Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
File:                     Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft (raw, json)
Hash identifier:          5BaaEKsTl/4GtBgsQRNgBJ+UZQS4a71O0mq40vTkNGs=
Subject key identifier:   4A:02:A7:06:3A:24:30:82:EA:E9:B0:9A:77:5B:05:6A:20:73:D0:EB
Authority key identifier: 63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7
Certificate issuer:       /CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7
Certificate serial:       019894B746B3BB20167666AEC17527E4587D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
Manifest number:          0B08
Signing time:             Sun 10 Aug 2025 16:01:35 +0000
Manifest this update:     Sun 10 Aug 2025 16:01:35 +0000
Manifest next update:     Mon 11 Aug 2025 16:01:35 +0000
Files and hashes:         1: Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl (hash: kGWKXWLhKn8k/GCSMVGc4Ed0CR1hXIgQAAL7Gzhr1Cw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 16:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:94:b7:46:b3:bb:20:16:76:66:ae:c1:75:27:e4:58:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7
        Validity
            Not Before: Aug 10 16:01:35 2025 GMT
            Not After : Aug 11 16:01:35 2025 GMT
        Subject: CN=4a02a7063a243082eae9b09a775b056a2073d0eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:a3:c3:1e:cb:b3:2d:53:27:02:82:5f:77:a5:
                    25:86:3d:30:a9:bc:f2:02:d5:41:5d:a6:31:17:26:
                    c4:27:f4:99:21:fb:6b:c9:a3:c8:0a:12:7b:d4:7b:
                    ba:e2:2e:9a:a5:b7:9b:a1:c1:b1:f5:26:ad:5f:ac:
                    ab:09:3b:38:6e:0a:2d:eb:a0:37:7f:ec:87:dc:4b:
                    95:cf:fa:8d:e5:5e:29:8c:79:77:0b:d9:9a:15:d5:
                    b3:b1:99:13:f1:6f:e2:2b:61:46:0a:50:68:78:b6:
                    24:c7:47:6c:52:4f:64:9d:de:e1:0e:d0:ff:6c:00:
                    85:92:7d:30:9d:18:e7:5b:de:e0:31:1e:dd:48:a6:
                    4b:57:e3:5e:ae:1d:6b:28:5e:37:43:7c:b4:c0:67:
                    81:fe:32:fe:9c:7c:e7:68:81:c7:64:b0:88:0f:38:
                    40:9d:ed:7e:3e:d6:1c:d9:d7:8e:4d:9e:3a:90:3c:
                    f2:c6:fc:0a:dd:80:d0:a9:fe:8a:65:01:c4:cf:65:
                    fe:f4:93:f5:18:bb:be:b8:84:16:70:3c:62:17:ab:
                    b1:2c:de:59:44:f5:bb:a7:34:7c:00:36:f1:24:09:
                    d2:07:3f:aa:ee:41:ed:03:97:36:58:c8:a6:df:8d:
                    32:6c:88:53:47:13:75:08:32:34:eb:52:d5:a3:13:
                    41:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:02:A7:06:3A:24:30:82:EA:E9:B0:9A:77:5B:05:6A:20:73:D0:EB
            X509v3 Authority Key Identifier:
                keyid:63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:1f:17:bf:b9:bc:1a:69:f8:a8:6b:7f:73:e5:66:c1:9a:b9:
         33:d5:3f:ab:82:ec:18:ea:b9:b2:90:f9:9e:88:6e:2d:52:91:
         de:d9:53:34:dd:1a:37:42:df:4d:27:12:b9:53:ad:0c:e0:d9:
         5c:4f:c3:93:48:f9:a9:72:11:f1:85:10:68:5c:dd:3a:e9:bd:
         d0:9d:35:c2:62:5e:0c:a2:c1:74:d6:01:22:57:b6:66:7f:7e:
         c0:4e:25:4f:55:d5:a9:f5:1f:7c:45:e4:51:35:dc:b5:b0:5c:
         68:fb:a5:54:85:05:d2:4e:fd:fd:a6:e0:04:ae:a0:af:25:f8:
         1d:27:3b:a9:f7:eb:90:52:f4:b3:81:71:6d:04:09:4a:d9:fc:
         90:6a:e6:dc:37:f1:1c:c0:df:1d:06:26:e2:85:ba:a6:16:40:
         fe:cf:fc:20:7d:e9:7d:fc:3b:d4:b0:2d:74:a0:90:31:52:aa:
         f0:3c:7a:db:c0:83:da:9e:a9:bf:df:bb:8c:d2:4b:a2:9e:64:
         07:f5:fc:0f:48:70:fe:cd:bc:4f:f1:45:0b:10:4b:f6:97:60:
         f9:c1:7e:b3:5b:2b:a2:0c:0d:a5:c7:b4:e8:bb:54:b0:7f:68:
         12:72:72:98:02:b7:b6:87:b1:5f:62:de:88:47:a3:50:6c:fc:
         75:e7:41:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiUt0azuyAWdmauwXUn5Fh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNzFkMmZiZWNmMmY5MGRjN2Y0OTUxN2E0NDBkYTUzMzlm
NGE2YzcwHhcNMjUwODEwMTYwMTM1WhcNMjUwODExMTYwMTM1WjAzMTEwLwYDVQQD
Eyg0YTAyYTcwNjNhMjQzMDgyZWFlOWIwOWE3NzViMDU2YTIwNzNkMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5aPDHsuzLVMnAoJfd6Ulhj0wqbzy
AtVBXaYxFybEJ/SZIftryaPIChJ71Hu64i6apbebocGx9SatX6yrCTs4bgot66A3
f+yH3EuVz/qN5V4pjHl3C9maFdWzsZkT8W/iK2FGClBoeLYkx0dsUk9knd7hDtD/
bACFkn0wnRjnW97gMR7dSKZLV+Nerh1rKF43Q3y0wGeB/jL+nHznaIHHZLCIDzhA
ne1+PtYc2deOTZ46kDzyxvwK3YDQqf6KZQHEz2X+9JP1GLu+uIQWcDxiF6uxLN5Z
RPW7pzR8ADbxJAnSBz+q7kHtA5c2WMim340ybIhTRxN1CDI061LVoxNBMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEoCpwY6JDCC6umwmndbBWogc9DrMB8GA1UdIwQY
MBaAFGNx0vvs8vkNx/SVF6RA2lM59KbHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAt
N2UxNGQzNTk4ZjA5LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAtN2UxNGQzNTk4ZjA5
LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvR8Xv7m8
Gmn4qGt/c+VmwZq5M9U/q4LsGOq5spD5nohuLVKR3tlTNN0aN0LfTScSuVOtDODZ
XE/Dk0j5qXIR8YUQaFzdOum90J01wmJeDKLBdNYBIle2Zn9+wE4lT1XVqfUffEXk
UTXctbBcaPulVIUF0k79/abgBK6gryX4HSc7qffrkFL0s4FxbQQJStn8kGrm3Dfx
HMDfHQYm4oW6phZA/s/8IH3pffw71LAtdKCQMVKq8Dx628CD2p6pv9+7jNJLop5k
B/X8D0hw/s28T/FFCxBL9pdg+cF+s1srogwNpce06LtUsH9oEnJymAK3toexX2Le
iEejUGz8dedBZQ==
-----END CERTIFICATE-----