Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
File:                     YA09DkcUJu84PjkRODpJg78idkQ.mft (raw, json)
Hash identifier:          CEwzUw559OGB+0BtfpuYMb0LBWhpVsEj/Lf+gUz6i6I=
Subject key identifier:   4E:F2:4F:4F:11:E3:5B:2D:38:2D:33:B1:3C:42:F3:EC:BE:EA:D4:0A
Authority key identifier: 60:0D:3D:0E:47:14:26:EF:38:3E:39:11:38:3A:49:83:BF:22:76:44
Certificate issuer:       /CN=600d3d0e471426ef383e3911383a4983bf227644
Certificate serial:       01989DBA2901E493E21FDFB43DAC4E314289
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
Manifest number:          02FE
Signing time:             Tue 12 Aug 2025 10:01:19 +0000
Manifest this update:     Tue 12 Aug 2025 10:01:19 +0000
Manifest next update:     Wed 13 Aug 2025 10:01:19 +0000
Files and hashes:         1: YA09DkcUJu84PjkRODpJg78idkQ.crl (hash: bU2j62w8ff4gnblh2Tt37tW+E2umMqggeoKEPvU8sUE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 10:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9d:ba:29:01:e4:93:e2:1f:df:b4:3d:ac:4e:31:42:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=600d3d0e471426ef383e3911383a4983bf227644
        Validity
            Not Before: Aug 12 10:01:19 2025 GMT
            Not After : Aug 13 10:01:19 2025 GMT
        Subject: CN=4ef24f4f11e35b2d382d33b13c42f3ecbeead40a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:38:3d:e0:86:f3:7a:e8:62:71:c6:12:aa:1e:
                    71:a8:99:6c:f8:8e:cf:20:d2:23:a8:1b:a8:14:18:
                    38:22:95:bc:82:c0:f0:c7:ce:82:b2:66:66:2a:6c:
                    e8:97:3f:b4:2a:82:3d:f9:45:54:1d:9a:13:bc:30:
                    16:cd:1d:6f:9c:74:1b:07:61:f9:15:ce:8a:f4:2b:
                    44:e2:0a:62:67:76:35:40:ae:29:5d:53:31:11:b0:
                    94:ee:b3:19:33:a3:47:e9:38:d6:38:98:86:46:e8:
                    92:5f:57:f7:85:45:43:db:ff:6f:30:a5:4a:7c:9e:
                    21:b8:7b:3f:44:e9:f8:76:90:0f:84:e4:1e:9b:8d:
                    a5:06:0e:e1:bb:8f:ca:3d:09:cf:8d:69:7d:02:23:
                    bd:cb:85:af:b8:2a:8a:31:d9:20:15:ed:32:b1:f7:
                    0a:b0:df:ce:4f:d7:d6:e7:79:cd:79:c1:eb:96:06:
                    cf:19:d1:1e:33:c3:4c:3b:c3:f0:34:73:af:d1:83:
                    05:b1:37:10:14:d1:ad:dc:91:a1:b0:ad:e6:21:e4:
                    3b:c5:23:5a:37:2a:7c:03:d0:c6:35:a0:24:44:cf:
                    68:fa:f0:9c:74:37:fa:58:73:2b:83:27:46:4e:46:
                    bf:ca:51:5e:d9:af:ba:fe:28:bb:c5:46:d5:04:b3:
                    dd:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:F2:4F:4F:11:E3:5B:2D:38:2D:33:B1:3C:42:F3:EC:BE:EA:D4:0A
