Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft
File:                     yEg4FrQ75KdvYGCDK-xJkvpamM4.mft (raw, json)
Hash identifier:          VPe2eabL7aQIZa27WqL3xYl8a41lG08x0Nn/n3x3ppM=
Subject key identifier:   99:1E:B2:F3:4C:ED:BA:93:D5:41:1D:A9:60:00:58:1E:D0:D2:9F:DA
Authority key identifier: C8:48:38:16:B4:3B:E4:A7:6F:60:60:83:2B:EC:49:92:FA:5A:98:CE
Certificate issuer:       /CN=c8483816b43be4a76f6060832bec4992fa5a98ce
Certificate serial:       0198D4A84E03B61DF02C16AD010698CAC18F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft
Manifest number:          066D
Signing time:             Sat 23 Aug 2025 02:00:56 +0000
Manifest this update:     Sat 23 Aug 2025 02:00:56 +0000
Manifest next update:     Sun 24 Aug 2025 02:00:56 +0000
Files and hashes:         1: yEg4FrQ75KdvYGCDK-xJkvpamM4.crl (hash: 2hhlWoPhBGN4K64crJu/VtoDLbYZ+1k/bfzHvY5aPKQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:a8:4e:03:b6:1d:f0:2c:16:ad:01:06:98:ca:c1:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8483816b43be4a76f6060832bec4992fa5a98ce
        Validity
            Not Before: Aug 23 02:00:56 2025 GMT
            Not After : Aug 24 02:00:56 2025 GMT
        Subject: CN=991eb2f34cedba93d5411da96000581ed0d29fda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:35:05:d4:e1:1c:dc:10:f0:60:4f:6a:33:ab:
                    48:52:33:8e:f7:5b:7c:36:b2:25:1c:81:5c:fd:fd:
                    41:82:e5:b6:96:dc:f4:22:3a:04:01:0f:13:55:6f:
                    ec:17:d4:1e:c1:6d:86:d1:17:4a:ea:c2:8d:94:21:
                    34:35:e3:0e:2f:dc:73:6b:ae:2d:ec:29:86:da:21:
                    9b:17:2a:3a:7f:76:a3:4e:2b:4d:65:33:ac:98:0e:
                    66:5d:9b:44:bf:1a:5f:91:01:a3:ce:65:d0:95:c2:
                    4e:5a:4a:da:20:43:26:9c:84:a9:fd:f3:ba:5c:02:
                    8a:dc:fa:14:1d:9d:b3:51:c3:79:8e:47:fa:9f:a7:
                    bb:69:24:89:36:80:34:0b:5e:3a:e5:3c:24:e4:29:
                    43:87:6a:4d:77:c1:e8:63:3b:83:ae:20:96:0d:ec:
                    ae:3a:de:0f:e9:e4:f4:d9:6c:2a:27:0d:66:6c:a6:
                    07:ca:46:98:db:6e:40:39:f0:89:84:fc:6b:ba:03:
                    e1:8c:c6:ad:23:be:8b:e5:32:62:60:6b:48:69:b9:
                    8a:61:0c:a1:17:c7:3f:98:78:c9:1d:bf:29:f0:99:
                    db:88:9e:49:a4:3f:c1:b5:53:cb:c8:35:59:7e:85:
                    c4:ac:9a:4e:d6:24:11:13:cb:06:98:b6:44:f7:18:
                    3c:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:1E:B2:F3:4C:ED:BA:93:D5:41:1D:A9:60:00:58:1E:D0:D2:9F:DA
