Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
File:                     yO91rieylt0KS84TZH2LWJv06cM.mft (raw, json)
Hash identifier:          iUfjxyoFSkfIIqmW4V0skHoVDSxrGOI0M7d7hADQ/2E=
Subject key identifier:   22:81:61:6F:08:CE:91:AF:30:8A:18:72:B7:F7:EA:AD:7E:E1:A4:79
Authority key identifier: C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3
Certificate issuer:       /CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
Certificate serial:       019757FFDE93C4D3F1CF561554F818C5590D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
Manifest number:          10F1
Signing time:             Tue 10 Jun 2025 04:01:15 +0000
Manifest this update:     Tue 10 Jun 2025 04:01:15 +0000
Manifest next update:     Wed 11 Jun 2025 04:01:15 +0000
Files and hashes:         1: yO91rieylt0KS84TZH2LWJv06cM.crl (hash: xOeOfsyfgwbf6FN2TRMi4DlyEBJwL3KPrLMJxw0lr1M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 04:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:ff:de:93:c4:d3:f1:cf:56:15:54:f8:18:c5:59:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
        Validity
            Not Before: Jun 10 04:01:15 2025 GMT
            Not After : Jun 11 04:01:15 2025 GMT
        Subject: CN=2281616f08ce91af308a1872b7f7eaad7ee1a479
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:56:7d:b6:75:da:22:65:8f:31:d9:7a:57:08:
                    b3:dd:4c:60:fb:99:32:ec:18:38:3f:5d:e9:02:39:
                    18:d0:a9:9e:3e:fb:e2:68:a2:8d:2b:13:df:d2:33:
                    b6:89:85:c6:b0:9a:73:1c:65:b7:02:07:50:8f:72:
                    df:62:0c:76:a4:8d:ba:43:cc:cb:2f:fd:e0:6f:e1:
                    af:dc:a4:df:36:a1:d4:6e:a5:96:13:eb:bc:e2:23:
                    c0:55:f3:7a:87:62:06:20:94:1a:b4:7b:13:be:f7:
                    64:3c:c0:45:8d:e8:9c:09:a4:55:60:5b:5e:44:eb:
                    8b:d9:2e:a7:ff:b1:40:73:e0:9e:21:7a:7f:0d:59:
                    88:0b:29:1c:21:40:42:2e:f6:01:05:14:ff:dd:44:
                    df:c8:97:da:62:f7:bd:cc:0a:0a:2d:83:af:b6:d9:
                    11:d5:d6:d1:0d:cc:89:c2:5d:da:4b:ed:7a:04:89:
                    8d:e7:d8:7b:2b:ac:28:d5:cf:08:34:0d:d1:ec:ce:
                    05:61:8c:ff:6f:d9:5f:b4:15:54:da:08:c1:1e:7c:
                    f5:ad:69:7b:36:43:7b:d8:f5:a4:b9:99:d5:da:b6:
                    06:6b:9b:44:15:55:56:26:cf:e3:8b:17:4e:b7:f1:
                    6d:87:7e:bb:b2:5a:36:86:0d:b8:29:ef:be:6b:36:
                    0c:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:81:61:6F:08:CE:91:AF:30:8A:18:72:B7:F7:EA:AD:7E:E1:A4:79
            X509v3 Authority Key Identifier:
                keyid:C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:5c:91:4e:6a:e9:0a:2a:87:58:ea:a1:54:49:29:5c:3e:09:
         64:09:b8:d1:26:32:d5:b7:ad:73:e3:ef:ab:70:94:fa:e1:93:
         57:d7:44:b2:a7:bf:d6:be:2c:8b:c4:89:fc:b8:2f:d4:2d:a6:
         56:b9:07:2d:48:de:ae:5d:eb:b7:7e:40:82:99:8e:ca:5e:78:
         d3:f8:6e:87:f6:e3:70:70:b1:20:d0:08:f0:94:d3:95:ce:58:
         c7:e8:88:fc:6f:7d:d6:7a:18:ca:cc:cb:9f:4a:a9:e3:e1:9f:
         b1:75:ed:c5:1b:2a:0c:14:0a:5c:48:fc:57:0b:2a:f0:b8:68:
         e8:01:74:14:3b:4b:08:f7:6f:c2:18:49:df:d5:fc:11:87:b2:
         be:93:1c:c8:c5:d6:87:d4:06:14:a3:43:87:b1:00:37:9f:18:
         df:d6:61:14:7d:8f:56:1b:c3:49:2a:8a:03:8d:b2:2f:37:08:
         d0:84:7f:d7:a6:2c:a2:11:17:78:66:4e:d9:b2:15:a0:cb:45:
         ae:a2:5f:71:e9:64:93:02:2d:07:d2:2b:20:33:99:aa:dc:aa:
         37:54:33:da:25:ad:ec:01:09:70:d5:df:e9:7e:81:70:97:fd:
         a1:05:c4:94:ac:34:49:d1:3c:1e:87:e1:38:8c:d6:dc:b7:be:
         86:06:e7:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdX/96TxNPxz1YVVPgYxVkNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWY3NWFlMjdiMjk2ZGQwYTRiY2UxMzY0N2Q4YjU4OWJm
NGU5YzMwHhcNMjUwNjEwMDQwMTE1WhcNMjUwNjExMDQwMTE1WjAzMTEwLwYDVQQD
EygyMjgxNjE2ZjA4Y2U5MWFmMzA4YTE4NzJiN2Y3ZWFhZDdlZTFhNDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylZ9tnXaImWPMdl6Vwiz3Uxg+5ky
7Bg4P13pAjkY0KmePvviaKKNKxPf0jO2iYXGsJpzHGW3AgdQj3LfYgx2pI26Q8zL
L/3gb+Gv3KTfNqHUbqWWE+u84iPAVfN6h2IGIJQatHsTvvdkPMBFjeicCaRVYFte
ROuL2S6n/7FAc+CeIXp/DVmICykcIUBCLvYBBRT/3UTfyJfaYve9zAoKLYOvttkR
1dbRDcyJwl3aS+16BImN59h7K6wo1c8INA3R7M4FYYz/b9lftBVU2gjBHnz1rWl7
NkN72PWkuZnV2rYGa5tEFVVWJs/jixdOt/Fth367slo2hg24Ke++azYMOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCKBYW8IzpGvMIoYcrf36q1+4aR5MB8GA1UdIwQY
MBaAFMjvda4nspbdCkvOE2R9i1ib9OnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYt
NzczNTFkMDg1MGM5LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYtNzczNTFkMDg1MGM5
LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ1yRTmrp
CiqHWOqhVEkpXD4JZAm40SYy1betc+Pvq3CU+uGTV9dEsqe/1r4si8SJ/Lgv1C2m
VrkHLUjerl3rt35AgpmOyl540/huh/bjcHCxINAI8JTTlc5Yx+iI/G991noYyszL
n0qp4+GfsXXtxRsqDBQKXEj8Vwsq8Lho6AF0FDtLCPdvwhhJ39X8EYeyvpMcyMXW
h9QGFKNDh7EAN58Y39ZhFH2PVhvDSSqKA42yLzcI0IR/16YsohEXeGZO2bIVoMtF
rqJfcelkkwItB9IrIDOZqtyqN1Qz2iWt7AEJcNXf6X6BcJf9oQXElKw0SdE8Hofh
OIzW3Le+hgbn4A==
-----END CERTIFICATE-----