Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
File:                     Y31k1HJWO36HP1t5-RydP__D2_k.mft (raw, json)
Hash identifier:          /fqXXd1yWs4ZKRrV8tP+5MyrmzgOCnJ4Aynk5MDC/4E=
Subject key identifier:   FB:59:D0:6B:89:A9:39:D7:32:19:2D:78:DD:50:06:EC:34:6C:B5:43
Authority key identifier: 63:7D:64:D4:72:56:3B:7E:87:3F:5B:79:F9:1C:9D:3F:FF:C3:DB:F9
Certificate issuer:       /CN=637d64d472563b7e873f5b79f91c9d3fffc3dbf9
Certificate serial:       01976DAB847DF892A32DBCACC0EF6C03A006
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
Manifest number:          0E4A
Signing time:             Sat 14 Jun 2025 09:00:46 +0000
Manifest this update:     Sat 14 Jun 2025 09:00:46 +0000
Manifest next update:     Sun 15 Jun 2025 09:00:46 +0000
Files and hashes:         1: Y31k1HJWO36HP1t5-RydP__D2_k.crl (hash: WHHS9sV+qJ1UjXKfYROdkrI+4la3bLUjcBGJZhzl0jo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:ab:84:7d:f8:92:a3:2d:bc:ac:c0:ef:6c:03:a0:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=637d64d472563b7e873f5b79f91c9d3fffc3dbf9
        Validity
            Not Before: Jun 14 09:00:46 2025 GMT
            Not After : Jun 15 09:00:46 2025 GMT
        Subject: CN=fb59d06b89a939d732192d78dd5006ec346cb543
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:5b:a6:e8:ad:cc:39:96:31:6c:f5:c3:74:3d:
                    4d:c3:0c:a9:03:c9:a4:72:ff:08:13:28:e5:2f:0a:
                    a5:bc:66:67:04:01:c3:9a:d4:cb:60:d0:98:7a:90:
                    39:a5:36:8a:7e:3f:0e:05:b5:93:f5:fc:18:8d:f3:
                    59:de:e2:4b:48:d9:de:7d:6f:eb:f9:48:7b:a1:61:
                    5b:97:a1:84:35:28:e6:0d:a2:e0:79:4f:03:c2:54:
                    05:76:cf:d5:26:ee:75:6d:d8:9c:fe:8a:d5:7f:f9:
                    c0:dc:a2:c9:04:89:71:f1:3b:18:39:af:dc:22:2e:
                    11:e3:d0:5b:a6:0e:d2:f9:2f:18:0b:42:c2:ec:13:
                    0a:90:8b:f1:e8:9e:7b:69:1e:0b:f7:e0:8b:e7:87:
                    57:25:c2:b9:3c:8e:17:12:eb:bd:b1:10:6f:51:57:
                    d9:90:d9:59:ed:f2:b6:0c:63:df:ec:73:d0:ae:02:
                    6b:a0:82:ff:08:e0:9a:97:13:c1:52:43:7d:54:e4:
                    65:78:fa:0c:08:39:ec:c7:9e:04:3f:f7:dd:05:d7:
                    d4:b7:75:3b:c2:01:0f:d8:63:74:9b:7e:b2:40:d9:
                    aa:04:d6:eb:72:7d:f8:fa:f6:5e:67:72:11:27:1b:
                    ce:d2:16:c5:70:85:e1:7a:e1:71:23:53:17:fc:fd:
                    1c:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:59:D0:6B:89:A9:39:D7:32:19:2D:78:DD:50:06:EC:34:6C:B5:43
