Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
File:                     YQy4N7bSF3jkw9u5aWefDxxQtIo.mft (raw, json)
Hash identifier:          pzIrd0MGPycLzJ8rCqfe6qAqyK5oeS1X3aF7Uqe3DdU=
Subject key identifier:   2E:D7:D0:7F:34:CB:04:26:CD:63:D8:C9:DB:5D:65:2E:5B:F3:C2:1E
Authority key identifier: 61:0C:B8:37:B6:D2:17:78:E4:C3:DB:B9:69:67:9F:0F:1C:50:B4:8A
Certificate issuer:       /CN=610cb837b6d21778e4c3dbb969679f0f1c50b48a
Certificate serial:       0197696089C07D2F9B27171054562F0B3A9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
Manifest number:          0DA5
Signing time:             Fri 13 Jun 2025 13:00:23 +0000
Manifest this update:     Fri 13 Jun 2025 13:00:23 +0000
Manifest next update:     Sat 14 Jun 2025 13:00:23 +0000
Files and hashes:         1: YQy4N7bSF3jkw9u5aWefDxxQtIo.crl (hash: qxq8Eb8B8oQFQ+HpscjPfS6UVM9UarCHMleh8F5hdag=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:60:89:c0:7d:2f:9b:27:17:10:54:56:2f:0b:3a:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=610cb837b6d21778e4c3dbb969679f0f1c50b48a
        Validity
            Not Before: Jun 13 13:00:23 2025 GMT
            Not After : Jun 14 13:00:23 2025 GMT
        Subject: CN=2ed7d07f34cb0426cd63d8c9db5d652e5bf3c21e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:ae:84:fa:9d:c2:c4:c2:c5:46:81:5e:60:f9:
                    43:16:9d:22:cb:42:08:a4:2c:2a:18:c1:04:68:1d:
                    4c:8b:71:e8:2a:fa:18:40:8e:04:bf:3f:1d:b3:05:
                    39:59:5c:27:37:19:6a:4b:ab:ad:37:ab:4e:59:c4:
                    b4:63:2a:c0:36:9e:97:bc:dd:cb:4e:f4:a8:36:47:
                    7c:ce:42:2d:f1:db:5e:d3:e1:44:db:23:3c:ba:dd:
                    cd:23:20:f1:01:ab:74:97:c5:49:16:bb:0e:69:3e:
                    1f:a1:26:b9:dd:82:fd:e8:03:51:a5:be:95:1f:2c:
                    2a:16:b7:ff:26:07:00:d6:df:c6:09:cc:34:1c:ee:
                    a4:f6:0b:00:35:66:0c:3d:60:23:25:fb:99:b8:37:
                    c5:33:63:b8:f4:98:23:48:3e:15:29:67:56:e2:96:
                    fb:4f:05:aa:e4:30:fe:09:ac:73:c0:d9:1a:54:15:
                    83:50:2b:fa:86:6d:15:6a:21:ed:b7:6f:fa:72:a4:
                    3f:09:c3:43:a9:97:af:a5:4c:8c:cd:1e:46:39:4a:
                    6b:fa:09:28:dc:e1:3a:3f:f8:ce:9e:4c:b9:20:2e:
                    dc:3d:52:9c:74:61:b2:3d:e4:88:37:5a:ff:70:f9:
                    67:4f:65:2b:ce:cc:e1:3e:42:d9:18:07:28:16:fc:
                    2f:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:D7:D0:7F:34:CB:04:26:CD:63:D8:C9:DB:5D:65:2E:5B:F3:C2:1E
