Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
File:                     yuDyZX221YxEden7gXNW4u3SzA8.mft (raw, json)
Hash identifier:          q8+K+ekgrmUsml30A7FQwNmg0X3YfZgGFIpKQYrsg4M=
Subject key identifier:   D7:A9:0E:B1:58:0A:C6:FF:5F:1C:7E:AB:E9:BA:16:31:DE:69:E2:01
Authority key identifier: CA:E0:F2:65:7D:B6:D5:8C:44:75:E9:FB:81:73:56:E2:ED:D2:CC:0F
Certificate issuer:       /CN=cae0f2657db6d58c4475e9fb817356e2edd2cc0f
Certificate serial:       01976F99C61B5B10B69E946EBF327C73E5DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
Manifest number:          116C
Signing time:             Sat 14 Jun 2025 18:00:38 +0000
Manifest this update:     Sat 14 Jun 2025 18:00:38 +0000
Manifest next update:     Sun 15 Jun 2025 18:00:38 +0000
Files and hashes:         1: yuDyZX221YxEden7gXNW4u3SzA8.crl (hash: SLOJSetcgV0P1sdQ+lfxGUkUh9w13pCmk98axpZMaEo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:99:c6:1b:5b:10:b6:9e:94:6e:bf:32:7c:73:e5:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cae0f2657db6d58c4475e9fb817356e2edd2cc0f
        Validity
            Not Before: Jun 14 18:00:38 2025 GMT
            Not After : Jun 15 18:00:38 2025 GMT
        Subject: CN=d7a90eb1580ac6ff5f1c7eabe9ba1631de69e201
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:94:cd:f6:ea:47:45:6b:be:19:52:d4:15:55:
                    6b:19:a2:6e:f8:cd:35:c7:94:49:c2:70:e8:9b:ee:
                    1b:ae:5d:65:87:6d:06:34:cd:09:27:9c:59:07:f5:
                    87:a3:43:34:fe:13:49:2e:0e:53:72:97:5a:66:8d:
                    d2:f2:be:87:aa:90:a8:17:a6:a4:c8:a5:05:00:1b:
                    e3:a0:7b:c4:06:94:12:e1:d1:cc:36:d0:3f:a6:02:
                    02:ab:16:17:fd:12:97:94:17:d3:4e:a0:6e:e9:ca:
                    05:ae:d7:45:f7:32:ec:83:be:f0:d9:ba:cb:de:33:
                    bb:75:99:89:18:bf:b9:e5:bc:ee:4d:98:a6:c1:09:
                    e3:78:2d:1b:f7:36:c6:c1:1c:7c:1e:79:b2:30:78:
                    10:36:ca:51:3e:7c:21:b9:de:0b:9d:42:cc:8a:bd:
                    84:de:00:a0:b2:a9:16:1e:6f:f5:9d:c5:ab:98:6d:
                    1c:08:4e:59:d1:61:0b:ff:d9:45:6b:73:dd:5b:73:
                    3f:46:39:eb:43:90:6d:46:4b:a5:e6:29:32:16:39:
                    bb:91:19:cc:d9:b3:3c:a3:0d:e0:0c:76:a0:f6:da:
                    8e:76:5f:ef:55:9e:cf:7d:85:7c:40:c9:ef:3e:81:
                    55:10:7b:c2:53:1f:f9:5d:d9:f1:53:3c:9f:74:a8:
                    f2:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:A9:0E:B1:58:0A:C6:FF:5F:1C:7E:AB:E9:BA:16:31:DE:69:E2:01
