Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
File:                     Yonrndlo7aSnlWTC4GpoOEIpegQ.mft (raw, json)
Hash identifier:          f2Ehaq3LIKK1rpkr/yW9uP3Du0KaZKbG+cOzOdg8Jl8=
Subject key identifier:   7E:CE:C4:52:7D:CE:91:52:01:D8:62:11:50:E5:63:70:80:3B:07:83
Authority key identifier: 62:89:EB:9D:D9:68:ED:A4:A7:95:64:C2:E0:6A:68:38:42:29:7A:04
Certificate issuer:       /CN=6289eb9dd968eda4a79564c2e06a683842297a04
Certificate serial:       0197B6D792FE59355AB892C50F5128310F0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
Manifest number:          02D4
Signing time:             Sat 28 Jun 2025 14:01:10 +0000
Manifest this update:     Sat 28 Jun 2025 14:01:10 +0000
Manifest next update:     Sun 29 Jun 2025 14:01:10 +0000
Files and hashes:         1: Yonrndlo7aSnlWTC4GpoOEIpegQ.crl (hash: ObDg2IYJ6w3R3Xygmy9bfbETP6+6483gzSEvMyoUQ00=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 14:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:d7:92:fe:59:35:5a:b8:92:c5:0f:51:28:31:0f:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6289eb9dd968eda4a79564c2e06a683842297a04
        Validity
            Not Before: Jun 28 14:01:10 2025 GMT
            Not After : Jun 29 14:01:10 2025 GMT
        Subject: CN=7ecec4527dce915201d8621150e56370803b0783
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:72:9d:fc:fb:ac:85:9d:a7:43:2c:38:fa:48:
                    7c:3f:fb:d1:1e:12:d9:d6:ba:af:8c:90:44:75:9f:
                    fa:b0:71:76:e8:81:44:58:f3:0e:b6:1c:10:6f:ff:
                    91:29:43:79:9e:20:0b:0d:96:ce:00:eb:d7:d3:2a:
                    9d:ad:33:05:dc:af:ae:4a:0d:be:e9:71:a0:4b:24:
                    82:1d:6c:d9:86:2d:78:65:b4:d9:3b:a4:c5:c4:ed:
                    ae:23:a8:ad:39:90:78:97:cd:ca:ff:1b:6f:f1:76:
                    9c:44:a0:f6:6a:71:c0:9f:73:4b:fa:60:d5:12:a1:
                    b5:d0:23:21:14:b3:80:79:1f:ac:79:d8:58:50:a1:
                    7a:9b:f0:2b:51:cb:df:d3:1a:04:8b:c4:31:ab:c8:
                    92:78:56:e5:23:ea:ef:cb:d4:32:e5:5c:44:95:33:
                    02:eb:94:07:eb:b4:1b:bf:63:d1:84:20:9f:2d:00:
                    39:30:78:12:04:c2:d2:2f:c1:30:6d:1e:31:b8:f2:
                    61:65:7b:c4:8f:fb:66:5e:3c:8e:6f:d1:63:79:19:
                    33:83:7a:02:16:74:d1:31:4f:ab:0c:ef:e2:02:aa:
                    b5:ed:97:50:99:c4:0f:0c:00:59:aa:dc:0a:27:af:
                    e4:f2:10:31:ee:3c:63:41:02:e2:49:12:5b:2d:93:
                    fe:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:CE:C4:52:7D:CE:91:52:01:D8:62:11:50:E5:63:70:80:3B:07:83
