Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft
File:                     yGEQ5MdkHRgOjxkgrGX7788G18c.mft (raw, json)
Hash identifier:          3GkJ1Zzs9afS8SAEG0OOrwd83raS78iwefK6nIjGgms=
Subject key identifier:   2D:A3:7B:15:E3:55:A7:21:7D:F9:3D:AE:65:E4:5E:33:94:92:A9:50
Authority key identifier: C8:61:10:E4:C7:64:1D:18:0E:8F:19:20:AC:65:FB:EF:CF:06:D7:C7
Certificate issuer:       /CN=c86110e4c7641d180e8f1920ac65fbefcf06d7c7
Certificate serial:       019768F2FA56F0AE0CFE73880C4D25D4FBF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yGEQ5MdkHRgOjxkgrGX7788G18c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft
Manifest number:          20
Signing time:             Fri 13 Jun 2025 11:00:43 +0000
Manifest this update:     Fri 13 Jun 2025 11:00:43 +0000
Manifest next update:     Sat 14 Jun 2025 11:00:43 +0000
Files and hashes:         1: yGEQ5MdkHRgOjxkgrGX7788G18c.crl (hash: NH5QMwAWOuoirFk/twf8sbmiZxQMF79Xa1clL3prM1Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yGEQ5MdkHRgOjxkgrGX7788G18c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 11:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:f2:fa:56:f0:ae:0c:fe:73:88:0c:4d:25:d4:fb:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c86110e4c7641d180e8f1920ac65fbefcf06d7c7
        Validity
            Not Before: Jun 13 11:00:43 2025 GMT
            Not After : Jun 14 11:00:43 2025 GMT
        Subject: CN=2da37b15e355a7217df93dae65e45e339492a950
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:9f:f7:92:8b:22:4b:c8:42:f9:3c:75:9e:25:
                    51:c0:2f:9e:08:00:3f:3a:19:30:ef:f6:94:27:2d:
                    3b:16:b8:a0:9c:64:88:6d:1b:4a:9a:26:6c:5d:d0:
                    92:fc:fb:12:80:42:ee:ab:00:24:0a:8c:7c:74:e5:
                    83:87:34:4d:b4:f0:2a:74:b0:f7:9c:b0:81:e8:88:
                    7a:a3:bb:eb:79:b5:53:98:2d:4c:47:c2:c5:d4:22:
                    50:28:51:9c:07:ce:74:aa:89:7a:08:54:98:56:f6:
                    97:09:d6:f5:23:9d:91:76:45:fb:66:6f:24:5c:2a:
                    b8:1c:9e:55:b1:26:e5:13:34:67:19:5f:fb:ad:3e:
                    27:31:c3:d3:5f:ec:81:ef:d7:40:a8:8c:78:d1:57:
                    03:22:55:0a:ce:34:af:fe:85:62:1a:c2:e3:bf:90:
                    13:71:79:72:b0:be:bd:f7:c0:e2:37:ed:bf:17:df:
                    7b:7a:e3:07:39:9b:c1:cc:6a:91:95:38:5f:93:97:
                    aa:24:e2:ca:c3:a5:92:7c:7a:99:b6:92:70:4f:e1:
                    5e:d6:1d:98:f1:bb:54:b9:eb:f3:39:52:e2:ca:7a:
                    d9:ff:80:64:82:5d:3e:bf:4a:99:50:aa:66:35:88:
                    03:6e:16:f2:f0:c9:51:8b:9a:6a:c2:fd:b7:4d:44:
                    d4:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:A3:7B:15:E3:55:A7:21:7D:F9:3D:AE:65:E4:5E:33:94:92:A9:50
