Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft
File:                     yM7BO9bzBCDedNLDFWTa3aCOAU0.mft (raw, json)
Hash identifier:          bfT6h4iVHBwM6lGl+VHlRlrW62HHffSPqefbwxXsypI=
Subject key identifier:   6E:3C:30:93:86:60:48:18:9A:60:D4:B8:9A:E8:95:D4:66:E6:A5:17
Authority key identifier: C8:CE:C1:3B:D6:F3:04:20:DE:74:D2:C3:15:64:DA:DD:A0:8E:01:4D
Certificate issuer:       /CN=c8cec13bd6f30420de74d2c31564dadda08e014d
Certificate serial:       019921E7B885F1808FBABD2F6AFF9EADFBBB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft
Manifest number:          9B
Signing time:             Sun 07 Sep 2025 02:00:58 +0000
Manifest this update:     Sun 07 Sep 2025 02:00:58 +0000
Manifest next update:     Mon 08 Sep 2025 02:00:58 +0000
Files and hashes:         1: yM7BO9bzBCDedNLDFWTa3aCOAU0.crl (hash: VHJXe7zn0yp1Lb6assjFyUphIh6Iuh+YITz2DKgJJU0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 02:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:e7:b8:85:f1:80:8f:ba:bd:2f:6a:ff:9e:ad:fb:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8cec13bd6f30420de74d2c31564dadda08e014d
        Validity
            Not Before: Sep  7 02:00:58 2025 GMT
            Not After : Sep  8 02:00:58 2025 GMT
        Subject: CN=6e3c3093866048189a60d4b89ae895d466e6a517
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:9b:44:36:bc:2d:01:8c:7c:70:9b:33:12:34:
                    af:55:cb:92:fe:2e:51:fd:f1:88:41:b0:9a:55:99:
                    11:c5:bf:98:fb:8f:d2:d1:56:60:0f:83:63:72:10:
                    fa:aa:81:54:d1:e6:6f:91:39:20:bf:83:77:04:49:
                    26:a7:6d:30:02:11:ab:b1:6f:b5:50:a7:9f:e2:49:
                    22:68:14:e3:a0:d5:21:eb:75:f6:9a:09:6b:b9:1d:
                    26:3c:dc:03:26:c2:4c:da:b9:c0:b1:33:23:8e:94:
                    21:b2:76:a7:f1:bc:fb:fa:5f:90:a7:db:cc:01:dc:
                    fa:f2:aa:f8:14:9f:01:b0:23:3e:1b:8a:b3:8f:b1:
                    ef:20:d7:07:1a:cf:bf:01:3f:26:ca:31:bb:e1:79:
                    52:93:1d:07:83:8b:dc:e6:a4:0c:68:2e:c6:3b:d9:
                    ec:69:4f:75:bf:d9:10:d5:f4:99:33:d7:a3:54:47:
                    a7:da:43:6c:79:92:13:42:50:1a:5d:a7:1b:cb:73:
                    fd:a1:65:49:45:95:eb:d4:14:14:bb:e3:b0:9a:86:
                    78:74:c5:bb:da:fe:f9:33:4e:04:e9:98:90:cf:68:
                    5e:77:11:b1:47:ae:d1:f4:de:e4:20:0c:b7:aa:c5:
                    25:cb:c0:51:68:21:a8:68:05:ff:49:e7:fb:03:b0:
                    f7:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:3C:30:93:86:60:48:18:9A:60:D4:B8:9A:E8:95:D4:66:E6:A5:17
