Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
File:                     yj7NoA-sC_tjsoVD6itdXx5N9ss.mft (raw, json)
Hash identifier:          lLCnHZcpAcgXaDtHsl1GC64tn6seT9rN9amDv/ZTlmY=
Subject key identifier:   C2:06:D3:5A:81:56:95:87:9C:E5:68:4E:35:DE:5C:F0:A8:3E:0C:DA
Authority key identifier: CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB
Certificate issuer:       /CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
Certificate serial:       01987ABF99FF360196338736C0A35470CD07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
Manifest number:          0217
Signing time:             Tue 05 Aug 2025 15:00:33 +0000
Manifest this update:     Tue 05 Aug 2025 15:00:33 +0000
Manifest next update:     Wed 06 Aug 2025 15:00:33 +0000
Files and hashes:         1: yj7NoA-sC_tjsoVD6itdXx5N9ss.crl (hash: v0lXQpt0LIT3DoGm7a9dBLA8wkmuvGgVU/I/btEyaw0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 14:37:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7a:bf:99:ff:36:01:96:33:87:36:c0:a3:54:70:cd:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
        Validity
            Not Before: Aug  5 15:00:33 2025 GMT
            Not After : Aug  6 15:00:33 2025 GMT
        Subject: CN=c206d35a815695879ce5684e35de5cf0a83e0cda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ab:9c:0d:c0:fe:af:e4:55:b6:8d:97:83:3a:
                    83:fd:41:ee:21:83:de:8b:02:de:66:fa:ae:db:ff:
                    23:0d:86:24:4c:8d:2a:f1:c1:43:57:47:de:d5:3d:
                    2d:c5:e6:16:04:85:01:b9:4e:5f:59:0b:00:92:07:
                    7e:0c:35:40:4c:0e:67:41:ad:df:7c:40:8f:07:6f:
                    5b:3d:c6:e6:c1:d0:1a:40:27:51:9e:60:0d:6d:ad:
                    aa:1c:a9:b7:8d:d3:da:d8:d0:21:95:d2:31:4f:3f:
                    77:16:3f:9c:83:f8:cf:f7:fe:29:de:d0:46:27:2f:
                    14:50:3e:2d:d8:7f:21:33:3d:81:e1:21:2f:d3:1e:
                    69:00:48:0c:95:84:68:93:d4:3d:fc:fa:1f:9d:e9:
                    90:98:61:6c:cc:1a:ec:33:e1:85:33:93:e4:90:17:
                    b8:a5:fe:46:2f:66:9f:7e:7f:47:c9:c6:9b:44:7b:
                    b5:93:7a:59:be:73:28:72:e7:07:51:8a:dc:fa:b2:
                    cb:c0:7d:fd:58:fc:90:6b:c8:6d:c1:d1:78:43:2b:
                    2a:ef:49:aa:7d:5c:ca:2d:e6:f2:dc:87:99:5b:b6:
                    9b:de:ae:d3:b9:58:e2:fc:2a:63:67:bb:1a:fd:0b:
                    12:10:1b:57:79:69:48:e5:30:44:61:7e:ee:8e:14:
                    7e:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:06:D3:5A:81:56:95:87:9C:E5:68:4E:35:DE:5C:F0:A8:3E:0C:DA
            X509v3 Authority Key Identifier:
                keyid:CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:1c:9a:00:0f:04:c1:a0:26:25:48:ab:e4:87:b5:d2:e3:cd:
         90:15:3e:2f:53:ee:f1:27:5d:07:51:43:ff:cc:d3:2b:fa:06:
         90:53:71:8f:e6:40:92:28:c4:59:9c:ab:51:bc:b2:57:6e:0d:
         36:7a:b7:7e:0d:8f:16:95:d4:9a:8f:ab:35:a2:02:e3:1d:a8:
         a6:fc:3f:10:7e:74:66:b5:b8:24:47:3a:00:53:75:c8:68:ba:
         f0:2e:43:4b:20:b3:29:10:fa:3c:1c:8e:e8:1b:ee:d0:43:2f:
         20:90:03:db:fc:40:77:fe:44:8b:42:14:fb:62:03:e0:df:ac:
         9f:ed:0c:3e:9c:0e:ea:de:9e:6b:98:c5:14:3c:44:28:a2:75:
         13:fc:14:76:c4:f8:6a:a2:2b:4f:b6:00:25:f0:c1:66:08:ca:
         2f:34:69:f3:25:3d:01:5f:e3:14:36:da:23:4f:2f:df:8b:5c:
         ce:9b:e7:3d:00:4b:c5:01:74:79:31:cb:6c:cf:78:56:88:68:
         7b:16:02:a2:02:3d:a2:90:da:93:06:32:07:8d:66:c3:55:1b:
         e7:f7:26:a3:44:16:12:95:73:75:bd:25:92:f4:9f:fa:f6:71:
         8b:ec:af:a2:d0:e6:77:f1:b5:a7:75:ad:3f:f6:fb:bf:ae:b8:
         e9:19:4d:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh6v5n/NgGWM4c2wKNUcM0HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhM2VjZGEwMGZhYzBiZmI2M2IyODU0M2VhMmI1ZDVmMWU0
ZGY2Y2IwHhcNMjUwODA1MTUwMDMzWhcNMjUwODA2MTUwMDMzWjAzMTEwLwYDVQQD
EyhjMjA2ZDM1YTgxNTY5NTg3OWNlNTY4NGUzNWRlNWNmMGE4M2UwY2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6ucDcD+r+RVto2XgzqD/UHuIYPe
iwLeZvqu2/8jDYYkTI0q8cFDV0fe1T0txeYWBIUBuU5fWQsAkgd+DDVATA5nQa3f
fECPB29bPcbmwdAaQCdRnmANba2qHKm3jdPa2NAhldIxTz93Fj+cg/jP9/4p3tBG
Jy8UUD4t2H8hMz2B4SEv0x5pAEgMlYRok9Q9/PofnemQmGFszBrsM+GFM5PkkBe4
pf5GL2affn9HycabRHu1k3pZvnMocucHUYrc+rLLwH39WPyQa8htwdF4Qysq70mq
fVzKLeby3IeZW7ab3q7TuVji/CpjZ7sa/QsSEBtXeWlI5TBEYX7ujhR+swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMIG01qBVpWHnOVoTjXeXPCoPgzaMB8GA1UdIwQY
MBaAFMo+zaAPrAv7Y7KFQ+orXV8eTfbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgt
M2Y5OTYwODY1ZDBmLzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgtM2Y5OTYwODY1ZDBm
LzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGRyaAA8E
waAmJUir5Ie10uPNkBU+L1Pu8SddB1FD/8zTK/oGkFNxj+ZAkijEWZyrUbyyV24N
Nnq3fg2PFpXUmo+rNaIC4x2opvw/EH50ZrW4JEc6AFN1yGi68C5DSyCzKRD6PByO
6Bvu0EMvIJAD2/xAd/5Ei0IU+2ID4N+sn+0MPpwO6t6ea5jFFDxEKKJ1E/wUdsT4
aqIrT7YAJfDBZgjKLzRp8yU9AV/jFDbaI08v34tczpvnPQBLxQF0eTHLbM94Voho
exYCogI9opDakwYyB41mw1Ub5/cmo0QWEpVzdb0lkvSf+vZxi+yvotDmd/G1p3Wt
P/b7v6646RlNpw==
-----END CERTIFICATE-----