Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
File:                     ydD7lgitlbS_5q4unxPgAv2raA0.mft (raw, json)
Hash identifier:          7xNhDMhXbkTSKXk/UWtrvGF4jiMd7lYnCym9PLKXo7Y=
Subject key identifier:   98:91:CC:2C:08:5D:EE:F1:AE:58:D7:66:E9:63:F7:50:CF:9E:CA:C2
Authority key identifier: C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D
Certificate issuer:       /CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
Certificate serial:       01987F0A609461BF133B8FC226B94269229C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
Manifest number:          04B6
Signing time:             Wed 06 Aug 2025 11:00:42 +0000
Manifest this update:     Wed 06 Aug 2025 11:00:42 +0000
Manifest next update:     Thu 07 Aug 2025 11:00:42 +0000
Files and hashes:         1: ydD7lgitlbS_5q4unxPgAv2raA0.crl (hash: bQ2yTr/piCUscLDaPZLuskW/qCqE76i8kthTw8WNqx4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 08:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7f:0a:60:94:61:bf:13:3b:8f:c2:26:b9:42:69:22:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
        Validity
            Not Before: Aug  6 11:00:42 2025 GMT
            Not After : Aug  7 11:00:42 2025 GMT
        Subject: CN=9891cc2c085deef1ae58d766e963f750cf9ecac2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:dc:e5:87:00:f0:2c:6d:5a:f5:32:0d:91:2e:
                    e2:ed:c5:b5:23:7e:55:73:1a:7a:f7:1f:53:b3:8b:
                    e2:e2:18:72:48:b1:68:d6:18:ec:48:4d:9e:43:4b:
                    08:e7:44:c9:5f:fd:d5:a7:03:a4:11:3c:a3:3a:10:
                    8c:33:fb:15:b7:cb:ce:3b:14:bf:87:04:68:b7:76:
                    4e:0b:4c:12:cd:b2:e9:83:ac:2f:5f:b4:30:db:e0:
                    ca:7f:da:e7:12:e9:fa:8b:44:55:72:95:82:2c:d4:
                    2b:75:c7:3a:44:2a:42:42:f6:72:a4:75:ac:ff:ec:
                    66:8b:4c:dd:0f:cf:91:35:15:aa:b3:48:4c:00:54:
                    02:d8:92:11:b4:8d:63:78:43:25:d7:18:58:1a:3c:
                    60:e8:89:1e:e0:d5:e1:9d:7c:e0:3a:d4:5b:58:ee:
                    49:99:1c:fa:67:c3:d9:33:f9:3c:ea:af:8b:ca:a2:
                    2a:e5:b1:ec:6b:6a:11:0b:9f:7c:ea:0f:c2:a8:19:
                    7d:2e:c8:10:5c:ae:23:6d:eb:be:0b:e7:e9:93:69:
                    9c:12:dd:f7:df:66:37:11:62:6e:40:33:16:9e:5c:
                    94:a7:fe:99:f3:5d:f1:28:aa:c6:e2:f6:94:ae:97:
                    45:e5:2f:03:81:db:11:7a:e5:ce:37:45:3c:3d:97:
                    bc:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:91:CC:2C:08:5D:EE:F1:AE:58:D7:66:E9:63:F7:50:CF:9E:CA:C2
            X509v3 Authority Key Identifier:
                keyid:C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:0b:f9:14:a2:b5:7f:ef:c6:22:31:93:35:da:07:58:1d:fd:
         2d:36:92:75:45:95:de:f9:e8:49:cb:78:f0:c3:0c:60:8d:1e:
         3c:b1:c2:10:d7:03:a9:09:09:51:81:a1:a6:00:64:70:2a:b5:
         df:f6:91:39:35:b3:88:c8:2a:88:39:05:5b:6e:8a:29:a0:d1:
         95:08:02:f4:a2:1c:ce:7a:d6:53:a3:d0:63:94:bd:97:d3:e1:
         64:18:b1:ad:c3:8b:17:72:53:32:c1:3c:0d:c6:c0:88:6b:07:
         51:20:cc:0b:b4:a9:a4:f7:f9:45:d2:f7:87:36:dc:cc:58:57:
         e2:8b:1e:b5:48:fa:7d:fc:87:f3:44:7a:77:d2:ca:6d:b7:17:
         c1:27:fa:31:af:0b:a9:6e:a3:4a:03:c1:a4:ad:3a:0c:32:94:
         d1:8f:80:65:e9:06:fc:24:e6:7f:4c:a1:6b:c4:87:d7:16:84:
         1a:c7:77:28:ca:d5:5a:d2:e0:5b:9f:f5:a0:57:c6:0d:f6:7b:
         88:97:05:88:53:11:ef:de:56:5e:a6:06:85:95:68:e5:00:28:
         44:a3:d9:af:da:72:c7:3e:ca:3a:d6:90:b0:1a:26:da:f0:4b:
         e5:7b:fc:c3:05:a5:97:6b:31:45:ba:08:7e:5f:cc:b1:a9:a6:
         50:bb:ac:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh/CmCUYb8TO4/CJrlCaSKcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDBmYjk2MDhhZDk1YjRiZmU2YWUyZTlmMTNlMDAyZmRh
YjY4MGQwHhcNMjUwODA2MTEwMDQyWhcNMjUwODA3MTEwMDQyWjAzMTEwLwYDVQQD
Eyg5ODkxY2MyYzA4NWRlZWYxYWU1OGQ3NjZlOTYzZjc1MGNmOWVjYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstzlhwDwLG1a9TINkS7i7cW1I35V
cxp69x9Ts4vi4hhySLFo1hjsSE2eQ0sI50TJX/3VpwOkETyjOhCMM/sVt8vOOxS/
hwRot3ZOC0wSzbLpg6wvX7Qw2+DKf9rnEun6i0RVcpWCLNQrdcc6RCpCQvZypHWs
/+xmi0zdD8+RNRWqs0hMAFQC2JIRtI1jeEMl1xhYGjxg6Ike4NXhnXzgOtRbWO5J
mRz6Z8PZM/k86q+LyqIq5bHsa2oRC5986g/CqBl9LsgQXK4jbeu+C+fpk2mcEt33
32Y3EWJuQDMWnlyUp/6Z813xKKrG4vaUrpdF5S8DgdsReuXON0U8PZe8pQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJiRzCwIXe7xrljXZulj91DPnsrCMB8GA1UdIwQY
MBaAFMnQ+5YIrZW0v+auLp8T4AL9q2gNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjkt
MDUzNDk1ODc1OWFjLzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjktMDUzNDk1ODc1OWFj
LzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAgv5FKK1
f+/GIjGTNdoHWB39LTaSdUWV3vnoSct48MMMYI0ePLHCENcDqQkJUYGhpgBkcCq1
3/aROTWziMgqiDkFW26KKaDRlQgC9KIcznrWU6PQY5S9l9PhZBixrcOLF3JTMsE8
DcbAiGsHUSDMC7SppPf5RdL3hzbczFhX4osetUj6ffyH80R6d9LKbbcXwSf6Ma8L
qW6jSgPBpK06DDKU0Y+AZekG/CTmf0yha8SH1xaEGsd3KMrVWtLgW5/1oFfGDfZ7
iJcFiFMR795WXqYGhZVo5QAoRKPZr9pyxz7KOtaQsBom2vBL5Xv8wwWll2sxRboI
fl/MsammULus3A==
-----END CERTIFICATE-----