Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft
File:                     y_sCefzSOo5YPzRauQRyjm0OTGI.mft (raw, json)
Hash identifier:          wkfALMbngZJxiqHEmGTmxI91GrmjUIbx2VLQsM+zJvM=
Subject key identifier:   D4:38:AB:E7:E0:43:1C:82:0D:05:75:E5:87:3A:87:0B:4F:72:98:8D
Authority key identifier: CB:FB:02:79:FC:D2:3A:8E:58:3F:34:5A:B9:04:72:8E:6D:0E:4C:62
Certificate issuer:       /CN=cbfb0279fcd23a8e583f345ab904728e6d0e4c62
Certificate serial:       01988054D43CF45DC96225189C00DAF293E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y_sCefzSOo5YPzRauQRyjm0OTGI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft
Manifest number:          0647
Signing time:             Wed 06 Aug 2025 17:01:39 +0000
Manifest this update:     Wed 06 Aug 2025 17:01:39 +0000
Manifest next update:     Thu 07 Aug 2025 17:01:39 +0000
Files and hashes:         1: y_sCefzSOo5YPzRauQRyjm0OTGI.crl (hash: jm59uH1a9ZpfNjWuSDYTrw4siVD5cYgWxXv2nn4fE3I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y_sCefzSOo5YPzRauQRyjm0OTGI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:80:54:d4:3c:f4:5d:c9:62:25:18:9c:00:da:f2:93:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbfb0279fcd23a8e583f345ab904728e6d0e4c62
        Validity
            Not Before: Aug  6 17:01:39 2025 GMT
            Not After : Aug  7 17:01:39 2025 GMT
        Subject: CN=d438abe7e0431c820d0575e5873a870b4f72988d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:32:a4:6d:a4:cb:f0:21:89:d5:14:23:55:bf:
                    1e:7f:2f:be:6c:31:c8:f2:48:d6:c1:48:18:3e:80:
                    a6:2f:7c:eb:d6:94:ca:6a:26:be:5f:67:6c:bc:f9:
                    40:82:ff:85:2e:b5:39:63:49:da:e9:86:fe:cc:98:
                    95:a2:8f:75:74:5b:09:a9:5a:db:d7:2d:37:77:3f:
                    cf:d6:6d:c0:3d:ba:1d:59:02:40:88:3a:d6:31:13:
                    12:da:c1:0e:80:fd:94:ba:eb:51:a8:f5:f8:b3:3e:
                    8d:21:bb:56:c3:2d:1e:30:4f:ec:cb:2a:8c:d1:a7:
                    77:23:f7:ea:da:98:a3:0b:f7:96:5c:43:ff:d7:d2:
                    eb:bf:87:2c:c6:a6:41:1d:4e:5d:a2:5a:2b:90:6e:
                    20:99:30:3e:d7:52:df:37:e2:a1:d0:50:31:d7:68:
                    74:0e:eb:d1:39:bf:d4:ae:99:0d:3e:77:7b:9b:82:
                    2a:1a:f6:cb:a0:61:78:a7:a9:10:9d:d4:9a:2f:7a:
                    7d:18:2e:61:2c:5b:2e:7c:18:54:48:ae:62:b8:e8:
                    22:8b:8a:42:06:34:31:17:63:29:f4:71:24:92:e3:
                    54:f8:ef:2c:c5:2d:78:df:e6:db:9b:ae:af:0c:84:
                    0e:ec:19:59:51:c6:b4:eb:01:2a:68:b5:ef:df:cb:
                    13:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:38:AB:E7:E0:43:1C:82:0D:05:75:E5:87:3A:87:0B:4F:72:98:8D
            X509v3 Authority Key Identifier:
