Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
File:                     YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft (raw, json)
Hash identifier:          MJflZm36o48uFl51bCot58ZF07QFs5vFUuKTMocbRfA=
Subject key identifier:   EF:82:58:BC:BA:79:11:08:54:CD:90:EA:33:C7:2F:8E:AF:86:CF:57
Authority key identifier: 60:5A:BB:25:3B:76:6D:CD:7F:16:D9:F0:1B:C1:19:69:18:48:EB:0E
Certificate issuer:       /CN=605abb253b766dcd7f16d9f01bc119691848eb0e
Certificate serial:       019922C32712DD8F7ED1F68A3A88363FAB74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
Manifest number:          02CE
Signing time:             Sun 07 Sep 2025 06:00:38 +0000
Manifest this update:     Sun 07 Sep 2025 06:00:38 +0000
Manifest next update:     Mon 08 Sep 2025 06:00:38 +0000
Files and hashes:         1: YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl (hash: b4QomWo8uRJb4/pHQroB2xrYSJBgU5KRTXsLZcOzzw8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 06:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:c3:27:12:dd:8f:7e:d1:f6:8a:3a:88:36:3f:ab:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=605abb253b766dcd7f16d9f01bc119691848eb0e
        Validity
            Not Before: Sep  7 06:00:38 2025 GMT
            Not After : Sep  8 06:00:38 2025 GMT
        Subject: CN=ef8258bcba79110854cd90ea33c72f8eaf86cf57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:4f:42:70:0a:cf:ff:e2:36:25:40:44:c2:cf:
                    68:a5:23:d0:01:9e:d5:0b:6a:8b:27:8b:94:03:36:
                    5f:4c:f0:d1:28:1b:fe:0b:41:d0:23:52:2f:88:e0:
                    59:ca:7b:d2:f5:51:8a:3e:ad:98:71:01:b6:1e:39:
                    59:2f:a5:8e:5f:6b:d7:46:c0:33:ba:7f:e6:1d:15:
                    f5:10:72:27:3f:7d:61:09:f6:e2:df:ba:2e:ce:77:
                    8d:cc:f7:26:18:0b:51:72:b8:5a:13:f3:7c:56:3c:
                    33:7d:6d:34:db:12:54:e4:8d:2d:f9:6f:f9:73:c8:
                    97:7f:e2:41:67:97:d5:25:ee:a2:44:d6:a6:81:41:
                    90:e6:49:0d:d9:53:d5:66:59:78:f1:dc:f9:30:80:
                    9f:d5:f6:2f:d9:98:7b:09:2b:a5:29:07:5d:5f:99:
                    0f:23:ca:f2:31:4e:db:dd:48:9e:a5:26:04:6a:cb:
                    5c:09:b8:78:d9:5a:07:20:e1:ab:ca:b3:a2:a3:b0:
                    92:05:6c:86:99:05:1e:59:de:5a:59:11:96:db:8c:
                    b7:ad:f8:c7:2f:34:f2:31:48:e9:22:a3:c3:45:cc:
                    67:aa:7a:98:d1:2d:40:b0:34:aa:d0:ff:71:2d:bc:
                    cb:88:73:37:fd:62:b1:4b:57:07:50:d6:ea:f3:b2:
                    c5:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:82:58:BC:BA:79:11:08:54:CD:90:EA:33:C7:2F:8E:AF:86:CF:57
