Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
File:                     Yonrndlo7aSnlWTC4GpoOEIpegQ.mft (raw, json)
Hash identifier:          8NDeDGvuBcONLrA0Fn0004Izcf/mTpEl/a9UOedlnRQ=
Subject key identifier:   0D:67:EC:95:EB:C1:24:1B:61:93:A8:42:97:DD:64:19:B3:DB:BB:2D
Authority key identifier: 62:89:EB:9D:D9:68:ED:A4:A7:95:64:C2:E0:6A:68:38:42:29:7A:04
Certificate issuer:       /CN=6289eb9dd968eda4a79564c2e06a683842297a04
Certificate serial:       01987BD24F925BE65BECE398DAC7CFDB69D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
Manifest number:          033A
Signing time:             Tue 05 Aug 2025 20:00:37 +0000
Manifest this update:     Tue 05 Aug 2025 20:00:37 +0000
Manifest next update:     Wed 06 Aug 2025 20:00:37 +0000
Files and hashes:         1: Yonrndlo7aSnlWTC4GpoOEIpegQ.crl (hash: XE26sPOz2caOEWYETIXLJiujeO4hlcEu7uRSrCJ2NjI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 20:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7b:d2:4f:92:5b:e6:5b:ec:e3:98:da:c7:cf:db:69:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6289eb9dd968eda4a79564c2e06a683842297a04
        Validity
            Not Before: Aug  5 20:00:37 2025 GMT
            Not After : Aug  6 20:00:37 2025 GMT
        Subject: CN=0d67ec95ebc1241b6193a84297dd6419b3dbbb2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:e0:ff:21:c9:8c:1c:33:29:a6:76:c0:32:d3:
                    75:52:20:73:15:89:dd:c9:41:a7:83:05:2c:dd:61:
                    61:63:85:b6:7b:70:b5:7a:4d:bd:9b:06:c3:87:96:
                    1d:8f:55:2c:59:42:5f:ab:73:f5:c3:4f:87:b2:55:
                    9c:f7:7d:c1:df:bd:2e:5c:51:15:b1:f7:20:4c:61:
                    20:bb:02:18:97:95:7a:6f:36:23:0f:8b:fa:d7:de:
                    b6:f0:84:74:c0:62:85:ab:81:2d:6a:3b:d4:a2:7d:
                    b2:60:75:54:4c:33:bc:8f:fb:6c:d5:2d:c2:4b:10:
                    d6:65:c0:a2:bd:90:2e:2a:74:5f:cc:3e:87:ed:9e:
                    20:b0:db:9d:f8:5b:3e:95:8a:17:de:d9:a5:60:27:
                    ec:da:18:fa:a5:64:7b:25:f5:2e:8e:81:79:10:ad:
                    90:51:81:f5:5a:6c:d0:c5:d6:dd:78:35:cf:68:0f:
                    da:41:f0:9a:5a:2d:ab:03:a0:95:c7:55:ed:02:b3:
                    e3:18:88:d8:72:f6:61:f0:de:c7:42:a0:28:5a:d7:
                    bb:85:a5:d4:fd:bd:bf:76:e4:1c:15:d4:d4:40:ce:
                    42:84:7c:40:20:37:91:3e:e8:31:d8:2d:b2:85:12:
                    2a:cd:61:f9:07:6a:1f:94:54:68:f4:ff:9f:00:ca:
                    1b:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:67:EC:95:EB:C1:24:1B:61:93:A8:42:97:DD:64:19:B3:DB:BB:2D
