Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
File:                     YNJSouMVOM2lhXutCYPIvfVYsXs.mft (raw, json)
Hash identifier:          RNJTjNt5uDbvoAp3Lg1YrPf7fm2f3fc7PTVLqNF7IRI=
Subject key identifier:   46:36:3E:03:42:7B:F9:50:B5:65:08:34:87:68:7B:6E:F4:13:97:7B
Authority key identifier: 60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B
Certificate issuer:       /CN=60d252a2e31538cda5857bad0983c8bdf558b17b
Certificate serial:       0198D472CCCC4BCE392F2C969E98E10FEA93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
Manifest number:          098A
Signing time:             Sat 23 Aug 2025 01:02:29 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:29 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:29 +0000
Files and hashes:         1: YNJSouMVOM2lhXutCYPIvfVYsXs.crl (hash: j/W6edRDXvPIM7Ma0hqoZsBGQa6+kG3Byid/mSeEP1E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:02:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:cc:cc:4b:ce:39:2f:2c:96:9e:98:e1:0f:ea:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60d252a2e31538cda5857bad0983c8bdf558b17b
        Validity
            Not Before: Aug 23 01:02:29 2025 GMT
            Not After : Aug 24 01:02:29 2025 GMT
        Subject: CN=46363e03427bf950b565083487687b6ef413977b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:fb:5f:91:db:21:29:2f:13:a5:70:02:3e:1e:
                    2b:de:f4:12:9e:2f:7b:f7:9d:cc:b5:c0:62:14:01:
                    0a:1b:fc:f6:56:56:7a:ce:69:eb:25:92:90:a1:49:
                    65:c8:e6:74:38:16:91:ef:f4:52:90:1e:ba:a4:0a:
                    15:86:80:0c:86:8e:03:d3:6e:db:06:df:ec:15:1e:
                    80:a4:df:23:ef:3f:53:bd:01:d4:80:29:2a:61:05:
                    42:63:a3:8d:42:bd:6e:3d:da:81:30:c0:91:a4:9c:
                    06:63:7e:d2:06:10:70:9e:cb:bd:3c:fb:86:c6:43:
                    a5:c7:fb:5a:b2:7f:c1:e9:0b:56:a6:d4:35:1f:17:
                    bf:7b:85:bd:bb:c7:eb:cb:eb:d9:6a:c8:b9:7e:e1:
                    30:38:35:47:80:96:d4:4e:9a:f2:57:c3:25:04:be:
                    0d:03:77:f4:21:2a:90:4c:fd:42:05:b6:64:8e:75:
                    bf:21:91:a2:f8:93:ab:73:dc:40:01:8f:b6:47:0b:
                    d0:58:30:cb:57:f9:f0:80:86:36:48:40:b8:54:42:
                    df:00:45:a0:c1:ba:63:30:e2:23:52:16:e4:07:c3:
                    f9:d7:9b:fa:8e:47:7c:cf:65:64:05:a0:51:a0:fd:
                    c5:d0:6a:2c:8d:26:c8:c4:53:53:19:50:cf:e4:bc:
                    e2:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:36:3E:03:42:7B:F9:50:B5:65:08:34:87:68:7B:6E:F4:13:97:7B
            X509v3 Authority Key Identifier:
                keyid:60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:cb:70:19:44:d3:65:01:c7:84:34:8b:da:14:05:70:21:0a:
         d1:c2:a9:40:8b:49:c5:9c:92:09:36:4c:e5:54:c7:87:0c:84:
         a4:58:2a:8a:87:d6:31:9f:a7:4e:f1:26:9e:d7:47:74:9d:20:
         ca:54:c3:55:2c:79:1a:4a:52:01:e3:7e:15:42:c7:c7:ee:e9:
         43:ba:6d:bf:6d:a8:8e:93:08:61:e2:b8:6c:2d:4b:5f:f6:73:
         33:04:00:7e:29:af:b7:17:43:f2:b5:0c:8c:c7:ef:5c:ac:b1:
         d7:7b:12:02:a5:c8:fe:4d:de:30:d6:7c:85:6e:ed:58:e3:25:
         50:01:ff:8c:2e:df:bd:1b:cc:29:45:5f:6d:7b:98:cf:92:26:
         69:41:3d:b8:9d:0d:76:5c:62:93:b0:57:63:72:cc:7d:71:4c:
         a7:b1:92:7f:28:b7:20:ca:90:7d:9f:33:d6:82:e7:23:59:f6:
         2d:27:40:b9:b2:b0:f7:fe:b3:09:f7:7d:55:8f:f0:75:69:6b:
         41:83:b0:1e:20:eb:49:07:0e:34:7c:b4:88:00:a7:da:01:97:
         5d:a3:93:ad:ce:dc:50:f2:89:da:cc:88:41:ae:23:c0:a1:49:
         ba:37:15:a2:9a:94:7b:0b:6b:fa:23:56:21:61:8e:74:c4:9f:
         2f:38:38:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcszMS845LyyWnpjhD+qTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZDI1MmEyZTMxNTM4Y2RhNTg1N2JhZDA5ODNjOGJkZjU1
OGIxN2IwHhcNMjUwODIzMDEwMjI5WhcNMjUwODI0MDEwMjI5WjAzMTEwLwYDVQQD
Eyg0NjM2M2UwMzQyN2JmOTUwYjU2NTA4MzQ4NzY4N2I2ZWY0MTM5NzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPtfkdshKS8TpXACPh4r3vQSni97
953MtcBiFAEKG/z2VlZ6zmnrJZKQoUllyOZ0OBaR7/RSkB66pAoVhoAMho4D027b
Bt/sFR6ApN8j7z9TvQHUgCkqYQVCY6ONQr1uPdqBMMCRpJwGY37SBhBwnsu9PPuG
xkOlx/tasn/B6QtWptQ1Hxe/e4W9u8fry+vZasi5fuEwODVHgJbUTpryV8MlBL4N
A3f0ISqQTP1CBbZkjnW/IZGi+JOrc9xAAY+2RwvQWDDLV/nwgIY2SEC4VELfAEWg
wbpjMOIjUhbkB8P515v6jkd8z2VkBaBRoP3F0GosjSbIxFNTGVDP5LzivwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEY2PgNCe/lQtWUINIdoe270E5d7MB8GA1UdIwQY
MBaAFGDSUqLjFTjNpYV7rQmDyL31WLF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYt
NTY2ZjZjZjQzMWMwLzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYtNTY2ZjZjZjQzMWMw
LzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL8twGUTT
ZQHHhDSL2hQFcCEK0cKpQItJxZySCTZM5VTHhwyEpFgqiofWMZ+nTvEmntdHdJ0g
ylTDVSx5GkpSAeN+FULHx+7pQ7ptv22ojpMIYeK4bC1LX/ZzMwQAfimvtxdD8rUM
jMfvXKyx13sSAqXI/k3eMNZ8hW7tWOMlUAH/jC7fvRvMKUVfbXuYz5ImaUE9uJ0N
dlxik7BXY3LMfXFMp7GSfyi3IMqQfZ8z1oLnI1n2LSdAubKw9/6zCfd9VY/wdWlr
QYOwHiDrSQcONHy0iACn2gGXXaOTrc7cUPKJ2syIQa4jwKFJujcVopqUewtr+iNW
IWGOdMSfLzg4tA==
-----END CERTIFICATE-----