Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
File:                     YNJSouMVOM2lhXutCYPIvfVYsXs.mft (raw, json)
Hash identifier:          4qg1qhibqgc/NUFQXE62BBXnKQwtD48kk0CRVeA90ko=
Subject key identifier:   29:AB:3A:13:55:D5:65:70:0F:D0:87:7E:B8:8C:DC:8D:2A:E6:C8:B0
Authority key identifier: 60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B
Certificate issuer:       /CN=60d252a2e31538cda5857bad0983c8bdf558b17b
Certificate serial:       01976F2C7CF36CAB63EDB32A185E097CD6E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
Manifest number:          08D1
Signing time:             Sat 14 Jun 2025 16:01:15 +0000
Manifest this update:     Sat 14 Jun 2025 16:01:15 +0000
Manifest next update:     Sun 15 Jun 2025 16:01:15 +0000
Files and hashes:         1: YNJSouMVOM2lhXutCYPIvfVYsXs.crl (hash: h9pZAsXUuBr7U9Dt4V+NY6SNyE5qI2XZV6Yx6KHJa5Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2c:7c:f3:6c:ab:63:ed:b3:2a:18:5e:09:7c:d6:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60d252a2e31538cda5857bad0983c8bdf558b17b
        Validity
            Not Before: Jun 14 16:01:15 2025 GMT
            Not After : Jun 15 16:01:15 2025 GMT
        Subject: CN=29ab3a1355d565700fd0877eb88cdc8d2ae6c8b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:3f:d6:d6:05:db:fe:8c:3c:79:cc:3d:62:8d:
                    50:a2:17:41:ef:c7:6b:d2:f6:b0:5e:e7:15:cb:e6:
                    e6:63:f1:27:c4:1a:aa:76:33:c0:5d:d9:e1:c1:fd:
                    1e:66:d8:b9:d2:20:c5:54:bb:b0:9e:9b:07:5d:cf:
                    6b:87:8d:6f:88:8d:58:98:e4:72:ad:57:b5:b2:81:
                    03:07:28:e7:21:ec:ad:2e:5f:3b:c4:55:32:8f:86:
                    ce:83:a8:89:53:b5:b0:dc:19:cc:0f:01:5a:fb:63:
                    9f:c2:5e:dc:de:2e:69:d6:e2:cd:5f:b8:ae:b9:ce:
                    28:3a:85:9f:ae:87:d6:b1:e8:48:1e:13:6f:a1:38:
                    cd:da:0a:38:d0:46:8c:61:7f:22:2f:81:5d:77:2e:
                    dc:12:e0:e4:46:84:04:2f:a3:e6:c4:7e:9b:07:73:
                    27:c0:2c:f1:bb:19:6e:6e:53:24:3f:1f:85:54:37:
                    c6:d3:aa:16:bc:9c:31:49:78:02:e7:5b:ea:94:83:
                    9f:ad:16:95:88:69:88:d0:17:1d:7c:7e:8d:d6:d9:
                    08:36:62:9c:de:25:da:17:1e:25:7f:c8:3d:a8:73:
                    58:f7:4f:c3:e8:cb:f6:db:b4:a4:61:0d:8b:80:9b:
                    9a:38:ec:1e:d3:e0:f0:84:74:79:22:f5:9e:99:c9:
                    5d:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:AB:3A:13:55:D5:65:70:0F:D0:87:7E:B8:8C:DC:8D:2A:E6:C8:B0
            X509v3 Authority Key Identifier:
                keyid:60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:77:b8:88:bf:71:b0:c0:aa:29:db:c7:bf:e2:3d:88:70:92:
         f8:af:42:5e:23:e9:3e:e8:37:e5:47:78:ee:c6:03:12:6b:4f:
         f6:da:95:31:06:61:cf:3d:26:3d:be:cf:91:9d:f8:d0:32:90:
         ef:bb:c0:3f:32:11:82:3b:d7:73:a5:6a:96:a5:c9:67:d3:71:
         50:c7:5e:de:d2:0e:27:70:29:48:81:77:c5:ec:79:e0:2e:57:
         7e:8f:4b:05:d9:06:29:cc:ad:18:69:e9:7a:b9:0d:44:b0:f2:
         10:aa:fb:1b:7c:9f:94:59:81:2c:85:a9:c7:c1:3f:9d:55:71:
         3e:2c:2e:5c:7d:79:dd:cb:d6:ed:15:b7:52:f1:72:46:28:bb:
         6b:dc:c2:d3:56:e1:da:c3:c4:98:45:9a:7a:14:14:1a:e8:7b:
         e8:41:dc:6c:5b:52:a5:de:11:26:92:41:57:25:86:c5:be:4e:
         37:35:cf:bb:ca:f7:ed:db:55:a2:a2:a8:b7:02:04:38:29:99:
         37:1b:2f:d7:a8:1d:d5:51:6a:65:64:20:19:7e:05:03:be:23:
         ae:df:f6:04:24:e9:15:73:de:4b:5e:37:ee:43:98:aa:bf:85:
         6c:83:9a:c4:4c:e1:9b:61:b0:9c:1e:42:57:52:98:ad:8e:6c:
         59:cc:a4:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvLHzzbKtj7bMqGF4JfNboMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZDI1MmEyZTMxNTM4Y2RhNTg1N2JhZDA5ODNjOGJkZjU1
OGIxN2IwHhcNMjUwNjE0MTYwMTE1WhcNMjUwNjE1MTYwMTE1WjAzMTEwLwYDVQQD
EygyOWFiM2ExMzU1ZDU2NTcwMGZkMDg3N2ViODhjZGM4ZDJhZTZjOGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoT/W1gXb/ow8ecw9Yo1QohdB78dr
0vawXucVy+bmY/EnxBqqdjPAXdnhwf0eZti50iDFVLuwnpsHXc9rh41viI1YmORy
rVe1soEDByjnIeytLl87xFUyj4bOg6iJU7Ww3BnMDwFa+2Ofwl7c3i5p1uLNX7iu
uc4oOoWfrofWsehIHhNvoTjN2go40EaMYX8iL4Fddy7cEuDkRoQEL6PmxH6bB3Mn
wCzxuxlublMkPx+FVDfG06oWvJwxSXgC51vqlIOfrRaViGmI0BcdfH6N1tkINmKc
3iXaFx4lf8g9qHNY90/D6Mv227SkYQ2LgJuaOOwe0+DwhHR5IvWemcldowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCmrOhNV1WVwD9CHfriM3I0q5siwMB8GA1UdIwQY
MBaAFGDSUqLjFTjNpYV7rQmDyL31WLF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYt
NTY2ZjZjZjQzMWMwLzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYtNTY2ZjZjZjQzMWMw
LzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq3e4iL9x
sMCqKdvHv+I9iHCS+K9CXiPpPug35Ud47sYDEmtP9tqVMQZhzz0mPb7PkZ340DKQ
77vAPzIRgjvXc6VqlqXJZ9NxUMde3tIOJ3ApSIF3xex54C5Xfo9LBdkGKcytGGnp
erkNRLDyEKr7G3yflFmBLIWpx8E/nVVxPiwuXH153cvW7RW3UvFyRii7a9zC01bh
2sPEmEWaehQUGuh76EHcbFtSpd4RJpJBVyWGxb5ONzXPu8r37dtVoqKotwIEOCmZ
Nxsv16gd1VFqZWQgGX4FA74jrt/2BCTpFXPeS1437kOYqr+FbIOaxEzhm2GwnB5C
V1KYrY5sWcykJw==
-----END CERTIFICATE-----