Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
File:                     yO91rieylt0KS84TZH2LWJv06cM.mft (raw, json)
Hash identifier:          PoWJGg2njxQpImQS1582XBHCdCD4DGbLA/YjMJ1iBVk=
Subject key identifier:   53:E3:52:6F:56:9A:84:EE:1E:FF:E6:77:B1:14:36:7D:04:40:E4:BE
Authority key identifier: C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3
Certificate issuer:       /CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
Certificate serial:       01978661BDADF02D8858B6BE6980B4AF5E43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
Manifest number:          1109
Signing time:             Thu 19 Jun 2025 04:10:41 +0000
Manifest this update:     Thu 19 Jun 2025 04:10:41 +0000
Manifest next update:     Fri 20 Jun 2025 04:10:41 +0000
Files and hashes:         1: yO91rieylt0KS84TZH2LWJv06cM.crl (hash: 9Dlp4gboSGCF/AbzxjdKJD9TZoUbJmt3IikX548eTao=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 19 Jun 2025 23:47:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:86:61:bd:ad:f0:2d:88:58:b6:be:69:80:b4:af:5e:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
        Validity
            Not Before: Jun 19 04:10:41 2025 GMT
            Not After : Jun 20 04:10:41 2025 GMT
        Subject: CN=53e3526f569a84ee1effe677b114367d0440e4be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:be:ce:1b:ee:66:6a:2b:44:64:a6:32:b5:0d:
                    70:6c:83:22:e9:ca:5b:00:eb:a1:6a:c2:80:dd:12:
                    0c:a7:87:74:87:4b:e5:3e:2e:ea:cb:0c:81:a3:48:
                    9e:89:62:6b:e2:f5:9f:ad:6b:cf:c5:d3:e5:d4:ab:
                    29:8e:12:3a:e1:3c:64:81:cb:fc:a1:36:3e:69:8c:
                    f9:bb:37:48:f9:ad:53:36:28:02:42:bd:0d:3e:b3:
                    30:c2:cf:a4:d0:78:db:c1:10:3c:a7:50:0b:02:c4:
                    cc:2e:e9:2d:e7:1b:13:e0:a7:8d:97:6b:8f:b3:57:
                    fe:49:52:e7:af:dc:39:63:33:c1:47:61:9e:c5:f5:
                    b6:46:3c:3d:8b:5e:fb:a2:44:3d:2e:f2:98:96:f0:
                    c0:2d:13:c3:23:03:6c:68:6d:3c:48:e3:3e:86:eb:
                    c6:51:5c:bf:37:da:1a:d8:38:a2:92:a1:cb:2c:44:
                    0d:e8:7e:4a:a9:16:c5:e3:49:5c:24:72:c2:43:17:
                    82:52:14:5e:3d:38:9f:3a:db:5f:19:c5:ca:5f:82:
                    cc:73:1b:5b:71:f2:54:c7:b9:1c:26:bb:b3:59:ee:
                    64:55:fd:1d:a7:71:31:57:9a:65:4c:84:3f:17:b5:
                    b7:52:5b:04:31:be:61:fe:5c:ce:71:93:82:99:28:
                    15:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:E3:52:6F:56:9A:84:EE:1E:FF:E6:77:B1:14:36:7D:04:40:E4:BE
            X509v3 Authority Key Identifier:
                keyid:C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:f1:76:1e:1e:3b:72:dd:54:d9:d8:a7:17:9e:54:3f:b0:a4:
         39:20:b6:7b:97:10:2c:6a:0c:d3:04:a0:33:aa:e3:a0:17:91:
         8a:b2:e0:3e:47:28:89:21:b9:dd:55:c1:7b:e8:d7:d7:4c:f4:
         44:52:4c:8f:3e:14:de:f2:e3:58:b7:55:3d:6d:a6:4f:be:1c:
         60:8a:68:79:84:05:84:2c:e0:0e:21:0f:79:ea:82:4c:b5:43:
         69:a6:12:50:13:07:77:4d:5e:c5:0a:fd:f9:0b:68:b2:00:3d:
         4e:e6:8e:1d:4f:d1:18:47:29:82:0f:83:14:c4:ff:49:b4:87:
         9e:8c:a2:86:8d:62:d0:ec:30:8b:08:5c:53:af:27:42:fb:2a:
         1f:0b:ba:48:25:93:07:49:51:39:4f:36:27:1e:e7:32:5a:43:
         5c:e7:06:ea:bd:12:2b:ba:cb:92:a9:aa:a5:e7:5a:14:e5:04:
         a1:e4:64:12:8e:b5:15:bc:8d:be:64:ff:fe:aa:fb:35:f5:4e:
         c3:84:d7:c8:47:05:c8:ee:8e:f5:03:df:1f:ff:1b:e1:87:1f:
         04:69:49:f3:af:46:ef:27:92:9f:be:d6:e2:7c:18:bf:72:0e:
         e5:8f:98:59:53:a1:92:ac:ff:3f:79:aa:f2:5f:24:58:11:59:
         62:22:64:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeGYb2t8C2IWLa+aYC0r15DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWY3NWFlMjdiMjk2ZGQwYTRiY2UxMzY0N2Q4YjU4OWJm
NGU5YzMwHhcNMjUwNjE5MDQxMDQxWhcNMjUwNjIwMDQxMDQxWjAzMTEwLwYDVQQD
Eyg1M2UzNTI2ZjU2OWE4NGVlMWVmZmU2NzdiMTE0MzY3ZDA0NDBlNGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb7OG+5maitEZKYytQ1wbIMi6cpb
AOuhasKA3RIMp4d0h0vlPi7qywyBo0ieiWJr4vWfrWvPxdPl1KspjhI64Txkgcv8
oTY+aYz5uzdI+a1TNigCQr0NPrMwws+k0HjbwRA8p1ALAsTMLukt5xsT4KeNl2uP
s1f+SVLnr9w5YzPBR2GexfW2Rjw9i177okQ9LvKYlvDALRPDIwNsaG08SOM+huvG
UVy/N9oa2DiikqHLLEQN6H5KqRbF40lcJHLCQxeCUhRePTifOttfGcXKX4LMcxtb
cfJUx7kcJruzWe5kVf0dp3ExV5plTIQ/F7W3UlsEMb5h/lzOcZOCmSgVvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFPjUm9WmoTuHv/md7EUNn0EQOS+MB8GA1UdIwQY
MBaAFMjvda4nspbdCkvOE2R9i1ib9OnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYt
NzczNTFkMDg1MGM5LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYtNzczNTFkMDg1MGM5
LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAifF2Hh47
ct1U2dinF55UP7CkOSC2e5cQLGoM0wSgM6rjoBeRirLgPkcoiSG53VXBe+jX10z0
RFJMjz4U3vLjWLdVPW2mT74cYIpoeYQFhCzgDiEPeeqCTLVDaaYSUBMHd01exQr9
+QtosgA9TuaOHU/RGEcpgg+DFMT/SbSHnoyiho1i0OwwiwhcU68nQvsqHwu6SCWT
B0lROU82Jx7nMlpDXOcG6r0SK7rLkqmqpedaFOUEoeRkEo61FbyNvmT//qr7NfVO
w4TXyEcFyO6O9QPfH/8b4YcfBGlJ869G7yeSn77W4nwYv3IO5Y+YWVOhkqz/P3mq
8l8kWBFZYiJkSA==
-----END CERTIFICATE-----