Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
File:                     yO91rieylt0KS84TZH2LWJv06cM.mft (raw, json)
Hash identifier:          I/qXoNknsFzbn92acbAwoSz6ImHw0VMurBYSKaTPnIU=
Subject key identifier:   CC:9F:1B:14:62:FC:7A:6F:2C:8E:90:3C:4D:44:AE:98:8A:5D:AF:8A
Authority key identifier: C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3
Certificate issuer:       /CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
Certificate serial:       01968F2814096137E3047947F5643EB17AC4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
Manifest number:          1089
Signing time:             Fri 02 May 2025 04:01:30 +0000
Manifest this update:     Fri 02 May 2025 04:01:30 +0000
Manifest next update:     Sat 03 May 2025 04:01:30 +0000
Files and hashes:         1: yO91rieylt0KS84TZH2LWJv06cM.crl (hash: i6dP31FNdcWbhn0PhfuOK3FWs29wvdw2HMiLEiCMd50=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8f:28:14:09:61:37:e3:04:79:47:f5:64:3e:b1:7a:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
        Validity
            Not Before: May  2 04:01:30 2025 GMT
            Not After : May  3 04:01:30 2025 GMT
        Subject: CN=cc9f1b1462fc7a6f2c8e903c4d44ae988a5daf8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:86:10:b8:93:fd:6b:ab:4c:29:af:28:43:5a:
                    2c:0a:e7:6a:50:93:17:1a:b7:4b:66:b7:05:5f:b3:
                    3c:96:e0:42:79:ad:27:52:6e:db:25:2a:f4:2b:a6:
                    60:2e:c3:a4:14:45:df:fc:21:ab:8c:bf:34:64:f6:
                    36:c8:30:da:f9:3d:f6:f0:86:ec:fe:6c:69:43:1d:
                    5f:e9:40:ac:7c:74:68:51:2e:37:b9:40:c1:4f:81:
                    12:fe:04:f1:a1:d3:97:27:02:8c:a1:18:33:61:dc:
                    6f:7d:7d:6b:61:1d:dd:c0:6c:b1:ca:a2:fc:b8:f5:
                    b4:13:8e:a0:4c:a4:f6:07:48:67:02:02:07:05:a6:
                    62:1d:5e:c1:65:ef:2b:8e:8a:f9:10:d8:53:d6:f4:
                    01:5a:bd:61:11:c9:bb:e1:2e:4c:ff:bf:03:47:d0:
                    01:00:d9:de:1f:35:7c:3d:78:f9:96:56:ee:13:12:
                    e5:91:82:6b:74:8d:6c:7d:fa:6e:9c:42:9b:38:12:
                    ee:cc:07:cc:2c:d8:31:4e:5e:95:42:0f:eb:3f:5a:
                    dd:41:8b:9a:ee:e4:6f:54:ee:fe:a1:28:cc:9f:3b:
                    dc:9b:9e:d6:6b:76:f5:0c:a0:b7:58:69:46:d1:e6:
                    20:2c:88:76:bf:74:ea:a9:ea:fe:d3:84:56:bc:42:
                    29:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:9F:1B:14:62:FC:7A:6F:2C:8E:90:3C:4D:44:AE:98:8A:5D:AF:8A
            X509v3 Authority Key Identifier:
                keyid:C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:b6:11:fd:ca:fe:0b:78:76:c3:bf:82:f0:d3:82:88:d1:03:
         30:88:40:86:37:21:91:b0:a2:ba:06:3f:b7:85:49:74:37:ad:
         3f:47:63:e2:0d:ab:7a:90:03:ff:64:37:0b:98:79:c2:e6:ec:
         6c:63:40:56:61:52:c1:9f:6b:cd:4c:30:44:16:f9:fb:42:58:
         c1:70:bf:d8:10:3f:c8:d2:87:15:49:ef:78:a4:89:0f:43:9d:
         90:61:f0:53:3c:4e:3e:16:b6:32:4e:59:21:e3:a5:17:6e:99:
         f9:86:dd:78:7c:4d:6e:6e:2b:68:f0:db:b2:4d:8e:a8:5d:3e:
         82:14:18:66:8f:c8:7c:39:2e:2e:36:f3:4b:b7:8e:89:00:0d:
         ea:cd:a3:e2:d2:48:c1:0f:a4:6e:89:92:fc:9c:1f:c9:12:8f:
         5f:8f:b3:94:a0:8d:5d:96:c0:85:7e:c8:6c:34:4a:10:97:a5:
         b2:09:62:00:c3:8f:8a:77:0a:e7:30:6e:a2:1e:97:80:12:96:
         da:22:fd:11:bc:32:4d:48:3b:62:bd:03:25:59:fc:d6:e5:ba:
         17:36:0e:1f:6e:71:3c:97:46:ac:a8:27:50:20:e0:8f:4f:b7:
         33:3a:e8:02:43:24:51:f5:37:0f:55:f4:28:26:e8:f8:0e:ac:
         e3:0e:a1:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaPKBQJYTfjBHlH9WQ+sXrEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWY3NWFlMjdiMjk2ZGQwYTRiY2UxMzY0N2Q4YjU4OWJm
NGU5YzMwHhcNMjUwNTAyMDQwMTMwWhcNMjUwNTAzMDQwMTMwWjAzMTEwLwYDVQQD
EyhjYzlmMWIxNDYyZmM3YTZmMmM4ZTkwM2M0ZDQ0YWU5ODhhNWRhZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4YQuJP9a6tMKa8oQ1osCudqUJMX
GrdLZrcFX7M8luBCea0nUm7bJSr0K6ZgLsOkFEXf/CGrjL80ZPY2yDDa+T328Ibs
/mxpQx1f6UCsfHRoUS43uUDBT4ES/gTxodOXJwKMoRgzYdxvfX1rYR3dwGyxyqL8
uPW0E46gTKT2B0hnAgIHBaZiHV7BZe8rjor5ENhT1vQBWr1hEcm74S5M/78DR9AB
ANneHzV8PXj5llbuExLlkYJrdI1sffpunEKbOBLuzAfMLNgxTl6VQg/rP1rdQYua
7uRvVO7+oSjMnzvcm57Wa3b1DKC3WGlG0eYgLIh2v3Tqqer+04RWvEIpVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMyfGxRi/HpvLI6QPE1ErpiKXa+KMB8GA1UdIwQY
MBaAFMjvda4nspbdCkvOE2R9i1ib9OnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYt
NzczNTFkMDg1MGM5LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYtNzczNTFkMDg1MGM5
LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAabYR/cr+
C3h2w7+C8NOCiNEDMIhAhjchkbCiugY/t4VJdDetP0dj4g2repAD/2Q3C5h5wubs
bGNAVmFSwZ9rzUwwRBb5+0JYwXC/2BA/yNKHFUnveKSJD0OdkGHwUzxOPha2Mk5Z
IeOlF26Z+YbdeHxNbm4raPDbsk2OqF0+ghQYZo/IfDkuLjbzS7eOiQAN6s2j4tJI
wQ+kbomS/JwfyRKPX4+zlKCNXZbAhX7IbDRKEJelsgliAMOPincK5zBuoh6XgBKW
2iL9EbwyTUg7Yr0DJVn81uW6FzYOH25xPJdGrKgnUCDgj0+3MzroAkMkUfU3D1X0
KCbo+A6s4w6hbg==
-----END CERTIFICATE-----