Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
File:                     yj7NoA-sC_tjsoVD6itdXx5N9ss.mft (raw, json)
Hash identifier:          5ItPzXuRKpbnw2n5evel3BhKpGKKzoLM7qWI1HOeLf8=
Subject key identifier:   90:19:D4:4A:30:C8:A8:7F:1E:DA:DE:ED:B6:26:DF:EE:15:E7:D8:08
Authority key identifier: CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB
Certificate issuer:       /CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
Certificate serial:       0198D583C3D33B388C1675F7FADE2E66E7E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
Manifest number:          0246
Signing time:             Sat 23 Aug 2025 06:00:38 +0000
Manifest this update:     Sat 23 Aug 2025 06:00:38 +0000
Manifest next update:     Sun 24 Aug 2025 06:00:38 +0000
Files and hashes:         1: yj7NoA-sC_tjsoVD6itdXx5N9ss.crl (hash: rKinV87uc7pvLOk4hfCmxSaW6d3tyvPlW+BHceBOWFE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:83:c3:d3:3b:38:8c:16:75:f7:fa:de:2e:66:e7:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
        Validity
            Not Before: Aug 23 06:00:38 2025 GMT
            Not After : Aug 24 06:00:38 2025 GMT
        Subject: CN=9019d44a30c8a87f1edadeedb626dfee15e7d808
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:69:13:44:94:b9:68:d9:46:8d:66:e1:b2:2b:
                    e0:b1:56:d5:07:89:f0:57:23:eb:46:e8:96:73:53:
                    32:a4:82:e9:cc:e4:1d:e5:42:e3:00:d9:90:45:c8:
                    26:60:11:66:30:e3:66:8b:d7:81:50:64:6a:a3:5f:
                    cb:fb:49:44:cb:77:05:3e:f2:64:47:a1:ac:d8:7d:
                    75:da:c9:ea:7d:32:6c:cc:98:db:64:f1:5c:3e:ce:
                    d5:69:cb:41:09:c7:76:9d:91:ad:a9:ac:5b:ca:ee:
                    f1:d5:0e:da:da:2a:c1:31:a5:99:27:f5:f3:bb:b9:
                    c4:62:66:a1:ec:27:18:67:a3:8f:89:80:86:e1:86:
                    f1:46:26:f4:eb:0a:ea:f8:04:0a:99:4e:c3:8c:43:
                    be:9e:18:3f:83:70:ed:69:a7:7c:e2:80:d8:76:08:
                    91:6e:a5:9f:ff:60:49:20:26:f9:52:b7:ea:05:ab:
                    b3:82:4c:2a:8a:17:b4:f6:49:1c:7b:03:06:cd:56:
                    72:4e:16:f3:22:da:b4:b0:30:76:c4:15:b9:2a:52:
                    d3:5e:c2:f0:6c:c3:7f:45:77:13:3d:db:ba:c3:15:
                    8d:1a:e2:3c:56:ba:9b:26:13:2d:11:50:ab:d5:76:
                    c4:55:31:56:f3:85:3d:39:e3:fb:2d:a7:56:6b:6e:
                    ea:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:19:D4:4A:30:C8:A8:7F:1E:DA:DE:ED:B6:26:DF:EE:15:E7:D8:08
            X509v3 Authority Key Identifier:
                keyid:CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:e7:19:5f:20:1d:f9:31:b5:5a:da:2d:fb:bf:b6:4a:1d:c9:
         4e:20:44:0c:b9:95:31:54:68:1f:6a:06:85:1c:ea:11:e4:07:
         dd:31:6c:58:f9:17:53:b6:01:57:d5:87:85:ca:d2:35:5b:0f:
         4f:2c:5e:ae:ac:eb:e3:2d:bd:4d:c0:6b:64:34:c3:4a:f6:27:
         e6:2a:e2:8f:73:ce:b6:b3:41:d4:81:1b:c8:d3:a3:43:d7:07:
         f2:aa:f1:d0:38:ef:02:8a:1b:1b:66:e5:b7:17:7a:e9:0d:35:
         2a:8a:d0:58:59:cf:c1:de:6c:85:8e:96:b8:a8:8d:d6:be:65:
         67:aa:fb:3c:f1:82:de:8a:5d:e9:6a:9e:73:26:8f:6d:82:0c:
         1f:f7:ec:f7:ec:5b:2e:dd:68:e6:4b:7b:cc:24:22:80:1e:59:
         83:c2:23:ae:9f:ec:a1:86:50:de:ef:16:08:3b:cc:50:55:a1:
         25:b1:a7:22:c6:f5:dd:2a:65:8c:db:54:bf:89:f7:bb:56:25:
         2a:c0:46:1d:f9:60:f3:94:7e:d7:7e:7d:18:50:3e:73:fb:c6:
         f5:ee:db:83:3e:29:18:94:82:0b:ee:ff:63:85:43:a0:d2:c3:
         7e:21:0a:f0:64:4a:cf:97:a5:ea:2e:5c:04:74:56:2f:54:60:
         b9:bf:ce:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg8PTOziMFnX3+t4uZufgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhM2VjZGEwMGZhYzBiZmI2M2IyODU0M2VhMmI1ZDVmMWU0
ZGY2Y2IwHhcNMjUwODIzMDYwMDM4WhcNMjUwODI0MDYwMDM4WjAzMTEwLwYDVQQD
Eyg5MDE5ZDQ0YTMwYzhhODdmMWVkYWRlZWRiNjI2ZGZlZTE1ZTdkODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2kTRJS5aNlGjWbhsivgsVbVB4nw
VyPrRuiWc1MypILpzOQd5ULjANmQRcgmYBFmMONmi9eBUGRqo1/L+0lEy3cFPvJk
R6Gs2H112snqfTJszJjbZPFcPs7VactBCcd2nZGtqaxbyu7x1Q7a2irBMaWZJ/Xz
u7nEYmah7CcYZ6OPiYCG4YbxRib06wrq+AQKmU7DjEO+nhg/g3Dtaad84oDYdgiR
bqWf/2BJICb5UrfqBauzgkwqihe09kkcewMGzVZyThbzItq0sDB2xBW5KlLTXsLw
bMN/RXcTPdu6wxWNGuI8VrqbJhMtEVCr1XbEVTFW84U9OeP7LadWa27qMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJAZ1EowyKh/Htre7bYm3+4V59gIMB8GA1UdIwQY
MBaAFMo+zaAPrAv7Y7KFQ+orXV8eTfbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgt
M2Y5OTYwODY1ZDBmLzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgtM2Y5OTYwODY1ZDBm
LzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI+cZXyAd
+TG1Wtot+7+2Sh3JTiBEDLmVMVRoH2oGhRzqEeQH3TFsWPkXU7YBV9WHhcrSNVsP
Tyxerqzr4y29TcBrZDTDSvYn5irij3POtrNB1IEbyNOjQ9cH8qrx0DjvAoobG2bl
txd66Q01KorQWFnPwd5shY6WuKiN1r5lZ6r7PPGC3opd6WqecyaPbYIMH/fs9+xb
Lt1o5kt7zCQigB5Zg8Ijrp/soYZQ3u8WCDvMUFWhJbGnIsb13SpljNtUv4n3u1Yl
KsBGHflg85R+1359GFA+c/vG9e7bgz4pGJSCC+7/Y4VDoNLDfiEK8GRKz5el6i5c
BHRWL1Rgub/OqA==
-----END CERTIFICATE-----