Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft
File:                     yEg4FrQ75KdvYGCDK-xJkvpamM4.mft (raw, json)
Hash identifier:          ysrmiCNSyWaHUd4iqUJxc8PhhvFKjxqy9urlz76BttY=
Subject key identifier:   96:E7:F4:A5:A7:B7:85:43:33:F9:3B:B2:B2:EB:8F:94:D9:5E:A4:90
Authority key identifier: C8:48:38:16:B4:3B:E4:A7:6F:60:60:83:2B:EC:49:92:FA:5A:98:CE
Certificate issuer:       /CN=c8483816b43be4a76f6060832bec4992fa5a98ce
Certificate serial:       0197B6D7B4DC276AC38EFEFA9A0C83A21199
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft
Manifest number:          05D9
Signing time:             Sat 28 Jun 2025 14:01:19 +0000
Manifest this update:     Sat 28 Jun 2025 14:01:19 +0000
Manifest next update:     Sun 29 Jun 2025 14:01:19 +0000
Files and hashes:         1: yEg4FrQ75KdvYGCDK-xJkvpamM4.crl (hash: UXEybp9zsDffzn/5p6TwSEbvkQTT/jK34j0PiL71dEg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 14:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:d7:b4:dc:27:6a:c3:8e:fe:fa:9a:0c:83:a2:11:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8483816b43be4a76f6060832bec4992fa5a98ce
        Validity
            Not Before: Jun 28 14:01:19 2025 GMT
            Not After : Jun 29 14:01:19 2025 GMT
        Subject: CN=96e7f4a5a7b7854333f93bb2b2eb8f94d95ea490
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:b3:d7:63:d5:55:5f:85:c4:59:da:a4:fa:9b:
                    64:7c:ce:19:76:f0:1d:8d:39:cb:b4:9b:7f:48:4f:
                    d2:e9:71:5c:ba:39:85:3e:d0:8e:53:ff:4c:94:35:
                    68:f6:00:d9:60:8c:dd:90:f2:39:d5:83:68:c1:e9:
                    b0:38:f7:5e:38:22:4b:28:d7:ff:ef:92:c5:d4:a4:
                    b1:d8:c7:c7:c0:f9:44:78:41:32:6d:e4:64:4c:d6:
                    7c:8a:f7:ca:c1:af:46:71:86:5e:4c:b7:6a:9d:8f:
                    3f:cb:9e:7f:a2:a5:f4:97:83:4a:df:90:8a:59:bf:
                    06:10:b2:e0:88:4f:e5:92:cc:5e:af:6e:31:c5:67:
                    2b:f1:96:29:82:05:4e:b5:6d:76:ad:bc:97:cc:22:
                    d6:bd:89:bf:2a:d7:8f:5e:8a:60:a3:70:e5:4b:24:
                    65:92:a2:f2:45:6d:81:19:e3:86:2e:3c:d9:6d:b5:
                    b3:98:7e:98:70:f4:f0:0c:df:33:80:cd:68:fa:8b:
                    af:39:fe:4a:1e:55:19:74:43:1d:ad:8b:bf:70:8a:
                    af:f3:ef:6e:1e:6c:91:54:f7:6f:ed:5e:62:35:f3:
                    c8:51:fa:b3:e3:b4:09:98:60:a7:87:e3:aa:f9:7e:
                    19:39:c1:bd:db:88:9f:9b:4f:b9:cf:aa:3b:12:d0:
                    b6:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:E7:F4:A5:A7:B7:85:43:33:F9:3B:B2:B2:EB:8F:94:D9:5E:A4:90
