Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
File:                     Yonrndlo7aSnlWTC4GpoOEIpegQ.mft (raw, json)
Hash identifier:          CCsmM1GWIKIp6/lmxCEsDXpGSDUV9D+KtB7t5N1oJnY=
Subject key identifier:   EC:13:2F:A9:54:CA:A5:33:7B:8A:57:65:CB:F1:6A:15:76:E8:8F:6E
Authority key identifier: 62:89:EB:9D:D9:68:ED:A4:A7:95:64:C2:E0:6A:68:38:42:29:7A:04
Certificate issuer:       /CN=6289eb9dd968eda4a79564c2e06a683842297a04
Certificate serial:       0198D4A7ECDAE28B5C565B35C803E6CA3BB8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
Manifest number:          0368
Signing time:             Sat 23 Aug 2025 02:00:31 +0000
Manifest this update:     Sat 23 Aug 2025 02:00:31 +0000
Manifest next update:     Sun 24 Aug 2025 02:00:31 +0000
Files and hashes:         1: Yonrndlo7aSnlWTC4GpoOEIpegQ.crl (hash: CUBKJpBBYhWPV7Ci2e9Mp4098545vuT6VqIMRM2+SSQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 02:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:a7:ec:da:e2:8b:5c:56:5b:35:c8:03:e6:ca:3b:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6289eb9dd968eda4a79564c2e06a683842297a04
        Validity
            Not Before: Aug 23 02:00:31 2025 GMT
            Not After : Aug 24 02:00:31 2025 GMT
        Subject: CN=ec132fa954caa5337b8a5765cbf16a1576e88f6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:7f:58:ae:17:e4:5e:57:f7:77:74:7a:c1:2e:
                    01:01:b9:4f:c5:33:c8:c3:b9:df:24:2e:6e:e1:79:
                    cc:fc:a3:db:0f:30:24:6b:92:7c:36:30:4b:84:54:
                    87:b9:95:b6:a7:d8:23:44:7b:c9:f7:93:42:e8:6e:
                    c1:f9:2c:a4:ad:67:fc:93:e9:4c:41:aa:fb:39:6f:
                    49:ea:ad:3f:63:2a:81:6e:d2:b9:12:06:1b:77:bc:
                    5f:3b:5f:c0:2f:8e:e0:a2:da:45:b2:51:ff:32:0d:
                    78:93:da:17:5f:7d:92:10:2d:68:99:a3:f9:e5:1e:
                    ca:f2:f9:26:81:32:af:c4:63:c2:7c:9a:d3:f6:40:
                    aa:32:10:65:a2:bd:22:f4:48:3a:c9:e7:0a:0b:d2:
                    a7:dc:74:67:ab:16:32:23:15:43:c1:a7:6a:e3:1d:
                    3f:49:d3:fb:fa:ab:88:39:ff:37:bf:b6:bd:9e:13:
                    87:44:0a:a2:6f:77:55:e1:5d:65:d4:d3:af:80:d9:
                    51:87:5c:3b:20:f8:39:1f:c9:fb:af:71:86:8f:7c:
                    38:50:29:96:50:11:ce:ed:e8:64:d2:db:80:4b:cd:
                    e2:50:d5:10:3e:6b:72:21:2e:b6:5d:52:71:86:65:
                    71:56:47:28:b9:ea:c5:6e:eb:02:96:98:6a:c1:98:
                    6f:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:13:2F:A9:54:CA:A5:33:7B:8A:57:65:CB:F1:6A:15:76:E8:8F:6E
