Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
File:                     YQy4N7bSF3jkw9u5aWefDxxQtIo.mft (raw, json)
Hash identifier:          i3+pVcnUG2fMJ70m1l8en/+xTE6WyPyuL8x5cIwpz9k=
Subject key identifier:   7D:CD:C6:D2:F6:2F:6B:13:1F:6C:3F:EC:9A:5A:8D:74:0A:1F:0E:4F
Authority key identifier: 61:0C:B8:37:B6:D2:17:78:E4:C3:DB:B9:69:67:9F:0F:1C:50:B4:8A
Certificate issuer:       /CN=610cb837b6d21778e4c3dbb969679f0f1c50b48a
Certificate serial:       0197B6A0C200BC8529B2DE91A33595A81D22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
Manifest number:          0DCD
Signing time:             Sat 28 Jun 2025 13:01:18 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:18 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:18 +0000
Files and hashes:         1: YQy4N7bSF3jkw9u5aWefDxxQtIo.crl (hash: Vep4l58W6xUcptM8de0/4204SxD+M9C2OTkHDPdvGF4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:c2:00:bc:85:29:b2:de:91:a3:35:95:a8:1d:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=610cb837b6d21778e4c3dbb969679f0f1c50b48a
        Validity
            Not Before: Jun 28 13:01:18 2025 GMT
            Not After : Jun 29 13:01:18 2025 GMT
        Subject: CN=7dcdc6d2f62f6b131f6c3fec9a5a8d740a1f0e4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:b3:ed:d6:40:f0:ba:52:ef:ce:71:73:7d:b0:
                    8e:97:2b:60:9f:85:f9:b7:86:59:55:03:47:5c:b2:
                    83:08:7a:60:ca:d4:9d:18:88:7c:52:54:f7:4d:e4:
                    32:2c:09:bb:31:8f:eb:5f:b5:75:51:44:6f:5f:8b:
                    94:93:0d:66:8b:a8:b3:6b:78:3a:35:b2:05:ef:47:
                    ad:dc:4d:9a:c8:9b:76:fd:c3:70:8a:06:20:40:36:
                    0d:fd:8f:d6:2d:75:e3:85:6c:c1:bf:f1:1f:7a:2b:
                    a7:9a:f8:fa:2b:4a:11:4b:19:46:cb:1a:55:f2:86:
                    21:42:2f:5c:26:85:16:11:07:15:17:a5:77:e1:cd:
                    2a:9d:16:6c:5f:2d:bd:8b:8f:20:41:7e:cb:4e:03:
                    7c:b5:85:c6:76:f3:88:05:01:e0:ad:c8:20:21:dd:
                    bd:7d:b8:1b:66:e5:c6:a0:82:db:4a:ae:39:fb:55:
                    16:03:8e:37:f1:31:a4:ad:65:b2:a4:a8:6b:14:c1:
                    d1:2b:d0:c3:0d:b7:9b:b4:af:e7:0c:eb:bc:d3:9e:
                    95:3b:ca:60:b1:c3:74:a4:80:e3:07:f9:f7:e1:10:
                    be:9d:a2:53:08:58:94:4b:2d:e9:20:53:99:9c:cd:
                    0d:93:b2:14:56:06:40:af:47:33:a0:1b:1a:91:16:
                    15:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:CD:C6:D2:F6:2F:6B:13:1F:6C:3F:EC:9A:5A:8D:74:0A:1F:0E:4F
