Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft
File:                     2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft (raw, json)
Hash identifier:          SJv/Hts4wGPoDRLQTgssJl/p9YN3JE0oTW9nHK02xFA=
Subject key identifier:   66:C4:68:F2:FE:C0:5B:C7:5A:96:C7:D8:45:52:11:2B:89:FC:67:7C
Authority key identifier: D9:8F:FA:04:5B:35:B1:6D:C9:94:19:E3:E0:E6:E1:6E:6E:DB:47:E9
Certificate issuer:       /CN=d98ffa045b35b16dc99419e3e0e6e16e6edb47e9
Certificate serial:       0198D54E277081AFADB9DD7FFDE913B716BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft
Manifest number:          136B
Signing time:             Sat 23 Aug 2025 05:02:05 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:05 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:05 +0000
Files and hashes:         1: 2Y_6BFs1sW3JlBnj4Obhbm7bR-k.crl (hash: VDAhqDg5nBoK2gR9jdvKUq0syf5d1gGLEhYlq3mWACY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:27:70:81:af:ad:b9:dd:7f:fd:e9:13:b7:16:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d98ffa045b35b16dc99419e3e0e6e16e6edb47e9
        Validity
            Not Before: Aug 23 05:02:05 2025 GMT
            Not After : Aug 24 05:02:05 2025 GMT
        Subject: CN=66c468f2fec05bc75a96c7d84552112b89fc677c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:9f:fd:db:7c:73:a0:62:67:f4:38:11:6f:15:
                    0f:e2:88:64:58:ee:08:c2:ab:8a:a8:52:13:f4:db:
                    6c:27:a9:b7:5a:43:66:e7:f2:ac:5d:e7:36:9a:bb:
                    e5:8c:52:8e:76:6f:6b:76:11:08:95:2a:5f:a3:66:
                    3c:a3:eb:e5:d5:c6:41:91:ff:bc:37:4e:94:0a:65:
                    b1:f1:81:2c:84:f4:5c:ef:ee:51:b0:7d:24:cb:a7:
                    71:69:15:2a:1c:af:fe:78:34:5c:4f:af:5b:40:70:
                    f8:62:52:d3:0f:e3:f3:cb:15:d9:e1:77:4f:cd:30:
                    df:4c:90:43:01:94:06:37:08:e5:6a:d0:85:52:5b:
                    25:d3:dd:fb:1a:c7:01:0b:3d:19:7d:9d:21:92:99:
                    4e:59:ed:66:30:48:0c:51:76:e9:b1:57:e4:08:21:
                    3b:66:d0:49:92:3e:80:53:33:8a:43:a6:2b:d8:08:
                    a9:47:c3:a4:80:6d:e8:d1:af:6e:04:2b:4c:87:9d:
                    6c:79:17:db:b0:96:62:83:62:7a:7f:2a:b9:f8:a6:
                    5f:75:92:73:66:b7:d1:f2:27:9c:92:6b:96:4f:34:
                    46:f5:18:93:93:2b:e9:8d:2b:01:3f:12:81:e7:ed:
                    d5:70:2a:2a:13:3d:f0:06:01:dc:1d:e7:55:eb:5d:
                    e1:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:C4:68:F2:FE:C0:5B:C7:5A:96:C7:D8:45:52:11:2B:89:FC:67:7C
            X509v3 Authority Key Identifier:
