Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
File:                     yO91rieylt0KS84TZH2LWJv06cM.mft (raw, json)
Hash identifier:          oOrRHkFiGnkIxl3PMs3Brada0TQar8p6zXKN1508bMc=
Subject key identifier:   BA:17:08:8B:65:8F:7C:B4:84:B3:A5:03:3F:29:15:9F:41:B0:02:EC
Authority key identifier: C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3
Certificate issuer:       /CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
Certificate serial:       019892C7EEFFFA8B7CA8B1D132FA289A1AB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
Manifest number:          1194
Signing time:             Sun 10 Aug 2025 07:00:33 +0000
Manifest this update:     Sun 10 Aug 2025 07:00:33 +0000
Manifest next update:     Mon 11 Aug 2025 07:00:33 +0000
Files and hashes:         1: yO91rieylt0KS84TZH2LWJv06cM.crl (hash: Cr+pFG14ohACNwGP3wUrNngyVk8MD66xx0HRwT9suXk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 07:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:92:c7:ee:ff:fa:8b:7c:a8:b1:d1:32:fa:28:9a:1a:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
        Validity
            Not Before: Aug 10 07:00:33 2025 GMT
            Not After : Aug 11 07:00:33 2025 GMT
        Subject: CN=ba17088b658f7cb484b3a5033f29159f41b002ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:8a:e9:4f:3f:55:97:62:38:3c:cf:15:51:de:
                    60:e2:42:6c:23:88:3f:3f:39:ca:fd:75:07:4c:c8:
                    cf:c5:6c:75:17:cd:71:a4:39:df:63:26:18:c3:d8:
                    4c:ca:30:85:4e:8c:ed:c3:33:5c:fe:f2:56:87:55:
                    b1:2d:a7:57:76:d1:6b:2d:cc:b4:95:3b:e5:2b:67:
                    a4:ba:4b:54:20:4b:5f:09:30:3d:7d:a7:3d:3a:5c:
                    24:55:e2:e7:41:d7:58:b1:5b:ff:94:aa:b4:77:95:
                    61:cf:73:e6:e6:f1:32:a1:e0:e7:32:93:ed:de:ca:
                    2e:0f:ce:19:6e:77:d7:10:a6:f3:be:d1:e5:c7:35:
                    a3:d4:02:fb:2a:8c:bf:ee:e6:64:c3:e0:7d:0c:fc:
                    e7:ce:c6:b1:2a:64:e6:21:54:a2:1a:97:30:f7:84:
                    23:54:2f:1a:46:4a:75:74:d2:c7:57:71:6b:98:ef:
                    d2:84:a0:56:c0:23:fc:25:53:df:67:70:ed:23:7a:
                    17:a0:01:e8:af:68:d2:cf:f0:9f:f5:2b:04:6e:f4:
                    ff:54:63:30:47:5f:c9:03:e6:89:4e:b3:0c:3e:f1:
                    2d:99:f4:10:06:6e:d1:8d:ae:4b:52:f8:77:04:61:
                    b7:51:ce:b3:2f:10:86:53:9c:21:02:45:cb:13:7e:
                    82:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:17:08:8B:65:8F:7C:B4:84:B3:A5:03:3F:29:15:9F:41:B0:02:EC
            X509v3 Authority Key Identifier:
                keyid:C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:1c:f0:d4:01:3b:11:a7:5e:78:7b:99:31:9c:eb:e0:e0:41:
         06:4a:57:38:db:25:b9:d6:7f:04:99:4f:e7:99:8e:67:ae:99:
         c4:04:13:6b:19:26:ca:c7:df:a7:08:ea:f7:d4:52:c6:d0:09:
         5c:94:f2:94:e7:99:16:30:cd:06:80:6d:3a:97:01:93:d6:6c:
         3d:e1:e3:e2:09:c6:44:60:23:79:8a:54:0b:33:f0:e5:d0:8f:
         54:ee:32:55:9a:de:1e:a5:01:b5:c9:67:28:53:93:e0:35:ee:
         46:6b:ee:5e:85:9e:7b:e9:c3:eb:53:60:57:f0:06:5d:ae:d1:
         e2:9b:b8:ba:86:58:db:02:c7:1c:b0:21:25:8a:fe:ed:f3:7b:
         09:08:54:f3:b3:b5:d6:1f:86:f1:1c:3c:01:3f:36:53:bc:9d:
         8d:ac:c8:45:7e:2c:b6:7e:96:eb:f5:d0:38:ed:8c:c2:f8:a8:
         bd:99:22:13:80:ae:69:5d:74:82:9c:b8:49:b9:01:9e:1c:7c:
         78:c2:ae:14:7f:54:6a:de:85:14:15:1c:ef:16:dc:9b:59:53:
         6a:53:cb:ec:fc:eb:35:58:05:a8:c0:3f:00:fb:73:6d:e1:48:
         27:80:22:63:30:4c:66:a1:7b:58:4a:3c:4c:0c:69:2f:da:85:
         e3:08:d4:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiSx+7/+ot8qLHRMvoomhqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWY3NWFlMjdiMjk2ZGQwYTRiY2UxMzY0N2Q4YjU4OWJm
NGU5YzMwHhcNMjUwODEwMDcwMDMzWhcNMjUwODExMDcwMDMzWjAzMTEwLwYDVQQD
EyhiYTE3MDg4YjY1OGY3Y2I0ODRiM2E1MDMzZjI5MTU5ZjQxYjAwMmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIrpTz9Vl2I4PM8VUd5g4kJsI4g/
PznK/XUHTMjPxWx1F81xpDnfYyYYw9hMyjCFToztwzNc/vJWh1WxLadXdtFrLcy0
lTvlK2ekuktUIEtfCTA9fac9OlwkVeLnQddYsVv/lKq0d5Vhz3Pm5vEyoeDnMpPt
3souD84ZbnfXEKbzvtHlxzWj1AL7Koy/7uZkw+B9DPznzsaxKmTmIVSiGpcw94Qj
VC8aRkp1dNLHV3FrmO/ShKBWwCP8JVPfZ3DtI3oXoAHor2jSz/Cf9SsEbvT/VGMw
R1/JA+aJTrMMPvEtmfQQBm7Rja5LUvh3BGG3Uc6zLxCGU5whAkXLE36CjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLoXCItlj3y0hLOlAz8pFZ9BsALsMB8GA1UdIwQY
MBaAFMjvda4nspbdCkvOE2R9i1ib9OnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYt
NzczNTFkMDg1MGM5LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYtNzczNTFkMDg1MGM5
LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYxzw1AE7
EadeeHuZMZzr4OBBBkpXONsludZ/BJlP55mOZ66ZxAQTaxkmysffpwjq99RSxtAJ
XJTylOeZFjDNBoBtOpcBk9ZsPeHj4gnGRGAjeYpUCzPw5dCPVO4yVZreHqUBtcln
KFOT4DXuRmvuXoWee+nD61NgV/AGXa7R4pu4uoZY2wLHHLAhJYr+7fN7CQhU87O1
1h+G8Rw8AT82U7ydjazIRX4stn6W6/XQOO2MwviovZkiE4CuaV10gpy4SbkBnhx8
eMKuFH9Uat6FFBUc7xbcm1lTalPL7PzrNVgFqMA/APtzbeFIJ4AiYzBMZqF7WEo8
TAxpL9qF4wjUCg==
-----END CERTIFICATE-----