Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
File:                     Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft (raw, json)
Hash identifier:          ZCS9SxHn2fOLLWb6669nRF5g3r9gujjOjGp7uor9EOQ=
Subject key identifier:   8C:24:06:D9:FC:95:1B:8F:DE:89:BA:B7:56:BC:2A:75:10:DD:3F:C9
Authority key identifier: 63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0
Certificate issuer:       /CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
Certificate serial:       0198443F0BCD734BDFD46A5C47E355623B4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
Manifest number:          0789
Signing time:             Sat 26 Jul 2025 01:00:39 +0000
Manifest this update:     Sat 26 Jul 2025 01:00:39 +0000
Manifest next update:     Sun 27 Jul 2025 01:00:39 +0000
Files and hashes:         1: Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl (hash: SDIBSzBq2c1QVgENMZ4OPa+6CTmSRdiRo7RhWXX6v9k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 01:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:44:3f:0b:cd:73:4b:df:d4:6a:5c:47:e3:55:62:3b:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
        Validity
            Not Before: Jul 26 01:00:39 2025 GMT
            Not After : Jul 27 01:00:39 2025 GMT
        Subject: CN=8c2406d9fc951b8fde89bab756bc2a7510dd3fc9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:1f:60:61:13:9b:f8:32:b6:94:8c:6d:36:74:
                    57:51:53:df:70:c2:aa:04:e4:9a:49:31:07:4b:6b:
                    83:16:46:72:c3:06:fa:42:e4:e5:b5:92:f1:d7:b7:
                    0b:23:ca:f9:12:32:6d:5b:8b:66:9d:63:ea:fe:ac:
                    e6:28:30:dd:99:a7:71:e6:72:4c:9d:10:d0:d6:64:
                    79:53:d8:9e:09:84:d7:0c:94:89:3e:1b:0b:32:f7:
                    a2:0a:81:1b:fa:72:5a:bc:86:43:a9:1f:af:cd:62:
                    6f:50:bd:36:fd:7e:09:b2:38:bd:5e:67:b3:06:9c:
                    d0:07:b2:09:78:57:81:be:56:df:14:3c:36:f4:13:
                    66:cc:ff:39:66:07:ac:09:9f:33:b2:69:2e:41:a8:
                    67:9f:a3:15:1f:69:01:5e:4f:0f:e7:cc:65:3e:88:
                    ef:0b:a4:46:f2:c3:e4:18:c1:0d:7d:6e:e1:25:bb:
                    a0:cf:ff:61:8e:ba:c8:fb:08:86:cd:fe:46:fa:3b:
                    7d:31:b0:97:bd:b8:54:63:bb:33:65:79:c9:82:b6:
                    2b:35:02:e0:d1:21:b2:69:08:44:c7:d4:56:f4:be:
                    be:3f:21:15:7e:c0:d9:74:40:bf:d9:e6:ff:58:2f:
                    26:4d:ae:0e:03:36:d5:84:ad:2f:71:7d:7c:7a:a2:
                    f2:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:24:06:D9:FC:95:1B:8F:DE:89:BA:B7:56:BC:2A:75:10:DD:3F:C9
            X509v3 Authority Key Identifier:
                keyid:63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:b4:cb:66:1b:05:6c:36:6f:eb:b1:6b:b2:6a:62:21:03:28:
         6a:f8:76:4e:90:84:87:36:5b:67:42:a8:91:ec:55:84:55:13:
         11:c8:4d:46:c6:61:2c:f0:a4:e8:8a:15:c5:e6:79:f2:1d:56:
         6a:43:0b:85:bb:10:00:d8:91:96:e0:ab:3d:d1:14:1e:ee:3c:
         95:1f:9b:25:02:70:12:12:11:4f:98:16:84:eb:a6:fc:a2:57:
         3d:c1:65:f9:2e:dd:a5:f9:0e:12:f0:d9:a9:a9:5b:8e:5e:be:
         e7:ef:36:64:7c:47:d1:66:02:33:7e:91:a7:0a:ee:1b:69:9e:
         38:04:89:05:bd:ab:64:a8:52:95:e0:b1:ca:dd:59:58:9d:c8:
         97:a9:ee:74:42:91:4e:e4:4e:8b:82:44:50:a5:e2:86:5a:a3:
         2e:12:68:90:4c:c0:33:97:e5:50:71:37:99:1b:78:a3:0e:6f:
         85:83:b4:1d:8a:97:cc:5c:a8:f8:ef:77:a4:cd:02:24:7d:02:
         83:63:03:97:6b:23:00:eb:a2:99:6d:84:3d:f6:13:33:4c:63:
         99:ab:a3:2f:bd:e7:57:d4:ab:e0:97:ea:5b:66:f4:97:dd:10:
         e4:36:bd:62:64:92:af:89:7c:06:44:18:03:dc:b0:96:58:5b:
         4f:86:cc:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhEPwvNc0vf1GpcR+NVYjtNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYThjYTE2NjYyMDZkMmNmMTJiNTA3ODcyZWFkMGY1YTc5
M2QwZTAwHhcNMjUwNzI2MDEwMDM5WhcNMjUwNzI3MDEwMDM5WjAzMTEwLwYDVQQD
Eyg4YzI0MDZkOWZjOTUxYjhmZGU4OWJhYjc1NmJjMmE3NTEwZGQzZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh9gYROb+DK2lIxtNnRXUVPfcMKq
BOSaSTEHS2uDFkZywwb6QuTltZLx17cLI8r5EjJtW4tmnWPq/qzmKDDdmadx5nJM
nRDQ1mR5U9ieCYTXDJSJPhsLMveiCoEb+nJavIZDqR+vzWJvUL02/X4Jsji9Xmez
BpzQB7IJeFeBvlbfFDw29BNmzP85ZgesCZ8zsmkuQahnn6MVH2kBXk8P58xlPojv
C6RG8sPkGMENfW7hJbugz/9hjrrI+wiGzf5G+jt9MbCXvbhUY7szZXnJgrYrNQLg
0SGyaQhEx9RW9L6+PyEVfsDZdEC/2eb/WC8mTa4OAzbVhK0vcX18eqLywQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIwkBtn8lRuP3om6t1a8KnUQ3T/JMB8GA1UdIwQY
MBaAFGOoyhZmIG0s8StQeHLq0PWnk9DgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEt
NzVhYjIxZjNiM2QwLzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEtNzVhYjIxZjNiM2Qw
LzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE7TLZhsF
bDZv67FrsmpiIQMoavh2TpCEhzZbZ0KokexVhFUTEchNRsZhLPCk6IoVxeZ58h1W
akMLhbsQANiRluCrPdEUHu48lR+bJQJwEhIRT5gWhOum/KJXPcFl+S7dpfkOEvDZ
qalbjl6+5+82ZHxH0WYCM36RpwruG2meOASJBb2rZKhSleCxyt1ZWJ3Il6nudEKR
TuROi4JEUKXihlqjLhJokEzAM5flUHE3mRt4ow5vhYO0HYqXzFyo+O93pM0CJH0C
g2MDl2sjAOuimW2EPfYTM0xjmaujL73nV9Sr4JfqW2b0l90Q5Da9YmSSr4l8BkQY
A9ywllhbT4bMiQ==
-----END CERTIFICATE-----