            X509v3 Authority Key Identifier:
                keyid:62:89:EB:9D:D9:68:ED:A4:A7:95:64:C2:E0:6A:68:38:42:29:7A:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:85:81:18:f8:c2:c4:b6:14:ab:72:9d:96:9b:83:1b:28:b3:
         8e:34:81:b4:a8:71:a2:83:61:53:26:ca:f4:cc:e0:5a:cf:3c:
         91:cb:aa:bb:59:0d:63:49:7b:c2:00:a7:56:b7:6e:7c:74:85:
         a1:a4:0e:05:43:bb:51:41:ef:ff:99:27:c7:1a:c6:43:1a:de:
         0a:44:92:2c:23:7b:a5:a4:89:36:ab:8e:61:40:fe:85:89:7b:
         38:61:55:dd:81:0a:bf:d3:43:c6:95:a5:6e:cf:fd:99:5c:34:
         6c:66:66:4d:de:a5:3d:ce:c2:a6:d5:80:0e:9d:a2:25:c1:66:
         38:38:63:07:c1:e1:5d:6a:9c:5e:fc:95:51:cb:3b:09:b0:70:
         a9:96:fc:98:25:cd:b0:78:26:dd:e8:81:fd:58:c4:c9:78:51:
         0d:60:72:6d:71:c4:3a:c7:40:b6:a3:41:01:b1:ad:ae:63:00:
         4e:8b:8f:aa:70:37:3c:ae:04:c3:ce:2f:3f:9c:21:4b:e2:6b:
         ac:a7:dd:77:06:79:47:b9:4a:92:94:db:22:78:72:b3:e9:64:
         d8:fe:2b:7a:70:ab:75:82:b4:6f:99:ff:e4:a8:d6:f2:0a:b7:
         5a:0c:3d:35:ea:9f:1a:f4:49:62:66:5a:81:0f:e4:75:c1:10:
         f6:84:6c:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUp+za4otcVls1yAPmyju4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyODllYjlkZDk2OGVkYTRhNzk1NjRjMmUwNmE2ODM4NDIy
OTdhMDQwHhcNMjUwODIzMDIwMDMxWhcNMjUwODI0MDIwMDMxWjAzMTEwLwYDVQQD
EyhlYzEzMmZhOTU0Y2FhNTMzN2I4YTU3NjVjYmYxNmExNTc2ZTg4ZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn9YrhfkXlf3d3R6wS4BAblPxTPI
w7nfJC5u4XnM/KPbDzAka5J8NjBLhFSHuZW2p9gjRHvJ95NC6G7B+SykrWf8k+lM
Qar7OW9J6q0/YyqBbtK5EgYbd7xfO1/AL47gotpFslH/Mg14k9oXX32SEC1omaP5
5R7K8vkmgTKvxGPCfJrT9kCqMhBlor0i9Eg6yecKC9Kn3HRnqxYyIxVDwadq4x0/
SdP7+quIOf83v7a9nhOHRAqib3dV4V1l1NOvgNlRh1w7IPg5H8n7r3GGj3w4UCmW
UBHO7ehk0tuAS83iUNUQPmtyIS62XVJxhmVxVkcouerFbusClphqwZhvJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOwTL6lUyqUze4pXZcvxahV26I9uMB8GA1UdIwQY
MBaAFGKJ653ZaO2kp5VkwuBqaDhCKXoEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81ZTdkYzgtN2JmNS00MDMzLTkwOTIt
ZmM3ZWI5OTFkYjQwLzEvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81ZTdkYzgtN2JmNS00MDMzLTkwOTItZmM3ZWI5OTFkYjQw
LzEvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa4WBGPjC
xLYUq3KdlpuDGyizjjSBtKhxooNhUybK9MzgWs88kcuqu1kNY0l7wgCnVrdufHSF
oaQOBUO7UUHv/5knxxrGQxreCkSSLCN7paSJNquOYUD+hYl7OGFV3YEKv9NDxpWl
bs/9mVw0bGZmTd6lPc7CptWADp2iJcFmODhjB8HhXWqcXvyVUcs7CbBwqZb8mCXN
sHgm3eiB/VjEyXhRDWBybXHEOsdAtqNBAbGtrmMATouPqnA3PK4Ew84vP5whS+Jr
rKfddwZ5R7lKkpTbInhys+lk2P4renCrdYK0b5n/5KjW8gq3Wgw9NeqfGvRJYmZa
gQ/kdcEQ9oRsdA==
-----END CERTIFICATE-----