            X509v3 Authority Key Identifier:
                keyid:60:5A:BB:25:3B:76:6D:CD:7F:16:D9:F0:1B:C1:19:69:18:48:EB:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:58:00:e4:06:96:c9:b9:7e:ba:a3:92:61:be:6c:71:f5:85:
         fa:fd:90:0b:45:b2:00:a5:3d:e6:26:d2:82:f4:90:4c:a2:28:
         fb:0f:dd:30:f7:61:7e:0f:b9:2b:60:ca:3c:eb:b8:33:d4:62:
         45:10:a7:be:2d:98:03:36:3d:e7:ee:bd:e0:ca:65:ae:53:13:
         a4:59:ab:79:d1:c1:4c:80:46:3c:fa:f4:00:f9:be:bf:af:76:
         ba:62:13:ef:c2:f2:ae:ec:88:a9:6e:03:a0:13:4c:e4:2a:7b:
         b5:71:05:ab:d7:8b:b5:37:c9:6a:e0:92:1d:e6:5d:81:db:0e:
         a2:7c:3c:e3:b5:04:70:3f:bd:9c:62:64:59:97:5c:01:c5:7f:
         2c:d8:79:88:2c:b2:18:b2:03:73:76:80:46:34:45:0b:f0:e4:
         bd:ce:96:fb:9f:dd:73:29:3d:aa:46:49:fc:a1:57:51:c8:e3:
         cf:c5:7f:76:7f:b0:5b:57:7b:36:62:86:27:c1:62:0e:c4:09:
         a7:39:1f:79:30:26:ec:c0:cd:e5:fd:41:b8:c3:dc:0c:15:95:
         c5:2b:7d:95:20:9e:f1:95:ff:2f:d7:c7:b6:2b:81:ee:fa:05:
         d9:7f:90:ed:c0:72:2f:11:e9:b3:30:71:aa:86:18:a4:eb:19:
         49:2a:3a:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiwycS3Y9+0faKOog2P6t0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNWFiYjI1M2I3NjZkY2Q3ZjE2ZDlmMDFiYzExOTY5MTg0
OGViMGUwHhcNMjUwOTA3MDYwMDM4WhcNMjUwOTA4MDYwMDM4WjAzMTEwLwYDVQQD
EyhlZjgyNThiY2JhNzkxMTA4NTRjZDkwZWEzM2M3MmY4ZWFmODZjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0U9CcArP/+I2JUBEws9opSPQAZ7V
C2qLJ4uUAzZfTPDRKBv+C0HQI1IviOBZynvS9VGKPq2YcQG2HjlZL6WOX2vXRsAz
un/mHRX1EHInP31hCfbi37ouzneNzPcmGAtRcrhaE/N8VjwzfW002xJU5I0t+W/5
c8iXf+JBZ5fVJe6iRNamgUGQ5kkN2VPVZll48dz5MICf1fYv2Zh7CSulKQddX5kP
I8ryMU7b3UiepSYEastcCbh42VoHIOGryrOio7CSBWyGmQUeWd5aWRGW24y3rfjH
LzTyMUjpIqPDRcxnqnqY0S1AsDSq0P9xLbzLiHM3/WKxS1cHUNbq87LFewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO+CWLy6eREIVM2Q6jPHL46vhs9XMB8GA1UdIwQY
MBaAFGBauyU7dm3NfxbZ8BvBGWkYSOsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82NjY2NzAtZDBmMS00NGEzLWI5M2Et
NTAxMTFjNDI5MmQwLzEvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82NjY2NzAtZDBmMS00NGEzLWI5M2EtNTAxMTFjNDI5MmQw
LzEvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAklgA5AaW
ybl+uqOSYb5scfWF+v2QC0WyAKU95ibSgvSQTKIo+w/dMPdhfg+5K2DKPOu4M9Ri
RRCnvi2YAzY95+694MplrlMTpFmredHBTIBGPPr0APm+v692umIT78LyruyIqW4D
oBNM5Cp7tXEFq9eLtTfJauCSHeZdgdsOonw847UEcD+9nGJkWZdcAcV/LNh5iCyy
GLIDc3aARjRFC/Dkvc6W+5/dcyk9qkZJ/KFXUcjjz8V/dn+wW1d7NmKGJ8FiDsQJ
pzkfeTAm7MDN5f1BuMPcDBWVxSt9lSCe8ZX/L9fHtiuB7voF2X+Q7cByLxHpszBx
qoYYpOsZSSo65A==
-----END CERTIFICATE-----