Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
File:                     Yonrndlo7aSnlWTC4GpoOEIpegQ.mft (raw, json)
Hash identifier:          4pJlpzZ/6Gurl4DL3jF7vbd0H10zPaHdRlnO2VmhzVk=
Subject key identifier:   77:21:45:AA:FF:A4:EF:5F:4A:58:87:F6:12:C4:83:D5:E7:EB:7B:0A
Authority key identifier: 62:89:EB:9D:D9:68:ED:A4:A7:95:64:C2:E0:6A:68:38:42:29:7A:04
Certificate issuer:       /CN=6289eb9dd968eda4a79564c2e06a683842297a04
Certificate serial:       01976D74750C659BD4DEA0C58773A7C21032
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
Manifest number:          02AE
Signing time:             Sat 14 Jun 2025 08:00:38 +0000
Manifest this update:     Sat 14 Jun 2025 08:00:38 +0000
Manifest next update:     Sun 15 Jun 2025 08:00:38 +0000
Files and hashes:         1: Yonrndlo7aSnlWTC4GpoOEIpegQ.crl (hash: Q7aw2hrW3eurkxdjKTKtSs4dVOj0PtZKHeYqZCsETaA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:74:75:0c:65:9b:d4:de:a0:c5:87:73:a7:c2:10:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6289eb9dd968eda4a79564c2e06a683842297a04
        Validity
            Not Before: Jun 14 08:00:38 2025 GMT
            Not After : Jun 15 08:00:38 2025 GMT
        Subject: CN=772145aaffa4ef5f4a5887f612c483d5e7eb7b0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:56:c4:0b:b5:57:05:1d:08:ca:21:5e:46:b2:
                    97:59:d4:74:bd:00:28:34:76:af:2b:e5:75:fb:e5:
                    b4:73:a7:ea:bd:68:b2:9a:ab:c1:9d:64:d1:fc:c8:
                    a4:8f:00:fc:38:70:24:d1:3a:83:b0:b7:ab:df:7f:
                    76:7a:6b:5b:3b:c2:34:43:8f:74:6a:75:2f:be:62:
                    df:c5:2b:2e:a0:60:e0:a0:93:d5:8a:3b:04:32:4f:
                    fb:61:34:e7:71:04:6e:ea:36:8b:b6:3b:26:0d:86:
                    45:d8:b7:35:2b:51:8e:1e:86:37:e8:b4:e3:24:cd:
                    35:06:1c:b9:64:b8:70:fd:b9:17:bc:e6:a1:d8:3c:
                    d1:92:e3:f9:e2:ba:e4:61:6b:4b:18:72:8c:9e:f3:
                    fb:48:e9:b3:01:94:b3:02:75:fd:80:88:ab:69:c6:
                    e8:97:52:5c:96:c6:d1:13:f7:f0:94:7f:2d:94:23:
                    5a:ed:38:93:69:eb:b4:a0:bf:de:96:70:c5:2a:f3:
                    43:0d:d1:97:b0:2d:d7:cd:00:3c:85:6f:64:8b:4b:
                    4a:b6:c8:10:9f:54:0e:67:6f:71:91:f9:f9:59:c9:
                    ec:7e:19:4f:cb:1c:1b:27:9d:b3:03:f4:fa:44:14:
                    83:d4:0c:27:f7:a9:82:9f:eb:26:31:f2:fe:02:80:
                    62:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:21:45:AA:FF:A4:EF:5F:4A:58:87:F6:12:C4:83:D5:E7:EB:7B:0A
