Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
File:                     yO91rieylt0KS84TZH2LWJv06cM.mft (raw, json)
Hash identifier:          Z2qi3LzoxesImm9y3AQ90RxZ4kt0nElUw7cbhS5XOlI=
Subject key identifier:   59:C7:0F:F2:C3:C8:88:70:D4:76:77:6C:83:6D:CE:28:47:B2:22:DF
Authority key identifier: C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3
Certificate issuer:       /CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
Certificate serial:       019659151A8D7219E9C4A6F80D0B9C2CFEF8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
Manifest number:          106D
Signing time:             Mon 21 Apr 2025 16:01:17 +0000
Manifest this update:     Mon 21 Apr 2025 16:01:17 +0000
Manifest next update:     Tue 22 Apr 2025 16:01:17 +0000
Files and hashes:         1: yO91rieylt0KS84TZH2LWJv06cM.crl (hash: q6fVxVhha47hUCVCVDekSTL1sZ+j3eEoHTA8tKGT8a4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:15:1a:8d:72:19:e9:c4:a6:f8:0d:0b:9c:2c:fe:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
        Validity
            Not Before: Apr 21 16:01:17 2025 GMT
            Not After : Apr 22 16:01:17 2025 GMT
        Subject: CN=59c70ff2c3c88870d476776c836dce2847b222df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:09:db:73:f5:e2:d9:03:f0:21:11:50:68:04:
                    d8:e8:29:b4:52:dd:1e:fb:99:c9:98:4f:f8:a2:a3:
                    04:d6:6c:81:62:ec:36:8a:16:1a:02:f9:30:4e:48:
                    f3:4c:81:45:79:d7:e8:bb:6f:8c:75:83:d2:f8:bc:
                    79:60:75:99:6b:2b:c1:03:49:65:52:c2:a6:7d:1f:
                    98:31:be:85:ba:45:8d:73:86:c9:ac:68:8b:c9:56:
                    ae:d3:7e:4d:97:e0:d2:d5:93:4c:56:2a:3d:f3:2a:
                    6a:5f:bb:eb:73:c9:6f:50:39:a3:c5:4d:75:77:58:
                    93:10:c8:cb:64:74:20:3e:3e:c7:6c:09:7c:f0:f8:
                    8a:fb:fb:af:af:ce:a3:2d:44:2f:98:aa:0b:c2:a4:
                    27:b6:e9:c5:cb:48:f2:ad:5f:a8:f9:67:28:43:90:
                    44:3c:2c:f1:9d:c4:e8:13:79:32:57:8d:cc:0c:9e:
                    83:56:fb:a7:65:46:5c:33:62:8d:e6:f1:da:d3:0e:
                    26:b2:a0:c8:d8:89:ad:84:8e:f6:f0:fe:9e:31:ad:
                    d0:93:90:2d:80:3b:f9:e6:15:f0:9b:76:b6:83:a5:
                    b5:5d:a4:a0:7c:98:35:34:dd:94:f2:3c:62:ec:18:
                    e6:49:78:05:d3:c0:4f:8e:a8:a3:6b:32:82:ef:04:
                    cd:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:C7:0F:F2:C3:C8:88:70:D4:76:77:6C:83:6D:CE:28:47:B2:22:DF
            X509v3 Authority Key Identifier:
                keyid:C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:f1:84:9e:b7:89:27:7b:5b:e9:a6:19:0e:9b:a3:95:66:43:
         ea:23:a4:d0:25:7e:1b:43:b1:53:c9:f3:54:55:91:2d:01:8c:
         a1:b7:55:56:30:e3:2f:83:75:c1:92:0b:43:f0:71:dc:2f:cd:
         44:f0:8a:5a:9f:d9:b9:33:61:28:dd:46:6a:84:5a:5a:b2:04:
         7e:74:df:01:55:5f:6c:15:91:1d:ef:42:7a:7b:24:3d:36:5c:
         a7:ee:90:ef:91:4c:8a:ee:b8:a6:28:c2:cd:a0:7a:45:36:2b:
         19:c2:d4:00:cb:81:65:99:87:0c:d4:f4:ea:64:1f:11:e6:5f:
         6c:d0:cd:cc:0f:2d:6c:f6:9d:af:17:27:57:80:21:78:42:62:
         16:1a:0c:0e:60:a9:df:2c:c8:fe:6a:bb:07:47:67:92:4b:15:
         41:af:18:3a:fa:db:d8:94:c9:ff:f1:eb:29:13:15:c4:8d:03:
         7f:1d:76:51:3d:a6:a7:13:aa:a6:aa:cb:77:53:aa:ef:8b:2e:
         f6:ea:a9:31:f6:b2:c8:fd:e8:79:dd:d9:8e:94:f0:55:7c:7a:
         b9:73:91:17:59:cb:eb:34:f4:fd:84:1a:cf:57:c0:f9:7d:be:
         98:27:d9:f2:3b:cf:3d:2a:7c:d9:b6:36:0c:c2:b7:12:eb:23:
         00:4a:f7:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZFRqNchnpxKb4DQucLP74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWY3NWFlMjdiMjk2ZGQwYTRiY2UxMzY0N2Q4YjU4OWJm
NGU5YzMwHhcNMjUwNDIxMTYwMTE3WhcNMjUwNDIyMTYwMTE3WjAzMTEwLwYDVQQD
Eyg1OWM3MGZmMmMzYzg4ODcwZDQ3Njc3NmM4MzZkY2UyODQ3YjIyMmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgnbc/Xi2QPwIRFQaATY6Cm0Ut0e
+5nJmE/4oqME1myBYuw2ihYaAvkwTkjzTIFFedfou2+MdYPS+Lx5YHWZayvBA0ll
UsKmfR+YMb6FukWNc4bJrGiLyVau035Nl+DS1ZNMVio98ypqX7vrc8lvUDmjxU11
d1iTEMjLZHQgPj7HbAl88PiK+/uvr86jLUQvmKoLwqQntunFy0jyrV+o+WcoQ5BE
PCzxncToE3kyV43MDJ6DVvunZUZcM2KN5vHa0w4msqDI2ImthI728P6eMa3Qk5At
gDv55hXwm3a2g6W1XaSgfJg1NN2U8jxi7BjmSXgF08BPjqijazKC7wTNEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFnHD/LDyIhw1HZ3bINtzihHsiLfMB8GA1UdIwQY
MBaAFMjvda4nspbdCkvOE2R9i1ib9OnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYt
NzczNTFkMDg1MGM5LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYtNzczNTFkMDg1MGM5
LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjvGEnreJ
J3tb6aYZDpujlWZD6iOk0CV+G0OxU8nzVFWRLQGMobdVVjDjL4N1wZILQ/Bx3C/N
RPCKWp/ZuTNhKN1GaoRaWrIEfnTfAVVfbBWRHe9CenskPTZcp+6Q75FMiu64pijC
zaB6RTYrGcLUAMuBZZmHDNT06mQfEeZfbNDNzA8tbPadrxcnV4AheEJiFhoMDmCp
3yzI/mq7B0dnkksVQa8YOvrb2JTJ//HrKRMVxI0Dfx12UT2mpxOqpqrLd1Oq74su
9uqpMfayyP3oed3ZjpTwVXx6uXORF1nL6zT0/YQaz1fA+X2+mCfZ8jvPPSp82bY2
DMK3EusjAEr36g==
-----END CERTIFICATE-----