Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
File:                     kYaHyFQkQhcMxR71MW05Y2CXCNw.mft (raw, json)
Hash identifier:          lO5wpriobzwic6zZa3ePYjyA9agvO5NMdxrc4Kzh/pY=
Subject key identifier:   5C:A1:17:F3:12:6F:7E:50:68:13:50:82:2C:D5:17:92:DE:25:06:07
Authority key identifier: 91:86:87:C8:54:24:42:17:0C:C5:1E:F5:31:6D:39:63:60:97:08:DC
Certificate issuer:       /CN=918687c8542442170cc51ef5316d3963609708dc
Certificate serial:       019896A5BEE20CB8C24AF8D4E9BE779D33C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
Manifest number:          1235
Signing time:             Mon 11 Aug 2025 01:01:41 +0000
Manifest this update:     Mon 11 Aug 2025 01:01:41 +0000
Manifest next update:     Tue 12 Aug 2025 01:01:41 +0000
Files and hashes:         1: kYaHyFQkQhcMxR71MW05Y2CXCNw.crl (hash: 14KuvCvrl50ZypQBrTuOPdp+mh/59t3RzXC01gF50qI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 01:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:a5:be:e2:0c:b8:c2:4a:f8:d4:e9:be:77:9d:33:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=918687c8542442170cc51ef5316d3963609708dc
        Validity
            Not Before: Aug 11 01:01:41 2025 GMT
            Not After : Aug 12 01:01:41 2025 GMT
        Subject: CN=5ca117f3126f7e50681350822cd51792de250607
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:58:cb:74:41:2d:26:82:88:81:c4:23:c6:e5:
                    a8:6b:fa:70:a9:ee:f4:0b:d3:75:7e:b5:5c:87:be:
                    cf:ec:dd:95:92:0d:db:47:91:fd:1b:e6:5e:1c:0e:
                    0f:c7:e4:e3:9d:8c:36:b2:58:3d:b2:eb:9b:48:c4:
                    67:ba:24:9a:e3:ed:63:1f:31:8e:32:64:9c:b7:a1:
                    ad:ee:1f:35:36:0d:15:fa:d6:5f:c8:aa:2a:f4:c2:
                    cf:63:44:f5:0d:c9:9a:13:6b:2f:f1:4e:65:a9:1c:
                    34:85:d5:40:c5:69:40:14:32:fd:b1:f8:21:ae:9a:
                    2a:9a:d2:57:fc:dc:cd:72:ed:f2:be:f0:4c:cf:00:
                    2b:6d:6d:8f:41:07:78:43:05:8b:b6:8a:00:cf:10:
                    18:da:8f:bd:bf:66:7b:47:76:71:c6:04:8b:6c:bb:
                    1b:0d:e4:c3:89:a5:5e:0e:ae:2c:13:25:26:92:5c:
                    d1:03:82:0f:79:a2:79:74:8b:53:6b:16:c4:cb:a9:
                    09:64:0f:30:40:58:41:93:ed:86:b1:6d:52:18:dd:
                    0b:20:50:45:96:c2:08:8a:26:51:47:e6:fb:8f:3d:
                    f7:d8:77:a1:7e:64:01:3b:21:f9:cb:e9:34:6f:0f:
                    05:30:3a:bd:d9:12:67:bb:db:cc:3f:f3:34:b3:7b:
                    c7:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:A1:17:F3:12:6F:7E:50:68:13:50:82:2C:D5:17:92:DE:25:06:07
