Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft
File:                     yoaOeySqNaTdEKyVmfBkqpadAx0.mft (raw, json)
Hash identifier:          twNKX4ZkNh4leOEmw20RSDzLMuMkkDD9B4aIyNREGqE=
Subject key identifier:   71:16:B5:75:A0:BC:D5:BD:5F:21:1F:23:0D:21:09:08:B8:F9:0B:7A
Authority key identifier: CA:86:8E:7B:24:AA:35:A4:DD:10:AC:95:99:F0:64:AA:96:9D:03:1D
Certificate issuer:       /CN=ca868e7b24aa35a4dd10ac9599f064aa969d031d
Certificate serial:       019848893393F70156A4CBED1CA9E9298FF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft
Manifest number:          0272
Signing time:             Sat 26 Jul 2025 21:00:07 +0000
Manifest this update:     Sat 26 Jul 2025 21:00:07 +0000
Manifest next update:     Sun 27 Jul 2025 21:00:07 +0000
Files and hashes:         1: yoaOeySqNaTdEKyVmfBkqpadAx0.crl (hash: hujy4xa6Jr7B9d1MKuPydxhfaRS0q+y/tUcSx0wF3Dc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 20:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:48:89:33:93:f7:01:56:a4:cb:ed:1c:a9:e9:29:8f:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca868e7b24aa35a4dd10ac9599f064aa969d031d
        Validity
            Not Before: Jul 26 21:00:07 2025 GMT
            Not After : Jul 27 21:00:07 2025 GMT
        Subject: CN=7116b575a0bcd5bd5f211f230d210908b8f90b7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:e7:ba:b8:94:fc:8a:56:a8:25:ec:1e:9a:3b:
                    7a:3d:e0:95:df:87:ac:b9:41:bc:5d:05:da:87:1b:
                    11:bc:23:a8:a3:e9:44:6a:21:2a:2e:a2:0b:e8:84:
                    b4:a9:49:ce:ed:2a:41:38:e8:e9:db:15:4b:bc:62:
                    1b:2f:b4:49:31:b1:3a:9b:27:46:8f:c6:00:6c:f8:
                    14:3c:87:c6:2a:47:e0:ad:af:33:be:7e:e2:57:15:
                    2d:ae:ce:5e:d7:64:84:c1:9b:7a:be:6b:57:9c:2a:
                    c2:20:ac:59:48:ed:fa:cf:f7:fd:8e:55:23:8d:7d:
                    51:b2:5e:8c:a9:cc:57:b1:7a:90:4c:8e:24:0c:58:
                    e4:57:80:7d:99:07:1c:b7:9a:b1:2a:70:00:0a:0b:
                    fa:a6:e6:7c:82:20:c8:cd:5c:51:88:3d:f4:68:f4:
                    61:96:a2:4b:9a:2d:fd:c3:d3:44:5d:45:23:bf:c7:
                    24:95:70:00:8c:91:34:6f:46:81:b9:ae:d2:29:f4:
                    18:6a:be:9a:35:39:fd:26:6d:d3:29:58:b8:5e:c1:
                    df:b3:d8:bc:9f:1e:31:00:ff:d9:b2:88:9f:d4:8b:
                    36:b8:3b:93:65:05:94:c6:ee:9c:3a:ce:1c:e7:1f:
                    db:ea:db:65:19:23:53:c5:e3:74:3f:5f:54:37:85:
                    7f:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:16:B5:75:A0:BC:D5:BD:5F:21:1F:23:0D:21:09:08:B8:F9:0B:7A