            X509v3 Authority Key Identifier:
                keyid:62:89:EB:9D:D9:68:ED:A4:A7:95:64:C2:E0:6A:68:38:42:29:7A:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:ef:0a:bf:30:aa:f2:5a:35:f2:85:16:97:f9:c6:93:57:80:
         5f:b6:49:bd:6f:2d:52:f0:60:0d:95:c3:80:5c:92:50:bf:c7:
         f4:b7:fb:64:6b:bc:1b:81:05:59:17:d7:ea:86:a1:64:e6:08:
         a8:55:e2:d9:72:37:05:42:e8:ea:b0:f4:36:e8:a6:b2:1b:f6:
         22:92:0b:46:bb:30:7b:0c:3a:5f:9f:91:79:6d:1c:23:0f:c8:
         ba:44:4b:bf:05:2f:a5:eb:33:67:30:87:77:30:90:f3:60:b0:
         20:1b:5f:b7:03:18:72:fc:36:71:72:fb:ab:9c:11:78:53:55:
         42:7f:86:ad:ef:09:36:0c:bc:b6:97:b8:09:0b:83:93:38:37:
         bb:7a:7d:be:09:9b:ca:3e:52:42:68:9f:c8:f4:38:2c:c5:1a:
         32:5a:43:d7:0a:c9:e7:3f:bb:44:2a:ed:09:fa:2c:5c:a8:3b:
         2b:de:c4:30:55:94:4c:59:bd:f5:c9:de:da:43:fc:19:bd:f2:
         47:03:0e:ef:ed:6c:28:a5:fa:70:3d:3a:b4:87:fb:b3:a5:c5:
         09:88:c9:e1:ac:c9:3a:13:53:57:e2:26:79:ac:41:8a:d0:c6:
         93:04:14:ff:bb:83:73:c5:4f:5f:b7:4b:c3:9a:75:2a:13:2c:
         ef:37:d0:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe215L+WTVauJLFD1EoMQ8NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyODllYjlkZDk2OGVkYTRhNzk1NjRjMmUwNmE2ODM4NDIy
OTdhMDQwHhcNMjUwNjI4MTQwMTEwWhcNMjUwNjI5MTQwMTEwWjAzMTEwLwYDVQQD
Eyg3ZWNlYzQ1MjdkY2U5MTUyMDFkODYyMTE1MGU1NjM3MDgwM2IwNzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnKd/PushZ2nQyw4+kh8P/vRHhLZ
1rqvjJBEdZ/6sHF26IFEWPMOthwQb/+RKUN5niALDZbOAOvX0yqdrTMF3K+uSg2+
6XGgSySCHWzZhi14ZbTZO6TFxO2uI6itOZB4l83K/xtv8XacRKD2anHAn3NL+mDV
EqG10CMhFLOAeR+sedhYUKF6m/ArUcvf0xoEi8Qxq8iSeFblI+rvy9Qy5VxElTMC
65QH67Qbv2PRhCCfLQA5MHgSBMLSL8EwbR4xuPJhZXvEj/tmXjyOb9FjeRkzg3oC
FnTRMU+rDO/iAqq17ZdQmcQPDABZqtwKJ6/k8hAx7jxjQQLiSRJbLZP+cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH7OxFJ9zpFSAdhiEVDlY3CAOweDMB8GA1UdIwQY
MBaAFGKJ653ZaO2kp5VkwuBqaDhCKXoEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81ZTdkYzgtN2JmNS00MDMzLTkwOTIt
ZmM3ZWI5OTFkYjQwLzEvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81ZTdkYzgtN2JmNS00MDMzLTkwOTItZmM3ZWI5OTFkYjQw
LzEvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABO8KvzCq
8lo18oUWl/nGk1eAX7ZJvW8tUvBgDZXDgFySUL/H9Lf7ZGu8G4EFWRfX6oahZOYI
qFXi2XI3BULo6rD0Nuimshv2IpILRrsweww6X5+ReW0cIw/IukRLvwUvpeszZzCH
dzCQ82CwIBtftwMYcvw2cXL7q5wReFNVQn+Gre8JNgy8tpe4CQuDkzg3u3p9vgmb
yj5SQmifyPQ4LMUaMlpD1wrJ5z+7RCrtCfosXKg7K97EMFWUTFm99cne2kP8Gb3y
RwMO7+1sKKX6cD06tIf7s6XFCYjJ4azJOhNTV+ImeaxBitDGkwQU/7uDc8VPX7dL
w5p1KhMs7zfQrw==
-----END CERTIFICATE-----