Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
File:                     y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft (raw, json)
Hash identifier:          rrSI1HztVHq41B09TA3IQkxh0ZqOH26tJ1nO0omehFQ=
Subject key identifier:   F6:88:A2:61:C7:73:92:AC:C0:B2:C5:92:10:B2:5C:B5:7E:CD:3D:41
Authority key identifier: CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42
Certificate issuer:       /CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
Certificate serial:       019889211D059C9F5502FE68B19657E25E71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
Manifest number:          161E
Signing time:             Fri 08 Aug 2025 10:01:45 +0000
Manifest this update:     Fri 08 Aug 2025 10:01:45 +0000
Manifest next update:     Sat 09 Aug 2025 10:01:45 +0000
Files and hashes:         1: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl (hash: FY6yEMiztNVaFJBcFhkVTEn9JvMQ0uqBki6w2EyupDU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 10:01:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:89:21:1d:05:9c:9f:55:02:fe:68:b1:96:57:e2:5e:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
        Validity
            Not Before: Aug  8 10:01:45 2025 GMT
            Not After : Aug  9 10:01:45 2025 GMT
        Subject: CN=f688a261c77392acc0b2c59210b25cb57ecd3d41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:68:92:87:fa:dc:a2:d4:54:a3:12:0a:79:30:
                    22:9c:67:3a:95:1d:fa:d8:e3:f0:89:e5:c2:33:05:
                    11:4f:05:bb:61:cb:ff:15:7a:6a:04:d8:9a:51:b1:
                    ed:a2:cc:8a:9f:b3:81:2f:bd:22:83:a9:55:8f:45:
                    4d:2b:35:46:4d:15:1a:b1:f9:d8:24:82:1f:41:77:
                    3e:0a:a5:fa:ac:73:29:0f:d0:95:46:ac:b6:3c:bd:
                    6c:60:94:92:b5:39:4a:00:de:7a:aa:de:73:e1:35:
                    59:ae:c5:d8:53:09:5e:cf:ab:08:8f:d4:2c:2a:2e:
                    b0:a0:e9:4d:9e:32:17:df:6f:2c:1b:a2:f4:a1:55:
                    7b:be:58:cb:e8:11:50:80:d4:1c:89:1d:78:9f:24:
                    e6:5a:89:8e:ab:31:4b:d2:16:3f:aa:8e:35:c8:82:
                    bd:05:49:c5:60:3e:a6:03:d1:63:e9:dc:c7:54:5b:
                    ac:82:1c:c5:ee:c7:37:1b:d1:75:b9:28:4e:0c:fe:
                    06:af:44:f8:46:a5:aa:d7:55:45:43:95:d5:58:bb:
                    7e:10:f7:ac:0e:32:5f:bf:dc:92:96:fb:50:de:d1:
                    47:b2:b2:d5:b2:1e:e8:60:71:50:bd:73:33:ad:e1:
                    53:5c:3c:0b:93:8d:53:59:42:6e:67:ec:16:d0:67:
                    66:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:88:A2:61:C7:73:92:AC:C0:B2:C5:92:10:B2:5C:B5:7E:CD:3D:41
            X509v3 Authority Key Identifier:
                keyid:CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:0f:73:bb:14:24:a4:f6:35:1c:a1:c1:36:68:ac:0d:69:a7:
         6c:c1:0b:e1:9a:72:d0:bb:8b:53:8d:b5:23:b4:06:8e:9d:24:
         18:09:e2:6e:4e:29:a5:16:06:d6:79:9e:45:c9:11:96:3a:2c:
         9f:0c:eb:4d:60:61:6c:47:5f:3d:db:d3:b9:3d:9c:2a:13:36:
         52:cb:f4:d4:03:4f:89:df:b9:74:96:47:1a:60:e6:59:61:5d:
         1c:ba:23:07:75:5b:29:1c:47:d5:46:af:45:43:42:43:18:fa:
         ce:7b:1c:5b:93:ad:68:e8:de:06:f8:cd:fd:f5:da:fc:26:6c:
         bf:af:c9:ff:4c:81:bf:ac:1a:06:03:47:a4:9b:96:52:ac:fe:
         b3:9b:5b:19:96:46:ab:3d:05:39:f8:20:80:94:39:7d:64:f2:
         b6:c3:a3:58:a4:14:77:83:fb:f6:e1:c5:15:18:90:3a:e2:24:
         ef:14:5c:05:04:80:fc:34:c5:aa:68:1e:b7:36:f5:a9:47:61:
         4f:a7:6d:1c:8a:c1:ab:9f:ad:07:c7:d9:e2:3c:61:1c:e8:e3:
         b1:74:46:13:93:7f:f1:46:de:47:45:08:da:85:bc:52:59:30:
         d9:44:00:6c:24:10:10:7b:c0:e9:4f:34:ee:a2:45:0d:4e:32:
         04:26:8a:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiJIR0FnJ9VAv5osZZX4l5xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYzJlYmRhM2FiMDg1MTBlYmU5YTEwZTYwYmUyMzE2MDIy
OGE5NDIwHhcNMjUwODA4MTAwMTQ1WhcNMjUwODA5MTAwMTQ1WjAzMTEwLwYDVQQD
EyhmNjg4YTI2MWM3NzM5MmFjYzBiMmM1OTIxMGIyNWNiNTdlY2QzZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmiSh/rcotRUoxIKeTAinGc6lR36
2OPwieXCMwURTwW7Ycv/FXpqBNiaUbHtosyKn7OBL70ig6lVj0VNKzVGTRUasfnY
JIIfQXc+CqX6rHMpD9CVRqy2PL1sYJSStTlKAN56qt5z4TVZrsXYUwlez6sIj9Qs
Ki6woOlNnjIX328sG6L0oVV7vljL6BFQgNQciR14nyTmWomOqzFL0hY/qo41yIK9
BUnFYD6mA9Fj6dzHVFusghzF7sc3G9F1uShODP4Gr0T4RqWq11VFQ5XVWLt+EPes
DjJfv9ySlvtQ3tFHsrLVsh7oYHFQvXMzreFTXDwLk41TWUJuZ+wW0Gdm1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPaIomHHc5KswLLFkhCyXLV+zT1BMB8GA1UdIwQY
MBaAFMvC69o6sIUQ6+mhDmC+IxYCKKlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2Et
NzQ2MzgxNWEzZjRlLzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2EtNzQ2MzgxNWEzZjRl
LzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnw9zuxQk
pPY1HKHBNmisDWmnbMEL4Zpy0LuLU421I7QGjp0kGAnibk4ppRYG1nmeRckRljos
nwzrTWBhbEdfPdvTuT2cKhM2Usv01ANPid+5dJZHGmDmWWFdHLojB3VbKRxH1Uav
RUNCQxj6znscW5OtaOjeBvjN/fXa/CZsv6/J/0yBv6waBgNHpJuWUqz+s5tbGZZG
qz0FOfgggJQ5fWTytsOjWKQUd4P79uHFFRiQOuIk7xRcBQSA/DTFqmgetzb1qUdh
T6dtHIrBq5+tB8fZ4jxhHOjjsXRGE5N/8UbeR0UI2oW8Ulkw2UQAbCQQEHvA6U80
7qJFDU4yBCaKTQ==
-----END CERTIFICATE-----