            X509v3 Authority Key Identifier:
                keyid:CA:86:8E:7B:24:AA:35:A4:DD:10:AC:95:99:F0:64:AA:96:9D:03:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:5b:17:f1:63:1e:df:bd:c1:ff:84:49:13:93:8f:da:c4:72:
         40:f1:6b:28:44:e5:89:7a:df:0a:63:62:df:e5:72:7c:d4:41:
         0e:79:8b:4d:29:0e:fa:9b:bd:0a:0d:35:69:d2:a9:82:69:cc:
         ef:f0:5a:9f:60:77:bd:af:9b:74:db:7e:8d:0e:fc:40:15:ba:
         c3:4b:59:9b:60:ff:be:2a:e0:01:ac:a3:02:cd:03:19:b6:be:
         97:27:7e:b6:e1:da:b4:af:14:17:1a:3d:55:df:78:cf:99:bb:
         39:09:6d:2d:e2:44:33:23:12:db:3c:02:0c:bf:83:e6:a8:a5:
         25:cc:cf:9a:5f:91:6d:db:02:ae:d3:cf:2b:ec:54:93:be:cc:
         3a:99:3d:a4:cc:34:74:6c:72:03:6b:35:20:79:ec:30:b2:dc:
         9a:dd:58:81:d1:5b:e7:37:9e:72:4f:19:7e:c5:41:8a:7a:5f:
         54:6d:a7:1e:2c:ee:a1:94:18:38:e4:f0:50:bb:a2:64:df:8d:
         6b:fe:58:a4:70:8a:69:1b:c5:ab:4f:d2:8d:e5:1a:8b:23:e4:
         6e:d0:db:7c:56:b6:4f:87:a9:97:af:8a:8c:30:c2:37:a8:a6:
         c0:8e:fa:a2:e2:19:f4:1f:82:6a:dc:07:69:18:d8:c7:95:a3:
         e6:2f:fd:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhIiTOT9wFWpMvtHKnpKY/2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhODY4ZTdiMjRhYTM1YTRkZDEwYWM5NTk5ZjA2NGFhOTY5
ZDAzMWQwHhcNMjUwNzI2MjEwMDA3WhcNMjUwNzI3MjEwMDA3WjAzMTEwLwYDVQQD
Eyg3MTE2YjU3NWEwYmNkNWJkNWYyMTFmMjMwZDIxMDkwOGI4ZjkwYjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoue6uJT8ilaoJewemjt6PeCV34es
uUG8XQXahxsRvCOoo+lEaiEqLqIL6IS0qUnO7SpBOOjp2xVLvGIbL7RJMbE6mydG
j8YAbPgUPIfGKkfgra8zvn7iVxUtrs5e12SEwZt6vmtXnCrCIKxZSO36z/f9jlUj
jX1Rsl6MqcxXsXqQTI4kDFjkV4B9mQcct5qxKnAACgv6puZ8giDIzVxRiD30aPRh
lqJLmi39w9NEXUUjv8cklXAAjJE0b0aBua7SKfQYar6aNTn9Jm3TKVi4XsHfs9i8
nx4xAP/Zsoif1Is2uDuTZQWUxu6cOs4c5x/b6ttlGSNTxeN0P19UN4V/kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHEWtXWgvNW9XyEfIw0hCQi4+Qt6MB8GA1UdIwQY
MBaAFMqGjnskqjWk3RCslZnwZKqWnQMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMzI3ZWItZDcxYS00Mjc5LWFmMjIt
YjhkMDZmNDZhZWMzLzEveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMzI3ZWItZDcxYS00Mjc5LWFmMjItYjhkMDZmNDZhZWMz
LzEveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARVsX8WMe
373B/4RJE5OP2sRyQPFrKETliXrfCmNi3+VyfNRBDnmLTSkO+pu9Cg01adKpgmnM
7/Ban2B3va+bdNt+jQ78QBW6w0tZm2D/virgAayjAs0DGba+lyd+tuHatK8UFxo9
Vd94z5m7OQltLeJEMyMS2zwCDL+D5qilJczPml+RbdsCrtPPK+xUk77MOpk9pMw0
dGxyA2s1IHnsMLLcmt1YgdFb5zeeck8ZfsVBinpfVG2nHizuoZQYOOTwULuiZN+N
a/5YpHCKaRvFq0/SjeUaiyPkbtDbfFa2T4epl6+KjDDCN6imwI76ouIZ9B+CatwH
aRjYx5Wj5i/9hg==
-----END CERTIFICATE-----