            X509v3 Authority Key Identifier:
                keyid:91:86:87:C8:54:24:42:17:0C:C5:1E:F5:31:6D:39:63:60:97:08:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:94:b7:4e:12:6d:44:a3:c3:e0:31:a2:d6:b9:19:08:3a:4c:
         38:aa:17:f9:18:41:c6:72:33:c5:69:0f:52:53:07:12:41:37:
         04:48:80:ad:f3:2d:79:20:4e:07:03:0e:0e:e5:17:9a:3f:c1:
         c4:19:7e:d0:6e:d6:de:ac:8e:2d:8b:ad:9d:ff:f6:5c:34:c7:
         cc:b0:19:3a:4e:5c:a6:c3:fd:16:f0:5b:97:81:9a:d4:a5:0b:
         04:41:46:5a:31:32:ef:46:57:57:41:e6:54:41:30:83:d7:1c:
         58:53:1f:5c:3b:c0:5b:7e:14:10:21:76:47:e6:cd:ed:10:21:
         d3:7a:e8:f5:ba:be:8a:0e:81:bf:81:15:66:f8:c9:60:11:15:
         26:79:82:92:14:68:75:1d:5d:6b:51:ff:b0:35:e9:3b:93:5a:
         19:da:46:b9:d2:7b:af:39:e2:e7:47:64:88:ca:87:ed:7f:c3:
         c9:34:f9:d7:b5:6a:e4:69:c2:fb:67:de:ca:b6:84:a9:61:bd:
         9d:b8:53:be:a0:f2:79:d6:a4:64:15:62:b7:68:9a:4d:e0:a4:
         b8:f4:1d:de:02:4a:8c:b5:c4:ba:cf:9d:a4:80:60:19:af:e9:
         da:b7:d2:76:df:4f:b8:c0:15:5e:82:48:a2:bb:89:90:75:40:
         ff:49:6c:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWpb7iDLjCSvjU6b53nTPHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxODY4N2M4NTQyNDQyMTcwY2M1MWVmNTMxNmQzOTYzNjA5
NzA4ZGMwHhcNMjUwODExMDEwMTQxWhcNMjUwODEyMDEwMTQxWjAzMTEwLwYDVQQD
Eyg1Y2ExMTdmMzEyNmY3ZTUwNjgxMzUwODIyY2Q1MTc5MmRlMjUwNjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFjLdEEtJoKIgcQjxuWoa/pwqe70
C9N1frVch77P7N2Vkg3bR5H9G+ZeHA4Px+TjnYw2slg9suubSMRnuiSa4+1jHzGO
MmSct6Gt7h81Ng0V+tZfyKoq9MLPY0T1DcmaE2sv8U5lqRw0hdVAxWlAFDL9sfgh
rpoqmtJX/NzNcu3yvvBMzwArbW2PQQd4QwWLtooAzxAY2o+9v2Z7R3ZxxgSLbLsb
DeTDiaVeDq4sEyUmklzRA4IPeaJ5dItTaxbEy6kJZA8wQFhBk+2GsW1SGN0LIFBF
lsIIiiZRR+b7jz332HehfmQBOyH5y+k0bw8FMDq92RJnu9vMP/M0s3vHlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFyhF/MSb35QaBNQgizVF5LeJQYHMB8GA1UdIwQY
MBaAFJGGh8hUJEIXDMUe9TFtOWNglwjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MzIyNmEtNDI5MS00ZjAzLTliZTMt
ODllMzlhYzFlZDgxLzEva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi84MzIyNmEtNDI5MS00ZjAzLTliZTMtODllMzlhYzFlZDgx
LzEva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFpS3ThJt
RKPD4DGi1rkZCDpMOKoX+RhBxnIzxWkPUlMHEkE3BEiArfMteSBOBwMODuUXmj/B
xBl+0G7W3qyOLYutnf/2XDTHzLAZOk5cpsP9FvBbl4Ga1KULBEFGWjEy70ZXV0Hm
VEEwg9ccWFMfXDvAW34UECF2R+bN7RAh03ro9bq+ig6Bv4EVZvjJYBEVJnmCkhRo
dR1da1H/sDXpO5NaGdpGudJ7rzni50dkiMqH7X/DyTT517Vq5GnC+2feyraEqWG9
nbhTvqDyedakZBVit2iaTeCkuPQd3gJKjLXEus+dpIBgGa/p2rfSdt9PuMAVXoJI
oruJkHVA/0lshw==
-----END CERTIFICATE-----