Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
File:                     YTChAogFFzqiJUSk67mECskbyNA.mft (raw, json)
Hash identifier:          S2JcpO0Nuh7xoIXrFAR5ygfEFxZpRqGzxMT9a1dV16M=
Subject key identifier:   D0:01:3E:1B:A5:32:CE:CE:8A:FC:4D:A5:0F:EA:29:C0:C7:C6:A9:68
Authority key identifier: 61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0
Certificate issuer:       /CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
Certificate serial:       01988166F44C31C8C6BFB66ED7B56372250C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
Manifest number:          0D7E
Signing time:             Wed 06 Aug 2025 22:01:04 +0000
Manifest this update:     Wed 06 Aug 2025 22:01:04 +0000
Manifest next update:     Thu 07 Aug 2025 22:01:04 +0000
Files and hashes:         1: YTChAogFFzqiJUSk67mECskbyNA.crl (hash: TG42DPxNbxARKp9Dh+kp9yumdkK/D6jkHNzFRDIkYpA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:66:f4:4c:31:c8:c6:bf:b6:6e:d7:b5:63:72:25:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
        Validity
            Not Before: Aug  6 22:01:04 2025 GMT
            Not After : Aug  7 22:01:04 2025 GMT
        Subject: CN=d0013e1ba532cece8afc4da50fea29c0c7c6a968
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:ef:f6:b0:0d:b5:0c:33:e9:36:0e:e0:5d:9f:
                    13:a3:9c:2f:59:ae:83:9f:38:3e:bf:9a:90:b1:cf:
                    62:23:06:dd:9f:b8:58:ad:79:8f:e5:71:63:50:b3:
                    eb:a1:81:38:1f:e3:ee:9c:43:f9:8e:64:47:ba:7c:
                    38:6e:78:d7:d8:c3:81:31:0e:d8:1a:57:0e:09:72:
                    61:a5:b3:69:85:fd:4e:72:89:b8:61:8b:ce:e0:dc:
                    22:c0:95:2f:ee:7f:92:76:bf:fa:1c:94:31:a1:85:
                    c2:a5:94:d7:0f:d5:76:6d:f1:ae:af:5e:44:0d:08:
                    b2:11:b1:25:b3:ef:22:16:0b:4c:67:a3:52:0f:3f:
                    d7:79:e3:46:58:6f:8b:d7:f8:34:ba:20:a9:a1:b3:
                    88:ea:02:d5:e4:fa:9e:b4:4c:29:e6:a7:45:03:42:
                    1c:4d:b2:f6:32:9a:1a:ac:10:99:e7:ee:c7:d6:e0:
                    82:11:bc:ff:22:d3:ed:1c:ef:25:96:c4:f6:42:31:
                    64:1b:71:f8:a1:c7:a7:a1:68:61:74:ef:bb:3a:c0:
                    28:4f:45:d9:03:7c:dc:d6:58:54:e1:24:7f:0d:9e:
                    f9:2b:d6:51:51:c4:a7:c5:2b:59:64:b4:be:fd:32:
                    1f:08:d6:f9:67:1c:03:b2:8f:cf:1c:26:8c:69:d4:
                    91:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:01:3E:1B:A5:32:CE:CE:8A:FC:4D:A5:0F:EA:29:C0:C7:C6:A9:68
            X509v3 Authority Key Identifier:
                keyid:61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:05:7d:be:7f:6c:22:4a:2b:cd:46:ef:bc:f8:86:fb:ac:16:
         34:ab:e5:41:18:d4:8f:05:ba:20:e8:1d:7c:46:a3:68:94:94:
         96:d0:18:b7:93:86:85:a2:84:f5:03:d9:5f:15:9b:c7:67:90:
         6a:ef:3f:a3:40:b0:44:2d:6e:f1:14:b9:54:5d:57:50:67:62:
         2c:1c:fe:db:a4:a2:2a:61:52:b5:d0:bf:e5:de:93:5e:2c:6b:
         37:71:47:b0:95:7a:44:a5:7e:a2:06:c2:67:e3:7a:af:16:01:
         1b:3f:c3:2a:26:b6:04:61:59:2c:3f:12:47:9b:a0:b8:13:dc:
         be:b3:5f:b0:43:50:fc:ca:76:7b:eb:3f:c0:4a:30:be:9d:53:
         3c:ab:40:da:35:fc:1b:bb:57:13:62:c6:8d:fb:40:01:e8:00:
         b7:ab:de:62:10:f3:6f:de:2a:43:77:4a:82:5b:7e:99:56:c0:
         4f:29:6f:23:89:15:72:25:22:8a:de:2d:5d:42:fd:2c:57:7d:
         90:1a:68:80:44:4e:bc:2f:ea:4e:53:d6:17:a8:a1:0d:14:9a:
         84:9d:69:12:ea:71:74:15:1e:d7:d7:34:d4:0a:6c:63:72:e8:
         47:fa:4e:b5:08:f0:ae:b8:92:3e:10:ba:8d:c0:01:11:d9:eb:
         6d:3a:6c:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiBZvRMMcjGv7Zu17VjciUMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzBhMTAyODgwNTE3M2FhMjI1NDRhNGViYjk4NDBhYzkx
YmM4ZDAwHhcNMjUwODA2MjIwMTA0WhcNMjUwODA3MjIwMTA0WjAzMTEwLwYDVQQD
EyhkMDAxM2UxYmE1MzJjZWNlOGFmYzRkYTUwZmVhMjljMGM3YzZhOTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiO/2sA21DDPpNg7gXZ8To5wvWa6D
nzg+v5qQsc9iIwbdn7hYrXmP5XFjULProYE4H+PunEP5jmRHunw4bnjX2MOBMQ7Y
GlcOCXJhpbNphf1Ocom4YYvO4NwiwJUv7n+Sdr/6HJQxoYXCpZTXD9V2bfGur15E
DQiyEbEls+8iFgtMZ6NSDz/XeeNGWG+L1/g0uiCpobOI6gLV5PqetEwp5qdFA0Ic
TbL2MpoarBCZ5+7H1uCCEbz/ItPtHO8llsT2QjFkG3H4ocenoWhhdO+7OsAoT0XZ
A3zc1lhU4SR/DZ75K9ZRUcSnxStZZLS+/TIfCNb5ZxwDso/PHCaMadSRywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNABPhulMs7OivxNpQ/qKcDHxqloMB8GA1UdIwQY
MBaAFGEwoQKIBRc6oiVEpOu5hArJG8jQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAt
YTUzYjVlOTc5MTMxLzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAtYTUzYjVlOTc5MTMx
LzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAewV9vn9s
IkorzUbvvPiG+6wWNKvlQRjUjwW6IOgdfEajaJSUltAYt5OGhaKE9QPZXxWbx2eQ
au8/o0CwRC1u8RS5VF1XUGdiLBz+26SiKmFStdC/5d6TXixrN3FHsJV6RKV+ogbC
Z+N6rxYBGz/DKia2BGFZLD8SR5uguBPcvrNfsENQ/Mp2e+s/wEowvp1TPKtA2jX8
G7tXE2LGjftAAegAt6veYhDzb94qQ3dKglt+mVbATylvI4kVciUiit4tXUL9LFd9
kBpogEROvC/qTlPWF6ihDRSahJ1pEupxdBUe19c01ApsY3LoR/pOtQjwrriSPhC6
jcABEdnrbTpsYw==
-----END CERTIFICATE-----