                keyid:D9:8F:FA:04:5B:35:B1:6D:C9:94:19:E3:E0:E6:E1:6E:6E:DB:47:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:fa:34:c8:57:e9:6a:0d:1b:2d:3d:cc:5a:28:af:9f:56:ae:
         c4:b3:14:c2:99:0e:f0:38:99:17:45:bc:ae:65:45:38:5f:d2:
         6d:e8:e1:e3:97:31:14:5c:1f:8a:30:d5:48:8b:17:4c:f9:aa:
         8b:73:02:89:cb:27:7b:05:14:2e:2a:eb:ba:37:52:55:b7:ce:
         53:c8:fd:21:7e:1b:2c:11:3e:35:b1:7f:00:99:50:2a:b6:35:
         1f:d9:a2:4a:75:ee:8a:81:5b:f1:33:82:0d:3c:11:58:bb:2d:
         fc:cd:f1:83:08:5f:e8:b9:40:4c:a3:3b:87:8e:1f:f4:3d:a4:
         90:d6:5d:67:48:77:8a:e0:38:f9:aa:3f:80:f4:cc:1d:11:d5:
         93:9a:45:a3:f1:9a:f4:7e:e6:77:8e:e1:57:37:63:1a:53:90:
         57:fc:98:6e:2d:04:7f:33:94:5a:33:2a:a5:a0:ba:1e:d5:96:
         26:89:6c:d7:2a:9c:6d:b3:06:02:59:b3:aa:ea:42:2d:0e:80:
         32:91:0f:4d:ad:fa:42:35:d9:01:98:0d:4b:ff:7b:5b:8d:78:
         17:67:a4:5b:7f:56:0c:e7:75:51:87:f9:80:d7:7b:8d:36:2f:
         b7:ca:e7:f5:d1:d6:57:92:27:74:83:94:2d:64:c9:a1:19:6f:
         3d:e3:94:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTidwga+tud1//ekTtxa7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OGZmYTA0NWIzNWIxNmRjOTk0MTllM2UwZTZlMTZlNmVk
YjQ3ZTkwHhcNMjUwODIzMDUwMjA1WhcNMjUwODI0MDUwMjA1WjAzMTEwLwYDVQQD
Eyg2NmM0NjhmMmZlYzA1YmM3NWE5NmM3ZDg0NTUyMTEyYjg5ZmM2NzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZ/923xzoGJn9DgRbxUP4ohkWO4I
wquKqFIT9NtsJ6m3WkNm5/KsXec2mrvljFKOdm9rdhEIlSpfo2Y8o+vl1cZBkf+8
N06UCmWx8YEshPRc7+5RsH0ky6dxaRUqHK/+eDRcT69bQHD4YlLTD+PzyxXZ4XdP
zTDfTJBDAZQGNwjlatCFUlsl0937GscBCz0ZfZ0hkplOWe1mMEgMUXbpsVfkCCE7
ZtBJkj6AUzOKQ6Yr2AipR8OkgG3o0a9uBCtMh51seRfbsJZig2J6fyq5+KZfdZJz
ZrfR8ieckmuWTzRG9RiTkyvpjSsBPxKB5+3VcCoqEz3wBgHcHedV613htwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbEaPL+wFvHWpbH2EVSESuJ/Gd8MB8GA1UdIwQY
MBaAFNmP+gRbNbFtyZQZ4+Dm4W5u20fpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMllfNkJGczFzVzNKbEJuajRPYmhibTdiUi1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84MTQxMTUtMDk5My00YTFmLWFlMTAt
ZWUyNWQyYzViNDEwLzEvMllfNkJGczFzVzNKbEJuajRPYmhibTdiUi1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC84MTQxMTUtMDk5My00YTFmLWFlMTAtZWUyNWQyYzViNDEw
LzEvMllfNkJGczFzVzNKbEJuajRPYmhibTdiUi1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArvo0yFfp
ag0bLT3MWiivn1auxLMUwpkO8DiZF0W8rmVFOF/Sbejh45cxFFwfijDVSIsXTPmq
i3MCicsnewUULirrujdSVbfOU8j9IX4bLBE+NbF/AJlQKrY1H9miSnXuioFb8TOC
DTwRWLst/M3xgwhf6LlATKM7h44f9D2kkNZdZ0h3iuA4+ao/gPTMHRHVk5pFo/Ga
9H7md47hVzdjGlOQV/yYbi0EfzOUWjMqpaC6HtWWJols1yqcbbMGAlmzqupCLQ6A
MpEPTa36QjXZAZgNS/97W414F2ekW39WDOd1UYf5gNd7jTYvt8rn9dHWV5IndIOU
LWTJoRlvPeOUfQ==
-----END CERTIFICATE-----