Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
File:                     YNJSouMVOM2lhXutCYPIvfVYsXs.mft (raw, json)
Hash identifier:          zHolkb/OhifX4Tdl3kVl0BuxEQyzy3ToV9MMnK//XK0=
Subject key identifier:   DE:8E:88:6F:74:4A:18:ED:56:8E:BC:90:B8:B0:08:5A:76:1B:94:59
Authority key identifier: 60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B
Certificate issuer:       /CN=60d252a2e31538cda5857bad0983c8bdf558b17b
Certificate serial:       019875D0D9D1A0D7D40EB24E9FFC9B53534A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
Manifest number:          0959
Signing time:             Mon 04 Aug 2025 16:01:18 +0000
Manifest this update:     Mon 04 Aug 2025 16:01:18 +0000
Manifest next update:     Tue 05 Aug 2025 16:01:18 +0000
Files and hashes:         1: YNJSouMVOM2lhXutCYPIvfVYsXs.crl (hash: D4H5LKNr76+7PMVKnsbwC6XF8xq7kdXSEX+af6GazE8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:75:d0:d9:d1:a0:d7:d4:0e:b2:4e:9f:fc:9b:53:53:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60d252a2e31538cda5857bad0983c8bdf558b17b
        Validity
            Not Before: Aug  4 16:01:18 2025 GMT
            Not After : Aug  5 16:01:18 2025 GMT
        Subject: CN=de8e886f744a18ed568ebc90b8b0085a761b9459
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:0c:32:cb:76:f2:0f:aa:aa:a7:31:71:be:f5:
                    6b:a5:90:af:56:2a:29:26:56:c4:0d:59:0b:7c:54:
                    e0:ef:02:3d:3e:76:3f:f6:d2:59:00:b1:ba:f9:30:
                    9b:7b:69:9c:23:cd:47:9f:10:56:6e:fc:cf:3d:46:
                    bc:3f:00:38:66:3d:80:71:29:fc:58:1c:d7:65:66:
                    5d:73:ea:1d:63:d7:c5:92:90:08:52:7e:e1:76:ea:
                    20:77:b0:94:b4:61:ec:06:4e:87:e0:ff:57:1f:c5:
                    eb:55:e8:6d:77:c9:e3:a2:ec:b8:f8:79:59:5f:2e:
                    4d:c0:6e:0c:1f:41:19:a5:73:87:a3:67:ed:28:ca:
                    98:cb:43:25:55:57:96:c2:c3:3e:25:7f:17:a3:c8:
                    b7:23:83:a2:a0:3e:eb:3d:92:ee:71:6c:1d:bb:5f:
                    31:de:6a:1b:91:d2:fd:4a:60:26:a4:22:37:77:b4:
                    a7:6e:6a:af:6b:f4:92:9f:fd:91:da:d7:33:81:ab:
                    53:88:16:98:94:04:a7:bd:e7:bd:8f:d7:33:66:c0:
                    7a:eb:8b:a1:b3:88:e5:89:98:68:e4:ca:d6:39:f9:
                    9d:54:64:41:2c:41:7d:8c:2b:2b:95:3c:65:27:f4:
                    6f:e7:dc:01:bc:78:b6:07:e2:e3:02:8e:ef:85:f5:
                    ac:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:8E:88:6F:74:4A:18:ED:56:8E:BC:90:B8:B0:08:5A:76:1B:94:59
            X509v3 Authority Key Identifier:
                keyid:60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:0c:80:b5:20:d2:4e:9f:d1:fb:f0:3e:08:72:d2:e4:aa:a2:
         a8:cd:76:e3:db:0a:2b:0c:af:e6:62:ca:53:d6:eb:a0:fe:11:
         de:83:6f:95:57:ea:38:27:18:ee:49:8b:3f:02:02:21:5b:22:
         c6:dd:dd:3b:09:13:06:a8:7d:b1:39:60:0c:fb:7b:a2:f4:f2:
         53:82:01:85:57:b8:8e:39:86:ac:8c:da:6f:2a:60:42:e3:07:
         37:04:e4:bc:5d:29:1e:db:61:02:e4:2e:66:9b:24:47:d3:d5:
         0c:4a:94:32:2f:3d:c6:87:ee:c2:95:f2:03:e3:48:e2:46:3b:
         bc:e6:4f:2f:0d:4b:29:06:a0:71:0d:33:02:f3:40:3d:4d:4c:
         c7:12:d4:b9:8b:11:77:04:5b:8b:e8:ae:d1:3e:66:98:16:3c:
         23:21:da:d1:7b:c5:d6:52:9f:02:af:0e:8f:17:25:d2:a6:ed:
         fd:75:84:54:f3:a8:0a:de:de:95:11:40:a6:3d:a1:07:28:d3:
         bc:0f:34:21:34:bc:9e:65:77:70:bf:f9:d7:00:46:57:3b:cf:
         f7:9a:d0:16:3d:ea:75:cf:06:e7:c0:4b:55:cd:f8:24:6c:5e:
         e1:fa:bd:64:d2:43:72:78:3a:0c:95:0d:bc:df:f6:32:2c:f2:
         be:e3:08:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh10NnRoNfUDrJOn/ybU1NKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZDI1MmEyZTMxNTM4Y2RhNTg1N2JhZDA5ODNjOGJkZjU1
OGIxN2IwHhcNMjUwODA0MTYwMTE4WhcNMjUwODA1MTYwMTE4WjAzMTEwLwYDVQQD
EyhkZThlODg2Zjc0NGExOGVkNTY4ZWJjOTBiOGIwMDg1YTc2MWI5NDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgwyy3byD6qqpzFxvvVrpZCvViop
JlbEDVkLfFTg7wI9PnY/9tJZALG6+TCbe2mcI81HnxBWbvzPPUa8PwA4Zj2AcSn8
WBzXZWZdc+odY9fFkpAIUn7hduogd7CUtGHsBk6H4P9XH8XrVehtd8njouy4+HlZ
Xy5NwG4MH0EZpXOHo2ftKMqYy0MlVVeWwsM+JX8Xo8i3I4OioD7rPZLucWwdu18x
3mobkdL9SmAmpCI3d7Snbmqva/SSn/2R2tczgatTiBaYlASnvee9j9czZsB664uh
s4jliZho5MrWOfmdVGRBLEF9jCsrlTxlJ/Rv59wBvHi2B+LjAo7vhfWsywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN6OiG90ShjtVo68kLiwCFp2G5RZMB8GA1UdIwQY
MBaAFGDSUqLjFTjNpYV7rQmDyL31WLF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYt
NTY2ZjZjZjQzMWMwLzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYtNTY2ZjZjZjQzMWMw
LzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADAyAtSDS
Tp/R+/A+CHLS5KqiqM1249sKKwyv5mLKU9broP4R3oNvlVfqOCcY7kmLPwICIVsi
xt3dOwkTBqh9sTlgDPt7ovTyU4IBhVe4jjmGrIzabypgQuMHNwTkvF0pHtthAuQu
ZpskR9PVDEqUMi89xofuwpXyA+NI4kY7vOZPLw1LKQagcQ0zAvNAPU1MxxLUuYsR
dwRbi+iu0T5mmBY8IyHa0XvF1lKfAq8Ojxcl0qbt/XWEVPOoCt7elRFApj2hByjT
vA80ITS8nmV3cL/51wBGVzvP95rQFj3qdc8G58BLVc34JGxe4fq9ZNJDcng6DJUN
vN/2MizyvuMIEw==
-----END CERTIFICATE-----