Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/78c37f-2f69-4fec-a198-ccf528eb4dda/1/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.mft
File:                     yVmYmJ_bWl-TIUetcWLGMATgZ6Q.mft (raw, json)
Hash identifier:          GRsjh96Rs/MBx712MKqgb6lNR6RLj/EdtVyBNUiRAng=
Subject key identifier:   CA:37:F1:F6:99:55:D8:CF:2C:D2:AA:5C:9C:9E:90:5E:E6:14:B2:BF
Authority key identifier: C9:59:98:98:9F:DB:5A:5F:93:21:47:AD:71:62:C6:30:04:E0:67:A4
Certificate issuer:       /CN=c95998989fdb5a5f932147ad7162c63004e067a4
Certificate serial:       0197B74576FE357A81B19E12DC0D57CDBDB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/78c37f-2f69-4fec-a198-ccf528eb4dda/1/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.mft
Manifest number:          0A98
Signing time:             Sat 28 Jun 2025 16:01:12 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:12 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:12 +0000
Files and hashes:         1: yVmYmJ_bWl-TIUetcWLGMATgZ6Q.crl (hash: aXl2wJOetFpnDUsE3jineIFoF2zQeoTb4SL/+FwLei0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/81/78c37f-2f69-4fec-a198-ccf528eb4dda/1/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/81/78c37f-2f69-4fec-a198-ccf528eb4dda/1/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:76:fe:35:7a:81:b1:9e:12:dc:0d:57:cd:bd:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c95998989fdb5a5f932147ad7162c63004e067a4
        Validity
            Not Before: Jun 28 16:01:12 2025 GMT
            Not After : Jun 29 16:01:12 2025 GMT
        Subject: CN=ca37f1f69955d8cf2cd2aa5c9c9e905ee614b2bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:f5:f3:7c:c2:11:cf:b0:e5:69:d7:94:90:c2:
                    a4:05:e7:81:0a:3f:d9:99:19:01:9e:07:f6:ab:cb:
                    2d:4c:22:1c:ab:be:a7:c5:0f:a4:4e:40:4e:23:13:
                    b6:2e:52:a7:a4:77:3e:c2:78:bb:e0:1a:ec:2d:23:
                    25:02:d8:c6:ea:d7:9e:1f:d7:b9:7c:31:ba:13:00:
                    15:19:16:04:59:85:4b:d5:9f:d3:ab:89:30:e1:76:
                    8b:ec:b7:a4:bb:c5:a4:d4:db:c9:57:af:2e:17:2a:
                    af:ff:93:b4:b7:40:77:89:6d:56:2d:c7:9c:49:e4:
                    f2:53:bb:73:aa:6d:2a:fe:d1:d6:a6:9f:18:da:d5:
                    46:67:fd:3e:3e:29:9e:fd:42:dc:18:2c:d0:4e:c4:
                    c7:39:0f:9c:35:82:93:09:cd:89:ed:2e:4e:69:86:
                    98:c9:23:d4:d3:75:f3:15:da:c7:07:51:fb:64:49:
                    8c:b4:b4:b0:63:5b:41:5a:58:8f:60:97:55:4e:67:
                    52:27:ef:5e:cf:47:c0:bb:53:48:01:29:ac:f4:9f:
                    ca:f5:ff:d1:cd:37:e3:b2:83:c1:9d:98:5d:a2:51:
                    61:03:df:3c:23:f9:d0:c1:f2:84:91:f6:be:43:38:
                    04:51:d4:cb:f3:81:fe:94:78:2a:69:4a:4b:a6:7c:
                    e9:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:37:F1:F6:99:55:D8:CF:2C:D2:AA:5C:9C:9E:90:5E:E6:14:B2:BF
