Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
File:                     Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft (raw, json)
Hash identifier:          lQJ4WQFm/VobA/VPO612hUmYqA07/Oz+xTPwwkVLsd4=
Subject key identifier:   93:66:17:F7:BF:A1:24:E9:A6:1A:0F:E7:41:BF:2D:E5:42:8B:CC:E6
Authority key identifier: 63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7
Certificate issuer:       /CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7
Certificate serial:       0197B88F3530B0836B341D38CD62EA4D1831
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
Manifest number:          0A96
Signing time:             Sat 28 Jun 2025 22:01:22 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:22 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:22 +0000
Files and hashes:         1: Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl (hash: +79XibcitntjuceGkj0P6q7ekkZ2rZXuTY7Lwa7yjRw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:35:30:b0:83:6b:34:1d:38:cd:62:ea:4d:18:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7
        Validity
            Not Before: Jun 28 22:01:22 2025 GMT
            Not After : Jun 29 22:01:22 2025 GMT
        Subject: CN=936617f7bfa124e9a61a0fe741bf2de5428bcce6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:97:4a:58:cc:65:b1:28:e8:6b:01:3f:16:91:
                    61:94:46:1f:4e:cb:94:7b:dc:d4:18:63:a7:9e:95:
                    02:da:2d:be:1b:d1:42:cc:2f:26:dd:85:73:b5:ba:
                    50:d3:bb:05:50:bf:85:b1:c1:11:73:5e:b2:b4:15:
                    50:89:c8:b4:4b:a4:f4:63:1f:f0:86:4f:e6:df:ce:
                    cf:84:52:87:6c:0c:3e:d1:38:4a:d5:8d:16:bb:85:
                    2a:bd:e5:d8:7f:9c:b0:fc:73:07:a3:72:cc:2e:b4:
                    e9:3c:b6:ef:6a:61:b6:14:51:d0:48:e8:c0:8c:8b:
                    1d:bf:a4:7a:41:f0:63:fb:5d:d8:06:4e:38:dc:f5:
                    11:ca:6a:53:69:7e:66:2f:d6:3f:e0:c9:de:8a:cb:
                    bf:91:1a:88:0c:24:bb:1d:ae:90:7e:01:a3:cd:62:
                    ec:25:3d:3a:ff:be:bd:93:c0:37:de:2b:15:96:0f:
                    82:b5:9d:5b:f8:c2:fd:2b:b4:c7:6a:6a:ed:76:77:
                    62:a6:b7:84:55:2f:6e:b1:1e:1f:6c:32:49:9f:01:
                    9d:1f:bf:ce:e1:04:4f:4b:70:a9:71:e8:0f:24:a7:
                    fa:c7:d1:df:91:00:01:f3:17:8a:85:4e:a6:25:c3:
                    8f:78:c3:11:1c:14:ab:03:39:36:fa:32:79:f4:ce:
                    82:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:66:17:F7:BF:A1:24:E9:A6:1A:0F:E7:41:BF:2D:E5:42:8B:CC:E6
            X509v3 Authority Key Identifier:
                keyid:63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:a6:a0:6a:aa:cd:51:8e:1f:18:82:9d:58:d7:fe:32:8c:4f:
         64:78:76:7c:74:c9:1e:89:41:e0:c0:a5:cd:fe:15:e9:ad:d6:
         83:e2:2f:77:91:9e:51:b1:0b:b9:a4:e0:01:5f:b6:55:0c:dd:
         e9:3a:1b:c0:7c:b8:a6:45:1c:f7:6c:2b:4f:87:e1:79:d2:4f:
         de:02:9a:5b:f4:5b:0e:fb:ff:c4:1c:da:e2:fe:8d:f9:d1:37:
         c8:61:c7:8e:5b:5d:2b:5b:ae:1f:d6:c2:ee:9a:7a:a6:05:5b:
         09:48:2b:a3:fd:9f:0a:4a:45:f6:11:d7:9c:76:bc:2d:fb:72:
         a3:01:f6:fe:8d:9d:4e:a3:51:4d:48:49:79:fa:62:08:fa:03:
         7c:73:3e:b6:51:63:4d:da:79:86:2f:a9:d5:3b:16:08:52:7c:
         6a:79:2f:d8:4e:60:aa:d3:9f:be:6c:6c:09:f7:ac:f6:ba:30:
         ce:d8:da:5b:a9:6f:c1:6c:73:40:de:0a:50:2b:bf:f3:cc:c6:
         47:3b:b2:75:26:f9:f4:75:4f:90:18:a6:03:00:72:c1:da:4e:
         b9:0f:1e:d9:5a:fd:80:29:f8:5b:83:6c:71:9b:b8:ee:e3:7c:
         a1:7c:5d:dd:2a:8b:72:05:ea:18:9a:b6:fd:cf:b5:47:40:5e:
         13:8d:cf:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4jzUwsINrNB04zWLqTRgxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNzFkMmZiZWNmMmY5MGRjN2Y0OTUxN2E0NDBkYTUzMzlm
NGE2YzcwHhcNMjUwNjI4MjIwMTIyWhcNMjUwNjI5MjIwMTIyWjAzMTEwLwYDVQQD
Eyg5MzY2MTdmN2JmYTEyNGU5YTYxYTBmZTc0MWJmMmRlNTQyOGJjY2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA65dKWMxlsSjoawE/FpFhlEYfTsuU
e9zUGGOnnpUC2i2+G9FCzC8m3YVztbpQ07sFUL+FscERc16ytBVQici0S6T0Yx/w
hk/m387PhFKHbAw+0ThK1Y0Wu4UqveXYf5yw/HMHo3LMLrTpPLbvamG2FFHQSOjA
jIsdv6R6QfBj+13YBk443PURympTaX5mL9Y/4Mneisu/kRqIDCS7Ha6QfgGjzWLs
JT06/769k8A33isVlg+CtZ1b+ML9K7THamrtdndipreEVS9usR4fbDJJnwGdH7/O
4QRPS3CpcegPJKf6x9HfkQAB8xeKhU6mJcOPeMMRHBSrAzk2+jJ59M6CJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJNmF/e/oSTpphoP50G/LeVCi8zmMB8GA1UdIwQY
MBaAFGNx0vvs8vkNx/SVF6RA2lM59KbHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAt
N2UxNGQzNTk4ZjA5LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAtN2UxNGQzNTk4ZjA5
LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoaagaqrN
UY4fGIKdWNf+MoxPZHh2fHTJHolB4MClzf4V6a3Wg+Ivd5GeUbELuaTgAV+2VQzd
6TobwHy4pkUc92wrT4fhedJP3gKaW/RbDvv/xBza4v6N+dE3yGHHjltdK1uuH9bC
7pp6pgVbCUgro/2fCkpF9hHXnHa8LftyowH2/o2dTqNRTUhJefpiCPoDfHM+tlFj
Tdp5hi+p1TsWCFJ8ankv2E5gqtOfvmxsCfes9rowztjaW6lvwWxzQN4KUCu/88zG
RzuydSb59HVPkBimAwBywdpOuQ8e2Vr9gCn4W4NscZu47uN8oXxd3SqLcgXqGJq2
/c+1R0BeE43PUw==
-----END CERTIFICATE-----