Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft
File:                     yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft (raw, json)
Hash identifier:          vx/vv42yezhDbKlFdUTuw2hB9LkpqDlOYw6c1QCqgjc=
Subject key identifier:   11:62:5C:A1:3E:B8:14:62:2C:2E:67:5F:77:A3:FC:92:1A:1D:F8:F7
Authority key identifier: C8:67:6F:FD:E3:17:F2:EC:1B:81:00:D2:D9:D4:4A:3E:7D:8F:78:D6
Certificate issuer:       /CN=c8676ffde317f2ec1b8100d2d9d44a3e7d8f78d6
Certificate serial:       01988A6A0C6B9E1B08FABD7939DC0EBC8BA5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yGdv_eMX8uwbgQDS2dRKPn2PeNY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft
Manifest number:          0CDB
Signing time:             Fri 08 Aug 2025 16:01:02 +0000
Manifest this update:     Fri 08 Aug 2025 16:01:02 +0000
Manifest next update:     Sat 09 Aug 2025 16:01:02 +0000
Files and hashes:         1: yGdv_eMX8uwbgQDS2dRKPn2PeNY.crl (hash: f4ZhIxUKh2GiI0kPAUdwU66NZVQsYyaXItNW5gKhLEk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yGdv_eMX8uwbgQDS2dRKPn2PeNY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 16:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8a:6a:0c:6b:9e:1b:08:fa:bd:79:39:dc:0e:bc:8b:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8676ffde317f2ec1b8100d2d9d44a3e7d8f78d6
        Validity
            Not Before: Aug  8 16:01:02 2025 GMT
            Not After : Aug  9 16:01:02 2025 GMT
        Subject: CN=11625ca13eb814622c2e675f77a3fc921a1df8f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:e6:79:59:5f:d1:e6:1b:c2:0c:e4:ef:8e:6a:
                    56:b8:0f:03:c4:f5:a2:0c:81:37:94:1c:8b:a5:f0:
                    1a:a5:02:ab:d5:1e:f3:7b:ce:58:d4:50:dc:b7:37:
                    40:11:9c:dc:19:8a:07:54:35:89:9e:92:05:e8:84:
                    4f:8d:8d:d3:98:27:d3:d8:67:7a:a9:69:ed:a8:69:
                    0e:d6:5e:36:78:4d:60:50:85:3e:19:0c:11:23:4c:
                    43:10:cb:48:5f:c6:ce:95:93:97:fd:e9:03:4b:ee:
                    29:a3:df:aa:5d:c2:41:fe:b4:a8:f1:75:07:4c:f7:
                    35:1b:83:2f:80:04:46:bb:0f:b4:e9:e9:84:fa:56:
                    47:2e:6a:c9:d8:a2:b1:c0:75:37:11:0f:fd:ac:13:
                    1d:e7:11:d4:1d:28:43:78:9c:af:a1:ad:69:05:3f:
                    91:85:f6:31:4a:8b:1e:ea:5d:d7:8d:b1:1f:95:8b:
                    f5:f3:e2:f9:b0:7a:af:8d:f9:b3:05:bc:0d:18:2e:
                    8d:7b:15:98:64:27:81:bc:82:9a:94:3b:d5:cc:6a:
                    cf:26:86:f4:19:3e:76:83:2e:51:18:cf:40:9f:1e:
                    36:a8:b9:d8:21:b8:fa:2f:e8:ea:58:1f:e4:0b:88:
                    b8:68:c7:42:af:63:2d:bf:48:fa:74:3f:a7:d9:0a:
                    8f:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:62:5C:A1:3E:B8:14:62:2C:2E:67:5F:77:A3:FC:92:1A:1D:F8:F7