            X509v3 Authority Key Identifier:
                keyid:C9:59:98:98:9F:DB:5A:5F:93:21:47:AD:71:62:C6:30:04:E0:67:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/78c37f-2f69-4fec-a198-ccf528eb4dda/1/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/78c37f-2f69-4fec-a198-ccf528eb4dda/1/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:e7:e3:0f:06:4a:17:7f:48:29:63:13:87:38:24:30:e3:92:
         fb:15:38:72:2b:e2:d4:11:fd:0b:09:6b:8f:8a:60:1a:84:16:
         59:83:90:f7:26:d6:12:bd:81:df:e8:6d:89:91:8e:cb:9b:14:
         bb:28:e6:bc:0e:96:93:4e:59:95:52:87:01:62:1d:70:c1:35:
         71:55:09:31:ce:4f:93:fb:3a:b3:10:76:03:c8:d7:13:b1:37:
         a9:9c:a6:bf:99:c8:1e:73:59:83:3f:68:d0:4b:3f:6e:9e:26:
         84:85:bc:65:7e:6f:9e:86:dd:ff:ac:a2:1c:d1:3d:41:0a:75:
         04:01:a2:24:d0:4e:45:fe:3b:66:13:f8:d8:d9:cb:2a:f2:dc:
         4c:49:ca:f7:9a:39:8a:40:72:7a:45:9a:e7:29:c1:b7:41:d5:
         0e:07:50:6d:13:71:5c:c2:18:8f:3c:4e:84:02:f9:9e:8d:d6:
         51:77:19:90:4f:cc:7a:b1:12:38:09:d3:88:3b:e0:4f:43:4c:
         5b:52:78:a6:69:21:04:2c:64:a4:31:03:b8:13:99:3e:9f:80:
         0e:59:f1:fb:2c:ba:45:b8:62:2c:9f:6b:f3:51:25:38:8c:47:
         02:be:6c:4c:6e:14:4d:6c:9b:04:2f:e9:dc:b0:71:58:1d:e7:
         1a:ef:8b:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RXb+NXqBsZ4S3A1Xzb2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NTk5ODk4OWZkYjVhNWY5MzIxNDdhZDcxNjJjNjMwMDRl
MDY3YTQwHhcNMjUwNjI4MTYwMTEyWhcNMjUwNjI5MTYwMTEyWjAzMTEwLwYDVQQD
EyhjYTM3ZjFmNjk5NTVkOGNmMmNkMmFhNWM5YzllOTA1ZWU2MTRiMmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvXzfMIRz7DladeUkMKkBeeBCj/Z
mRkBngf2q8stTCIcq76nxQ+kTkBOIxO2LlKnpHc+wni74BrsLSMlAtjG6teeH9e5
fDG6EwAVGRYEWYVL1Z/Tq4kw4XaL7Leku8Wk1NvJV68uFyqv/5O0t0B3iW1WLcec
SeTyU7tzqm0q/tHWpp8Y2tVGZ/0+Pime/ULcGCzQTsTHOQ+cNYKTCc2J7S5OaYaY
ySPU03XzFdrHB1H7ZEmMtLSwY1tBWliPYJdVTmdSJ+9ez0fAu1NIASms9J/K9f/R
zTfjsoPBnZhdolFhA988I/nQwfKEkfa+QzgEUdTL84H+lHgqaUpLpnzpbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMo38faZVdjPLNKqXJyekF7mFLK/MB8GA1UdIwQY
MBaAFMlZmJif21pfkyFHrXFixjAE4GekMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVZtWW1KX2JXbC1USVVldGNXTEdNQVRnWjZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS83OGMzN2YtMmY2OS00ZmVjLWExOTgt
Y2NmNTI4ZWI0ZGRhLzEveVZtWW1KX2JXbC1USVVldGNXTEdNQVRnWjZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS83OGMzN2YtMmY2OS00ZmVjLWExOTgtY2NmNTI4ZWI0ZGRh
LzEveVZtWW1KX2JXbC1USVVldGNXTEdNQVRnWjZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZufjDwZK
F39IKWMThzgkMOOS+xU4civi1BH9Cwlrj4pgGoQWWYOQ9ybWEr2B3+htiZGOy5sU
uyjmvA6Wk05ZlVKHAWIdcME1cVUJMc5Pk/s6sxB2A8jXE7E3qZymv5nIHnNZgz9o
0Es/bp4mhIW8ZX5vnobd/6yiHNE9QQp1BAGiJNBORf47ZhP42NnLKvLcTEnK95o5
ikByekWa5ynBt0HVDgdQbRNxXMIYjzxOhAL5no3WUXcZkE/MerESOAnTiDvgT0NM
W1J4pmkhBCxkpDEDuBOZPp+ADlnx+yy6RbhiLJ9r81ElOIxHAr5sTG4UTWybBC/p
3LBxWB3nGu+L1A==
-----END CERTIFICATE-----