:cb:f9:49:08:02:3d:e7:7d:62:67:
                    cf:60:89:56:8a:c8:96:e1:52:09:6d:44:ee:50:d1:
                    09:b2:f9:0d:58:c7:14:b4:dd:9a:ea:e4:04:51:3a:
                    30:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:DF:85:8C:37:4F:A0:64:5B:F2:F3:3C:8C:48:E4:08:D9:9A:EB:57
            X509v3 Authority Key Identifier:
                keyid:A5:8D:49:83:C9:C6:3B:D8:A1:58:00:3C:58:5F:43:D9:94:C1:2D:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:f9:38:8f:b5:71:fc:16:74:86:a6:9e:39:bf:74:0e:fa:51:
         85:ea:f4:07:aa:03:e3:89:8d:d4:4d:e3:be:9a:7b:5b:86:ad:
         11:d4:56:6e:54:97:df:6f:4d:6e:5f:04:a2:6e:c4:68:53:b0:
         22:d3:fa:ea:82:31:78:9e:13:bb:43:12:ce:f6:81:7b:8f:8f:
         1d:a2:b4:57:a2:57:2a:5c:47:80:76:32:2b:91:c8:20:21:a5:
         3f:a3:2d:fe:0a:61:e2:95:95:4f:88:55:52:3c:73:df:fa:27:
         57:44:a3:4c:a0:d8:fb:d5:1b:94:f7:08:cd:20:39:fe:81:11:
         7d:35:77:aa:45:51:66:54:63:62:9c:50:2e:e0:3b:37:2a:a5:
         5c:b3:c9:8b:bb:8d:74:c0:a9:dd:64:f3:81:30:c9:94:a7:08:
         f5:b5:28:1f:38:c4:d8:75:78:b6:c9:7d:dc:0c:82:73:d4:f1:
         9e:b8:39:d8:15:01:9c:c9:c1:f2:5a:e4:25:80:1c:2a:f9:ae:
         eb:e4:8c:a6:c1:a3:0d:cc:69:2b:d7:4e:10:01:ce:38:f9:2d:
         87:33:ff:19:ac:f9:3f:c5:cb:f1:8f:78:77:6d:04:da:3e:62:
         f5:8e:a5:b2:a2:7b:17:87:15:f8:a4:7b:ef:40:40:25:37:af:
         8d:d0:12:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXqLaPPUONfhCwaweIBIjgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OGQ0OTgzYzljNjNiZDhhMTU4MDAzYzU4NWY0M2Q5OTRj
MTJkYzIwHhcNMjUwODIzMTYwMDE0WhcNMjUwODI0MTYwMDE0WjAzMTEwLwYDVQQD
Eyg4N2RmODU4YzM3NGZhMDY0NWJmMmYzM2M4YzQ4ZTQwOGQ5OWFlYjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviPlA1mvFbmO2ElTF0btReQhDAtg
WjgqX6YEJn0XHQ7clnDZ51gnFBFhPkPH08adI/rrbljGiI2LBHY2wCHgVrMFcPf9
ETvdkqEDTCoIv1ZHKBdXhtHDpdeHeT17Gd+RmLIq87jZBMoZdFVt6SjRPN4IubGc
FYm16TQMVdxv6yWzdAc6t2OYXq5bsLZWhR1ptgbQhoo6FiIkDXVvEF1GPeZjQKlZ
RxlvEI5+4gSLoiQNHpe+d8ggQUYOt6Z/CPYL6NiMfeh6cVmwXQOaxH3BoJT+jrNd
AMv5SQgCPed9YmfPYIlWisiW4VIJbUTuUNEJsvkNWMcUtN2a6uQEUTowCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIffhYw3T6BkW/LzPIxI5AjZmutXMB8GA1UdIwQY
MBaAFKWNSYPJxjvYoVgAPFhfQ9mUwS3CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jM2EzNDMtZGE4Mi00MjdhLTk4YzYt
Y2UzMGQ0YTM5OGUwLzEvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jM2EzNDMtZGE4Mi00MjdhLTk4YzYtY2UzMGQ0YTM5OGUw
LzEvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO/k4j7Vx
/BZ0hqaeOb90DvpRher0B6oD44mN1E3jvpp7W4atEdRWblSX329Nbl8Eom7EaFOw
ItP66oIxeJ4Tu0MSzvaBe4+PHaK0V6JXKlxHgHYyK5HIICGlP6Mt/gph4pWVT4hV
Ujxz3/onV0SjTKDY+9UblPcIzSA5/oERfTV3qkVRZlRjYpxQLuA7NyqlXLPJi7uN
dMCp3WTzgTDJlKcI9bUoHzjE2HV4tsl93AyCc9Txnrg52BUBnMnB8lrkJYAcKvmu
6+SMpsGjDcxpK9dOEAHOOPkthzP/Gaz5P8XL8Y94d20E2j5i9Y6lsqJ7F4cV+KR7
70BAJTevjdASzw==
-----END CERTIFICATE-----