            X509v3 Authority Key Identifier:
                keyid:C8:67:6F:FD:E3:17:F2:EC:1B:81:00:D2:D9:D4:4A:3E:7D:8F:78:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGdv_eMX8uwbgQDS2dRKPn2PeNY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:b7:7b:e9:eb:d6:4e:5c:83:93:39:83:b9:18:b5:5f:b6:6e:
         0a:68:c4:b3:77:60:73:d2:ae:2c:b6:b4:7a:da:4f:23:4c:c6:
         99:b8:87:2b:da:27:17:28:9b:26:42:9f:c0:42:21:3c:1e:2b:
         fe:c9:de:af:51:2a:37:9d:fb:27:ee:2f:bf:bb:8b:6a:20:d5:
         04:cb:b3:9d:a8:25:6c:a4:59:f0:bc:8b:b3:17:fb:b0:3b:4a:
         50:6a:d0:bf:34:30:e1:98:80:e3:64:38:f4:fd:7f:44:59:a6:
         43:5c:6c:f7:9d:03:1b:78:1d:68:8d:8c:ea:b3:02:47:ce:89:
         e3:2a:54:31:6b:08:4b:cc:77:a5:9c:e6:49:e2:29:2e:35:9c:
         a1:c6:a1:f2:77:e3:fa:51:32:37:0d:1a:55:a8:a0:58:6c:35:
         cc:72:02:53:5d:d5:94:19:10:46:a2:5d:53:55:88:a1:48:3a:
         18:52:82:14:25:64:6b:00:62:73:bb:ec:d7:ea:34:de:db:5d:
         69:53:b7:de:a6:e1:db:6c:15:07:15:fd:18:78:bc:55:be:21:
         55:27:65:4d:e6:6d:a6:e1:f7:28:50:7c:1c:35:dc:d9:67:3f:
         85:bf:31:28:46:c3:9d:43:7f:09:78:89:93:b6:42:33:fa:0c:
         d9:a0:75:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiKagxrnhsI+r15OdwOvIulMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4Njc2ZmZkZTMxN2YyZWMxYjgxMDBkMmQ5ZDQ0YTNlN2Q4
Zjc4ZDYwHhcNMjUwODA4MTYwMTAyWhcNMjUwODA5MTYwMTAyWjAzMTEwLwYDVQQD
EygxMTYyNWNhMTNlYjgxNDYyMmMyZTY3NWY3N2EzZmM5MjFhMWRmOGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeZ5WV/R5hvCDOTvjmpWuA8DxPWi
DIE3lByLpfAapQKr1R7ze85Y1FDctzdAEZzcGYoHVDWJnpIF6IRPjY3TmCfT2Gd6
qWntqGkO1l42eE1gUIU+GQwRI0xDEMtIX8bOlZOX/ekDS+4po9+qXcJB/rSo8XUH
TPc1G4MvgARGuw+06emE+lZHLmrJ2KKxwHU3EQ/9rBMd5xHUHShDeJyvoa1pBT+R
hfYxSose6l3XjbEflYv18+L5sHqvjfmzBbwNGC6NexWYZCeBvIKalDvVzGrPJob0
GT52gy5RGM9Anx42qLnYIbj6L+jqWB/kC4i4aMdCr2Mtv0j6dD+n2QqPwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBFiXKE+uBRiLC5nX3ej/JIaHfj3MB8GA1UdIwQY
MBaAFMhnb/3jF/LsG4EA0tnUSj59j3jWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdkdl9lTVg4dXdiZ1FEUzJkUktQbjJQZU5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS80OWIzMDctZmRjYS00YzU3LWFmZGYt
NzA5NzkzY2QwMTIzLzEveUdkdl9lTVg4dXdiZ1FEUzJkUktQbjJQZU5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS80OWIzMDctZmRjYS00YzU3LWFmZGYtNzA5NzkzY2QwMTIz
LzEveUdkdl9lTVg4dXdiZ1FEUzJkUktQbjJQZU5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASLd76evW
TlyDkzmDuRi1X7ZuCmjEs3dgc9KuLLa0etpPI0zGmbiHK9onFyibJkKfwEIhPB4r
/sner1EqN537J+4vv7uLaiDVBMuznaglbKRZ8LyLsxf7sDtKUGrQvzQw4ZiA42Q4
9P1/RFmmQ1xs950DG3gdaI2M6rMCR86J4ypUMWsIS8x3pZzmSeIpLjWcocah8nfj
+lEyNw0aVaigWGw1zHICU13VlBkQRqJdU1WIoUg6GFKCFCVkawBic7vs1+o03ttd
aVO33qbh22wVBxX9GHi8Vb4hVSdlTeZtpuH3KFB8HDXc2Wc/hb8xKEbDnUN/CXiJ
k7ZCM/oM2aB1uw==
-----END CERTIFICATE-----