Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
File:                     YDRE4ZlioZHv0vIWoSji9M_io94.mft (raw, json)
Hash identifier:          6FBTQLXrA1YT8OK9Ts/PLvaxEIyOQrXYH1e5Z+5192U=
Subject key identifier:   25:82:6A:EA:AA:02:51:DA:C3:D6:2C:56:41:F7:E4:3B:80:AB:4D:1D
Authority key identifier: 60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE
Certificate issuer:       /CN=603444e19962a191efd2f216a128e2f4cfe2a3de
Certificate serial:       019769613AE62A1A4F5E8E5701A45ED50623
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
Manifest number:          05A7
Signing time:             Fri 13 Jun 2025 13:01:08 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:08 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:08 +0000
Files and hashes:         1: YDRE4ZlioZHv0vIWoSji9M_io94.crl (hash: pjWpPhVrr5f0VsvKVwyS3meKLI69Dmeoj9eUROJ4X64=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:3a:e6:2a:1a:4f:5e:8e:57:01:a4:5e:d5:06:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=603444e19962a191efd2f216a128e2f4cfe2a3de
        Validity
            Not Before: Jun 13 13:01:08 2025 GMT
            Not After : Jun 14 13:01:08 2025 GMT
        Subject: CN=25826aeaaa0251dac3d62c5641f7e43b80ab4d1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:d1:53:f7:0e:38:b5:21:1a:cf:f4:d5:2c:88:
                    69:50:00:26:94:8f:26:06:4a:34:39:39:3c:08:2b:
                    0f:1f:ed:5f:d1:52:8f:40:fc:01:20:c3:0d:01:f2:
                    c5:81:7f:a4:a7:a0:00:00:74:4c:49:c9:0e:74:d1:
                    92:63:ba:73:21:99:27:00:df:90:14:05:b6:42:b2:
                    88:a6:fe:0c:6a:27:b1:f6:d3:e7:9a:94:40:22:69:
                    28:44:94:c2:e8:f7:cb:bc:b3:2a:5a:ed:2d:13:6f:
                    87:ab:df:00:8f:c4:57:b4:7b:32:89:fc:3e:02:82:
                    56:bc:b1:5a:e5:d5:ce:70:12:60:44:91:6d:2c:b0:
                    c6:d7:af:64:87:b5:78:9e:77:be:c6:da:3c:3e:94:
                    8e:72:7b:86:40:14:78:d3:f4:73:0a:8e:57:4e:3c:
                    b8:44:68:f7:6f:a8:2b:70:7d:b6:59:66:71:27:a2:
                    41:82:77:1a:7c:bd:f3:f7:37:47:d7:e5:93:de:e6:
                    fb:ad:3a:39:f1:46:97:a7:0f:51:7b:89:fd:0f:c8:
                    73:c6:32:1d:b1:07:0f:c4:e5:96:db:4b:d2:92:22:
                    6a:a2:a9:d2:f4:20:cb:31:0d:e0:5a:80:68:39:ea:
                    6f:a0:39:8e:09:90:56:62:05:0d:12:99:62:12:00:
                    32:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:82:6A:EA:AA:02:51:DA:C3:D6:2C:56:41:F7:E4:3B:80:AB:4D:1D
            X509v3 Authority Key Identifier:
                keyid:60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:e0:49:9b:b7:fd:3a:19:5b:1b:84:50:a1:b2:64:ec:fb:4f:
         27:7a:89:1c:58:8f:7a:7b:6d:cd:ed:ce:29:7f:af:53:f8:45:
         0a:ac:c3:25:69:4b:54:61:76:a5:55:c3:ba:0a:34:d7:48:91:
         bc:14:ec:7d:51:ab:36:3e:a0:49:6c:22:1e:32:ca:f1:65:5f:
         f8:5b:82:b8:d7:71:93:af:fd:74:9b:5a:aa:c8:78:95:6b:9a:
         c4:98:fc:8e:90:c9:50:e8:cf:7b:b0:de:dd:84:f3:4d:75:f9:
         a6:e3:75:da:36:f6:d5:2f:89:68:17:5d:43:ea:17:55:c2:9e:
         4e:97:52:03:25:e0:d5:f2:84:c4:46:58:e5:81:bf:82:09:cc:
         9c:11:91:19:b5:57:d4:02:2b:ad:d1:00:48:f0:45:97:bb:29:
         69:cf:17:05:3a:ad:ba:6a:94:93:0e:70:c2:4d:62:29:0a:a1:
         1c:dd:6e:15:57:f5:a4:f0:66:7f:be:9f:5b:ad:09:31:40:82:
         13:2c:5c:e3:2c:60:7d:9c:53:26:ab:42:16:e3:02:b7:8e:0c:
         dc:e0:65:98:f6:6a:cb:a0:0e:5f:f8:ed:13:84:c5:22:ea:21:
         de:9e:7c:48:6a:0e:fb:a2:e2:2e:71:fe:81:e4:cf:53:ba:97:
         c7:42:d0:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYTrmKhpPXo5XAaRe1QYjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzQ0NGUxOTk2MmExOTFlZmQyZjIxNmExMjhlMmY0Y2Zl
MmEzZGUwHhcNMjUwNjEzMTMwMTA4WhcNMjUwNjE0MTMwMTA4WjAzMTEwLwYDVQQD
EygyNTgyNmFlYWFhMDI1MWRhYzNkNjJjNTY0MWY3ZTQzYjgwYWI0ZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtFT9w44tSEaz/TVLIhpUAAmlI8m
Bko0OTk8CCsPH+1f0VKPQPwBIMMNAfLFgX+kp6AAAHRMSckOdNGSY7pzIZknAN+Q
FAW2QrKIpv4Maiex9tPnmpRAImkoRJTC6PfLvLMqWu0tE2+Hq98Aj8RXtHsyifw+
AoJWvLFa5dXOcBJgRJFtLLDG169kh7V4nne+xto8PpSOcnuGQBR40/RzCo5XTjy4
RGj3b6grcH22WWZxJ6JBgncafL3z9zdH1+WT3ub7rTo58UaXpw9Re4n9D8hzxjId
sQcPxOWW20vSkiJqoqnS9CDLMQ3gWoBoOepvoDmOCZBWYgUNEpliEgAygQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCWCauqqAlHaw9YsVkH35DuAq00dMB8GA1UdIwQY
MBaAFGA0ROGZYqGR79LyFqEo4vTP4qPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzct
ODQ0N2UyOWMxNTI0LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzctODQ0N2UyOWMxNTI0
LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVuBJm7f9
OhlbG4RQobJk7PtPJ3qJHFiPenttze3OKX+vU/hFCqzDJWlLVGF2pVXDugo010iR
vBTsfVGrNj6gSWwiHjLK8WVf+FuCuNdxk6/9dJtaqsh4lWuaxJj8jpDJUOjPe7De
3YTzTXX5puN12jb21S+JaBddQ+oXVcKeTpdSAyXg1fKExEZY5YG/ggnMnBGRGbVX
1AIrrdEASPBFl7spac8XBTqtumqUkw5wwk1iKQqhHN1uFVf1pPBmf76fW60JMUCC
Eyxc4yxgfZxTJqtCFuMCt44M3OBlmPZqy6AOX/jtE4TFIuoh3p58SGoO+6LiLnH+
geTPU7qXx0LQDA==
-----END CERTIFICATE-----