Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
File:                     yh3vhAA2XhysFuj3iHCS2smDtz4.mft (raw, json)
Hash identifier:          wfZmMvFEozvChRYYtjrGziIjwo62i5ivpGNajLt5oQs=
Subject key identifier:   94:17:11:96:07:73:00:14:CA:80:37:0A:B5:AA:A9:86:B6:3D:CC:F5
Authority key identifier: CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E
Certificate issuer:       /CN=ca1def8400365e1cac16e8f7887092dac983b73e
Certificate serial:       0197B70EB410A5B5943D0E838D1A991AFDAC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
Manifest number:          1152
Signing time:             Sat 28 Jun 2025 15:01:23 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:23 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:23 +0000
Files and hashes:         1: yh3vhAA2XhysFuj3iHCS2smDtz4.crl (hash: +QVKSJjRcq1KFhpEH4+EHeiews0jwhAP9nzzlEsDqvw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:b4:10:a5:b5:94:3d:0e:83:8d:1a:99:1a:fd:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca1def8400365e1cac16e8f7887092dac983b73e
        Validity
            Not Before: Jun 28 15:01:23 2025 GMT
            Not After : Jun 29 15:01:23 2025 GMT
        Subject: CN=9417119607730014ca80370ab5aaa986b63dccf5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:61:2f:44:5e:db:6a:d3:d3:aa:a3:27:d4:c1:
                    59:4d:39:ff:25:51:62:9a:0e:68:dd:9a:9a:7c:9e:
                    5e:ee:71:ed:0a:6d:b2:93:fa:aa:9b:1f:4e:1a:42:
                    65:56:f4:f8:ba:95:4c:4d:7b:00:9f:d5:f9:c6:de:
                    3c:f4:8d:c2:7d:36:80:ca:6b:1c:50:d3:88:62:49:
                    55:30:a8:7a:9c:1f:64:2c:c8:7b:c7:bf:a7:4f:6b:
                    89:da:ef:ce:d3:9c:ff:1b:e6:a9:0c:92:a1:f1:22:
                    8d:7b:ed:c5:4c:5e:e0:05:56:c9:93:96:70:9f:c0:
                    07:54:72:da:13:7f:ef:c6:0d:d2:39:7d:f1:e2:7f:
                    e0:32:36:37:e1:99:f1:f9:f7:94:3e:7e:4d:17:64:
                    4f:7d:b7:f6:49:c5:df:76:1b:59:2b:d0:7b:88:19:
                    44:f7:f8:61:4e:a3:42:ae:7b:ba:75:3d:5b:f8:d9:
                    56:ec:8b:9a:a4:4c:e1:05:d6:33:82:14:58:38:17:
                    cd:50:83:91:56:31:a0:ec:6b:65:3b:6d:97:65:c3:
                    07:40:6e:64:3e:7b:e8:66:f1:49:42:22:6a:0e:e4:
                    bb:74:dd:a2:28:09:6f:92:b4:11:1f:68:e9:a1:2c:
                    ba:a3:3b:43:d5:50:fc:4f:aa:90:74:ab:7e:e3:cd:
                    16:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:17:11:96:07:73:00:14:CA:80:37:0A:B5:AA:A9:86:B6:3D:CC:F5
            X509v3 Authority Key Identifier:
                keyid:CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:df:99:72:8b:5e:0e:26:b6:66:c0:8e:9e:2e:32:ca:e9:8b:
         35:39:69:1d:6c:6e:80:ed:3b:b2:03:58:1c:63:10:82:47:ba:
         db:7b:6d:a1:65:62:d1:c2:08:c8:d5:b8:3a:d0:9a:3a:a2:7d:
         aa:f6:6d:05:2d:0e:5c:d5:10:ed:83:c9:ab:d8:73:0d:68:ca:
         2c:4f:30:bc:16:e0:6f:79:f4:da:be:e9:dc:3c:7f:84:a7:b2:
         ba:ad:74:29:9e:2e:2d:12:b8:d2:9b:aa:29:93:bb:e3:45:bd:
         75:1d:ba:2d:22:ab:72:a7:84:e0:ef:2f:7f:c3:5f:8f:c5:92:
         8d:99:c8:27:66:a3:c8:ff:34:2b:75:2c:54:3a:f6:34:a4:0c:
         56:f7:fe:5f:1a:f9:17:81:79:fb:1c:1d:b1:4a:b0:08:b0:44:
         a7:25:ad:b7:7a:57:94:7d:fc:a4:27:14:9b:b1:ee:a1:a1:99:
         8e:75:b7:7d:97:52:fc:a9:fb:c7:e3:18:39:94:bc:b0:2c:3e:
         ef:c1:77:48:05:51:45:39:17:13:39:d1:c7:e0:ee:7d:41:5d:
         5b:fd:76:35:37:2d:49:e0:32:55:68:db:ae:50:29:0c:5a:e1:
         1c:52:c3:7d:a1:fd:66:08:74:92:63:26:f5:cd:8d:9d:9d:2f:
         f4:4a:89:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DrQQpbWUPQ6DjRqZGv2sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWRlZjg0MDAzNjVlMWNhYzE2ZThmNzg4NzA5MmRhYzk4
M2I3M2UwHhcNMjUwNjI4MTUwMTIzWhcNMjUwNjI5MTUwMTIzWjAzMTEwLwYDVQQD
Eyg5NDE3MTE5NjA3NzMwMDE0Y2E4MDM3MGFiNWFhYTk4NmI2M2RjY2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWEvRF7batPTqqMn1MFZTTn/JVFi
mg5o3ZqafJ5e7nHtCm2yk/qqmx9OGkJlVvT4upVMTXsAn9X5xt489I3CfTaAymsc
UNOIYklVMKh6nB9kLMh7x7+nT2uJ2u/O05z/G+apDJKh8SKNe+3FTF7gBVbJk5Zw
n8AHVHLaE3/vxg3SOX3x4n/gMjY34Znx+feUPn5NF2RPfbf2ScXfdhtZK9B7iBlE
9/hhTqNCrnu6dT1b+NlW7IuapEzhBdYzghRYOBfNUIORVjGg7GtlO22XZcMHQG5k
PnvoZvFJQiJqDuS7dN2iKAlvkrQRH2jpoSy6oztD1VD8T6qQdKt+480WMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJQXEZYHcwAUyoA3CrWqqYa2Pcz1MB8GA1UdIwQY
MBaAFMod74QANl4crBbo94hwktrJg7c+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEt
Zjk4ZWM5ZDE2MmJlLzEveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEtZjk4ZWM5ZDE2MmJl
LzEveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATd+Zcote
Dia2ZsCOni4yyumLNTlpHWxugO07sgNYHGMQgke623ttoWVi0cIIyNW4OtCaOqJ9
qvZtBS0OXNUQ7YPJq9hzDWjKLE8wvBbgb3n02r7p3Dx/hKeyuq10KZ4uLRK40puq
KZO740W9dR26LSKrcqeE4O8vf8Nfj8WSjZnIJ2ajyP80K3UsVDr2NKQMVvf+Xxr5
F4F5+xwdsUqwCLBEpyWtt3pXlH38pCcUm7HuoaGZjnW3fZdS/Kn7x+MYOZS8sCw+
78F3SAVRRTkXEznRx+DufUFdW/12NTctSeAyVWjbrlApDFrhHFLDfaH9Zgh0kmMm
9c2NnZ0v9EqJew==
-----END CERTIFICATE-----