            X509v3 Authority Key Identifier:
                keyid:C8:61:10:E4:C7:64:1D:18:0E:8F:19:20:AC:65:FB:EF:CF:06:D7:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGEQ5MdkHRgOjxkgrGX7788G18c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:30:65:59:de:19:b3:70:10:07:7f:b8:fa:cd:6a:80:01:79:
         0f:08:08:36:35:c3:b1:f8:f7:0d:c2:4f:dc:a5:34:ac:bd:9e:
         4f:82:40:21:48:5b:06:9b:8b:ad:31:01:6f:8c:39:a1:21:8d:
         88:d1:02:90:ab:ce:6a:8c:96:b1:3b:c9:f0:0e:ea:ec:77:05:
         ca:6f:87:17:c2:84:12:97:6f:d8:e7:cd:9f:b3:ea:8c:b8:ef:
         2a:7f:e7:9d:3e:95:70:60:8c:3e:82:d1:c6:ed:95:9c:23:c4:
         5d:b9:28:32:ca:ee:5a:47:c8:63:6c:28:40:99:85:80:04:ae:
         b5:45:fa:09:88:25:85:62:76:f1:0f:33:9f:b3:55:1a:9c:13:
         e3:ab:fd:75:c9:5a:0a:30:69:f3:8b:15:0b:4a:52:f1:5e:b5:
         d4:86:82:b7:d7:e9:75:6d:99:8b:cb:99:f0:a1:43:57:76:0c:
         19:3f:74:31:99:bb:15:22:03:11:e6:54:3f:7e:7b:83:a2:77:
         e1:8a:67:f1:80:d3:66:59:34:df:2e:e2:de:ae:03:6e:2c:47:
         12:37:75:f5:71:89:0a:78:bf:af:15:b8:09:2f:78:c2:47:d1:
         3d:22:b2:e6:85:ad:55:a0:d3:7c:1c:cc:8a:55:1e:93:0d:4e:
         b6:2d:88:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdo8vpW8K4M/nOIDE0l1Pv5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NjExMGU0Yzc2NDFkMTgwZThmMTkyMGFjNjVmYmVmY2Yw
NmQ3YzcwHhcNMjUwNjEzMTEwMDQzWhcNMjUwNjE0MTEwMDQzWjAzMTEwLwYDVQQD
EygyZGEzN2IxNWUzNTVhNzIxN2RmOTNkYWU2NWU0NWUzMzk0OTJhOTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5/3kosiS8hC+Tx1niVRwC+eCAA/
Ohkw7/aUJy07FrignGSIbRtKmiZsXdCS/PsSgELuqwAkCox8dOWDhzRNtPAqdLD3
nLCB6Ih6o7vrebVTmC1MR8LF1CJQKFGcB850qol6CFSYVvaXCdb1I52RdkX7Zm8k
XCq4HJ5VsSblEzRnGV/7rT4nMcPTX+yB79dAqIx40VcDIlUKzjSv/oViGsLjv5AT
cXlysL6998DiN+2/F997euMHOZvBzGqRlThfk5eqJOLKw6WSfHqZtpJwT+Fe1h2Y
8btUuevzOVLiynrZ/4Bkgl0+v0qZUKpmNYgDbhby8MlRi5pqwv23TUTUlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2jexXjVachffk9rmXkXjOUkqlQMB8GA1UdIwQY
MBaAFMhhEOTHZB0YDo8ZIKxl++/PBtfHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdFUTVNZGtIUmdPanhrZ3JHWDc3ODhHMThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8yMDhjMjUtZWRjZS00MTMxLWIzMWIt
NjZhNTJjN2M4YzAwLzEveUdFUTVNZGtIUmdPanhrZ3JHWDc3ODhHMThjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8yMDhjMjUtZWRjZS00MTMxLWIzMWItNjZhNTJjN2M4YzAw
LzEveUdFUTVNZGtIUmdPanhrZ3JHWDc3ODhHMThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfjBlWd4Z
s3AQB3+4+s1qgAF5DwgINjXDsfj3DcJP3KU0rL2eT4JAIUhbBpuLrTEBb4w5oSGN
iNECkKvOaoyWsTvJ8A7q7HcFym+HF8KEEpdv2OfNn7PqjLjvKn/nnT6VcGCMPoLR
xu2VnCPEXbkoMsruWkfIY2woQJmFgASutUX6CYglhWJ28Q8zn7NVGpwT46v9dcla
CjBp84sVC0pS8V611IaCt9fpdW2Zi8uZ8KFDV3YMGT90MZm7FSIDEeZUP357g6J3
4Ypn8YDTZlk03y7i3q4DbixHEjd19XGJCni/rxW4CS94wkfRPSKy5oWtVaDTfBzM
ilUekw1Oti2IKw==
-----END CERTIFICATE-----