            X509v3 Authority Key Identifier:
                keyid:61:0C:B8:37:B6:D2:17:78:E4:C3:DB:B9:69:67:9F:0F:1C:50:B4:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:eb:97:8f:e0:cf:e9:b9:58:29:af:fa:f8:fe:17:01:1e:6c:
         7a:76:22:69:57:8f:69:7a:f6:89:78:56:a3:c3:da:32:b4:4b:
         03:69:6b:f4:80:ae:77:1e:f9:25:bd:13:9b:17:b0:78:ef:71:
         8c:4c:04:81:10:ba:f1:20:99:d9:c1:95:b8:22:9f:e1:8b:e2:
         ca:85:1e:21:90:1c:37:90:b8:f3:cf:48:ca:b8:6d:21:de:ca:
         c4:a7:95:44:3b:f1:7c:11:43:bc:f9:c5:50:b8:d2:51:32:a6:
         db:2e:89:4f:49:b8:f7:f3:a3:69:52:2c:54:70:18:1b:7a:c1:
         e8:cb:1a:f8:3e:f4:a1:2c:10:33:c8:45:2b:c7:b7:20:9a:63:
         f5:47:73:08:aa:91:b2:48:02:81:36:9e:a7:7c:36:b5:6e:9c:
         96:24:ad:2c:fd:a5:61:99:6b:e2:ac:d5:2d:43:fe:b4:2e:f5:
         bf:56:4a:75:10:d8:97:5e:cd:ce:07:5d:e7:41:3f:73:c0:37:
         95:61:4e:c6:2c:fe:74:1d:aa:1d:dc:fc:33:ec:e4:16:29:32:
         73:56:74:19:eb:04:a2:5e:25:2f:77:1a:ab:dc:ec:9e:12:89:
         24:32:6e:cd:76:b7:62:40:d9:31:bd:c0:b8:a5:8b:6d:f8:12:
         ce:fc:c5:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYInAfS+bJxcQVFYvCzqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMGNiODM3YjZkMjE3NzhlNGMzZGJiOTY5Njc5ZjBmMWM1
MGI0OGEwHhcNMjUwNjEzMTMwMDIzWhcNMjUwNjE0MTMwMDIzWjAzMTEwLwYDVQQD
EygyZWQ3ZDA3ZjM0Y2IwNDI2Y2Q2M2Q4YzlkYjVkNjUyZTViZjNjMjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8K6E+p3CxMLFRoFeYPlDFp0iy0II
pCwqGMEEaB1Mi3HoKvoYQI4Evz8dswU5WVwnNxlqS6utN6tOWcS0YyrANp6XvN3L
TvSoNkd8zkIt8dte0+FE2yM8ut3NIyDxAat0l8VJFrsOaT4foSa53YL96ANRpb6V
HywqFrf/JgcA1t/GCcw0HO6k9gsANWYMPWAjJfuZuDfFM2O49JgjSD4VKWdW4pb7
TwWq5DD+CaxzwNkaVBWDUCv6hm0VaiHtt2/6cqQ/CcNDqZevpUyMzR5GOUpr+gko
3OE6P/jOnky5IC7cPVKcdGGyPeSIN1r/cPlnT2UrzszhPkLZGAcoFvwvwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC7X0H80ywQmzWPYydtdZS5b88IeMB8GA1UdIwQY
MBaAFGEMuDe20hd45MPbuWlnnw8cULSKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy85OGU4MjUtYjU4Yy00NTZlLWFmMjgt
N2IzNWEwNmFiNTRiLzEvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy85OGU4MjUtYjU4Yy00NTZlLWFmMjgtN2IzNWEwNmFiNTRi
LzEvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA+uXj+DP
6blYKa/6+P4XAR5senYiaVePaXr2iXhWo8PaMrRLA2lr9ICudx75Jb0TmxeweO9x
jEwEgRC68SCZ2cGVuCKf4YviyoUeIZAcN5C4889IyrhtId7KxKeVRDvxfBFDvPnF
ULjSUTKm2y6JT0m49/OjaVIsVHAYG3rB6Msa+D70oSwQM8hFK8e3IJpj9UdzCKqR
skgCgTaep3w2tW6cliStLP2lYZlr4qzVLUP+tC71v1ZKdRDYl17Nzgdd50E/c8A3
lWFOxiz+dB2qHdz8M+zkFikyc1Z0GesEol4lL3caq9zsnhKJJDJuzXa3YkDZMb3A
uKWLbfgSzvzF7w==
-----END CERTIFICATE-----