Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
File:                     Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft (raw, json)
Hash identifier:          BQym0CWupfe2qi41JMubKb7jBHGa97eI1kB4pmbgikk=
Subject key identifier:   08:60:CC:EA:36:0C:F6:A9:EC:F8:00:83:07:67:AE:0E:C0:93:ED:10
Authority key identifier: 63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF
Certificate issuer:       /CN=63ef6bdbc42ad06defdad72679414346d8d048df
Certificate serial:       019923A0D8D94C77C8CECFE1E72F5F3C1A76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
Manifest number:          166D
Signing time:             Sun 07 Sep 2025 10:02:47 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:47 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:47 +0000
Files and hashes:         1: Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl (hash: pLdbIE1TBkcyvud39vK1hvmFy2bY7lWAfPVxfgMNBBA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:d8:d9:4c:77:c8:ce:cf:e1:e7:2f:5f:3c:1a:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63ef6bdbc42ad06defdad72679414346d8d048df
        Validity
            Not Before: Sep  7 10:02:47 2025 GMT
            Not After : Sep  8 10:02:47 2025 GMT
        Subject: CN=0860ccea360cf6a9ecf800830767ae0ec093ed10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:80:29:b8:ae:c0:72:80:e3:7f:05:08:9e:f6:
                    db:8f:88:57:20:18:ce:64:15:a2:86:88:9b:72:ac:
                    84:16:9f:18:ab:e5:a8:d8:3b:28:33:5a:23:01:fa:
                    eb:f7:fd:24:8b:9e:ae:c3:90:cd:67:f3:30:53:5c:
                    09:54:dd:d6:9d:3d:02:aa:bc:e7:97:22:19:58:14:
                    5d:d8:bb:0f:b0:a6:5a:db:f5:05:7f:e1:10:79:45:
                    f1:1e:e5:fb:b4:cf:ae:5d:99:a6:75:bb:f3:06:75:
                    19:37:ca:48:3d:ec:8f:96:1f:1c:e5:41:8d:54:b6:
                    f6:de:d6:5f:fc:04:d7:aa:f9:b7:f2:5a:f1:d2:67:
                    f1:5c:c9:04:f6:e3:c2:15:4b:3d:a2:35:6b:10:e4:
                    b9:60:c0:d3:b5:1d:66:f3:ba:77:da:64:cb:c4:da:
                    fb:2f:28:ed:79:4e:c2:20:40:d5:15:c6:1e:09:f5:
                    b5:f2:58:36:6a:d1:6a:25:f4:fb:e3:a8:4c:e7:d7:
                    44:82:44:2c:42:c9:d7:a6:0d:3a:4c:16:13:35:aa:
                    c8:9f:31:df:fe:87:c6:7b:47:fc:ab:90:c6:6c:72:
                    d9:87:4e:89:94:62:fd:5e:fb:f1:e1:0d:f8:50:33:
                    71:83:be:f8:78:d2:07:3b:bb:ac:46:ec:9b:91:8b:
                    24:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:60:CC:EA:36:0C:F6:A9:EC:F8:00:83:07:67:AE:0E:C0:93:ED:10
            X509v3 Authority Key Identifier:
                keyid:63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:57:a3:4b:ab:8a:33:93:6d:44:d4:91:e5:3e:e8:4e:0c:f2:
         94:7d:1c:78:76:48:b2:c5:d9:84:d6:3c:a5:15:95:48:25:dd:
         ad:42:94:ec:64:c8:cb:b6:b7:14:9d:ff:5d:d7:6b:f0:12:6a:
         82:80:99:9c:54:42:76:12:f9:83:96:26:c7:70:39:24:6e:9f:
         c9:57:f2:3c:8d:c9:95:93:62:7c:14:37:87:89:19:4a:6a:cf:
         49:54:75:8f:1a:47:a7:1a:a3:61:eb:c0:e8:91:30:c1:91:d5:
         09:26:fa:30:6c:f1:37:22:0e:02:d9:d5:3a:93:8c:73:e0:1a:
         85:01:b0:1d:c2:22:68:51:1e:0b:bc:2b:9c:8e:5d:61:cb:c4:
         c6:b5:d5:9d:f4:3f:54:81:e5:9a:6f:61:cc:27:7f:43:55:7a:
         06:ff:88:12:ad:2e:ad:a7:16:94:08:3b:02:b3:df:95:13:7a:
         8c:89:54:62:d7:14:22:c8:e0:10:0d:0b:f1:24:8f:61:d8:35:
         86:f7:f7:1e:5c:1d:91:a7:de:f3:9b:b4:47:23:d9:e6:cd:f0:
         e1:8f:87:b6:f5:a6:02:2e:b1:ee:3e:1a:68:d7:43:e7:bd:f2:
         fc:11:2f:82:7c:14:f1:2c:6e:56:0e:ec:50:6c:5e:c7:03:ff:
         0a:b6:db:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoNjZTHfIzs/h5y9fPBp2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZWY2YmRiYzQyYWQwNmRlZmRhZDcyNjc5NDE0MzQ2ZDhk
MDQ4ZGYwHhcNMjUwOTA3MTAwMjQ3WhcNMjUwOTA4MTAwMjQ3WjAzMTEwLwYDVQQD
EygwODYwY2NlYTM2MGNmNmE5ZWNmODAwODMwNzY3YWUwZWMwOTNlZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIApuK7AcoDjfwUInvbbj4hXIBjO
ZBWihoibcqyEFp8Yq+Wo2DsoM1ojAfrr9/0ki56uw5DNZ/MwU1wJVN3WnT0Cqrzn
lyIZWBRd2LsPsKZa2/UFf+EQeUXxHuX7tM+uXZmmdbvzBnUZN8pIPeyPlh8c5UGN
VLb23tZf/ATXqvm38lrx0mfxXMkE9uPCFUs9ojVrEOS5YMDTtR1m87p32mTLxNr7
LyjteU7CIEDVFcYeCfW18lg2atFqJfT746hM59dEgkQsQsnXpg06TBYTNarInzHf
/ofGe0f8q5DGbHLZh06JlGL9Xvvx4Q34UDNxg774eNIHO7usRuybkYsktwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAhgzOo2DPap7PgAgwdnrg7Ak+0QMB8GA1UdIwQY
MBaAFGPva9vEKtBt79rXJnlBQ0bY0EjfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUt
MGM4MzY4ZGI5NTYzLzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUtMGM4MzY4ZGI5NTYz
LzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWVejS6uK
M5NtRNSR5T7oTgzylH0ceHZIssXZhNY8pRWVSCXdrUKU7GTIy7a3FJ3/Xddr8BJq
goCZnFRCdhL5g5Ymx3A5JG6fyVfyPI3JlZNifBQ3h4kZSmrPSVR1jxpHpxqjYevA
6JEwwZHVCSb6MGzxNyIOAtnVOpOMc+AahQGwHcIiaFEeC7wrnI5dYcvExrXVnfQ/
VIHlmm9hzCd/Q1V6Bv+IEq0uracWlAg7ArPflRN6jIlUYtcUIsjgEA0L8SSPYdg1
hvf3Hlwdkafe85u0RyPZ5s3w4Y+HtvWmAi6x7j4aaNdD573y/BEvgnwU8SxuVg7s
UGxexwP/CrbbSg==
-----END CERTIFICATE-----