Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
File:                     y_nNJDztaTe2vqVxAoFP-bpCZiE.mft (raw, json)
Hash identifier:          eGXFbPFbNnmTOFlmuocQ9nWFxjX92rWv0fF+qEUnWdM=
Subject key identifier:   DC:C5:27:57:37:6C:F4:B1:C0:BB:96:4A:7A:39:3B:CE:6F:B7:B9:A6
Authority key identifier: CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21
Certificate issuer:       /CN=cbf9cd243ced6937b6bea57102814ff9ba426621
Certificate serial:       019881D4BC6568CFAB8EC315DB8619FC5CBD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
Manifest number:          161B
Signing time:             Thu 07 Aug 2025 00:00:59 +0000
Manifest this update:     Thu 07 Aug 2025 00:00:59 +0000
Manifest next update:     Fri 08 Aug 2025 00:00:59 +0000
Files and hashes:         1: y_nNJDztaTe2vqVxAoFP-bpCZiE.crl (hash: VXhUq5labl4R92UEy+ERDiF808njKFBMO0EG4VtqoQg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:d4:bc:65:68:cf:ab:8e:c3:15:db:86:19:fc:5c:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbf9cd243ced6937b6bea57102814ff9ba426621
        Validity
            Not Before: Aug  7 00:00:59 2025 GMT
            Not After : Aug  8 00:00:59 2025 GMT
        Subject: CN=dcc52757376cf4b1c0bb964a7a393bce6fb7b9a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:5c:f5:0d:5b:69:2c:60:34:4c:c7:ef:6a:f0:
                    26:fd:b5:e4:c3:de:2b:0f:1e:fa:48:58:1b:09:c8:
                    a6:52:eb:f7:be:9b:fc:7e:a2:89:78:a5:b8:d2:0a:
                    1a:a9:6e:3d:38:84:9d:81:d3:a4:e3:78:3e:63:35:
                    87:52:64:70:65:23:4e:a2:09:55:b5:c2:29:fa:a3:
                    04:89:6a:c5:8f:4a:66:3b:06:49:c6:a7:7e:4d:28:
                    64:e5:d9:3c:0e:bd:cd:50:15:4f:16:a1:20:a6:e5:
                    6f:12:d4:5f:ba:c4:78:7f:bb:54:c0:54:2e:48:0b:
                    3b:2d:62:35:41:8c:0c:02:53:ba:b7:c8:74:85:af:
                    cb:7c:8d:61:c3:e0:98:1d:3b:8f:11:1d:42:4a:dd:
                    39:81:13:e7:f4:77:d1:01:e6:80:1b:61:43:b6:71:
                    81:57:94:66:ab:0f:ae:0c:28:ec:0d:b8:62:ef:6e:
                    eb:74:11:9e:a5:78:9d:77:9d:93:b4:0a:39:0d:9f:
                    b3:9c:a0:b3:e7:d2:99:ca:8c:2f:3b:dc:0e:8e:e6:
                    4d:42:01:09:a8:68:56:83:b6:2a:3d:57:1a:21:20:
                    d0:d8:4c:fe:b3:93:58:5b:70:c7:b2:1c:37:52:d3:
                    c1:9a:a1:3f:f3:7e:bc:83:5e:26:88:3a:6c:2c:39:
                    cf:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:C5:27:57:37:6C:F4:B1:C0:BB:96:4A:7A:39:3B:CE:6F:B7:B9:A6
            X509v3 Authority Key Identifier:
                keyid:CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:1d:d1:1c:ab:1f:52:cb:fd:68:b9:fc:7b:34:42:11:2a:7e:
         e4:2a:e3:85:39:f0:cd:92:df:0c:e9:93:c6:82:18:a9:d9:1b:
         aa:f1:d8:66:66:04:f3:a9:96:c5:a3:1f:3b:5f:ad:1a:c6:88:
         a5:a1:2d:81:38:78:9a:67:b1:75:18:c2:d5:10:57:77:c5:8e:
         ef:ce:1b:cd:02:a8:c8:0f:0a:ad:27:85:b1:e8:81:e2:9a:99:
         4b:c4:f1:ce:33:d0:03:c4:d4:1d:6a:af:63:a1:64:d0:ec:9a:
         c0:10:01:54:07:94:a9:c0:f0:fa:89:1c:3c:e7:b9:c9:46:5f:
         16:70:98:6c:fb:6d:15:34:35:3c:24:02:d3:02:bc:fd:08:21:
         23:3e:a4:6a:1e:c0:28:84:90:ad:67:a8:1e:a9:34:0e:13:1d:
         e5:3f:30:83:72:0e:3f:5f:e5:ac:ae:da:19:ac:21:37:c0:94:
         0a:bd:8a:a4:d3:1a:d2:06:90:4e:5c:b6:5f:6c:c3:27:18:ed:
         79:9a:11:f7:c9:67:10:7a:1c:57:29:37:d6:b5:2a:c3:08:f4:
         15:c8:ab:d8:ed:14:38:92:25:99:9a:d5:d3:85:44:e7:ce:b1:
         2c:07:e6:1e:60:58:64:df:14:5c:8b:12:cf:8c:34:35:c4:25:
         06:31:22:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiB1LxlaM+rjsMV24YZ/Fy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjljZDI0M2NlZDY5MzdiNmJlYTU3MTAyODE0ZmY5YmE0
MjY2MjEwHhcNMjUwODA3MDAwMDU5WhcNMjUwODA4MDAwMDU5WjAzMTEwLwYDVQQD
EyhkY2M1Mjc1NzM3NmNmNGIxYzBiYjk2NGE3YTM5M2JjZTZmYjdiOWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lz1DVtpLGA0TMfvavAm/bXkw94r
Dx76SFgbCcimUuv3vpv8fqKJeKW40goaqW49OISdgdOk43g+YzWHUmRwZSNOoglV
tcIp+qMEiWrFj0pmOwZJxqd+TShk5dk8Dr3NUBVPFqEgpuVvEtRfusR4f7tUwFQu
SAs7LWI1QYwMAlO6t8h0ha/LfI1hw+CYHTuPER1CSt05gRPn9HfRAeaAG2FDtnGB
V5Rmqw+uDCjsDbhi727rdBGepXidd52TtAo5DZ+znKCz59KZyowvO9wOjuZNQgEJ
qGhWg7YqPVcaISDQ2Ez+s5NYW3DHshw3UtPBmqE/8368g14miDpsLDnPswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNzFJ1c3bPSxwLuWSno5O85vt7mmMB8GA1UdIwQY
MBaAFMv5zSQ87Wk3tr6lcQKBT/m6QmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQt
MWMxMzI1MGE2YTNjLzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQtMWMxMzI1MGE2YTNj
LzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfB3RHKsf
Usv9aLn8ezRCESp+5CrjhTnwzZLfDOmTxoIYqdkbqvHYZmYE86mWxaMfO1+tGsaI
paEtgTh4mmexdRjC1RBXd8WO784bzQKoyA8KrSeFseiB4pqZS8TxzjPQA8TUHWqv
Y6Fk0OyawBABVAeUqcDw+okcPOe5yUZfFnCYbPttFTQ1PCQC0wK8/QghIz6kah7A
KISQrWeoHqk0DhMd5T8wg3IOP1/lrK7aGawhN8CUCr2KpNMa0gaQTly2X2zDJxjt
eZoR98lnEHocVyk31rUqwwj0Fcir2O0UOJIlmZrV04VE586xLAfmHmBYZN8UXIsS
z4w0NcQlBjEiQQ==
-----END CERTIFICATE-----