            X509v3 Authority Key Identifier:
                keyid:C8:48:38:16:B4:3B:E4:A7:6F:60:60:83:2B:EC:49:92:FA:5A:98:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:e3:76:0e:07:3d:75:26:cc:e1:dd:f8:e3:c5:ad:dc:23:96:
         6c:e6:92:0f:a1:97:2c:33:87:ce:7f:6b:3d:e5:b0:33:d4:55:
         7b:cd:c4:07:d1:d7:9d:2c:5c:5d:b9:24:76:94:0e:40:93:bf:
         38:10:26:5e:8f:81:74:47:99:da:50:a4:3c:da:15:b3:da:5d:
         8a:35:40:13:58:c3:bd:48:b7:56:76:5c:cc:dd:ee:ea:90:5b:
         36:fd:19:d1:a8:22:bc:52:f3:90:71:3c:be:ff:65:63:f0:cb:
         2b:23:08:d0:60:7e:e6:7f:73:62:91:76:5e:a2:88:98:7f:22:
         32:2a:0c:43:d4:ae:59:81:24:c5:00:2f:9e:cc:14:72:ca:97:
         d4:2e:ee:ba:62:e6:b6:d0:5c:61:77:cb:4b:54:13:e0:0c:01:
         99:1f:96:6e:f8:7f:7f:e5:85:4b:93:85:b0:1b:a8:2e:0f:30:
         f6:42:ec:8f:04:a1:bf:88:29:bc:02:16:60:68:ba:bf:ca:ed:
         d5:1c:67:d0:92:45:b2:c4:6b:cb:6a:3d:49:47:5e:cc:7e:df:
         68:a8:85:1e:a7:d4:81:7a:30:f0:12:bf:d8:b5:00:72:c1:e6:
         d5:b4:78:87:97:79:a3:55:6e:71:28:6e:3c:bf:e4:d6:d7:bf:
         2a:7d:6d:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe217TcJ2rDjv76mgyDohGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NDgzODE2YjQzYmU0YTc2ZjYwNjA4MzJiZWM0OTkyZmE1
YTk4Y2UwHhcNMjUwNjI4MTQwMTE5WhcNMjUwNjI5MTQwMTE5WjAzMTEwLwYDVQQD
Eyg5NmU3ZjRhNWE3Yjc4NTQzMzNmOTNiYjJiMmViOGY5NGQ5NWVhNDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprPXY9VVX4XEWdqk+ptkfM4ZdvAd
jTnLtJt/SE/S6XFcujmFPtCOU/9MlDVo9gDZYIzdkPI51YNowemwOPdeOCJLKNf/
75LF1KSx2MfHwPlEeEEybeRkTNZ8ivfKwa9GcYZeTLdqnY8/y55/oqX0l4NK35CK
Wb8GELLgiE/lksxer24xxWcr8ZYpggVOtW12rbyXzCLWvYm/KtePXopgo3DlSyRl
kqLyRW2BGeOGLjzZbbWzmH6YcPTwDN8zgM1o+ouvOf5KHlUZdEMdrYu/cIqv8+9u
HmyRVPdv7V5iNfPIUfqz47QJmGCnh+Oq+X4ZOcG924ifm0+5z6o7EtC23QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJbn9KWnt4VDM/k7srLrj5TZXqSQMB8GA1UdIwQY
MBaAFMhIOBa0O+Snb2BggyvsSZL6WpjOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZDJjNTgtYTA3Yi00NDlkLTg0YWQt
MmEyMGE2MDhmNjMxLzEveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZDJjNTgtYTA3Yi00NDlkLTg0YWQtMmEyMGE2MDhmNjMx
LzEveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG+N2Dgc9
dSbM4d3448Wt3COWbOaSD6GXLDOHzn9rPeWwM9RVe83EB9HXnSxcXbkkdpQOQJO/
OBAmXo+BdEeZ2lCkPNoVs9pdijVAE1jDvUi3VnZczN3u6pBbNv0Z0agivFLzkHE8
vv9lY/DLKyMI0GB+5n9zYpF2XqKImH8iMioMQ9SuWYEkxQAvnswUcsqX1C7uumLm
ttBcYXfLS1QT4AwBmR+Wbvh/f+WFS5OFsBuoLg8w9kLsjwShv4gpvAIWYGi6v8rt
1Rxn0JJFssRry2o9SUdezH7faKiFHqfUgXow8BK/2LUAcsHm1bR4h5d5o1VucShu
PL/k1te/Kn1tnw==
-----END CERTIFICATE-----