Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
File:                     YNJSouMVOM2lhXutCYPIvfVYsXs.mft (raw, json)
Hash identifier:          Y/PhX1pGOhSw3WaSgCFpxg56aUxSJKcalQ++MYVjQ8M=
Subject key identifier:   FE:26:27:D4:24:82:F3:7F:58:91:08:2F:D0:87:AD:07:22:63:84:25
Authority key identifier: 60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B
Certificate issuer:       /CN=60d252a2e31538cda5857bad0983c8bdf558b17b
Certificate serial:       0197B6A145AEEE23351DF6BD93661DB672BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
Manifest number:          08F6
Signing time:             Sat 28 Jun 2025 13:01:51 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:51 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:51 +0000
Files and hashes:         1: YNJSouMVOM2lhXutCYPIvfVYsXs.crl (hash: JoVL/NqAuh9xtvlNWGo/Tvl0XGI/J+Mdh+aCCBR5yA8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:45:ae:ee:23:35:1d:f6:bd:93:66:1d:b6:72:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60d252a2e31538cda5857bad0983c8bdf558b17b
        Validity
            Not Before: Jun 28 13:01:51 2025 GMT
            Not After : Jun 29 13:01:51 2025 GMT
        Subject: CN=fe2627d42482f37f5891082fd087ad0722638425
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:a7:90:21:5b:5d:4d:f6:c6:27:f6:5a:35:c1:
                    79:70:53:26:ff:49:4b:8d:0d:b6:41:bc:4e:19:67:
                    95:e8:80:c6:76:c1:bb:80:7e:80:28:19:4c:37:57:
                    66:22:f8:40:d5:3e:3a:71:ab:c8:d2:72:a7:d4:87:
                    cb:a4:be:d0:13:34:c3:02:73:82:f7:88:71:31:79:
                    6d:38:76:f7:cc:7b:e8:33:a8:fe:c7:85:5a:31:87:
                    84:00:d5:6e:f3:97:08:9a:c9:99:e4:2c:d4:52:21:
                    3c:81:66:d8:75:b5:59:ce:e3:87:c2:da:7b:cb:30:
                    1d:89:f0:a8:c3:41:00:31:d1:3a:92:64:c7:32:62:
                    fb:56:86:84:b4:9a:68:48:91:0f:81:b2:5b:d9:48:
                    84:b6:4b:86:91:c5:99:af:66:d3:b2:f8:3f:41:fc:
                    9a:3c:45:7a:d6:5e:cc:3d:53:b7:04:6d:0d:c7:f7:
                    a0:2d:58:2e:91:da:b2:1d:14:56:62:4b:6d:c0:06:
                    2e:cf:53:a1:e0:13:22:95:5f:d9:78:9d:93:ef:fc:
                    cb:79:b5:92:6d:72:92:b7:e8:a4:06:35:4b:80:2b:
                    ea:41:ea:02:16:2f:46:a4:2e:41:a1:7c:82:00:1d:
                    f6:9b:5a:05:fe:01:1e:68:c9:56:26:d9:4f:a4:43:
                    75:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:26:27:D4:24:82:F3:7F:58:91:08:2F:D0:87:AD:07:22:63:84:25
            X509v3 Authority Key Identifier:
                keyid:60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:3a:6b:90:75:5f:14:4e:79:ab:44:d9:e3:4c:de:c0:7e:c3:
         80:0c:5e:07:4b:11:cd:78:15:c5:3d:98:de:d5:fd:50:2a:d5:
         1d:62:4a:fb:8c:70:25:69:a5:6e:6f:0c:2f:43:c3:84:e2:ac:
         bd:5e:19:86:53:b2:fe:3d:eb:04:c8:6f:20:f9:8d:2f:f2:ff:
         fd:32:57:60:be:43:d0:6b:54:b0:a5:58:fc:46:d7:2f:b5:3e:
         5f:ef:74:03:db:00:9f:23:b7:08:66:c6:85:04:71:bc:82:d9:
         c8:ba:7c:8c:11:c6:f8:2b:99:a4:09:20:40:d5:b1:99:94:8d:
         df:d0:99:7e:06:b8:03:91:bb:37:95:3e:14:af:62:e9:23:a1:
         ee:43:81:37:ea:98:b1:be:51:cc:9d:29:49:f3:9f:b7:9c:bc:
         6c:b9:ec:ad:af:e3:f1:6e:10:da:ba:e0:20:e4:73:ae:ef:c3:
         02:05:18:c4:9f:e9:cb:40:cd:51:74:32:3a:11:f0:f1:9b:27:
         f4:d8:6d:90:5c:cc:1e:46:10:08:2e:eb:cd:91:46:ed:6d:bd:
         6d:bc:69:a6:44:3c:7b:bb:31:64:b0:38:4b:a7:d0:e2:60:4d:
         84:95:07:b7:ba:ba:fd:6f:b6:72:8d:48:e0:cd:6e:d3:b6:6e:
         9a:cf:0f:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oUWu7iM1Hfa9k2YdtnK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZDI1MmEyZTMxNTM4Y2RhNTg1N2JhZDA5ODNjOGJkZjU1
OGIxN2IwHhcNMjUwNjI4MTMwMTUxWhcNMjUwNjI5MTMwMTUxWjAzMTEwLwYDVQQD
EyhmZTI2MjdkNDI0ODJmMzdmNTg5MTA4MmZkMDg3YWQwNzIyNjM4NDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqeQIVtdTfbGJ/ZaNcF5cFMm/0lL
jQ22QbxOGWeV6IDGdsG7gH6AKBlMN1dmIvhA1T46cavI0nKn1IfLpL7QEzTDAnOC
94hxMXltOHb3zHvoM6j+x4VaMYeEANVu85cImsmZ5CzUUiE8gWbYdbVZzuOHwtp7
yzAdifCow0EAMdE6kmTHMmL7VoaEtJpoSJEPgbJb2UiEtkuGkcWZr2bTsvg/Qfya
PEV61l7MPVO3BG0Nx/egLVgukdqyHRRWYkttwAYuz1Oh4BMilV/ZeJ2T7/zLebWS
bXKSt+ikBjVLgCvqQeoCFi9GpC5BoXyCAB32m1oF/gEeaMlWJtlPpEN1swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP4mJ9QkgvN/WJEIL9CHrQciY4QlMB8GA1UdIwQY
MBaAFGDSUqLjFTjNpYV7rQmDyL31WLF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYt
NTY2ZjZjZjQzMWMwLzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYtNTY2ZjZjZjQzMWMw
LzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACzprkHVf
FE55q0TZ40zewH7DgAxeB0sRzXgVxT2Y3tX9UCrVHWJK+4xwJWmlbm8ML0PDhOKs
vV4ZhlOy/j3rBMhvIPmNL/L//TJXYL5D0GtUsKVY/EbXL7U+X+90A9sAnyO3CGbG
hQRxvILZyLp8jBHG+CuZpAkgQNWxmZSN39CZfga4A5G7N5U+FK9i6SOh7kOBN+qY
sb5RzJ0pSfOft5y8bLnsra/j8W4Q2rrgIORzru/DAgUYxJ/py0DNUXQyOhHw8Zsn
9NhtkFzMHkYQCC7rzZFG7W29bbxppkQ8e7sxZLA4S6fQ4mBNhJUHt7q6/W+2co1I
4M1u07Zums8PXg==
-----END CERTIFICATE-----