            X509v3 Authority Key Identifier:
                keyid:61:0C:B8:37:B6:D2:17:78:E4:C3:DB:B9:69:67:9F:0F:1C:50:B4:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:55:ca:aa:41:41:f9:45:d3:39:c2:15:a3:f5:49:8c:3d:4d:
         d5:51:ec:b0:f4:c9:2b:3a:b7:d2:a6:cf:43:cf:32:6f:bc:fe:
         09:41:3e:ce:e3:b9:76:d8:54:d7:d5:11:a3:94:d6:3a:33:c2:
         8a:f1:79:2b:d8:a9:89:33:32:9f:c4:b3:ae:d5:0d:40:a2:17:
         fe:87:46:9b:a6:00:67:d7:ca:f7:89:70:0e:04:d6:4d:0c:cf:
         db:29:e0:34:6a:7b:5b:60:bb:36:b9:87:f3:af:f1:01:55:a2:
         8e:48:17:ac:8e:6d:d5:73:4c:e2:3f:25:1a:00:3d:7b:77:7c:
         fd:f2:37:93:23:f2:b1:1f:06:8f:98:32:ab:2d:b3:68:62:bc:
         fb:01:3d:ab:5c:95:31:dc:37:f8:bd:00:80:a5:22:f1:e5:82:
         81:d4:db:5e:3e:75:47:96:91:c2:e7:8c:3a:d7:df:d3:0b:eb:
         ae:0e:65:7f:5c:35:fc:9c:49:42:7d:97:3d:2c:da:a2:db:da:
         b6:b5:f8:16:1f:e3:dc:6f:d7:90:8a:f6:19:53:b6:87:db:a2:
         e4:16:2a:e2:4e:cf:5c:4b:b4:46:c3:b7:98:8a:24:32:ea:8e:
         ce:dd:c8:a8:62:9b:a5:03:63:ae:f6:08:47:23:0d:c1:79:63:
         bb:69:e5:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oMIAvIUpst6RozWVqB0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMGNiODM3YjZkMjE3NzhlNGMzZGJiOTY5Njc5ZjBmMWM1
MGI0OGEwHhcNMjUwNjI4MTMwMTE4WhcNMjUwNjI5MTMwMTE4WjAzMTEwLwYDVQQD
Eyg3ZGNkYzZkMmY2MmY2YjEzMWY2YzNmZWM5YTVhOGQ3NDBhMWYwZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrPt1kDwulLvznFzfbCOlytgn4X5
t4ZZVQNHXLKDCHpgytSdGIh8UlT3TeQyLAm7MY/rX7V1UURvX4uUkw1mi6iza3g6
NbIF70et3E2ayJt2/cNwigYgQDYN/Y/WLXXjhWzBv/Efeiunmvj6K0oRSxlGyxpV
8oYhQi9cJoUWEQcVF6V34c0qnRZsXy29i48gQX7LTgN8tYXGdvOIBQHgrcggId29
fbgbZuXGoILbSq45+1UWA4438TGkrWWypKhrFMHRK9DDDbebtK/nDOu8056VO8pg
scN0pIDjB/n34RC+naJTCFiUSy3pIFOZnM0Nk7IUVgZAr0czoBsakRYVRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH3NxtL2L2sTH2w/7JpajXQKHw5PMB8GA1UdIwQY
MBaAFGEMuDe20hd45MPbuWlnnw8cULSKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy85OGU4MjUtYjU4Yy00NTZlLWFmMjgt
N2IzNWEwNmFiNTRiLzEvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy85OGU4MjUtYjU4Yy00NTZlLWFmMjgtN2IzNWEwNmFiNTRi
LzEvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe1XKqkFB
+UXTOcIVo/VJjD1N1VHssPTJKzq30qbPQ88yb7z+CUE+zuO5dthU19URo5TWOjPC
ivF5K9ipiTMyn8SzrtUNQKIX/odGm6YAZ9fK94lwDgTWTQzP2yngNGp7W2C7NrmH
86/xAVWijkgXrI5t1XNM4j8lGgA9e3d8/fI3kyPysR8Gj5gyqy2zaGK8+wE9q1yV
Mdw3+L0AgKUi8eWCgdTbXj51R5aRwueMOtff0wvrrg5lf1w1/JxJQn2XPSzaotva
trX4Fh/j3G/XkIr2GVO2h9ui5BYq4k7PXEu0RsO3mIokMuqOzt3IqGKbpQNjrvYI
RyMNwXlju2nl9w==
-----END CERTIFICATE-----