Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft
File:                     ya3PjO-lllmLJLm2q2UHDdkcp5w.mft (raw, json)
Hash identifier:          aGda9xp/EcfQSSf1b2riuwlf2Jb4ppeo9PbmyZGLJPs=
Subject key identifier:   F9:15:FC:1E:2A:4A:62:56:35:DA:26:6C:B1:3C:67:30:7F:F9:F6:4F
Authority key identifier: C9:AD:CF:8C:EF:A5:96:59:8B:24:B9:B6:AB:65:07:0D:D9:1C:A7:9C
Certificate issuer:       /CN=c9adcf8cefa596598b24b9b6ab65070dd91ca79c
Certificate serial:       01975045CC08AA449C43DDFD7B5D4CAB88A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ya3PjO-lllmLJLm2q2UHDdkcp5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft
Manifest number:          0627
Signing time:             Sun 08 Jun 2025 16:00:40 +0000
Manifest this update:     Sun 08 Jun 2025 16:00:40 +0000
Manifest next update:     Mon 09 Jun 2025 16:00:40 +0000
Files and hashes:         1: ya3PjO-lllmLJLm2q2UHDdkcp5w.crl (hash: eUPtUPe7D6o8JwrNRSBni9ihAKUm810tZ/vCcKY41T4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ya3PjO-lllmLJLm2q2UHDdkcp5w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:45:cc:08:aa:44:9c:43:dd:fd:7b:5d:4c:ab:88:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9adcf8cefa596598b24b9b6ab65070dd91ca79c
        Validity
            Not Before: Jun  8 16:00:40 2025 GMT
            Not After : Jun  9 16:00:40 2025 GMT
        Subject: CN=f915fc1e2a4a625635da266cb13c67307ff9f64f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:1e:15:28:98:97:38:db:5a:8a:26:a9:c0:28:
                    29:58:a7:62:71:33:63:3f:11:8b:c4:28:72:25:e1:
                    74:29:cf:fc:bb:ba:0c:90:18:8c:2b:93:50:23:74:
                    40:e3:f7:81:36:e7:63:34:6c:3d:e0:ae:29:7c:86:
                    5d:3a:d1:22:35:41:26:a6:f7:09:5b:9e:b4:02:ec:
                    1f:9c:b9:6c:ac:af:8d:d1:e3:b4:33:ef:ca:5e:45:
                    ed:96:05:ac:9e:2d:58:30:57:e8:89:1e:f3:b5:32:
                    1b:e2:3e:2b:69:3f:9a:ee:99:dd:2f:a1:2c:26:ae:
                    8a:bc:73:40:3f:30:4e:83:ca:16:a0:5c:af:3d:58:
                    fa:75:36:a7:09:73:71:14:04:19:58:c2:aa:74:56:
                    5c:f5:14:c1:ba:8b:cc:dc:4d:ed:7e:19:47:64:4c:
                    8d:12:f2:d2:5b:cb:dd:92:00:b6:1b:f8:37:83:2d:
                    f3:f7:54:fc:af:51:cb:d8:54:e9:f0:65:7b:52:9a:
                    df:89:d5:9e:4d:63:f4:14:b5:76:48:8e:4d:96:25:
                    d1:e2:47:08:9c:e4:0b:f7:4b:14:cf:11:eb:07:11:
                    ec:1e:2e:d9:79:16:47:6b:8b:f9:60:44:2f:f4:d7:
                    e3:f8:bf:0e:4d:f7:da:1d:ef:6a:42:6a:01:b7:5f:
                    68:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:15:FC:1E:2A:4A:62:56:35:DA:26:6C:B1:3C:67:30:7F:F9:F6:4F
            X509v3 Authority Key Identifier:
