Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.mft
File:                     kyZYOBNEfHvd61oBwydNjkHDAaI.mft (raw, json)
Hash identifier:          jMJapMeRrDBdSQQAJVsanm/met+6vRrWvu1zij7bJh4=
Subject key identifier:   52:B3:4E:BC:96:23:28:4F:8B:9E:8B:5B:30:E0:FB:75:C9:89:61:34
Authority key identifier: 93:26:58:38:13:44:7C:7B:DD:EB:5A:01:C3:27:4D:8E:41:C3:01:A2
Certificate issuer:       /CN=9326583813447c7bddeb5a01c3274d8e41c301a2
Certificate serial:       01987450AFA0EB3F402DFC2CBB74B5055ADA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kyZYOBNEfHvd61oBwydNjkHDAaI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.mft
Manifest number:          10DE
Signing time:             Mon 04 Aug 2025 09:01:41 +0000
Manifest this update:     Mon 04 Aug 2025 09:01:41 +0000
Manifest next update:     Tue 05 Aug 2025 09:01:41 +0000
Files and hashes:         1: kyZYOBNEfHvd61oBwydNjkHDAaI.crl (hash: DaRa0yYPt/3KxGY/KPjsw6gVq0CIRwRU6VPpDLlAf+k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kyZYOBNEfHvd61oBwydNjkHDAaI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 09:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:af:a0:eb:3f:40:2d:fc:2c:bb:74:b5:05:5a:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9326583813447c7bddeb5a01c3274d8e41c301a2
        Validity
            Not Before: Aug  4 09:01:41 2025 GMT
            Not After : Aug  5 09:01:41 2025 GMT
        Subject: CN=52b34ebc9623284f8b9e8b5b30e0fb75c9896134
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:6c:85:7f:64:68:09:c8:89:67:4b:c8:8a:79:
                    80:51:ad:66:84:66:6d:aa:25:a3:35:89:e1:1a:ee:
                    28:c5:7d:ce:bd:30:c0:f6:2d:6b:f1:7b:5d:4b:62:
                    75:1c:e0:73:4a:e4:94:f1:b4:7a:f6:80:cb:05:f0:
                    03:fc:f6:2e:06:0a:ff:f3:90:21:de:b6:7e:51:39:
                    6f:18:fd:49:ef:e6:32:4c:1e:07:d5:46:f1:9f:36:
                    9a:fc:e0:6c:3d:45:1a:df:b4:7d:28:6f:98:28:75:
                    6a:fd:7d:54:3a:ea:9b:78:94:31:c5:66:bd:73:7d:
                    d6:a4:ee:53:5f:af:d9:14:78:74:7a:bd:01:b4:27:
                    29:bb:2b:fd:96:99:3d:b9:b6:30:f4:52:0a:a7:c5:
                    ac:c6:e4:b4:10:62:69:26:95:c0:9c:67:80:d9:78:
                    9e:5a:2f:29:1a:51:06:5d:59:87:09:30:ac:5a:70:
                    e1:1f:99:96:08:8e:a7:2d:61:6a:2a:68:81:ca:da:
                    2e:d5:78:cb:23:c9:52:29:81:b0:e3:61:a0:7e:28:
                    5d:d7:4c:07:10:03:f4:0b:3d:86:1a:b1:1a:19:da:
                    41:7f:72:66:b0:05:08:7a:39:4e:52:9c:1a:02:7a:
                    e0:97:ed:ea:f4:05:f6:03:47:88:cb:f5:6c:f0:79:
                    78:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:B3:4E:BC:96:23:28:4F:8B:9E:8B:5B:30:E0:FB:75:C9:89:61:34