            X509v3 Authority Key Identifier:
                keyid:62:89:EB:9D:D9:68:ED:A4:A7:95:64:C2:E0:6A:68:38:42:29:7A:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:40:b9:f3:a7:00:0e:67:f9:7a:af:93:59:42:4a:0b:87:b9:
         20:2e:1e:83:a0:03:6e:9e:e1:ca:19:b4:cf:d3:98:f0:a6:75:
         bd:bc:0a:80:bd:51:46:88:f2:30:28:ad:76:63:1e:a9:77:8b:
         8d:43:ac:b1:3b:43:02:91:ec:3b:57:70:71:fc:db:13:73:1b:
         20:1d:66:42:e2:78:4c:63:1d:32:fd:3d:95:f2:59:d2:cc:eb:
         9f:a1:48:fc:77:2d:cd:13:a9:c9:ca:ea:94:2f:ef:c6:a0:fe:
         ff:5c:36:3a:55:25:3c:ea:0b:07:99:39:2b:44:ea:fc:93:59:
         46:b2:e3:35:3c:d4:c2:e8:10:36:1a:87:a9:79:fc:30:26:e7:
         60:85:20:0b:44:05:33:d8:9b:79:91:8d:c8:98:f7:19:54:3b:
         38:8b:b8:20:e8:24:5d:c1:fc:f3:c2:07:0c:5a:1e:f4:a4:f9:
         56:d1:f1:d9:3d:cc:38:b5:32:cb:f6:13:fc:1d:28:3e:92:96:
         d7:67:ed:01:08:ef:20:a3:72:cc:80:6e:17:c8:e6:67:49:19:
         dd:28:8d:2c:dc:08:e5:7f:f0:d1:fb:16:e6:66:87:33:d2:1d:
         ae:6b:0d:01:fa:98:75:4a:21:75:db:23:09:2a:db:02:27:70:
         6d:1c:88:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh70k+SW+Zb7OOY2sfP22nQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyODllYjlkZDk2OGVkYTRhNzk1NjRjMmUwNmE2ODM4NDIy
OTdhMDQwHhcNMjUwODA1MjAwMDM3WhcNMjUwODA2MjAwMDM3WjAzMTEwLwYDVQQD
EygwZDY3ZWM5NWViYzEyNDFiNjE5M2E4NDI5N2RkNjQxOWIzZGJiYjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOD/IcmMHDMppnbAMtN1UiBzFYnd
yUGngwUs3WFhY4W2e3C1ek29mwbDh5Ydj1UsWUJfq3P1w0+HslWc933B370uXFEV
sfcgTGEguwIYl5V6bzYjD4v619628IR0wGKFq4EtajvUon2yYHVUTDO8j/ts1S3C
SxDWZcCivZAuKnRfzD6H7Z4gsNud+Fs+lYoX3tmlYCfs2hj6pWR7JfUujoF5EK2Q
UYH1WmzQxdbdeDXPaA/aQfCaWi2rA6CVx1XtArPjGIjYcvZh8N7HQqAoWte7haXU
/b2/duQcFdTUQM5ChHxAIDeRPugx2C2yhRIqzWH5B2oflFRo9P+fAMob1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA1n7JXrwSQbYZOoQpfdZBmz27stMB8GA1UdIwQY
MBaAFGKJ653ZaO2kp5VkwuBqaDhCKXoEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81ZTdkYzgtN2JmNS00MDMzLTkwOTIt
ZmM3ZWI5OTFkYjQwLzEvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81ZTdkYzgtN2JmNS00MDMzLTkwOTItZmM3ZWI5OTFkYjQw
LzEvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa0C586cA
Dmf5eq+TWUJKC4e5IC4eg6ADbp7hyhm0z9OY8KZ1vbwKgL1RRojyMCitdmMeqXeL
jUOssTtDApHsO1dwcfzbE3MbIB1mQuJ4TGMdMv09lfJZ0szrn6FI/HctzROpycrq
lC/vxqD+/1w2OlUlPOoLB5k5K0Tq/JNZRrLjNTzUwugQNhqHqXn8MCbnYIUgC0QF
M9ibeZGNyJj3GVQ7OIu4IOgkXcH888IHDFoe9KT5VtHx2T3MOLUyy/YT/B0oPpKW
12ftAQjvIKNyzIBuF8jmZ0kZ3SiNLNwI5X/w0fsW5maHM9IdrmsNAfqYdUohddsj
CSrbAidwbRyIaA==
-----END CERTIFICATE-----