            X509v3 Authority Key Identifier:
                keyid:CA:E0:F2:65:7D:B6:D5:8C:44:75:E9:FB:81:73:56:E2:ED:D2:CC:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:6f:a5:c6:d9:4f:c5:ec:38:01:a9:5a:b2:2f:96:b9:7b:dd:
         c2:1b:06:15:b3:2d:36:8c:b4:06:10:83:9c:3d:76:d8:75:04:
         7a:7c:98:e7:36:cf:c6:91:f4:81:f3:01:19:c3:1f:6f:0d:d5:
         a4:67:53:db:61:58:8d:08:8e:c3:5f:e2:a9:e0:52:c0:ae:3f:
         91:50:4a:1c:2c:a7:ff:92:fe:ef:d3:79:f0:b0:6c:69:cb:29:
         f7:6d:59:7d:75:a6:13:b9:a7:01:39:0a:fe:e1:af:13:11:c8:
         0f:7a:8e:a3:59:e7:59:a3:8d:77:a1:eb:e8:23:e4:85:a5:af:
         71:de:74:e7:81:c8:81:d0:36:df:56:b3:f4:e6:b5:f1:51:d7:
         14:6a:5f:9f:3d:88:49:b7:9a:f2:de:fe:02:cd:58:bc:c8:d3:
         a4:11:75:66:68:43:7e:3f:20:0f:ba:a9:30:d9:a0:1e:ea:e5:
         75:4e:22:d8:95:da:91:3e:8f:00:9d:46:03:86:02:e9:d6:53:
         b7:cd:46:99:5e:70:f3:a2:33:84:ec:c2:58:17:5e:a9:1d:a8:
         f1:f5:83:30:bd:c2:00:78:39:8a:11:dc:70:7c:20:b3:b1:80:
         4b:b2:25:fa:cf:e4:79:09:af:c1:16:83:64:b7:c2:f3:3d:c4:
         94:5a:09:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvmcYbWxC2npRuvzJ8c+XeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZTBmMjY1N2RiNmQ1OGM0NDc1ZTlmYjgxNzM1NmUyZWRk
MmNjMGYwHhcNMjUwNjE0MTgwMDM4WhcNMjUwNjE1MTgwMDM4WjAzMTEwLwYDVQQD
EyhkN2E5MGViMTU4MGFjNmZmNWYxYzdlYWJlOWJhMTYzMWRlNjllMjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA75TN9upHRWu+GVLUFVVrGaJu+M01
x5RJwnDom+4brl1lh20GNM0JJ5xZB/WHo0M0/hNJLg5TcpdaZo3S8r6HqpCoF6ak
yKUFABvjoHvEBpQS4dHMNtA/pgICqxYX/RKXlBfTTqBu6coFrtdF9zLsg77w2brL
3jO7dZmJGL+55bzuTZimwQnjeC0b9zbGwRx8HnmyMHgQNspRPnwhud4LnULMir2E
3gCgsqkWHm/1ncWrmG0cCE5Z0WEL/9lFa3PdW3M/RjnrQ5BtRkul5ikyFjm7kRnM
2bM8ow3gDHag9tqOdl/vVZ7PfYV8QMnvPoFVEHvCUx/5XdnxUzyfdKjy7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNepDrFYCsb/Xxx+q+m6FjHeaeIBMB8GA1UdIwQY
MBaAFMrg8mV9ttWMRHXp+4FzVuLt0swPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8wMzdmZjEtNjliOS00NGI0LThjMGUt
YTE5YTNiZWIxNWIyLzEveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8wMzdmZjEtNjliOS00NGI0LThjMGUtYTE5YTNiZWIxNWIy
LzEveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcG+lxtlP
xew4Aalasi+WuXvdwhsGFbMtNoy0BhCDnD122HUEenyY5zbPxpH0gfMBGcMfbw3V
pGdT22FYjQiOw1/iqeBSwK4/kVBKHCyn/5L+79N58LBsacsp921ZfXWmE7mnATkK
/uGvExHID3qOo1nnWaONd6Hr6CPkhaWvcd5054HIgdA231az9Oa18VHXFGpfnz2I
Sbea8t7+As1YvMjTpBF1ZmhDfj8gD7qpMNmgHurldU4i2JXakT6PAJ1GA4YC6dZT
t81GmV5w86IzhOzCWBdeqR2o8fWDML3CAHg5ihHccHwgs7GAS7Il+s/keQmvwRaD
ZLfC8z3ElFoJBA==
-----END CERTIFICATE-----