Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
File:                     yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft (raw, json)
Hash identifier:          z8hRTIzpHK513WmL2sW4XXmESiCVOYkG7IPo9WPJ9O0=
Subject key identifier:   D4:5A:38:0B:0F:11:81:58:2D:54:3A:25:C6:AF:60:3F:BB:8B:B5:8E
Authority key identifier: CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13
Certificate issuer:       /CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
Certificate serial:       0199228C4A53EDA053940D21CEB7E679EC42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
Manifest number:          0989
Signing time:             Sun 07 Sep 2025 05:00:43 +0000
Manifest this update:     Sun 07 Sep 2025 05:00:43 +0000
Manifest next update:     Mon 08 Sep 2025 05:00:43 +0000
Files and hashes:         1: yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl (hash: elan1HffYFh/s6Wdub22v6uX0N51fa7HQKgwKlT2IYE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:4a:53:ed:a0:53:94:0d:21:ce:b7:e6:79:ec:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
        Validity
            Not Before: Sep  7 05:00:43 2025 GMT
            Not After : Sep  8 05:00:43 2025 GMT
        Subject: CN=d45a380b0f1181582d543a25c6af603fbb8bb58e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b5:f2:1a:bf:f5:8e:78:b6:11:88:99:de:bb:
                    79:bb:47:1b:86:ad:91:cd:24:10:b0:9d:8c:6a:e4:
                    c8:22:ca:f4:31:a1:a7:d3:36:8b:da:3b:f9:84:e0:
                    84:73:b8:bb:be:4f:cb:5c:a5:6b:3d:e0:83:82:1d:
                    03:7d:07:12:5e:56:9c:2b:6b:fb:0c:95:df:e8:b3:
                    ee:1c:44:ec:ce:bf:17:0a:fa:eb:dd:77:a4:ae:20:
                    fa:41:0e:9a:d8:c3:14:b6:d2:1d:a0:83:f6:47:1d:
                    df:df:70:c0:da:ef:f9:fc:d6:02:a1:aa:2c:06:63:
                    c4:e0:6a:8f:b0:94:fd:42:56:86:9b:6f:3d:55:11:
                    99:3d:f7:90:96:44:3f:7a:cb:04:9e:3e:4e:32:e7:
                    9e:96:a8:10:fe:1f:7b:f8:ec:2b:ec:68:84:37:3c:
                    2f:40:c2:aa:9f:2f:f7:02:9e:ae:ec:d6:2b:e2:bb:
                    46:0c:71:6f:21:5e:fa:3a:90:dc:c1:7a:f5:80:15:
                    a5:a9:5c:a9:ab:25:e0:00:c0:4f:1e:c2:e8:1b:b9:
                    31:c8:52:ce:a0:23:ae:f1:6f:60:0a:c7:0f:8a:bc:
                    e3:bc:84:3c:7c:e9:30:fc:6d:6e:3b:70:9a:41:c0:
                    c0:27:cf:a5:35:40:26:03:3d:c3:df:c7:cc:a5:6a:
                    87:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:5A:38:0B:0F:11:81:58:2D:54:3A:25:C6:AF:60:3F:BB:8B:B5:8E
            X509v3 Authority Key Identifier:
                keyid:CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:fd:df:d3:d1:9c:d6:a8:cc:74:c0:1a:7e:72:75:38:44:6b:
         b1:14:60:b0:ca:b7:48:ea:b3:6a:28:b1:42:70:e4:2c:cf:f4:
         98:23:f6:0d:a0:fe:23:d7:7a:1f:a8:45:7a:19:4f:09:38:01:
         a9:6c:c8:c2:3f:95:a3:8e:55:97:d8:6d:8d:a5:88:c4:c1:74:
         d3:35:8e:88:4a:09:32:d4:1a:8d:3b:16:99:9e:59:76:55:0c:
         9a:1e:9b:11:2c:fb:25:51:4a:bc:a0:30:0c:26:4b:7a:10:0b:
         4f:b5:2c:18:c9:60:53:58:76:a1:f4:17:a7:58:5c:86:52:30:
         41:4f:bb:43:2c:7e:4d:9f:2c:39:7f:f7:13:9a:60:0b:2a:fe:
         3d:0e:c8:a7:58:db:27:55:a5:ea:c0:7e:60:b8:9e:f9:53:f6:
         b2:2e:cd:46:3e:e7:ab:75:07:18:a5:86:3b:b2:75:4b:97:4c:
         79:21:a6:79:e6:29:00:12:45:53:b2:aa:70:65:7b:aa:90:05:
         d6:46:75:08:bc:ff:c5:0e:65:75:d9:90:30:bc:60:49:50:48:
         10:dc:a9:4a:d8:7c:9f:46:5c:23:9b:dd:d2:47:ee:d5:ab:6d:
         4c:5d:0a:25:40:e1:27:81:9b:8f:4a:57:07:7e:e5:eb:b5:2b:
         a5:5e:66:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijEpT7aBTlA0hzrfmeexCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWExYTYyYzgwYjBmMzMzNGM1ZGMxOGRjNjRiN2JmOTc4
ODkwMTMwHhcNMjUwOTA3MDUwMDQzWhcNMjUwOTA4MDUwMDQzWjAzMTEwLwYDVQQD
EyhkNDVhMzgwYjBmMTE4MTU4MmQ1NDNhMjVjNmFmNjAzZmJiOGJiNThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7XyGr/1jni2EYiZ3rt5u0cbhq2R
zSQQsJ2MauTIIsr0MaGn0zaL2jv5hOCEc7i7vk/LXKVrPeCDgh0DfQcSXlacK2v7
DJXf6LPuHETszr8XCvrr3XekriD6QQ6a2MMUttIdoIP2Rx3f33DA2u/5/NYCoaos
BmPE4GqPsJT9QlaGm289VRGZPfeQlkQ/essEnj5OMueelqgQ/h97+Owr7GiENzwv
QMKqny/3Ap6u7NYr4rtGDHFvIV76OpDcwXr1gBWlqVypqyXgAMBPHsLoG7kxyFLO
oCOu8W9gCscPirzjvIQ8fOkw/G1uO3CaQcDAJ8+lNUAmAz3D38fMpWqHcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNRaOAsPEYFYLVQ6JcavYD+7i7WOMB8GA1UdIwQY
MBaAFMoaGmLICw8zNMXcGNxkt7+XiJATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2Qt
YTA5ODU0YWI2NWEyLzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2QtYTA5ODU0YWI2NWEy
LzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAP3f09Gc
1qjMdMAafnJ1OERrsRRgsMq3SOqzaiixQnDkLM/0mCP2DaD+I9d6H6hFehlPCTgB
qWzIwj+Vo45Vl9htjaWIxMF00zWOiEoJMtQajTsWmZ5ZdlUMmh6bESz7JVFKvKAw
DCZLehALT7UsGMlgU1h2ofQXp1hchlIwQU+7Qyx+TZ8sOX/3E5pgCyr+PQ7Ip1jb
J1Wl6sB+YLie+VP2si7NRj7nq3UHGKWGO7J1S5dMeSGmeeYpABJFU7KqcGV7qpAF
1kZ1CLz/xQ5lddmQMLxgSVBIENypSth8n0ZcI5vd0kfu1attTF0KJUDhJ4Gbj0pX
B37l67UrpV5mfA==
-----END CERTIFICATE-----