                keyid:C9:AD:CF:8C:EF:A5:96:59:8B:24:B9:B6:AB:65:07:0D:D9:1C:A7:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ya3PjO-lllmLJLm2q2UHDdkcp5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:d2:4f:30:e6:7d:4d:c4:f3:8f:97:41:da:f6:fc:b5:32:8a:
         bd:29:89:06:38:fd:2c:e8:f6:c3:df:cb:85:3d:51:93:e8:1c:
         f5:d3:2f:24:9c:4b:c4:0f:d6:e1:6f:09:bb:e7:15:c6:eb:55:
         29:ac:93:0d:c4:00:8e:07:16:f0:77:98:2b:7f:19:c9:ff:69:
         78:34:7e:88:f9:be:11:77:ca:25:8a:5e:31:d5:0d:c5:99:4b:
         28:e7:f8:8c:94:b7:0b:cc:f6:86:a0:6d:96:a5:9a:6e:b5:b9:
         99:cb:4c:f8:dc:fd:9f:d1:0c:54:3f:e6:7e:ed:47:20:89:79:
         ac:b8:93:57:c8:17:9b:59:90:7d:0b:37:b1:76:8b:90:cc:dd:
         87:b1:57:d3:48:36:50:61:d3:e0:05:26:6f:be:26:c2:61:e2:
         71:7b:fd:fc:5c:e5:ba:23:a1:a3:ee:2a:42:54:34:25:d6:79:
         d5:24:fc:74:e3:0a:34:b2:a2:23:e5:a1:08:84:0d:ae:e7:2c:
         58:30:26:6d:44:25:3c:8f:34:37:b1:78:99:66:11:86:77:0e:
         19:79:c0:d7:85:7e:66:d4:c8:af:b2:0a:13:55:e7:0a:00:9e:
         e4:91:a3:21:68:02:12:75:fd:94:8e:9f:9d:4c:da:81:e8:8b:
         4e:99:02:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQRcwIqkScQ939e11Mq4ihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YWRjZjhjZWZhNTk2NTk4YjI0YjliNmFiNjUwNzBkZDkx
Y2E3OWMwHhcNMjUwNjA4MTYwMDQwWhcNMjUwNjA5MTYwMDQwWjAzMTEwLwYDVQQD
EyhmOTE1ZmMxZTJhNGE2MjU2MzVkYTI2NmNiMTNjNjczMDdmZjlmNjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnx4VKJiXONtaiiapwCgpWKdicTNj
PxGLxChyJeF0Kc/8u7oMkBiMK5NQI3RA4/eBNudjNGw94K4pfIZdOtEiNUEmpvcJ
W560AuwfnLlsrK+N0eO0M+/KXkXtlgWsni1YMFfoiR7ztTIb4j4raT+a7pndL6Es
Jq6KvHNAPzBOg8oWoFyvPVj6dTanCXNxFAQZWMKqdFZc9RTBuovM3E3tfhlHZEyN
EvLSW8vdkgC2G/g3gy3z91T8r1HL2FTp8GV7UprfidWeTWP0FLV2SI5NliXR4kcI
nOQL90sUzxHrBxHsHi7ZeRZHa4v5YEQv9Nfj+L8OTffaHe9qQmoBt19ofQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPkV/B4qSmJWNdombLE8ZzB/+fZPMB8GA1UdIwQY
MBaAFMmtz4zvpZZZiyS5tqtlBw3ZHKecMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWEzUGpPLWxsbG1MSkxtMnEyVUhEZGtjcDV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iMDA1N2MtNTQ3Mi00OGQ1LWIxMDct
YzU1MzcyZmFiMzM1LzEveWEzUGpPLWxsbG1MSkxtMnEyVUhEZGtjcDV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iMDA1N2MtNTQ3Mi00OGQ1LWIxMDctYzU1MzcyZmFiMzM1
LzEveWEzUGpPLWxsbG1MSkxtMnEyVUhEZGtjcDV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsNJPMOZ9
TcTzj5dB2vb8tTKKvSmJBjj9LOj2w9/LhT1Rk+gc9dMvJJxLxA/W4W8Ju+cVxutV
KayTDcQAjgcW8HeYK38Zyf9peDR+iPm+EXfKJYpeMdUNxZlLKOf4jJS3C8z2hqBt
lqWabrW5mctM+Nz9n9EMVD/mfu1HIIl5rLiTV8gXm1mQfQs3sXaLkMzdh7FX00g2
UGHT4AUmb74mwmHicXv9/FzluiOho+4qQlQ0JdZ51ST8dOMKNLKiI+WhCIQNrucs
WDAmbUQlPI80N7F4mWYRhncOGXnA14V+ZtTIr7IKE1XnCgCe5JGjIWgCEnX9lI6f
nUzageiLTpkCLg==
-----END CERTIFICATE-----