            X509v3 Authority Key Identifier:
                keyid:60:0D:3D:0E:47:14:26:EF:38:3E:39:11:38:3A:49:83:BF:22:76:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:54:bc:e7:0d:76:7f:b1:5b:67:a3:c6:64:52:15:75:0d:fc:
         6d:46:cf:2c:98:8a:94:bc:fd:76:bb:26:a2:e8:c3:78:c1:6b:
         2c:24:1e:b3:2c:52:c8:13:d2:34:97:a8:1b:af:89:ff:ad:2f:
         42:18:a8:2a:32:aa:49:cb:8f:aa:a5:e8:1d:86:1d:a1:f5:7a:
         77:7e:53:28:65:85:f1:0c:a4:4e:3f:c1:e1:d4:16:c8:f8:e3:
         25:41:39:45:10:19:7d:21:4f:99:a9:16:59:f0:5c:1c:b3:20:
         8b:57:9d:26:34:36:22:0f:bb:c1:ba:e1:18:90:41:ab:b7:cb:
         f4:db:34:62:d5:d7:b2:c4:27:78:92:e1:c3:30:0d:42:ea:fc:
         57:00:cc:77:bd:1e:52:93:70:95:26:ff:54:dd:ff:29:e6:15:
         16:8d:fc:67:9b:66:d4:a4:4e:f9:20:dd:1d:d3:c6:c1:fa:d8:
         18:4b:88:ad:ff:5a:6b:16:23:85:25:df:df:a3:c3:6e:8d:f6:
         94:10:06:8d:3f:47:a4:5d:7c:f5:72:ad:ff:57:53:c1:aa:35:
         0e:9e:be:ee:9b:96:d2:ac:94:dd:77:7a:6e:cc:0b:3e:7a:ec:
         9a:c1:25:7b:64:18:d2:8c:fd:c6:78:98:d3:ad:a7:9e:e1:7c:
         e4:95:11:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiduikB5JPiH9+0PaxOMUKJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMGQzZDBlNDcxNDI2ZWYzODNlMzkxMTM4M2E0OTgzYmYy
Mjc2NDQwHhcNMjUwODEyMTAwMTE5WhcNMjUwODEzMTAwMTE5WjAzMTEwLwYDVQQD
Eyg0ZWYyNGY0ZjExZTM1YjJkMzgyZDMzYjEzYzQyZjNlY2JlZWFkNDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjg94IbzeuhiccYSqh5xqJls+I7P
INIjqBuoFBg4IpW8gsDwx86CsmZmKmzolz+0KoI9+UVUHZoTvDAWzR1vnHQbB2H5
Fc6K9CtE4gpiZ3Y1QK4pXVMxEbCU7rMZM6NH6TjWOJiGRuiSX1f3hUVD2/9vMKVK
fJ4huHs/ROn4dpAPhOQem42lBg7hu4/KPQnPjWl9AiO9y4WvuCqKMdkgFe0ysfcK
sN/OT9fW53nNecHrlgbPGdEeM8NMO8PwNHOv0YMFsTcQFNGt3JGhsK3mIeQ7xSNa
Nyp8A9DGNaAkRM9o+vCcdDf6WHMrgydGTka/ylFe2a+6/ii7xUbVBLPdiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE7yT08R41stOC0zsTxC8+y+6tQKMB8GA1UdIwQY
MBaAFGANPQ5HFCbvOD45ETg6SYO/InZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8xYWY1MWItN2IxNy00OTgwLTk4Yzct
M2MyZmE4YWFmMDMxLzEvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8xYWY1MWItN2IxNy00OTgwLTk4YzctM2MyZmE4YWFmMDMx
LzEvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc1S85w12
f7FbZ6PGZFIVdQ38bUbPLJiKlLz9drsmoujDeMFrLCQesyxSyBPSNJeoG6+J/60v
QhioKjKqScuPqqXoHYYdofV6d35TKGWF8QykTj/B4dQWyPjjJUE5RRAZfSFPmakW
WfBcHLMgi1edJjQ2Ig+7wbrhGJBBq7fL9Ns0YtXXssQneJLhwzANQur8VwDMd70e
UpNwlSb/VN3/KeYVFo38Z5tm1KRO+SDdHdPGwfrYGEuIrf9aaxYjhSXf36PDbo32
lBAGjT9HpF189XKt/1dTwao1Dp6+7puW0qyU3Xd6bswLPnrsmsEle2QY0oz9xniY
062nnuF85JURaQ==
-----END CERTIFICATE-----