Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
File:                     ydD7lgitlbS_5q4unxPgAv2raA0.mft (raw, json)
Hash identifier:          eJowNq2AdAdJ9c4xCRduSaSgvj4lTnKuS93klUM9dyY=
Subject key identifier:   12:11:50:AF:74:AB:CD:05:F5:5A:31:40:E5:1E:B9:79:40:AA:BD:80
Authority key identifier: C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D
Certificate issuer:       /CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
Certificate serial:       0198D5F1561B911C3D804D00C113CE9299FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
Manifest number:          04E3
Signing time:             Sat 23 Aug 2025 08:00:19 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:19 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:19 +0000
Files and hashes:         1: ydD7lgitlbS_5q4unxPgAv2raA0.crl (hash: RpS0Eovj6bVK8C/Y5qvWF2dl+c6+RVdxhhgt7oOx4cU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:56:1b:91:1c:3d:80:4d:00:c1:13:ce:92:99:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
        Validity
            Not Before: Aug 23 08:00:19 2025 GMT
            Not After : Aug 24 08:00:19 2025 GMT
        Subject: CN=121150af74abcd05f55a3140e51eb97940aabd80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:c5:a4:98:3b:9e:99:d3:87:a5:62:9a:66:6d:
                    92:ab:d7:1f:a3:0b:65:79:45:de:1e:7a:13:e2:5b:
                    a0:3f:de:c7:00:55:b5:49:cc:ef:bc:89:7a:e3:f7:
                    db:cd:10:6a:ab:40:ad:9d:0a:b3:60:19:4f:7d:c0:
                    2f:d9:ed:f9:df:58:8e:22:67:b8:45:3e:dd:39:19:
                    e2:e6:6c:e6:12:11:bb:7e:71:73:12:80:f8:84:bb:
                    ed:14:e5:5e:9b:a7:f4:c4:c0:99:a5:7d:3d:1d:69:
                    c6:c0:fd:db:8c:59:ef:11:12:12:b7:a4:7b:d0:ac:
                    fe:04:bc:d4:5f:4b:b3:8b:60:24:5e:b8:88:9d:41:
                    41:82:7b:e9:18:9a:98:26:a2:1f:4d:0d:52:18:27:
                    70:e7:87:ed:f9:a4:ba:cc:25:5e:fd:eb:ea:66:f1:
                    5d:0b:53:8b:22:35:06:67:06:72:41:8a:84:ae:61:
                    51:61:f0:7a:b9:aa:9e:84:e4:df:3c:7b:86:8d:f1:
                    b6:66:d4:2c:11:9a:22:48:5f:75:71:41:ce:ae:3a:
                    55:1a:bd:da:49:ab:5f:e8:7b:38:52:cb:af:ac:ca:
                    5b:ce:14:88:4c:b9:ca:c9:d9:4e:f0:5c:d8:e4:30:
                    6a:8b:de:57:05:66:3c:6f:9a:87:6b:3d:2a:73:d2:
                    8e:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:11:50:AF:74:AB:CD:05:F5:5A:31:40:E5:1E:B9:79:40:AA:BD:80
            X509v3 Authority Key Identifier:
                keyid:C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:ce:50:09:e4:4c:eb:14:14:0f:06:86:cb:96:15:42:a0:13:
         91:12:55:b7:c1:18:54:a7:3f:db:5e:6b:39:38:20:88:83:38:
         72:92:d9:35:9b:bc:df:43:45:9d:d0:80:01:48:61:26:83:6f:
         81:e5:0c:ad:e7:7d:2f:fd:65:dd:15:ee:99:18:47:21:d8:ad:
         6a:b2:02:1b:b0:03:19:ae:34:34:4c:7e:8e:18:d4:78:09:09:
         34:5e:f2:df:d6:b1:04:d3:6a:40:29:b8:6f:07:ba:ff:e9:fc:
         54:ed:ff:75:45:57:30:70:67:11:cb:f4:77:b6:04:85:f5:94:
         e9:04:c6:83:83:dc:04:ad:06:53:ac:12:e2:c6:b5:00:9c:f8:
         5e:70:f8:4d:17:fc:b2:30:23:5d:94:2a:e2:52:b6:e5:d3:37:
         9e:36:46:4f:d3:9e:f9:bf:0a:71:a6:f3:11:23:3b:b3:c5:43:
         3c:a1:f6:c9:de:68:59:81:80:5e:48:82:4f:d5:d9:84:43:75:
         68:fd:02:b7:e0:5e:5d:19:a0:ee:34:13:b1:7a:e4:7c:e1:02:
         9a:d3:b3:fa:71:71:79:a0:37:78:41:82:80:7d:76:9c:4a:a7:
         94:3f:56:21:7c:35:f2:50:74:72:3a:8c:09:88:60:fa:b9:3e:
         98:16:92:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8VYbkRw9gE0AwRPOkpn7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDBmYjk2MDhhZDk1YjRiZmU2YWUyZTlmMTNlMDAyZmRh
YjY4MGQwHhcNMjUwODIzMDgwMDE5WhcNMjUwODI0MDgwMDE5WjAzMTEwLwYDVQQD
EygxMjExNTBhZjc0YWJjZDA1ZjU1YTMxNDBlNTFlYjk3OTQwYWFiZDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsWkmDuemdOHpWKaZm2Sq9cfowtl
eUXeHnoT4lugP97HAFW1SczvvIl64/fbzRBqq0CtnQqzYBlPfcAv2e3531iOIme4
RT7dORni5mzmEhG7fnFzEoD4hLvtFOVem6f0xMCZpX09HWnGwP3bjFnvERISt6R7
0Kz+BLzUX0uzi2AkXriInUFBgnvpGJqYJqIfTQ1SGCdw54ft+aS6zCVe/evqZvFd
C1OLIjUGZwZyQYqErmFRYfB6uaqehOTfPHuGjfG2ZtQsEZoiSF91cUHOrjpVGr3a
Satf6Hs4UsuvrMpbzhSITLnKydlO8FzY5DBqi95XBWY8b5qHaz0qc9KO1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBIRUK90q80F9VoxQOUeuXlAqr2AMB8GA1UdIwQY
MBaAFMnQ+5YIrZW0v+auLp8T4AL9q2gNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjkt
MDUzNDk1ODc1OWFjLzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjktMDUzNDk1ODc1OWFj
LzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg85QCeRM
6xQUDwaGy5YVQqATkRJVt8EYVKc/215rOTggiIM4cpLZNZu830NFndCAAUhhJoNv
geUMred9L/1l3RXumRhHIditarICG7ADGa40NEx+jhjUeAkJNF7y39axBNNqQCm4
bwe6/+n8VO3/dUVXMHBnEcv0d7YEhfWU6QTGg4PcBK0GU6wS4sa1AJz4XnD4TRf8
sjAjXZQq4lK25dM3njZGT9Oe+b8KcabzESM7s8VDPKH2yd5oWYGAXkiCT9XZhEN1
aP0Ct+BeXRmg7jQTsXrkfOECmtOz+nFxeaA3eEGCgH12nEqnlD9WIXw18lB0cjqM
CYhg+rk+mBaSCQ==
-----END CERTIFICATE-----