            X509v3 Authority Key Identifier:
                keyid:C8:48:38:16:B4:3B:E4:A7:6F:60:60:83:2B:EC:49:92:FA:5A:98:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:a4:2a:9b:6b:a5:7b:6b:96:9c:91:a8:9d:0d:de:a0:7a:3b:
         e9:11:8f:64:14:e1:47:86:1a:3f:8e:6f:f6:4e:2b:91:a6:c3:
         95:c2:5d:55:ce:6a:a9:e2:1a:69:24:bd:97:7f:1a:fe:0b:a1:
         83:20:92:3e:cb:9b:e3:b9:40:99:6f:6d:ce:16:ee:05:c5:01:
         b4:c9:8f:fb:a1:66:6f:de:c0:63:f8:e3:12:d9:ae:42:db:8e:
         95:95:d8:83:3b:ac:b3:0a:77:48:18:46:7e:67:65:fc:68:1d:
         fe:e6:08:44:6b:1a:9e:d4:c0:2d:b1:f6:a3:19:0c:b0:35:a6:
         57:7e:bc:94:3f:da:8a:cc:13:74:ad:f5:ab:ca:8b:0b:fe:9b:
         36:bb:3a:b3:5b:6d:32:17:14:e1:66:65:07:8c:71:51:21:94:
         62:42:62:2b:0e:31:88:7b:67:b9:7f:fb:05:4c:e4:2d:7b:c7:
         0b:da:d1:42:6c:c4:2b:83:23:44:18:f2:96:b5:74:05:c1:20:
         a3:10:46:f7:fa:b2:f6:68:dc:1e:ae:db:3d:f4:94:35:e6:e4:
         17:fe:be:04:79:2c:d3:8c:24:79:eb:e8:e1:08:da:f5:f7:5c:
         68:f1:97:6e:89:13:87:3f:3d:44:c8:b3:44:10:18:72:68:c4:
         fe:7c:9c:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUqE4Dth3wLBatAQaYysGPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NDgzODE2YjQzYmU0YTc2ZjYwNjA4MzJiZWM0OTkyZmE1
YTk4Y2UwHhcNMjUwODIzMDIwMDU2WhcNMjUwODI0MDIwMDU2WjAzMTEwLwYDVQQD
Eyg5OTFlYjJmMzRjZWRiYTkzZDU0MTFkYTk2MDAwNTgxZWQwZDI5ZmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDUF1OEc3BDwYE9qM6tIUjOO91t8
NrIlHIFc/f1BguW2ltz0IjoEAQ8TVW/sF9QewW2G0RdK6sKNlCE0NeMOL9xza64t
7CmG2iGbFyo6f3ajTitNZTOsmA5mXZtEvxpfkQGjzmXQlcJOWkraIEMmnISp/fO6
XAKK3PoUHZ2zUcN5jkf6n6e7aSSJNoA0C1465Twk5ClDh2pNd8HoYzuDriCWDeyu
Ot4P6eT02WwqJw1mbKYHykaY225AOfCJhPxrugPhjMatI76L5TJiYGtIabmKYQyh
F8c/mHjJHb8p8JnbiJ5JpD/BtVPLyDVZfoXErJpO1iQRE8sGmLZE9xg8fwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJkesvNM7bqT1UEdqWAAWB7Q0p/aMB8GA1UdIwQY
MBaAFMhIOBa0O+Snb2BggyvsSZL6WpjOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZDJjNTgtYTA3Yi00NDlkLTg0YWQt
MmEyMGE2MDhmNjMxLzEveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZDJjNTgtYTA3Yi00NDlkLTg0YWQtMmEyMGE2MDhmNjMx
LzEveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADaQqm2ul
e2uWnJGonQ3eoHo76RGPZBThR4YaP45v9k4rkabDlcJdVc5qqeIaaSS9l38a/guh
gyCSPsub47lAmW9tzhbuBcUBtMmP+6Fmb97AY/jjEtmuQtuOlZXYgzusswp3SBhG
fmdl/Ggd/uYIRGsantTALbH2oxkMsDWmV368lD/aiswTdK31q8qLC/6bNrs6s1tt
MhcU4WZlB4xxUSGUYkJiKw4xiHtnuX/7BUzkLXvHC9rRQmzEK4MjRBjylrV0BcEg
oxBG9/qy9mjcHq7bPfSUNebkF/6+BHks04wkeevo4Qja9fdcaPGXbokThz89RMiz
RBAYcmjE/nycXQ==
-----END CERTIFICATE-----