                keyid:CB:FB:02:79:FC:D2:3A:8E:58:3F:34:5A:B9:04:72:8E:6D:0E:4C:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_sCefzSOo5YPzRauQRyjm0OTGI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:3c:c0:b5:a8:ef:57:96:4a:09:da:3c:63:34:e6:bb:f0:bb:
         d0:fd:90:65:89:17:8e:86:d4:9d:a7:2d:6d:32:ca:d1:31:bf:
         72:ff:82:92:99:d7:1d:31:f8:13:a6:3a:ee:d6:b0:2b:aa:b7:
         99:46:bf:20:b3:10:3d:f9:94:5c:83:2a:5f:8f:c5:c4:03:33:
         54:63:e8:04:54:b1:c8:d6:65:0b:bd:5f:06:8e:73:29:d6:92:
         7a:2a:e6:92:8f:b6:1c:ae:b8:8f:da:77:00:d9:2c:48:40:10:
         08:7f:57:d2:28:c4:d8:58:80:13:a3:85:d9:3c:27:62:c3:f3:
         68:92:39:64:1d:a0:52:ef:dc:ca:64:d5:be:8f:fd:25:82:e0:
         9f:7b:5b:35:7c:e6:fc:b2:75:93:58:b8:73:dd:0b:24:3c:9d:
         d6:3c:a8:87:f1:e5:b5:a8:d5:0c:c9:ac:07:f4:81:f7:b5:9e:
         40:7e:8c:7d:6d:88:d7:94:16:45:d3:81:5a:9f:05:cf:12:c8:
         80:ee:33:13:90:0f:38:78:86:ea:80:e0:79:de:17:e0:df:2c:
         5a:2b:3c:55:29:70:d7:f7:e1:13:0e:d0:d5:92:1f:ae:22:66:
         35:18:8e:db:2e:c5:c9:e3:fb:70:59:d2:65:77:b0:18:d4:ec:
         06:2a:12:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiAVNQ89F3JYiUYnADa8pPoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZmIwMjc5ZmNkMjNhOGU1ODNmMzQ1YWI5MDQ3MjhlNmQw
ZTRjNjIwHhcNMjUwODA2MTcwMTM5WhcNMjUwODA3MTcwMTM5WjAzMTEwLwYDVQQD
EyhkNDM4YWJlN2UwNDMxYzgyMGQwNTc1ZTU4NzNhODcwYjRmNzI5ODhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3zKkbaTL8CGJ1RQjVb8efy++bDHI
8kjWwUgYPoCmL3zr1pTKaia+X2dsvPlAgv+FLrU5Y0na6Yb+zJiVoo91dFsJqVrb
1y03dz/P1m3APbodWQJAiDrWMRMS2sEOgP2UuutRqPX4sz6NIbtWwy0eME/syyqM
0ad3I/fq2pijC/eWXEP/19Lrv4csxqZBHU5dolorkG4gmTA+11LfN+Kh0FAx12h0
DuvROb/UrpkNPnd7m4IqGvbLoGF4p6kQndSaL3p9GC5hLFsufBhUSK5iuOgii4pC
BjQxF2Mp9HEkkuNU+O8sxS143+bbm66vDIQO7BlZUca06wEqaLXv38sT4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQ4q+fgQxyCDQV15Yc6hwtPcpiNMB8GA1UdIwQY
MBaAFMv7Ann80jqOWD80WrkEco5tDkxiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9zQ2VmelNPbzVZUHpSYXVRUnlqbTBPVEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi85Njc3YjEtZDQzZS00NjZlLTliZjgt
ODBmODIwMjcxNGRhLzEveV9zQ2VmelNPbzVZUHpSYXVRUnlqbTBPVEdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi85Njc3YjEtZDQzZS00NjZlLTliZjgtODBmODIwMjcxNGRh
LzEveV9zQ2VmelNPbzVZUHpSYXVRUnlqbTBPVEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoDzAtajv
V5ZKCdo8YzTmu/C70P2QZYkXjobUnactbTLK0TG/cv+CkpnXHTH4E6Y67tawK6q3
mUa/ILMQPfmUXIMqX4/FxAMzVGPoBFSxyNZlC71fBo5zKdaSeirmko+2HK64j9p3
ANksSEAQCH9X0ijE2FiAE6OF2TwnYsPzaJI5ZB2gUu/cymTVvo/9JYLgn3tbNXzm
/LJ1k1i4c90LJDyd1jyoh/HltajVDMmsB/SB97WeQH6MfW2I15QWRdOBWp8FzxLI
gO4zE5APOHiG6oDged4X4N8sWis8VSlw1/fhEw7Q1ZIfriJmNRiO2y7FyeP7cFnS
ZXewGNTsBioS9w==
-----END CERTIFICATE-----