Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
File:                     Y31k1HJWO36HP1t5-RydP__D2_k.mft (raw, json)
Hash identifier:          xeXrv4orP86ssOgthMJmgCi9RlWQ73XeprkLZTlxGqE=
Subject key identifier:   B3:78:66:07:19:93:DF:03:3E:5C:8E:4E:94:0C:F5:71:97:74:1A:10
Authority key identifier: 63:7D:64:D4:72:56:3B:7E:87:3F:5B:79:F9:1C:9D:3F:FF:C3:DB:F9
Certificate issuer:       /CN=637d64d472563b7e873f5b79f91c9d3fffc3dbf9
Certificate serial:       019849D31CAFCB599B986CEEAA7FE863E8D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
Manifest number:          0EBC
Signing time:             Sun 27 Jul 2025 03:00:28 +0000
Manifest this update:     Sun 27 Jul 2025 03:00:28 +0000
Manifest next update:     Mon 28 Jul 2025 03:00:28 +0000
Files and hashes:         1: Y31k1HJWO36HP1t5-RydP__D2_k.crl (hash: 5qi/BICa/V6BlrYlzat8w0NQCEkz0RnBUXJvMKWc8IE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:d3:1c:af:cb:59:9b:98:6c:ee:aa:7f:e8:63:e8:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=637d64d472563b7e873f5b79f91c9d3fffc3dbf9
        Validity
            Not Before: Jul 27 03:00:28 2025 GMT
            Not After : Jul 28 03:00:28 2025 GMT
        Subject: CN=b37866071993df033e5c8e4e940cf57197741a10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:c0:ea:de:29:ea:f0:5a:d9:ca:82:e5:c1:37:
                    7b:16:57:c2:51:33:60:d2:7e:bd:7c:52:3f:89:73:
                    d6:01:ef:11:3c:5f:58:f1:4c:18:b3:5a:8c:41:a0:
                    92:d0:90:bb:5f:35:40:c9:62:b4:ae:5b:a3:fe:ed:
                    8b:0c:ab:ea:44:ce:52:79:c5:9f:11:21:5d:6d:7d:
                    a1:ee:c6:4f:fd:03:47:f6:3c:77:95:45:d9:6c:c3:
                    f6:34:e8:3d:a9:9f:b9:47:1d:ea:73:6f:8b:96:b2:
                    50:c8:f7:fc:1a:07:50:4f:1b:03:9c:52:35:32:e8:
                    09:e5:57:f6:e2:fa:96:76:f1:65:ab:9a:ee:70:47:
                    e4:72:b6:a5:78:96:a8:3c:64:c7:91:8e:21:d3:70:
                    3e:39:6d:a2:13:29:e2:fc:9e:5a:9c:b9:0b:ab:c8:
                    eb:b2:bd:58:5d:ab:5f:93:5c:75:b6:a2:dc:36:f5:
                    2e:4f:19:c2:66:79:93:3e:a9:ec:9c:72:a9:ae:7b:
                    a7:9b:30:1a:3a:f4:a3:d7:0a:ff:db:bf:f8:77:16:
                    b0:78:d9:56:c4:67:5f:78:2b:75:da:26:c6:4c:1a:
                    09:05:87:60:dc:e2:47:f9:0d:4c:63:0b:2e:1c:b3:
                    5e:ec:4e:72:1d:e3:f9:d9:ee:2e:77:88:e5:d4:eb:
                    de:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:78:66:07:19:93:DF:03:3E:5C:8E:4E:94:0C:F5:71:97:74:1A:10
