Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
File:                     _ypds7oz42wW2_UmCy_idK5_siI.mft (raw, json)
Hash identifier:          2muwNnKGXmwm10pZYxNBoMdf5HzOpazDEZog+DE1YCM=
Subject key identifier:   01:1D:4F:A1:7A:E6:F4:B7:2C:E0:1A:2F:51:DD:D7:B2:65:79:16:6B
Authority key identifier: FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22
Certificate issuer:       /CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
Certificate serial:       0198752B4EB27BFF12CBA0250EDD82011C59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
Manifest number:          0CF7
Signing time:             Mon 04 Aug 2025 13:00:29 +0000
Manifest this update:     Mon 04 Aug 2025 13:00:29 +0000
Manifest next update:     Tue 05 Aug 2025 13:00:29 +0000
Files and hashes:         1: _ypds7oz42wW2_UmCy_idK5_siI.crl (hash: phQT5n5jVlQGkE9xTGyoZ071Qj9l5PzOPjiv3ntNU6g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:75:2b:4e:b2:7b:ff:12:cb:a0:25:0e:dd:82:01:1c:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
        Validity
            Not Before: Aug  4 13:00:29 2025 GMT
            Not After : Aug  5 13:00:29 2025 GMT
        Subject: CN=011d4fa17ae6f4b72ce01a2f51ddd7b26579166b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:53:35:df:d9:3a:e7:b1:63:b7:e4:f5:74:de:
                    81:c3:09:29:da:b5:76:07:4e:f9:17:c2:b9:de:44:
                    1b:32:11:58:9c:c1:3c:88:b4:c3:83:95:31:bc:e4:
                    26:61:01:4d:90:ba:0a:47:95:1d:16:7a:64:66:1c:
                    80:40:ce:b9:b6:6c:30:19:43:11:98:ef:db:25:43:
                    9a:d2:85:d2:48:f1:17:c9:8c:f2:50:b3:15:00:e8:
                    76:cc:f1:e6:19:51:24:07:8a:93:47:35:f9:fe:e3:
                    d9:ca:96:35:e7:7d:f8:e8:fc:6f:65:f2:c8:67:5a:
                    6f:c3:b3:a2:fd:8d:1e:71:f9:e8:5e:8e:82:40:e7:
                    d9:c7:5d:39:d1:07:02:dd:bc:6f:54:03:7d:54:07:
                    4f:30:6b:54:60:bd:ec:2e:3e:2d:f6:73:b8:0b:4e:
                    2b:79:80:03:92:3d:4c:bc:7d:1b:e0:f6:0d:6f:8a:
                    b2:55:d5:d5:aa:0e:cd:73:d5:a8:23:3c:1a:39:86:
                    fa:00:c2:5a:07:57:b9:a4:64:9c:7e:73:ac:c5:3a:
                    93:69:b3:89:2c:9e:56:c6:d9:57:78:59:9a:fd:38:
                    65:c4:dd:58:b3:7d:72:b1:d3:1c:88:45:61:31:ed:
                    00:db:9f:46:9c:3f:ef:94:05:fa:ad:29:b3:89:32:
                    e6:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:1D:4F:A1:7A:E6:F4:B7:2C:E0:1A:2F:51:DD:D7:B2:65:79:16:6B
            X509v3 Authority Key Identifier:
                keyid:FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:16:2e:12:eb:e3:e7:56:41:bd:55:2d:ed:4d:f7:81:4b:1d:
         fc:c3:9a:af:cc:45:ec:62:63:d6:44:5b:83:d2:25:63:98:95:
         a4:ac:49:39:46:38:0d:c2:97:5e:dc:9d:5d:a0:62:bc:68:5b:
         aa:aa:06:05:d7:f0:eb:30:f0:5e:01:43:e5:ba:e4:fb:1c:19:
         f1:fb:44:04:bb:33:66:68:5a:5f:95:07:d4:01:6f:2c:de:1c:
         c0:86:72:ac:f2:67:cc:91:5e:cd:01:c1:44:b3:4b:81:88:45:
         06:8d:00:bc:63:03:20:6b:bc:fb:04:20:d7:5f:b8:ea:00:bd:
         53:35:25:83:0d:9a:ea:bf:5d:46:3b:62:8b:60:6e:7d:0f:5f:
         e8:78:bc:96:2c:94:5a:32:a1:55:7b:84:e4:a4:06:af:19:94:
         0f:2b:1b:29:7e:6f:be:a9:7d:8f:33:17:3f:a9:30:dd:dd:7d:
         de:75:04:7c:be:d9:dc:ff:0f:80:36:73:cf:e5:30:f4:50:13:
         4b:8a:ca:1a:93:c0:2d:30:5a:26:06:9c:08:91:7a:5b:c9:9e:
         57:70:97:60:10:59:24:eb:86:c0:b2:ee:2a:bd:86:50:65:8c:
         72:dd:9f:f1:e6:4e:31:22:ac:cc:2c:f8:a4:90:6c:1e:2d:53:
         f2:31:94:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh1K06ye/8Sy6AlDt2CARxZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMmE1ZGIzYmEzM2UzNmMxNmRiZjUyNjBiMmZlMjc0YWU3
ZmIyMjIwHhcNMjUwODA0MTMwMDI5WhcNMjUwODA1MTMwMDI5WjAzMTEwLwYDVQQD
EygwMTFkNGZhMTdhZTZmNGI3MmNlMDFhMmY1MWRkZDdiMjY1NzkxNjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlM139k657Fjt+T1dN6Bwwkp2rV2
B075F8K53kQbMhFYnME8iLTDg5UxvOQmYQFNkLoKR5UdFnpkZhyAQM65tmwwGUMR
mO/bJUOa0oXSSPEXyYzyULMVAOh2zPHmGVEkB4qTRzX5/uPZypY153346PxvZfLI
Z1pvw7Oi/Y0ecfnoXo6CQOfZx1050QcC3bxvVAN9VAdPMGtUYL3sLj4t9nO4C04r
eYADkj1MvH0b4PYNb4qyVdXVqg7Nc9WoIzwaOYb6AMJaB1e5pGScfnOsxTqTabOJ
LJ5WxtlXeFma/ThlxN1Ys31ysdMciEVhMe0A259GnD/vlAX6rSmziTLm7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAEdT6F65vS3LOAaL1Hd17JleRZrMB8GA1UdIwQY
MBaAFP8qXbO6M+NsFtv1Jgsv4nSuf7IiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTIt
NTI2MGNkNWMyNGMzLzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTItNTI2MGNkNWMyNGMz
LzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXxYuEuvj
51ZBvVUt7U33gUsd/MOar8xF7GJj1kRbg9IlY5iVpKxJOUY4DcKXXtydXaBivGhb
qqoGBdfw6zDwXgFD5brk+xwZ8ftEBLszZmhaX5UH1AFvLN4cwIZyrPJnzJFezQHB
RLNLgYhFBo0AvGMDIGu8+wQg11+46gC9UzUlgw2a6r9dRjtii2BufQ9f6Hi8liyU
WjKhVXuE5KQGrxmUDysbKX5vvql9jzMXP6kw3d193nUEfL7Z3P8PgDZzz+Uw9FAT
S4rKGpPALTBaJgacCJF6W8meV3CXYBBZJOuGwLLuKr2GUGWMct2f8eZOMSKszCz4
pJBsHi1T8jGUwg==
-----END CERTIFICATE-----