Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
File:                     y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft (raw, json)
Hash identifier:          ynzB/wIS09MZh1eEfVGDW2NEyrjn77tnArLj/cVuBAw=
Subject key identifier:   D3:02:2A:75:53:95:8D:30:D4:AA:7F:72:4D:7D:CD:5F:C7:73:5E:AF
Authority key identifier: CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06
Certificate issuer:       /CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
Certificate serial:       0198D4DFE35B98EA7A16E23E4A926A1442F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
Manifest number:          0361
Signing time:             Sat 23 Aug 2025 03:01:39 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:39 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:39 +0000
Files and hashes:         1: y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl (hash: mpWdQGxgP1ANRZfQeHV1kLuf3UYa0Me3s/1s8ohF00o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:df:e3:5b:98:ea:7a:16:e2:3e:4a:92:6a:14:42:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
        Validity
            Not Before: Aug 23 03:01:39 2025 GMT
            Not After : Aug 24 03:01:39 2025 GMT
        Subject: CN=d3022a7553958d30d4aa7f724d7dcd5fc7735eaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:17:12:c3:6f:a6:c8:2c:9b:af:a5:1a:50:25:
                    b5:6f:3d:f0:3b:8b:5e:7f:20:62:fd:2b:ab:91:b5:
                    8a:48:ec:4a:73:d8:74:3e:bc:6c:b4:8c:2f:97:9b:
                    86:07:35:99:dc:3f:49:7f:ce:8e:79:86:b5:37:6a:
                    02:ab:0f:69:dd:49:49:e8:c7:1e:6d:92:cb:85:a6:
                    db:1b:9e:e8:0a:88:6f:c4:21:29:97:43:b5:55:05:
                    80:cb:f7:ce:e5:74:81:cb:54:7a:22:7a:82:2c:75:
                    05:e8:0d:b9:45:09:3b:c8:c1:35:e5:f3:3f:23:59:
                    7c:42:c4:36:57:b6:af:bd:48:df:ae:b5:b2:2d:9c:
                    c2:e3:61:ce:84:80:08:6f:21:9b:5f:ce:a7:3d:14:
                    a6:c9:b0:0e:80:33:4d:8d:d7:51:8c:0f:0c:33:29:
                    f6:ba:72:ed:6f:a5:30:9c:74:88:74:ee:f1:b5:46:
                    de:7c:80:76:d5:3f:c4:df:a6:b9:d3:01:cf:9b:15:
                    bc:e0:19:ee:43:c9:8b:d0:fb:24:08:13:45:ce:e3:
                    4f:66:0b:9f:1d:e8:e8:80:ae:c7:66:3d:2b:4c:e0:
                    7b:e5:f1:b0:db:4d:16:d3:46:25:a9:2d:5a:f1:d8:
                    f7:b0:fc:fb:6a:5a:4f:5a:31:1b:eb:e6:a9:cc:e7:
                    c0:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:02:2A:75:53:95:8D:30:D4:AA:7F:72:4D:7D:CD:5F:C7:73:5E:AF
            X509v3 Authority Key Identifier:
                keyid:CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:98:54:8c:d1:5a:e5:75:97:54:ce:1c:2e:a2:01:92:61:7f:
         72:6e:71:9e:93:81:dd:4c:cb:26:c1:bd:a0:51:7d:95:3e:89:
         3a:9c:9c:0d:78:7f:69:ff:a1:70:34:16:7b:6f:74:b3:22:da:
         b5:8d:2b:87:7b:5b:19:a3:d6:30:a9:b1:cd:13:36:a0:d1:84:
         f7:d1:a1:b7:a1:f0:5a:43:49:ab:8b:3c:62:e7:f8:00:4c:5c:
         45:ba:89:47:83:29:70:8a:4f:61:f5:e6:fd:af:59:53:7e:69:
         ad:70:c3:09:8e:3f:6f:ef:e2:03:ec:d7:bc:c3:84:a9:ee:66:
         04:73:59:2c:aa:87:73:bd:79:ec:42:85:80:02:74:b5:69:ee:
         2c:c1:83:9f:86:2f:e9:18:3c:8f:66:81:9e:c6:bf:7c:0b:3d:
         60:c1:8b:b6:de:39:1e:7c:03:cc:90:fa:90:fc:f8:38:fa:47:
         95:08:24:80:22:a0:32:94:a2:de:3f:d9:19:d6:52:d6:33:21:
         a2:c5:01:47:67:23:1b:50:ea:bc:62:b7:13:a3:48:d4:86:a2:
         4f:45:50:e0:88:25:b2:86:71:1b:da:1a:36:bc:18:5a:60:8a:
         04:da:56:2d:91:07:30:3e:14:33:a8:c8:28:70:ba:03:13:3f:
         fe:4a:f9:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU3+NbmOp6FuI+SpJqFEL5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOWExY2I4MGZiNjM3MzJlNTMwMDQ3YTFlYzU1MjlmOGM4
YjFhMDYwHhcNMjUwODIzMDMwMTM5WhcNMjUwODI0MDMwMTM5WjAzMTEwLwYDVQQD
EyhkMzAyMmE3NTUzOTU4ZDMwZDRhYTdmNzI0ZDdkY2Q1ZmM3NzM1ZWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRcSw2+myCybr6UaUCW1bz3wO4te
fyBi/SurkbWKSOxKc9h0PrxstIwvl5uGBzWZ3D9Jf86OeYa1N2oCqw9p3UlJ6Mce
bZLLhabbG57oCohvxCEpl0O1VQWAy/fO5XSBy1R6InqCLHUF6A25RQk7yME15fM/
I1l8QsQ2V7avvUjfrrWyLZzC42HOhIAIbyGbX86nPRSmybAOgDNNjddRjA8MMyn2
unLtb6UwnHSIdO7xtUbefIB21T/E36a50wHPmxW84BnuQ8mL0PskCBNFzuNPZguf
HejogK7HZj0rTOB75fGw200W00YlqS1a8dj3sPz7alpPWjEb6+apzOfA8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNMCKnVTlY0w1Kp/ck19zV/Hc16vMB8GA1UdIwQY
MBaAFMuaHLgPtjcy5TAEeh7FUp+MixoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMt
MTEzZWRlM2FmZjc5LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMtMTEzZWRlM2FmZjc5
LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVZhUjNFa
5XWXVM4cLqIBkmF/cm5xnpOB3UzLJsG9oFF9lT6JOpycDXh/af+hcDQWe290syLa
tY0rh3tbGaPWMKmxzRM2oNGE99Ght6HwWkNJq4s8Yuf4AExcRbqJR4MpcIpPYfXm
/a9ZU35prXDDCY4/b+/iA+zXvMOEqe5mBHNZLKqHc7157EKFgAJ0tWnuLMGDn4Yv
6Rg8j2aBnsa/fAs9YMGLtt45HnwDzJD6kPz4OPpHlQgkgCKgMpSi3j/ZGdZS1jMh
osUBR2cjG1DqvGK3E6NI1IaiT0VQ4IglsoZxG9oaNrwYWmCKBNpWLZEHMD4UM6jI
KHC6AxM//kr5lQ==
-----END CERTIFICATE-----