Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft
File:                     Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft (raw, json)
Hash identifier:          OoIhSizcRYjLDc70tiUwWTNSDew7E2Ya1TYWAeBFcLo=
Subject key identifier:   D2:D4:02:26:42:F8:4B:55:1D:45:6A:F6:1B:9F:8A:69:8F:C8:E4:9C
Authority key identifier: 63:6B:02:7B:FA:B9:1A:A4:71:9A:80:EF:E0:21:24:61:37:42:8B:DA
Certificate issuer:       /CN=636b027bfab91aa4719a80efe021246137428bda
Certificate serial:       0197B7EA33F88EA5E9078D8D1BA7DB1FDAC8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft
Manifest number:          1355
Signing time:             Sat 28 Jun 2025 19:01:08 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:08 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:08 +0000
Files and hashes:         1: Y2sCe_q5GqRxmoDv4CEkYTdCi9o.crl (hash: xJIniMcnaa0jjGeiFFXEY4zwSFqlUjEGtzFiV6f6yl8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:33:f8:8e:a5:e9:07:8d:8d:1b:a7:db:1f:da:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=636b027bfab91aa4719a80efe021246137428bda
        Validity
            Not Before: Jun 28 19:01:08 2025 GMT
            Not After : Jun 29 19:01:08 2025 GMT
        Subject: CN=d2d4022642f84b551d456af61b9f8a698fc8e49c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:56:2e:be:a8:67:c1:3e:ce:34:fc:3d:80:97:
                    95:59:86:65:ab:1e:c3:a6:a1:00:1c:8d:d0:37:d1:
                    83:81:02:a4:36:6c:0e:2d:59:df:b3:a1:12:28:4e:
                    7b:a8:73:91:bf:49:d4:09:9d:73:6b:c9:da:f5:00:
                    3c:e2:71:3b:b4:1d:75:b3:5c:87:a0:d7:06:0c:7e:
                    77:bd:ef:e4:29:33:c2:a9:16:99:bf:94:3a:14:3e:
                    c8:b0:20:f5:ac:c5:cc:dd:8a:65:ea:4e:fa:b1:ad:
                    95:cb:99:4a:71:c7:65:f1:80:a6:aa:34:be:b8:7d:
                    3f:26:e9:19:1f:bc:90:b6:ec:45:84:0a:9c:cd:68:
                    97:8a:a6:f6:d1:19:b1:2a:33:33:f6:98:4c:11:1a:
                    15:c1:9f:d2:74:8f:59:e6:0b:fd:66:0b:53:bf:8b:
                    25:e2:66:14:f6:1b:4f:5e:32:30:4c:af:3d:12:70:
                    03:fb:f4:91:cf:a6:f4:69:29:f3:28:0a:a3:e9:0e:
                    2a:a2:1d:14:4f:c7:98:20:52:b9:6c:f9:d7:69:de:
                    4d:97:9f:a0:41:6c:5a:65:d7:30:98:d3:99:24:f6:
                    45:82:ce:dd:69:f6:e5:f2:d1:e3:35:5f:33:11:aa:
                    67:d5:d9:6b:8b:e2:bd:43:51:b2:d9:36:a4:a6:92:
                    91:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:D4:02:26:42:F8:4B:55:1D:45:6A:F6:1B:9F:8A:69:8F:C8:E4:9C
            X509v3 Authority Key Identifier:
                keyid:63:6B:02:7B:FA:B9:1A:A4:71:9A:80:EF:E0:21:24:61:37:42:8B:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:15:6d:62:23:f8:a2:cd:ca:4c:6d:27:ce:fd:f9:ea:b2:0b:
         0b:98:0d:d7:c5:39:df:bc:31:13:f2:84:1c:ed:01:06:f9:66:
         11:f0:1b:14:d0:12:67:fb:0c:6d:6f:52:1a:65:4a:b8:da:d1:
         d8:cb:a9:67:ae:99:8f:03:53:db:ed:97:62:09:8b:3e:42:16:
         9f:86:08:53:c5:54:0a:0e:fe:14:ac:a6:dd:50:c5:71:e9:03:
         44:6d:2d:4f:6c:cf:68:86:0e:e4:9a:95:71:77:39:76:19:85:
         3f:d7:45:7b:a4:61:9b:7b:0f:aa:05:ec:15:2a:d5:ff:1c:de:
         d7:5f:07:8d:02:06:74:34:60:6e:af:a5:d1:15:3f:99:1d:79:
         8b:05:3e:8c:0b:fd:b7:c8:90:16:d4:52:5c:5a:bb:ef:ab:8d:
         a9:38:59:4a:1e:42:4c:24:bf:2c:15:b5:7f:24:2d:db:84:63:
         a9:35:53:0a:32:6c:b9:50:6a:62:9f:ad:cb:d4:62:73:67:1b:
         6c:bb:81:81:e1:88:bd:76:1c:a3:4a:d4:aa:2f:a2:02:0c:00:
         65:39:4a:a3:84:e4:74:26:8e:04:cd:52:ef:a1:21:93:95:1d:
         bf:05:b4:68:76:9e:6d:db:7f:4b:c8:68:d1:21:06:13:56:47:
         e0:2b:55:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36jP4jqXpB42NG6fbH9rIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNmIwMjdiZmFiOTFhYTQ3MTlhODBlZmUwMjEyNDYxMzc0
MjhiZGEwHhcNMjUwNjI4MTkwMTA4WhcNMjUwNjI5MTkwMTA4WjAzMTEwLwYDVQQD
EyhkMmQ0MDIyNjQyZjg0YjU1MWQ0NTZhZjYxYjlmOGE2OThmYzhlNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA61YuvqhnwT7ONPw9gJeVWYZlqx7D
pqEAHI3QN9GDgQKkNmwOLVnfs6ESKE57qHORv0nUCZ1za8na9QA84nE7tB11s1yH
oNcGDH53ve/kKTPCqRaZv5Q6FD7IsCD1rMXM3Ypl6k76sa2Vy5lKccdl8YCmqjS+
uH0/JukZH7yQtuxFhAqczWiXiqb20RmxKjMz9phMERoVwZ/SdI9Z5gv9ZgtTv4sl
4mYU9htPXjIwTK89EnAD+/SRz6b0aSnzKAqj6Q4qoh0UT8eYIFK5bPnXad5Nl5+g
QWxaZdcwmNOZJPZFgs7dafbl8tHjNV8zEapn1dlri+K9Q1Gy2TakppKRgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNLUAiZC+EtVHUVq9hufimmPyOScMB8GA1UdIwQY
MBaAFGNrAnv6uRqkcZqA7+AhJGE3QovaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJzQ2VfcTVHcVJ4bW9EdjRDRWtZVGRDaTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9hMGNkZDgtMDkyZC00M2JiLWEyYTgt
ODgwYzJlNGZhYTZlLzEvWTJzQ2VfcTVHcVJ4bW9EdjRDRWtZVGRDaTlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9hMGNkZDgtMDkyZC00M2JiLWEyYTgtODgwYzJlNGZhYTZl
LzEvWTJzQ2VfcTVHcVJ4bW9EdjRDRWtZVGRDaTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKBVtYiP4
os3KTG0nzv356rILC5gN18U537wxE/KEHO0BBvlmEfAbFNASZ/sMbW9SGmVKuNrR
2MupZ66ZjwNT2+2XYgmLPkIWn4YIU8VUCg7+FKym3VDFcekDRG0tT2zPaIYO5JqV
cXc5dhmFP9dFe6Rhm3sPqgXsFSrV/xze118HjQIGdDRgbq+l0RU/mR15iwU+jAv9
t8iQFtRSXFq776uNqThZSh5CTCS/LBW1fyQt24RjqTVTCjJsuVBqYp+ty9Ric2cb
bLuBgeGIvXYco0rUqi+iAgwAZTlKo4TkdCaOBM1S76Ehk5UdvwW0aHaebdt/S8ho
0SEGE1ZH4CtVSA==
-----END CERTIFICATE-----