            X509v3 Authority Key Identifier:
                keyid:62:89:EB:9D:D9:68:ED:A4:A7:95:64:C2:E0:6A:68:38:42:29:7A:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:0d:a8:e6:3b:e9:cf:48:09:60:66:3b:df:a7:25:7a:9f:02:
         f6:e1:1e:44:93:cd:36:7c:4b:4f:da:53:e7:44:5f:e7:2a:74:
         45:67:bf:3d:bf:aa:6f:a9:95:61:01:14:ee:a3:75:34:a1:d3:
         9c:da:fe:e7:82:54:5f:a3:71:96:6a:fe:48:75:2c:4a:eb:fe:
         3e:77:a1:4c:c3:65:67:a7:85:43:53:48:1d:88:a2:1f:a4:02:
         99:f4:b8:6a:ac:09:ed:33:1f:37:30:69:48:89:56:52:f2:5e:
         90:22:e5:c1:fa:32:d3:13:63:f4:ba:ea:c5:5c:d5:99:75:a9:
         09:1f:f4:ed:23:fe:0f:cb:71:3b:15:f9:ac:f4:f6:fe:8a:f9:
         99:9c:3a:53:79:2c:f2:8c:ef:f6:66:c2:62:12:00:09:47:34:
         78:7e:8a:88:9d:8d:55:78:a9:69:d5:1b:9f:1f:42:72:82:f8:
         13:1c:f5:19:ad:d8:d5:30:8a:ca:6a:c3:51:b1:0e:fc:57:e6:
         dc:20:f3:43:03:0b:bc:36:77:96:a0:18:c2:92:2c:dd:73:9d:
         36:aa:3a:4c:3a:e0:9b:92:5f:f6:e6:97:40:d4:f1:da:f2:74:
         74:4f:75:8c:ae:74:6f:92:a8:e7:d3:f2:07:d0:3a:fb:08:e9:
         a0:f4:4c:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtdHUMZZvU3qDFh3OnwhAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyODllYjlkZDk2OGVkYTRhNzk1NjRjMmUwNmE2ODM4NDIy
OTdhMDQwHhcNMjUwNjE0MDgwMDM4WhcNMjUwNjE1MDgwMDM4WjAzMTEwLwYDVQQD
Eyg3NzIxNDVhYWZmYTRlZjVmNGE1ODg3ZjYxMmM0ODNkNWU3ZWI3YjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFbEC7VXBR0IyiFeRrKXWdR0vQAo
NHavK+V1++W0c6fqvWiymqvBnWTR/MikjwD8OHAk0TqDsLer3392emtbO8I0Q490
anUvvmLfxSsuoGDgoJPVijsEMk/7YTTncQRu6jaLtjsmDYZF2Lc1K1GOHoY36LTj
JM01Bhy5ZLhw/bkXvOah2DzRkuP54rrkYWtLGHKMnvP7SOmzAZSzAnX9gIiracbo
l1JclsbRE/fwlH8tlCNa7TiTaeu0oL/elnDFKvNDDdGXsC3XzQA8hW9ki0tKtsgQ
n1QOZ29xkfn5WcnsfhlPyxwbJ52zA/T6RBSD1Awn96mCn+smMfL+AoBitQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHchRar/pO9fSliH9hLEg9Xn63sKMB8GA1UdIwQY
MBaAFGKJ653ZaO2kp5VkwuBqaDhCKXoEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81ZTdkYzgtN2JmNS00MDMzLTkwOTIt
ZmM3ZWI5OTFkYjQwLzEvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81ZTdkYzgtN2JmNS00MDMzLTkwOTItZmM3ZWI5OTFkYjQw
LzEvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQg2o5jvp
z0gJYGY736clep8C9uEeRJPNNnxLT9pT50Rf5yp0RWe/Pb+qb6mVYQEU7qN1NKHT
nNr+54JUX6Nxlmr+SHUsSuv+PnehTMNlZ6eFQ1NIHYiiH6QCmfS4aqwJ7TMfNzBp
SIlWUvJekCLlwfoy0xNj9LrqxVzVmXWpCR/07SP+D8txOxX5rPT2/or5mZw6U3ks
8ozv9mbCYhIACUc0eH6KiJ2NVXipadUbnx9CcoL4Exz1Ga3Y1TCKymrDUbEO/Ffm
3CDzQwMLvDZ3lqAYwpIs3XOdNqo6TDrgm5Jf9uaXQNTx2vJ0dE91jK50b5Ko59Py
B9A6+wjpoPRMGQ==
-----END CERTIFICATE-----