Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
File:                     YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft (raw, json)
Hash identifier:          vL817iYZLgz+2mcl4YShxeoAyP3ZOOj9kq2LVIMnXBI=
Subject key identifier:   C3:DD:7A:AB:78:FF:4D:93:F2:EC:71:93:1F:56:82:3B:66:48:B6:A0
Authority key identifier: 60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30
Certificate issuer:       /CN=6062b21fb6655b897923e29d6fcb644ab10ac530
Certificate serial:       01988BEA3492678329E2AB8222875F01FAC2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
Manifest number:          1620
Signing time:             Fri 08 Aug 2025 23:00:38 +0000
Manifest this update:     Fri 08 Aug 2025 23:00:38 +0000
Manifest next update:     Sat 09 Aug 2025 23:00:38 +0000
Files and hashes:         1: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl (hash: 0/1W54RXlMW51rnzJn8+CVJ7oBwKXgTUtJzO35o/7x8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:ea:34:92:67:83:29:e2:ab:82:22:87:5f:01:fa:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6062b21fb6655b897923e29d6fcb644ab10ac530
        Validity
            Not Before: Aug  8 23:00:38 2025 GMT
            Not After : Aug  9 23:00:38 2025 GMT
        Subject: CN=c3dd7aab78ff4d93f2ec71931f56823b6648b6a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:1b:c9:8b:e7:b8:a7:99:d5:ff:63:65:39:5e:
                    da:d0:eb:59:4e:ba:ed:69:45:d9:73:6b:ff:a6:cd:
                    d9:52:aa:4f:de:73:a0:bd:f6:97:9d:58:43:e6:55:
                    7b:f1:b8:93:e7:b4:f7:32:4c:db:03:76:02:c8:b0:
                    c0:90:ac:59:7d:c6:1e:c3:c5:75:27:34:c9:1c:4d:
                    56:ed:46:b9:4a:c1:bc:6a:2b:23:3e:7f:62:ca:2d:
                    56:75:9a:58:f5:78:be:9f:12:d4:fc:2a:6f:42:30:
                    0b:19:6b:f0:a0:e3:f8:06:27:7a:fb:83:46:38:3e:
                    e5:fc:7f:ce:88:c9:f9:9b:0b:48:a2:38:1f:3b:db:
                    50:b7:a7:dc:b7:e3:2f:51:ca:9d:49:96:38:a8:45:
                    8d:c3:f2:e2:f7:17:18:70:c7:59:ad:70:ca:9d:95:
                    d5:2f:f2:7d:c8:90:73:af:0c:6d:e8:37:5e:52:85:
                    0f:49:a9:bf:ae:4f:7a:3e:45:e1:12:23:ea:93:9d:
                    fc:5a:02:3c:ce:4f:53:0f:2f:9c:80:26:dd:b3:1b:
                    fd:56:9b:37:1f:c5:22:35:35:ed:e3:dc:96:c3:38:
                    7b:9b:b7:fe:67:cc:20:89:a7:e4:0d:e7:b0:62:e8:
                    bb:e4:70:ce:0e:eb:31:be:19:7f:47:f7:c8:f8:18:
                    88:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:DD:7A:AB:78:FF:4D:93:F2:EC:71:93:1F:56:82:3B:66:48:B6:A0
            X509v3 Authority Key Identifier:
                keyid:60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:f2:2b:be:7f:f1:21:2a:f2:e8:c7:01:dc:24:11:96:83:94:
         32:52:ae:1c:f2:01:a3:ab:86:31:39:e3:ac:1a:b2:d9:63:7d:
         9c:0f:ba:17:ed:8a:fc:7b:24:31:bc:e7:5d:f9:29:c3:bc:9b:
         cf:f2:36:ef:37:bd:a4:a8:d1:2d:81:de:e3:6d:c9:46:ba:95:
         cb:30:e2:21:26:e2:77:9f:7c:d8:95:06:49:58:c0:be:75:ca:
         5e:c0:1d:5a:bd:cb:8f:63:5e:7b:9f:15:70:03:0d:e5:b0:79:
         d1:91:81:54:1a:a4:bb:4d:e5:2e:f0:37:cc:3e:a0:10:21:5d:
         8f:8c:4c:d0:18:46:4f:13:cd:3d:92:1f:c0:8c:d7:c1:c2:53:
         1e:e9:53:aa:57:0c:1a:66:99:7d:56:e9:77:c1:55:5e:0c:34:
         92:07:b9:af:05:70:4e:22:f8:bd:2e:39:1b:78:8b:b5:a7:8b:
         9e:5a:ec:3a:81:75:62:d5:43:9c:fa:3d:69:7a:e3:72:27:47:
         de:79:60:ee:50:97:a8:d1:e5:d7:d7:6f:68:c7:83:4b:05:34:
         85:f1:6d:3f:16:a2:e9:0a:30:87:5a:d4:7d:23:39:5c:a2:3c:
         1f:08:35:88:aa:3d:65:dd:1f:be:5c:75:38:f7:c5:6d:a2:35:
         47:10:f2:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiL6jSSZ4Mp4quCIodfAfrCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjJiMjFmYjY2NTViODk3OTIzZTI5ZDZmY2I2NDRhYjEw
YWM1MzAwHhcNMjUwODA4MjMwMDM4WhcNMjUwODA5MjMwMDM4WjAzMTEwLwYDVQQD
EyhjM2RkN2FhYjc4ZmY0ZDkzZjJlYzcxOTMxZjU2ODIzYjY2NDhiNmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhvJi+e4p5nV/2NlOV7a0OtZTrrt
aUXZc2v/ps3ZUqpP3nOgvfaXnVhD5lV78biT57T3MkzbA3YCyLDAkKxZfcYew8V1
JzTJHE1W7Ua5SsG8aisjPn9iyi1WdZpY9Xi+nxLU/CpvQjALGWvwoOP4Bid6+4NG
OD7l/H/OiMn5mwtIojgfO9tQt6fct+MvUcqdSZY4qEWNw/Li9xcYcMdZrXDKnZXV
L/J9yJBzrwxt6DdeUoUPSam/rk96PkXhEiPqk538WgI8zk9TDy+cgCbdsxv9Vps3
H8UiNTXt49yWwzh7m7f+Z8wgiafkDeewYui75HDODusxvhl/R/fI+BiINQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMPdeqt4/02T8uxxkx9WgjtmSLagMB8GA1UdIwQY
MBaAFGBish+2ZVuJeSPinW/LZEqxCsUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYt
YjUyMGJlZGE2NjI2LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYtYjUyMGJlZGE2NjI2
LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmfIrvn/x
ISry6McB3CQRloOUMlKuHPIBo6uGMTnjrBqy2WN9nA+6F+2K/HskMbznXfkpw7yb
z/I27ze9pKjRLYHe423JRrqVyzDiISbid5982JUGSVjAvnXKXsAdWr3Lj2Nee58V
cAMN5bB50ZGBVBqku03lLvA3zD6gECFdj4xM0BhGTxPNPZIfwIzXwcJTHulTqlcM
GmaZfVbpd8FVXgw0kge5rwVwTiL4vS45G3iLtaeLnlrsOoF1YtVDnPo9aXrjcidH
3nlg7lCXqNHl19dvaMeDSwU0hfFtPxai6Qowh1rUfSM5XKI8Hwg1iKo9Zd0fvlx1
OPfFbaI1RxDysg==
-----END CERTIFICATE-----