Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b09fec-d85d-4b64-a612-11eeca266d6c/1/YZp5QeDCyGEyL4Me0G8H-3CFo7s.mft
File:                     YZp5QeDCyGEyL4Me0G8H-3CFo7s.mft (raw, json)
Hash identifier:          Eo9yc3iV37gwT0rb0bY64u75fvexnl0H/PGxt39DzyY=
Subject key identifier:   D4:58:FC:22:67:53:1E:D7:2F:76:82:B0:5E:6D:BD:81:62:8C:A7:FE
Authority key identifier: 61:9A:79:41:E0:C2:C8:61:32:2F:83:1E:D0:6F:07:FB:70:85:A3:BB
Certificate issuer:       /CN=619a7941e0c2c861322f831ed06f07fb7085a3bb
Certificate serial:       0197B5FBE8A05F6929CEB628D5CAB52BFDB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YZp5QeDCyGEyL4Me0G8H-3CFo7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/b09fec-d85d-4b64-a612-11eeca266d6c/1/YZp5QeDCyGEyL4Me0G8H-3CFo7s.mft
Manifest number:          11CF
Signing time:             Sat 28 Jun 2025 10:01:14 +0000
Manifest this update:     Sat 28 Jun 2025 10:01:14 +0000
Manifest next update:     Sun 29 Jun 2025 10:01:14 +0000
Files and hashes:         1: YZp5QeDCyGEyL4Me0G8H-3CFo7s.crl (hash: iMXRlVD8AGMu+2dBoWs1TPi6EanFrCJcygJCBVEpZpM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/b09fec-d85d-4b64-a612-11eeca266d6c/1/YZp5QeDCyGEyL4Me0G8H-3CFo7s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/b09fec-d85d-4b64-a612-11eeca266d6c/1/YZp5QeDCyGEyL4Me0G8H-3CFo7s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YZp5QeDCyGEyL4Me0G8H-3CFo7s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:fb:e8:a0:5f:69:29:ce:b6:28:d5:ca:b5:2b:fd:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=619a7941e0c2c861322f831ed06f07fb7085a3bb
        Validity
            Not Before: Jun 28 10:01:14 2025 GMT
            Not After : Jun 29 10:01:14 2025 GMT
        Subject: CN=d458fc2267531ed72f7682b05e6dbd81628ca7fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:e1:c9:bd:73:cb:2d:79:4b:ff:2c:58:e3:e8:
                    84:4e:6c:c1:77:0a:29:f4:86:bd:e8:f4:f5:c0:43:
                    d9:f9:63:f1:85:e8:21:5f:2f:7e:06:2e:8c:5c:be:
                    ca:71:ce:a0:92:b5:93:c2:ae:ec:97:87:a0:51:98:
                    3d:6c:1f:a4:a7:50:67:b1:f8:ca:eb:7d:db:0c:76:
                    d4:3a:0a:d8:99:94:a8:2a:d4:c2:ee:f1:5b:7d:09:
                    86:f3:5b:32:55:4e:72:76:3d:75:99:8c:f4:ae:6e:
                    30:06:d7:7b:e4:c9:93:54:85:13:47:18:d0:62:2c:
                    ba:3b:46:bf:8e:7a:81:86:19:b7:a9:59:27:d4:d7:
                    fb:0e:18:fe:09:eb:cb:bb:89:c7:cf:3a:bd:d5:33:
                    03:c4:8e:f8:38:31:4e:2d:0c:0d:85:c3:cb:e1:96:
                    80:ac:62:d1:ce:d3:62:2d:27:15:da:b3:ff:7a:6c:
                    d2:0c:a3:1b:ef:be:1c:52:d4:99:8e:a5:0e:7e:4e:
                    d4:e0:d0:22:80:36:33:6a:33:c9:9c:f8:62:f9:b9:
                    1f:64:d3:94:81:40:07:8e:65:95:7b:a7:37:d5:31:
                    c1:7b:78:30:b0:93:af:da:42:a6:e7:c7:71:4f:38:
                    ea:3e:3a:3f:f8:81:54:5a:ed:fe:3f:3f:0b:12:76:
                    17:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:58:FC:22:67:53:1E:D7:2F:76:82:B0:5E:6D:BD:81:62:8C:A7:FE
