Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
File:                     yj7NoA-sC_tjsoVD6itdXx5N9ss.mft (raw, json)
Hash identifier:          skDbZ+q2PIhuEDYkVxk+jiFXnYcbUFZl21zlHpcS7K8=
Subject key identifier:   7E:1C:BE:F6:2C:B2:D8:D3:FE:C1:7B:57:F0:B3:CA:85:69:A3:31:37
Authority key identifier: CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB
Certificate issuer:       /CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
Certificate serial:       0197BB8FBE97C94561A88DE35B79A089E1FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
Manifest number:          01B4
Signing time:             Sun 29 Jun 2025 12:00:48 +0000
Manifest this update:     Sun 29 Jun 2025 12:00:48 +0000
Manifest next update:     Mon 30 Jun 2025 12:00:48 +0000
Files and hashes:         1: yj7NoA-sC_tjsoVD6itdXx5N9ss.crl (hash: kMAB3h197llq5FI8a56YLjltFqApDP1CYc1pXqKTvxE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 07:42:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:bb:8f:be:97:c9:45:61:a8:8d:e3:5b:79:a0:89:e1:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
        Validity
            Not Before: Jun 29 12:00:48 2025 GMT
            Not After : Jun 30 12:00:48 2025 GMT
        Subject: CN=7e1cbef62cb2d8d3fec17b57f0b3ca8569a33137
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:a1:19:bb:d6:f7:8c:35:f2:5d:7a:63:86:a2:
                    cb:f5:a0:e9:75:81:05:45:52:75:cb:85:d3:e8:92:
                    63:68:79:1c:d7:a8:14:a4:27:54:a4:bf:8f:f1:a1:
                    4a:08:9a:b5:3d:8c:b3:bb:bd:24:2b:ad:1c:dd:04:
                    18:d1:cc:63:1b:d8:df:b1:43:c4:3c:12:d5:53:e5:
                    4d:d7:3e:c3:0a:0e:3b:79:86:d9:f3:2c:0e:13:a4:
                    fa:33:e2:3d:c9:c4:ee:5d:c5:30:db:de:61:24:f0:
                    68:6e:72:40:f2:a8:04:62:b3:9c:1c:dc:41:90:e9:
                    09:7d:a8:7c:97:8c:1b:a1:75:76:78:48:69:34:11:
                    85:89:07:96:65:a6:97:65:40:5c:1c:04:03:3a:fe:
                    9e:8f:e2:a7:b7:20:a7:81:9b:bf:86:62:80:01:b8:
                    1e:72:ed:36:72:ab:f0:de:b1:54:47:ca:d5:fb:5b:
                    e4:a7:80:e3:49:73:d2:58:55:e2:6c:d7:16:eb:9a:
                    99:cf:f4:45:0c:ff:a2:5d:46:93:38:10:69:8a:b8:
                    b1:83:d9:43:cd:6c:65:c7:0b:c2:d6:0f:82:75:3e:
                    bf:b8:0a:39:57:fc:ba:48:26:14:b6:7d:ee:6b:ce:
                    cc:c2:f6:78:61:e2:f5:5f:10:44:06:35:49:c8:af:
                    05:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:1C:BE:F6:2C:B2:D8:D3:FE:C1:7B:57:F0:B3:CA:85:69:A3:31:37
            X509v3 Authority Key Identifier:
                keyid:CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:96:d1:d5:97:6d:e0:2e:05:c4:7c:9a:35:e0:5d:71:cd:04:
         3a:7b:37:c2:00:0b:e2:a1:67:2c:44:2d:95:19:75:37:39:5e:
         91:7a:76:01:5b:56:6c:31:c2:5d:d5:e1:5d:39:59:9e:f5:c2:
         57:62:41:79:37:2c:83:df:ae:3d:e3:c8:22:21:77:5e:b3:00:
         d4:b0:a7:80:ec:48:4d:d9:d6:94:ea:27:a9:3c:0d:63:31:ea:
         f8:36:96:bf:d4:88:f1:98:ac:56:ef:ef:5f:1f:63:50:3f:02:
         6d:f7:5c:27:bf:14:1f:1d:4e:0e:08:83:57:e8:1f:7e:f5:4e:
         dd:b4:0c:fd:3a:53:97:bd:21:e2:7a:2d:03:e3:aa:85:78:d0:
         06:e2:c1:b8:55:42:66:af:69:70:39:12:86:15:de:ca:61:31:
         75:51:2d:1b:74:b1:8f:8c:2a:d4:50:74:ea:1a:02:b7:92:49:
         9f:d2:70:f9:bd:3e:fd:b9:d6:bb:60:3c:3f:90:b9:cf:e1:fe:
         5a:36:11:7c:cf:19:67:87:6c:d3:94:85:23:7b:be:5e:af:d8:
         e5:80:07:f4:ac:46:06:d4:20:2c:f0:89:cc:ba:4d:9d:cc:1e:
         03:74:9e:cd:ba:74:f1:17:6f:84:33:8d:e4:de:01:e0:1a:b8:
         5a:49:c9:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe7j76XyUVhqI3jW3mgieH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhM2VjZGEwMGZhYzBiZmI2M2IyODU0M2VhMmI1ZDVmMWU0
ZGY2Y2IwHhcNMjUwNjI5MTIwMDQ4WhcNMjUwNjMwMTIwMDQ4WjAzMTEwLwYDVQQD
Eyg3ZTFjYmVmNjJjYjJkOGQzZmVjMTdiNTdmMGIzY2E4NTY5YTMzMTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KEZu9b3jDXyXXpjhqLL9aDpdYEF
RVJ1y4XT6JJjaHkc16gUpCdUpL+P8aFKCJq1PYyzu70kK60c3QQY0cxjG9jfsUPE
PBLVU+VN1z7DCg47eYbZ8ywOE6T6M+I9ycTuXcUw295hJPBobnJA8qgEYrOcHNxB
kOkJfah8l4wboXV2eEhpNBGFiQeWZaaXZUBcHAQDOv6ej+KntyCngZu/hmKAAbge
cu02cqvw3rFUR8rV+1vkp4DjSXPSWFXibNcW65qZz/RFDP+iXUaTOBBpirixg9lD
zWxlxwvC1g+CdT6/uAo5V/y6SCYUtn3ua87MwvZ4YeL1XxBEBjVJyK8FDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH4cvvYsstjT/sF7V/CzyoVpozE3MB8GA1UdIwQY
MBaAFMo+zaAPrAv7Y7KFQ+orXV8eTfbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgt
M2Y5OTYwODY1ZDBmLzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgtM2Y5OTYwODY1ZDBm
LzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT5bR1Zdt
4C4FxHyaNeBdcc0EOns3wgAL4qFnLEQtlRl1NzlekXp2AVtWbDHCXdXhXTlZnvXC
V2JBeTcsg9+uPePIIiF3XrMA1LCngOxITdnWlOonqTwNYzHq+DaWv9SI8ZisVu/v
Xx9jUD8CbfdcJ78UHx1ODgiDV+gffvVO3bQM/TpTl70h4notA+OqhXjQBuLBuFVC
Zq9pcDkShhXeymExdVEtG3Sxj4wq1FB06hoCt5JJn9Jw+b0+/bnWu2A8P5C5z+H+
WjYRfM8ZZ4ds05SFI3u+Xq/Y5YAH9KxGBtQgLPCJzLpNncweA3Sezbp08RdvhDON
5N4B4Bq4WknJBA==
-----END CERTIFICATE-----