            X509v3 Authority Key Identifier:
                keyid:63:7D:64:D4:72:56:3B:7E:87:3F:5B:79:F9:1C:9D:3F:FF:C3:DB:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:73:8b:24:d7:a1:81:b9:36:2f:a2:ca:61:92:e2:95:cb:fb:
         41:bf:c4:c1:44:d6:91:67:fe:93:e2:95:5f:38:13:bc:51:39:
         a8:61:87:f3:ea:ac:94:d4:ba:41:7e:90:98:9a:6a:a4:7f:39:
         ae:9c:f7:a3:a2:72:6e:07:2b:a7:c9:58:98:8c:c1:51:bc:63:
         81:a7:d5:75:b8:81:17:29:2d:42:7e:cb:7b:67:97:e5:5e:55:
         3b:3d:b3:dc:76:be:24:1d:98:39:02:fe:ce:8a:10:15:28:d4:
         24:27:ca:45:cf:cc:90:d5:9a:10:29:02:cf:97:30:4d:8b:56:
         5c:5e:82:3f:d6:5e:57:20:02:26:66:93:32:69:38:ba:3e:37:
         be:38:f9:2e:87:8b:1e:74:67:78:5e:97:63:f3:42:b9:74:6e:
         62:86:06:53:6b:68:c0:84:34:4e:c2:ec:92:77:55:00:c0:15:
         d7:49:5b:ef:c3:7a:1c:f0:96:af:91:67:7f:c2:37:06:47:08:
         c0:f5:0e:e5:55:21:e5:6d:93:d3:a1:9e:38:6e:cb:2c:6f:0e:
         e3:5b:61:73:18:7e:0c:43:ac:04:fa:d4:59:9f:11:b3:19:b8:
         0b:ec:c9:13:5a:3f:29:04:dc:bc:8f:2f:43:26:08:bf:52:4d:
         d6:4d:9f:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtq4R9+JKjLbyswO9sA6AGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzN2Q2NGQ0NzI1NjNiN2U4NzNmNWI3OWY5MWM5ZDNmZmZj
M2RiZjkwHhcNMjUwNjE0MDkwMDQ2WhcNMjUwNjE1MDkwMDQ2WjAzMTEwLwYDVQQD
EyhmYjU5ZDA2Yjg5YTkzOWQ3MzIxOTJkNzhkZDUwMDZlYzM0NmNiNTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1um6K3MOZYxbPXDdD1NwwypA8mk
cv8IEyjlLwqlvGZnBAHDmtTLYNCYepA5pTaKfj8OBbWT9fwYjfNZ3uJLSNnefW/r
+Uh7oWFbl6GENSjmDaLgeU8DwlQFds/VJu51bdic/orVf/nA3KLJBIlx8TsYOa/c
Ii4R49Bbpg7S+S8YC0LC7BMKkIvx6J57aR4L9+CL54dXJcK5PI4XEuu9sRBvUVfZ
kNlZ7fK2DGPf7HPQrgJroIL/COCalxPBUkN9VORlePoMCDnsx54EP/fdBdfUt3U7
wgEP2GN0m36yQNmqBNbrcn34+vZeZ3IRJxvO0hbFcIXheuFxI1MX/P0ceQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPtZ0GuJqTnXMhkteN1QBuw0bLVDMB8GA1UdIwQY
MBaAFGN9ZNRyVjt+hz9befkcnT//w9v5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yYmQ2YjQtZWViMi00ZjFiLThhYWYt
ODE3YWY4YTc2MjUwLzEvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yYmQ2YjQtZWViMi00ZjFiLThhYWYtODE3YWY4YTc2MjUw
LzEvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcXOLJNeh
gbk2L6LKYZLilcv7Qb/EwUTWkWf+k+KVXzgTvFE5qGGH8+qslNS6QX6QmJpqpH85
rpz3o6Jybgcrp8lYmIzBUbxjgafVdbiBFyktQn7Le2eX5V5VOz2z3Ha+JB2YOQL+
zooQFSjUJCfKRc/MkNWaECkCz5cwTYtWXF6CP9ZeVyACJmaTMmk4uj43vjj5LoeL
HnRneF6XY/NCuXRuYoYGU2towIQ0TsLskndVAMAV10lb78N6HPCWr5Fnf8I3BkcI
wPUO5VUh5W2T06GeOG7LLG8O41thcxh+DEOsBPrUWZ8Rsxm4C+zJE1o/KQTcvI8v
QyYIv1JN1k2f/w==
-----END CERTIFICATE-----