Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/13e253-344a-4db7-bacf-0f11da289e1f/1/Y5-G_U81pnvLwn-OtveHq4veSfk.mft
File:                     Y5-G_U81pnvLwn-OtveHq4veSfk.mft (raw, json)
Hash identifier:          /heNlRvrtUCXR1wM3IfYvvvpjym9TaKfQcXV71/7VyQ=
Subject key identifier:   2A:98:13:35:AD:13:2E:7C:64:D3:72:69:9D:1D:74:4A:83:E9:F9:D9
Authority key identifier: 63:9F:86:FD:4F:35:A6:7B:CB:C2:7F:8E:B6:F7:87:AB:8B:DE:49:F9
Certificate issuer:       /CN=639f86fd4f35a67bcbc27f8eb6f787ab8bde49f9
Certificate serial:       01985456CAC6654EF17DFD256DAA18F6FCB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y5-G_U81pnvLwn-OtveHq4veSfk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/13e253-344a-4db7-bacf-0f11da289e1f/1/Y5-G_U81pnvLwn-OtveHq4veSfk.mft
Manifest number:          0FFE
Signing time:             Tue 29 Jul 2025 04:00:30 +0000
Manifest this update:     Tue 29 Jul 2025 04:00:30 +0000
Manifest next update:     Wed 30 Jul 2025 04:00:30 +0000
Files and hashes:         1: Y5-G_U81pnvLwn-OtveHq4veSfk.crl (hash: aDh0k73rHySsH7duuSC5oRF0TIU9FC5xkxoHYdvJiks=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/13e253-344a-4db7-bacf-0f11da289e1f/1/Y5-G_U81pnvLwn-OtveHq4veSfk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/13e253-344a-4db7-bacf-0f11da289e1f/1/Y5-G_U81pnvLwn-OtveHq4veSfk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y5-G_U81pnvLwn-OtveHq4veSfk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Jul 2025 23:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:54:56:ca:c6:65:4e:f1:7d:fd:25:6d:aa:18:f6:fc:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=639f86fd4f35a67bcbc27f8eb6f787ab8bde49f9
        Validity
            Not Before: Jul 29 04:00:30 2025 GMT
            Not After : Jul 30 04:00:30 2025 GMT
        Subject: CN=2a981335ad132e7c64d372699d1d744a83e9f9d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:01:7e:8c:fa:29:3d:ee:92:55:3e:f1:28:4f:
                    2e:e8:4a:e8:bd:ca:39:7a:23:3d:a9:da:09:f5:6a:
                    d9:7e:9f:8e:06:bc:ea:72:a2:ee:2e:e4:30:6e:89:
                    58:e1:71:99:05:c3:2d:cf:6e:e3:af:ef:59:af:0c:
                    62:57:62:76:bf:54:fc:df:2a:5b:3f:9d:8c:16:a5:
                    b0:8f:1d:8d:a1:95:e0:33:fe:1a:82:39:19:8a:80:
                    ee:c8:92:50:a7:5e:06:7b:fd:18:4b:17:84:57:c6:
                    b1:e7:fc:f0:c3:86:75:35:fe:78:d5:dc:37:ca:95:
                    74:20:d6:14:a2:fa:c1:a2:63:dd:cc:a2:ef:2f:c7:
                    f6:fa:4b:21:65:7a:d1:5b:d4:f8:af:10:ca:cd:94:
                    34:c1:28:f5:50:6d:73:a5:5b:61:03:2a:dc:c8:3f:
                    3b:36:45:eb:b2:fa:d3:a8:24:1f:c7:66:e1:cc:f8:
                    65:ff:5b:80:13:03:51:e4:f1:ac:d8:8d:08:bc:59:
                    6b:b5:2c:36:5d:5e:d6:4e:04:30:7f:76:4b:f2:b8:
                    83:bf:9d:95:17:cb:de:6a:7a:84:86:1b:2e:6f:60:
                    e7:19:16:f2:a0:b7:ed:e3:44:e9:b7:f4:e7:b9:5d:
                    7b:df:b5:c5:64:73:cf:40:9d:dc:e3:8d:22:60:e3:
                    d5:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:98:13:35:AD:13:2E:7C:64:D3:72:69:9D:1D:74:4A:83:E9:F9:D9