            X509v3 Authority Key Identifier:
                keyid:61:9A:79:41:E0:C2:C8:61:32:2F:83:1E:D0:6F:07:FB:70:85:A3:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YZp5QeDCyGEyL4Me0G8H-3CFo7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b09fec-d85d-4b64-a612-11eeca266d6c/1/YZp5QeDCyGEyL4Me0G8H-3CFo7s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b09fec-d85d-4b64-a612-11eeca266d6c/1/YZp5QeDCyGEyL4Me0G8H-3CFo7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:c5:b1:dd:da:6a:a5:4f:bc:92:31:6a:c0:57:d6:0d:49:58:
         5f:7b:9a:a4:cf:34:38:50:fe:3d:f8:5b:41:b4:ee:18:71:f4:
         ba:59:25:6c:e1:9f:0a:aa:71:94:5d:43:20:c4:6a:d7:1b:6f:
         60:bd:12:a5:86:01:2f:bf:52:8d:1e:68:de:e0:c7:ea:09:e0:
         e0:fd:d2:20:3b:ef:6d:e0:66:e1:65:98:8b:87:95:c6:6b:58:
         08:d2:a9:b6:e4:14:bd:82:4f:76:3e:06:a8:2c:d0:2d:c2:c7:
         03:a1:51:0d:2e:cd:38:48:71:2a:90:57:12:80:50:2d:4e:ce:
         84:8d:04:53:df:8a:73:fe:a0:ea:4f:64:b2:41:d6:ba:91:03:
         ab:f0:01:a0:0a:68:bd:a6:9b:2e:80:43:76:97:f5:c0:f7:4e:
         22:48:8f:7b:d6:06:85:81:98:aa:4c:56:f0:85:6d:bd:e3:5a:
         84:ae:88:66:c3:56:b9:33:fc:af:42:b8:18:72:88:8d:31:71:
         c8:71:11:b7:da:8f:84:27:bf:c2:98:c1:57:31:0e:76:62:94:
         b4:00:04:4f:6e:a7:ef:c1:e7:d4:21:5e:dc:8f:aa:dc:b6:77:
         54:7c:3d:7e:8c:49:4e:95:41:65:c9:65:a7:9e:f3:f6:2d:02:
         b7:19:ea:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1++igX2kpzrYo1cq1K/25MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxOWE3OTQxZTBjMmM4NjEzMjJmODMxZWQwNmYwN2ZiNzA4
NWEzYmIwHhcNMjUwNjI4MTAwMTE0WhcNMjUwNjI5MTAwMTE0WjAzMTEwLwYDVQQD
EyhkNDU4ZmMyMjY3NTMxZWQ3MmY3NjgyYjA1ZTZkYmQ4MTYyOGNhN2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+HJvXPLLXlL/yxY4+iETmzBdwop
9Ia96PT1wEPZ+WPxheghXy9+Bi6MXL7Kcc6gkrWTwq7sl4egUZg9bB+kp1BnsfjK
633bDHbUOgrYmZSoKtTC7vFbfQmG81syVU5ydj11mYz0rm4wBtd75MmTVIUTRxjQ
Yiy6O0a/jnqBhhm3qVkn1Nf7Dhj+CevLu4nHzzq91TMDxI74ODFOLQwNhcPL4ZaA
rGLRztNiLScV2rP/emzSDKMb774cUtSZjqUOfk7U4NAigDYzajPJnPhi+bkfZNOU
gUAHjmWVe6c31THBe3gwsJOv2kKm58dxTzjqPjo/+IFUWu3+Pz8LEnYXiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNRY/CJnUx7XL3aCsF5tvYFijKf+MB8GA1UdIwQY
MBaAFGGaeUHgwshhMi+DHtBvB/twhaO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVpwNVFlREN5R0V5TDRNZTBHOEgtM0NGbzdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iMDlmZWMtZDg1ZC00YjY0LWE2MTIt
MTFlZWNhMjY2ZDZjLzEvWVpwNVFlREN5R0V5TDRNZTBHOEgtM0NGbzdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iMDlmZWMtZDg1ZC00YjY0LWE2MTItMTFlZWNhMjY2ZDZj
LzEvWVpwNVFlREN5R0V5TDRNZTBHOEgtM0NGbzdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAusWx3dpq
pU+8kjFqwFfWDUlYX3uapM80OFD+PfhbQbTuGHH0ulklbOGfCqpxlF1DIMRq1xtv
YL0SpYYBL79SjR5o3uDH6gng4P3SIDvvbeBm4WWYi4eVxmtYCNKptuQUvYJPdj4G
qCzQLcLHA6FRDS7NOEhxKpBXEoBQLU7OhI0EU9+Kc/6g6k9kskHWupEDq/ABoApo
vaabLoBDdpf1wPdOIkiPe9YGhYGYqkxW8IVtveNahK6IZsNWuTP8r0K4GHKIjTFx
yHERt9qPhCe/wpjBVzEOdmKUtAAET26n78Hn1CFe3I+q3LZ3VHw9foxJTpVBZcll
p57z9i0Ctxnqbg==
-----END CERTIFICATE-----