            X509v3 Authority Key Identifier:
                keyid:63:7D:64:D4:72:56:3B:7E:87:3F:5B:79:F9:1C:9D:3F:FF:C3:DB:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:00:76:67:c6:d7:f5:d0:cc:a1:7f:4d:d0:c0:b3:04:ee:2a:
         15:19:ec:87:c5:19:f7:97:b3:79:b7:93:f6:fd:94:62:19:4b:
         ef:0f:bd:3d:dc:4f:da:26:af:45:13:97:92:c6:d4:89:77:63:
         95:0c:3d:ed:7f:bd:fa:a4:51:f3:c4:34:ad:b5:1d:b6:ba:ca:
         93:dd:dc:9f:46:84:32:45:0e:1a:92:eb:fd:5c:ac:84:1c:3e:
         08:ae:e5:67:4f:03:2e:c4:aa:d3:13:72:ec:c5:c7:5c:b4:ff:
         27:cf:4d:20:c7:a4:26:8e:b1:f9:68:5a:5a:35:e5:4d:4e:c1:
         c9:16:19:b4:23:d0:aa:85:53:1d:bf:25:68:45:01:ff:09:c8:
         50:79:a1:78:b9:34:ce:7d:e4:8a:31:a7:76:38:76:25:d8:c1:
         97:b9:3e:9d:7b:1f:e4:6c:a6:8d:14:7a:21:9a:b7:37:17:54:
         b3:5a:3f:51:d8:d9:e8:7f:c7:5d:9c:63:45:98:65:b1:e4:57:
         1c:63:69:d2:ec:99:6f:31:71:bb:6b:fc:72:66:d2:9f:e0:ef:
         0e:0c:f9:3f:5e:a3:bd:fa:32:16:fa:15:d9:d2:fa:f4:aa:5d:
         1a:a6:77:00:ab:29:42:c1:24:2a:21:3e:36:a2:60:db:f9:88:
         d2:ba:1c:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJ0xyvy1mbmGzuqn/oY+jSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzN2Q2NGQ0NzI1NjNiN2U4NzNmNWI3OWY5MWM5ZDNmZmZj
M2RiZjkwHhcNMjUwNzI3MDMwMDI4WhcNMjUwNzI4MDMwMDI4WjAzMTEwLwYDVQQD
EyhiMzc4NjYwNzE5OTNkZjAzM2U1YzhlNGU5NDBjZjU3MTk3NzQxYTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsDq3inq8FrZyoLlwTd7FlfCUTNg
0n69fFI/iXPWAe8RPF9Y8UwYs1qMQaCS0JC7XzVAyWK0rluj/u2LDKvqRM5SecWf
ESFdbX2h7sZP/QNH9jx3lUXZbMP2NOg9qZ+5Rx3qc2+LlrJQyPf8GgdQTxsDnFI1
MugJ5Vf24vqWdvFlq5rucEfkcraleJaoPGTHkY4h03A+OW2iEyni/J5anLkLq8jr
sr1YXatfk1x1tqLcNvUuTxnCZnmTPqnsnHKprnunmzAaOvSj1wr/27/4dxaweNlW
xGdfeCt12ibGTBoJBYdg3OJH+Q1MYwsuHLNe7E5yHeP52e4ud4jl1Ove7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLN4ZgcZk98DPlyOTpQM9XGXdBoQMB8GA1UdIwQY
MBaAFGN9ZNRyVjt+hz9befkcnT//w9v5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yYmQ2YjQtZWViMi00ZjFiLThhYWYt
ODE3YWY4YTc2MjUwLzEvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yYmQ2YjQtZWViMi00ZjFiLThhYWYtODE3YWY4YTc2MjUw
LzEvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMgB2Z8bX
9dDMoX9N0MCzBO4qFRnsh8UZ95ezebeT9v2UYhlL7w+9PdxP2iavRROXksbUiXdj
lQw97X+9+qRR88Q0rbUdtrrKk93cn0aEMkUOGpLr/VyshBw+CK7lZ08DLsSq0xNy
7MXHXLT/J89NIMekJo6x+WhaWjXlTU7ByRYZtCPQqoVTHb8laEUB/wnIUHmheLk0
zn3kijGndjh2JdjBl7k+nXsf5GymjRR6IZq3NxdUs1o/UdjZ6H/HXZxjRZhlseRX
HGNp0uyZbzFxu2v8cmbSn+DvDgz5P16jvfoyFvoV2dL69KpdGqZ3AKspQsEkKiE+
NqJg2/mI0rocBA==
-----END CERTIFICATE-----