            X509v3 Authority Key Identifier:
                keyid:63:9F:86:FD:4F:35:A6:7B:CB:C2:7F:8E:B6:F7:87:AB:8B:DE:49:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y5-G_U81pnvLwn-OtveHq4veSfk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/13e253-344a-4db7-bacf-0f11da289e1f/1/Y5-G_U81pnvLwn-OtveHq4veSfk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/13e253-344a-4db7-bacf-0f11da289e1f/1/Y5-G_U81pnvLwn-OtveHq4veSfk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:29:97:f2:2c:52:d5:84:db:f1:67:aa:8d:2a:8a:36:fa:5b:
         17:fd:e6:82:37:95:f6:1d:91:48:3b:81:55:44:ac:60:df:32:
         93:c8:21:52:02:11:57:27:43:1a:61:22:e8:36:0d:6b:90:77:
         4e:ae:2c:5b:fc:75:09:1b:91:67:c3:5f:57:06:fa:0e:40:95:
         d7:ad:41:a4:e6:d3:bb:2e:ff:fd:2f:87:d1:f0:c8:a3:5d:54:
         70:2b:c3:8e:35:84:5b:6c:56:10:af:50:5d:a6:3d:28:ad:0b:
         b9:98:88:ce:cb:49:5c:28:1c:b3:ad:f5:49:52:4f:ab:2b:b0:
         cd:26:2a:de:ea:9d:14:e8:0c:6f:a6:43:f5:22:c0:0f:ea:3c:
         3b:d9:0d:b7:b8:2c:c5:d2:71:aa:50:dd:c1:d3:d8:c5:a1:92:
         b0:1a:e8:11:2d:1f:c9:3d:6e:fe:f3:2f:1a:2f:76:b3:1e:a1:
         00:61:bb:69:f5:14:99:74:15:45:24:9a:b5:1f:15:e5:87:d5:
         3e:88:97:aa:0c:62:91:97:62:bc:a2:be:51:8f:b3:7b:58:9a:
         52:d0:94:fc:84:45:3f:a1:77:06:73:bb:95:bf:30:4b:29:32:
         b3:2c:3d:b3:45:3d:da:cc:0a:a1:7e:87:fa:29:20:bc:0c:f3:
         18:14:81:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhUVsrGZU7xff0lbaoY9vy0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzOWY4NmZkNGYzNWE2N2JjYmMyN2Y4ZWI2Zjc4N2FiOGJk
ZTQ5ZjkwHhcNMjUwNzI5MDQwMDMwWhcNMjUwNzMwMDQwMDMwWjAzMTEwLwYDVQQD
EygyYTk4MTMzNWFkMTMyZTdjNjRkMzcyNjk5ZDFkNzQ0YTgzZTlmOWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwF+jPopPe6SVT7xKE8u6Erovco5
eiM9qdoJ9WrZfp+OBrzqcqLuLuQwbolY4XGZBcMtz27jr+9ZrwxiV2J2v1T83ypb
P52MFqWwjx2NoZXgM/4agjkZioDuyJJQp14Ge/0YSxeEV8ax5/zww4Z1Nf541dw3
ypV0INYUovrBomPdzKLvL8f2+kshZXrRW9T4rxDKzZQ0wSj1UG1zpVthAyrcyD87
NkXrsvrTqCQfx2bhzPhl/1uAEwNR5PGs2I0IvFlrtSw2XV7WTgQwf3ZL8riDv52V
F8veanqEhhsub2DnGRbyoLft40Tpt/TnuV1737XFZHPPQJ3c440iYOPV+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqYEzWtEy58ZNNyaZ0ddEqD6fnZMB8GA1UdIwQY
MBaAFGOfhv1PNaZ7y8J/jrb3h6uL3kn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTUtR19VODFwbnZMd24tT3R2ZUhxNHZlU2ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8xM2UyNTMtMzQ0YS00ZGI3LWJhY2Yt
MGYxMWRhMjg5ZTFmLzEvWTUtR19VODFwbnZMd24tT3R2ZUhxNHZlU2ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8xM2UyNTMtMzQ0YS00ZGI3LWJhY2YtMGYxMWRhMjg5ZTFm
LzEvWTUtR19VODFwbnZMd24tT3R2ZUhxNHZlU2ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxCmX8ixS
1YTb8WeqjSqKNvpbF/3mgjeV9h2RSDuBVUSsYN8yk8ghUgIRVydDGmEi6DYNa5B3
Tq4sW/x1CRuRZ8NfVwb6DkCV161BpObTuy7//S+H0fDIo11UcCvDjjWEW2xWEK9Q
XaY9KK0LuZiIzstJXCgcs631SVJPqyuwzSYq3uqdFOgMb6ZD9SLAD+o8O9kNt7gs
xdJxqlDdwdPYxaGSsBroES0fyT1u/vMvGi92sx6hAGG7afUUmXQVRSSatR8V5YfV
PoiXqgxikZdivKK+UY+ze1iaUtCU/IRFP6F3BnO7lb8wSykysyw9s0U92swKoX6H
+ikgvAzzGBSB7Q==
-----END CERTIFICATE-----