Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
File:                     y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft (raw, json)
Hash identifier:          f/n4MQZooazdJQZ8gdGy8PiDxE1WIwrPQ3voihYc06M=
Subject key identifier:   0E:1F:92:B9:F8:58:2C:D8:61:F4:51:1B:16:3F:1F:B4:1C:62:FD:AB
Authority key identifier: CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42
Certificate issuer:       /CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
Certificate serial:       01975BDBDE6DA51DB72F3A226D2330E386BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
Manifest number:          1582
Signing time:             Tue 10 Jun 2025 22:00:25 +0000
Manifest this update:     Tue 10 Jun 2025 22:00:25 +0000
Manifest next update:     Wed 11 Jun 2025 22:00:25 +0000
Files and hashes:         1: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl (hash: e9vDjDWPqOiH67Ce4SupYQxE7nCus5yUiz4ziJIOTiY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 22:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:db:de:6d:a5:1d:b7:2f:3a:22:6d:23:30:e3:86:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
        Validity
            Not Before: Jun 10 22:00:25 2025 GMT
            Not After : Jun 11 22:00:25 2025 GMT
        Subject: CN=0e1f92b9f8582cd861f4511b163f1fb41c62fdab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:8a:8a:d8:91:4d:75:eb:01:55:67:4a:32:63:
                    ba:6d:02:d0:e2:90:28:d7:93:04:28:e4:95:c3:b8:
                    91:ad:97:bf:54:7d:70:cd:17:aa:fc:15:14:45:50:
                    1e:7c:91:10:94:3b:b0:61:3d:3e:89:66:83:20:4a:
                    9c:f4:b5:62:26:04:29:7b:f9:40:64:6f:b4:cf:0d:
                    8a:c8:a2:f0:bf:d8:2f:7b:02:e5:84:00:d1:f6:7f:
                    03:ab:8d:70:58:1b:03:78:e9:81:3d:49:2e:57:8c:
                    25:31:ef:54:b8:af:13:03:45:40:f9:de:ce:e5:07:
                    9a:1b:dc:ac:f3:8a:ba:b2:6a:8c:2d:9b:81:ae:5f:
                    7a:62:1d:4a:c7:17:3b:7a:52:b0:2f:17:34:a2:25:
                    2a:d5:cd:89:75:b8:b0:50:a5:b2:22:9a:44:c9:5e:
                    06:46:3a:01:78:a6:ab:a8:fe:0a:32:64:11:0c:2e:
                    1d:4e:00:40:76:e0:d8:44:11:27:ce:34:eb:80:9a:
                    0d:e7:88:18:40:50:ec:12:7d:0e:ed:8b:3a:a8:58:
                    93:30:da:23:7d:6c:9c:19:01:cd:6d:cc:9e:37:b0:
                    38:94:29:70:bb:a1:72:62:9e:64:e6:6a:6e:05:e0:
                    1f:8f:1d:9b:64:b7:17:5f:4a:3e:3d:6c:28:92:ec:
                    6e:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:1F:92:B9:F8:58:2C:D8:61:F4:51:1B:16:3F:1F:B4:1C:62:FD:AB
            X509v3 Authority Key Identifier:
                keyid:CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:51:a3:41:14:82:c1:8a:dc:1f:72:c1:97:c4:8f:30:bd:6d:
         67:c4:b4:d6:a8:4f:d9:3a:9a:d4:1d:ae:ad:3b:f8:48:bf:55:
         4c:a7:97:21:bf:a7:d2:d1:e2:cc:a0:f5:f4:e5:02:ea:da:b3:
         d2:d4:ea:e5:46:aa:08:8f:42:01:3e:ac:45:d0:b9:f7:7f:56:
         2a:5f:3c:fe:30:91:14:f6:3d:24:05:88:e2:b5:01:b7:1e:dc:
         6c:42:2e:20:d7:26:76:5a:cb:a6:c9:c6:2e:6a:f4:af:67:1c:
         f2:9d:c8:d6:3f:e3:56:87:90:23:ac:4c:6e:de:d7:7b:cb:bf:
         15:2f:e7:df:c4:f8:08:87:fe:49:8f:ee:1f:38:d5:dd:97:cf:
         12:22:86:9f:cb:86:77:63:3b:a1:d1:70:32:c5:ff:a5:3f:13:
         f6:41:bb:d4:16:0d:2e:da:df:cf:c5:f2:d8:86:df:9c:7b:e6:
         c5:d8:30:67:42:0e:53:b2:b2:b1:ae:7a:ef:75:10:0f:6e:22:
         05:0a:fc:23:5a:15:51:d2:28:e1:ae:17:cb:c4:e9:9e:33:d8:
         d7:7e:56:2e:d5:58:80:4e:f1:d1:59:90:ef:69:34:4d:02:c5:
         44:b6:b8:57:3f:76:b3:75:76:22:ff:8a:53:d4:f6:08:f9:b1:
         e5:cf:08:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdb295tpR23LzoibSMw44a9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYzJlYmRhM2FiMDg1MTBlYmU5YTEwZTYwYmUyMzE2MDIy
OGE5NDIwHhcNMjUwNjEwMjIwMDI1WhcNMjUwNjExMjIwMDI1WjAzMTEwLwYDVQQD
EygwZTFmOTJiOWY4NTgyY2Q4NjFmNDUxMWIxNjNmMWZiNDFjNjJmZGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIqK2JFNdesBVWdKMmO6bQLQ4pAo
15MEKOSVw7iRrZe/VH1wzReq/BUURVAefJEQlDuwYT0+iWaDIEqc9LViJgQpe/lA
ZG+0zw2KyKLwv9gvewLlhADR9n8Dq41wWBsDeOmBPUkuV4wlMe9UuK8TA0VA+d7O
5QeaG9ys84q6smqMLZuBrl96Yh1Kxxc7elKwLxc0oiUq1c2JdbiwUKWyIppEyV4G
RjoBeKarqP4KMmQRDC4dTgBAduDYRBEnzjTrgJoN54gYQFDsEn0O7Ys6qFiTMNoj
fWycGQHNbcyeN7A4lClwu6FyYp5k5mpuBeAfjx2bZLcXX0o+PWwokuxuOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA4fkrn4WCzYYfRRGxY/H7QcYv2rMB8GA1UdIwQY
MBaAFMvC69o6sIUQ6+mhDmC+IxYCKKlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2Et
NzQ2MzgxNWEzZjRlLzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2EtNzQ2MzgxNWEzZjRl
LzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdVGjQRSC
wYrcH3LBl8SPML1tZ8S01qhP2Tqa1B2urTv4SL9VTKeXIb+n0tHizKD19OUC6tqz
0tTq5UaqCI9CAT6sRdC5939WKl88/jCRFPY9JAWI4rUBtx7cbEIuINcmdlrLpsnG
Lmr0r2cc8p3I1j/jVoeQI6xMbt7Xe8u/FS/n38T4CIf+SY/uHzjV3ZfPEiKGn8uG
d2M7odFwMsX/pT8T9kG71BYNLtrfz8Xy2IbfnHvmxdgwZ0IOU7Kysa5673UQD24i
BQr8I1oVUdIo4a4Xy8TpnjPY135WLtVYgE7x0VmQ72k0TQLFRLa4Vz92s3V2Iv+K
U9T2CPmx5c8IEQ==
-----END CERTIFICATE-----