Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
File:                     Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft (raw, json)
Hash identifier:          24IRdf0tYF1jla+F+H2uTOrbEG56ozSiAohnoIXYShY=
Subject key identifier:   96:DA:B7:A6:9D:70:04:D7:48:06:8E:02:D9:2B:F6:FA:4E:E1:0C:4A
Authority key identifier: 63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7
Certificate issuer:       /CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7
Certificate serial:       0198D47376B51ED805E104BC9B5ACDF818EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
Manifest number:          0B29
Signing time:             Sat 23 Aug 2025 01:03:13 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:13 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:13 +0000
Files and hashes:         1: Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl (hash: iVBtb5EAy5WH3U8Hc87ZPzN0UHydKyZtQWZDsXh32y0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:76:b5:1e:d8:05:e1:04:bc:9b:5a:cd:f8:18:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7
        Validity
            Not Before: Aug 23 01:03:13 2025 GMT
            Not After : Aug 24 01:03:13 2025 GMT
        Subject: CN=96dab7a69d7004d748068e02d92bf6fa4ee10c4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:20:93:5f:59:9e:42:ee:1d:1b:de:65:a1:93:
                    62:52:b0:fe:c5:78:1e:32:11:39:7f:49:c2:57:43:
                    8c:b3:2b:f1:f7:eb:54:3a:05:3f:1b:6b:97:60:0d:
                    7d:dc:fd:83:ff:08:92:50:02:df:1e:8c:e0:e6:8f:
                    46:97:09:38:bb:8c:37:93:d8:e6:bf:6c:f9:b9:2b:
                    be:1d:a0:c4:21:8d:5d:3a:e9:f9:cb:1a:ae:14:1b:
                    80:1c:d6:ec:ba:9a:49:95:c5:83:77:3d:d7:0c:5c:
                    96:24:fe:ca:8a:29:ed:ad:1b:64:7b:aa:5b:bb:ff:
                    a7:08:24:24:71:c7:8b:c9:c4:0a:71:62:cb:4e:80:
                    1e:de:a1:b2:4d:22:51:1c:f6:2d:08:f2:d1:9f:65:
                    aa:6a:d6:7e:84:6d:de:ca:e6:81:ad:51:39:fd:18:
                    58:1c:8c:29:fe:7d:a6:9f:02:75:03:12:4f:1d:fe:
                    b6:59:44:a7:eb:76:65:1b:93:5f:97:c0:d9:36:a5:
                    f2:41:4b:72:e7:1c:e8:65:84:f5:f6:66:51:83:24:
                    72:43:db:0e:93:9e:e3:81:f5:7b:fb:1c:aa:17:83:
                    cd:b2:1c:ed:66:0a:20:55:34:a4:53:02:59:fe:a6:
                    4f:48:77:b7:f9:8b:0d:30:24:8f:8f:10:7c:ee:5e:
                    ae:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:DA:B7:A6:9D:70:04:D7:48:06:8E:02:D9:2B:F6:FA:4E:E1:0C:4A
            X509v3 Authority Key Identifier:
                keyid:63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:98:ae:14:70:d9:5d:11:3e:b2:7c:fb:e7:2c:ce:de:72:55:
         c1:f5:ad:df:4e:f9:85:c1:7d:2a:da:1e:4a:4f:26:dd:5a:a7:
         c6:ab:0d:5e:ed:ed:29:89:5e:ad:1e:4e:d9:8e:79:8c:41:3c:
         61:bd:e7:e3:48:f5:13:48:87:23:50:95:95:57:ec:9b:29:78:
         bb:5a:10:2e:02:66:b2:42:45:c7:a6:07:29:b5:8a:89:a1:ab:
         c3:c2:32:fe:74:7b:6d:6b:7b:5a:4a:8a:f7:09:fd:d6:51:8c:
         6f:68:83:0b:95:55:3c:cc:85:be:c3:cb:78:f4:32:0e:86:56:
         21:95:2a:96:b2:72:d6:25:6d:5f:ad:05:c8:7b:09:22:52:72:
         a9:a6:8e:c1:43:86:1e:c0:e0:a6:2f:91:17:08:99:47:39:ae:
         b3:ad:0d:10:ef:da:a3:79:b0:22:2e:fd:4f:ee:29:aa:24:a9:
         aa:f3:99:22:87:a3:2b:0b:7c:86:ba:3f:1d:46:f4:33:1a:27:
         c7:f6:52:e2:25:72:e1:cb:69:19:9c:55:8e:76:b4:56:2b:0b:
         6d:c2:ae:ff:30:0e:be:5f:e8:f2:61:8d:5d:0c:98:53:0f:a8:
         cf:ca:80:a3:b6:9d:5f:5a:dd:81:27:e9:21:b9:ef:aa:93:29:
         19:dc:54:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc3a1HtgF4QS8m1rN+BjuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNzFkMmZiZWNmMmY5MGRjN2Y0OTUxN2E0NDBkYTUzMzlm
NGE2YzcwHhcNMjUwODIzMDEwMzEzWhcNMjUwODI0MDEwMzEzWjAzMTEwLwYDVQQD
Eyg5NmRhYjdhNjlkNzAwNGQ3NDgwNjhlMDJkOTJiZjZmYTRlZTEwYzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyCTX1meQu4dG95loZNiUrD+xXge
MhE5f0nCV0OMsyvx9+tUOgU/G2uXYA193P2D/wiSUALfHozg5o9Glwk4u4w3k9jm
v2z5uSu+HaDEIY1dOun5yxquFBuAHNbsuppJlcWDdz3XDFyWJP7KiintrRtke6pb
u/+nCCQkcceLycQKcWLLToAe3qGyTSJRHPYtCPLRn2WqatZ+hG3eyuaBrVE5/RhY
HIwp/n2mnwJ1AxJPHf62WUSn63ZlG5Nfl8DZNqXyQUty5xzoZYT19mZRgyRyQ9sO
k57jgfV7+xyqF4PNshztZgogVTSkUwJZ/qZPSHe3+YsNMCSPjxB87l6uAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJbat6adcATXSAaOAtkr9vpO4QxKMB8GA1UdIwQY
MBaAFGNx0vvs8vkNx/SVF6RA2lM59KbHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAt
N2UxNGQzNTk4ZjA5LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAtN2UxNGQzNTk4ZjA5
LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM5iuFHDZ
XRE+snz75yzO3nJVwfWt3075hcF9KtoeSk8m3VqnxqsNXu3tKYlerR5O2Y55jEE8
Yb3n40j1E0iHI1CVlVfsmyl4u1oQLgJmskJFx6YHKbWKiaGrw8Iy/nR7bWt7WkqK
9wn91lGMb2iDC5VVPMyFvsPLePQyDoZWIZUqlrJy1iVtX60FyHsJIlJyqaaOwUOG
HsDgpi+RFwiZRzmus60NEO/ao3mwIi79T+4pqiSpqvOZIoejKwt8hro/HUb0Mxon
x/ZS4iVy4ctpGZxVjna0VisLbcKu/zAOvl/o8mGNXQyYUw+oz8qAo7adX1rdgSfp
IbnvqpMpGdxUhQ==
-----END CERTIFICATE-----