            X509v3 Authority Key Identifier:
                keyid:93:26:58:38:13:44:7C:7B:DD:EB:5A:01:C3:27:4D:8E:41:C3:01:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyZYOBNEfHvd61oBwydNjkHDAaI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:46:3e:84:9f:69:6b:12:cd:92:b0:4b:e7:f2:11:a5:93:e1:
         08:e9:bd:7d:6a:4f:2e:bb:1f:88:49:6e:88:99:82:a7:5a:3b:
         7f:ed:e5:59:9e:50:c2:fd:ef:35:12:51:1e:b3:97:8f:c4:4c:
         64:25:21:4d:f1:a1:4c:30:2f:c0:41:6d:28:a4:3f:7f:b5:9c:
         bc:d8:a8:4e:9e:03:5c:fc:bb:08:32:6b:b4:b4:7e:58:0d:7b:
         9e:4f:f5:39:ac:d9:15:dd:c7:05:22:22:ca:e3:c6:75:a4:6c:
         8f:a9:40:f9:34:65:0e:65:92:9b:c6:3c:31:4d:cd:6d:72:e9:
         d4:3e:0f:aa:b8:04:25:5e:7c:e3:51:d1:09:55:48:04:f7:fc:
         90:c9:a0:25:22:a7:14:35:fd:e5:fe:de:e2:32:e7:40:59:62:
         86:96:4e:31:3a:83:ed:fd:50:3d:f5:14:54:8f:ba:23:af:52:
         cc:d0:21:d6:e5:56:30:7f:b1:f3:c3:fb:76:5c:37:b9:f2:05:
         3c:90:e0:4d:b6:fd:70:56:7d:47:fa:86:29:8b:76:c0:e3:5a:
         cc:56:55:be:91:9b:ea:17:17:36:66:6e:e1:c1:ae:03:1e:19:
         51:ec:0c:2f:2b:5f:6c:69:a2:dc:fb:80:4d:ee:79:10:d6:d1:
         df:71:6f:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UK+g6z9ALfwsu3S1BVraMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjY1ODM4MTM0NDdjN2JkZGViNWEwMWMzMjc0ZDhlNDFj
MzAxYTIwHhcNMjUwODA0MDkwMTQxWhcNMjUwODA1MDkwMTQxWjAzMTEwLwYDVQQD
Eyg1MmIzNGViYzk2MjMyODRmOGI5ZThiNWIzMGUwZmI3NWM5ODk2MTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumyFf2RoCciJZ0vIinmAUa1mhGZt
qiWjNYnhGu4oxX3OvTDA9i1r8XtdS2J1HOBzSuSU8bR69oDLBfAD/PYuBgr/85Ah
3rZ+UTlvGP1J7+YyTB4H1Ubxnzaa/OBsPUUa37R9KG+YKHVq/X1UOuqbeJQxxWa9
c33WpO5TX6/ZFHh0er0BtCcpuyv9lpk9ubYw9FIKp8WsxuS0EGJpJpXAnGeA2Xie
Wi8pGlEGXVmHCTCsWnDhH5mWCI6nLWFqKmiBytou1XjLI8lSKYGw42Ggfihd10wH
EAP0Cz2GGrEaGdpBf3JmsAUIejlOUpwaAnrgl+3q9AX2A0eIy/Vs8Hl4sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFKzTryWIyhPi56LWzDg+3XJiWE0MB8GA1UdIwQY
MBaAFJMmWDgTRHx73etaAcMnTY5BwwGiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3laWU9CTkVmSHZkNjFvQnd5ZE5qa0hEQWFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81ZGVjMDYtOGIxYi00Yzc2LWE1NGMt
NjliNGI0ZmI5ZDEyLzEva3laWU9CTkVmSHZkNjFvQnd5ZE5qa0hEQWFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81ZGVjMDYtOGIxYi00Yzc2LWE1NGMtNjliNGI0ZmI5ZDEy
LzEva3laWU9CTkVmSHZkNjFvQnd5ZE5qa0hEQWFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuEY+hJ9p
axLNkrBL5/IRpZPhCOm9fWpPLrsfiEluiJmCp1o7f+3lWZ5Qwv3vNRJRHrOXj8RM
ZCUhTfGhTDAvwEFtKKQ/f7WcvNioTp4DXPy7CDJrtLR+WA17nk/1OazZFd3HBSIi
yuPGdaRsj6lA+TRlDmWSm8Y8MU3NbXLp1D4PqrgEJV5841HRCVVIBPf8kMmgJSKn
FDX95f7e4jLnQFlihpZOMTqD7f1QPfUUVI+6I69SzNAh1uVWMH+x88P7dlw3ufIF
PJDgTbb9cFZ9R/qGKYt2wONazFZVvpGb6hcXNmZu4cGuAx4ZUewMLytfbGmi3PuA
Te55ENbR33Fvjg==
-----END CERTIFICATE-----