            X509v3 Authority Key Identifier:
                keyid:C8:CE:C1:3B:D6:F3:04:20:DE:74:D2:C3:15:64:DA:DD:A0:8E:01:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:58:19:9a:9a:66:dc:46:19:59:3a:fe:a2:d6:4c:f4:ee:02:
         07:82:a3:bc:e5:9a:23:70:ce:5d:05:32:67:c9:c7:d8:22:1a:
         4e:e2:a5:7a:7b:ef:1d:c2:90:93:a6:22:ee:2d:03:5f:33:13:
         f2:44:36:36:63:c2:4b:c5:0e:e8:65:98:72:0f:33:1f:92:c4:
         cc:40:fe:23:80:46:d3:65:aa:b6:7a:75:ad:e3:19:2c:ee:a5:
         fd:ff:d9:25:b9:44:72:f8:7c:f2:93:0f:a9:93:18:6b:ae:ed:
         3c:2f:4a:d0:af:7e:28:32:4e:81:c6:f2:cc:66:3b:74:e3:b9:
         8d:59:ab:f0:cd:7a:e5:8e:a5:f1:58:98:91:aa:be:9f:2e:4d:
         b9:14:95:12:0f:8a:70:22:57:b5:6d:12:dd:7e:18:10:9e:64:
         97:d5:15:e6:11:00:73:67:e5:67:c7:ec:32:cf:e4:76:12:9a:
         89:2c:b8:20:46:e4:43:77:b5:dc:c2:b4:6d:92:be:df:21:06:
         fc:27:a8:ea:d4:ee:08:17:07:65:dc:21:9d:d5:10:02:34:a3:
         d9:a3:3d:16:c4:01:fd:73:9b:67:ae:09:05:19:07:a3:ba:62:
         93:3d:1c:91:1e:d9:10:07:cd:05:ab:59:25:b1:2f:80:9f:42:
         26:21:eb:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkh57iF8YCPur0vav+erfu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4Y2VjMTNiZDZmMzA0MjBkZTc0ZDJjMzE1NjRkYWRkYTA4
ZTAxNGQwHhcNMjUwOTA3MDIwMDU4WhcNMjUwOTA4MDIwMDU4WjAzMTEwLwYDVQQD
Eyg2ZTNjMzA5Mzg2NjA0ODE4OWE2MGQ0Yjg5YWU4OTVkNDY2ZTZhNTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZtENrwtAYx8cJszEjSvVcuS/i5R
/fGIQbCaVZkRxb+Y+4/S0VZgD4NjchD6qoFU0eZvkTkgv4N3BEkmp20wAhGrsW+1
UKef4kkiaBTjoNUh63X2mglruR0mPNwDJsJM2rnAsTMjjpQhsnan8bz7+l+Qp9vM
Adz68qr4FJ8BsCM+G4qzj7HvINcHGs+/AT8myjG74XlSkx0Hg4vc5qQMaC7GO9ns
aU91v9kQ1fSZM9ejVEen2kNseZITQlAaXacby3P9oWVJRZXr1BQUu+OwmoZ4dMW7
2v75M04E6ZiQz2hedxGxR67R9N7kIAy3qsUly8BRaCGoaAX/Sef7A7D38wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG48MJOGYEgYmmDUuJroldRm5qUXMB8GA1UdIwQY
MBaAFMjOwTvW8wQg3nTSwxVk2t2gjgFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84NWRmMTQtYTgxNS00NjkxLWE5MjMt
NDZlNjVjOTVmODNhLzEveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84NWRmMTQtYTgxNS00NjkxLWE5MjMtNDZlNjVjOTVmODNh
LzEveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW1gZmppm
3EYZWTr+otZM9O4CB4KjvOWaI3DOXQUyZ8nH2CIaTuKlenvvHcKQk6Yi7i0DXzMT
8kQ2NmPCS8UO6GWYcg8zH5LEzED+I4BG02Wqtnp1reMZLO6l/f/ZJblEcvh88pMP
qZMYa67tPC9K0K9+KDJOgcbyzGY7dOO5jVmr8M165Y6l8ViYkaq+ny5NuRSVEg+K
cCJXtW0S3X4YEJ5kl9UV5hEAc2flZ8fsMs/kdhKaiSy4IEbkQ3e13MK0bZK+3yEG
/Ceo6tTuCBcHZdwhndUQAjSj2aM9FsQB/XObZ64JBRkHo7pikz0ckR7ZEAfNBatZ
JbEvgJ9CJiHrBw==
-----END CERTIFICATE-----