Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft
File:                     ypfglEx3smswKXwtScO-ausnNxE.mft (raw, json)
Hash identifier:          EpUuMt5UZbnABD4Sh+0Qikw39fq1IrOVkWTGC5a7zTI=
Subject key identifier:   E2:D6:87:79:23:20:EF:2F:B8:A1:80:2C:36:34:61:9A:05:F4:74:92
Authority key identifier: CA:97:E0:94:4C:77:B2:6B:30:29:7C:2D:49:C3:BE:6A:EB:27:37:11
Certificate issuer:       /CN=ca97e0944c77b26b30297c2d49c3be6aeb273711
Certificate serial:       019921B0D439BAE3FF787CEF7830EA9FF338
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ypfglEx3smswKXwtScO-ausnNxE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft
Manifest number:          0386
Signing time:             Sun 07 Sep 2025 01:01:00 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:00 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:00 +0000
Files and hashes:         1: ypfglEx3smswKXwtScO-ausnNxE.crl (hash: Nb6KCftsZFbJO+E9hD+73P2JCRKlEQgRDNi+l4g/Y6Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ypfglEx3smswKXwtScO-ausnNxE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:d4:39:ba:e3:ff:78:7c:ef:78:30:ea:9f:f3:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca97e0944c77b26b30297c2d49c3be6aeb273711
        Validity
            Not Before: Sep  7 01:01:00 2025 GMT
            Not After : Sep  8 01:01:00 2025 GMT
        Subject: CN=e2d687792320ef2fb8a1802c3634619a05f47492
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:56:ec:19:4e:05:01:9f:f6:69:94:1f:12:4d:
                    fe:ad:65:25:55:72:75:6a:45:6f:fa:a3:8b:92:cf:
                    c2:e9:6f:13:fe:73:2e:02:0e:9e:3f:36:03:e3:48:
                    e5:14:4f:1d:ed:90:00:0b:51:1f:05:db:57:5e:49:
                    71:d2:7b:e6:9e:8e:89:13:82:44:8a:1c:64:c5:08:
                    f5:b2:7b:58:64:4e:28:9e:cd:8b:fe:6f:66:e3:07:
                    10:a6:73:d0:cd:6e:a6:5b:3a:39:d5:89:82:33:05:
                    58:6c:74:45:a8:ee:e2:5c:02:0e:7f:5c:1a:b8:ce:
                    13:6a:f0:66:0f:38:95:14:32:00:11:2d:d4:30:81:
                    37:53:e8:e5:b6:f1:1b:c7:1c:2e:02:b1:5c:fa:4d:
                    ae:81:8a:92:77:96:84:50:ba:a7:2f:f4:a3:cc:97:
                    9d:4c:be:3b:7f:4c:0a:05:a7:42:39:a5:a7:30:65:
                    3c:ec:ba:2d:9f:fe:52:10:c4:d8:1b:68:02:93:43:
                    53:d7:93:bb:e5:85:14:b6:ad:ee:fd:8e:1b:83:8d:
                    dd:e3:30:af:4e:b7:ec:e4:b6:51:03:77:a4:77:b9:
                    a7:5b:66:c0:18:56:cc:0f:53:a9:e8:50:b1:af:fc:
                    96:5f:ab:a6:71:f7:45:fd:5a:c3:62:c5:4d:b4:18:
                    49:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:D6:87:79:23:20:EF:2F:B8:A1:80:2C:36:34:61:9A:05:F4:74:92
            X509v3 Authority Key Identifier:
                keyid:CA:97:E0:94:4C:77:B2:6B:30:29:7C:2D:49:C3:BE:6A:EB:27:37:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypfglEx3smswKXwtScO-ausnNxE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:b7:77:09:6e:5f:25:f8:12:c7:8a:0f:e7:f2:68:4d:8e:fb:
         77:7d:9b:9a:bb:f9:f6:08:ea:f6:53:c1:fa:ba:47:63:f4:c8:
         96:09:de:da:83:27:2d:46:1e:b3:65:7d:8d:b6:1c:3e:ee:9b:
         e6:2d:cf:20:c3:82:71:b2:a2:bb:53:11:85:b4:60:d2:3f:a5:
         3c:61:b1:ca:64:f4:d3:0e:7c:f8:0a:22:60:4d:77:a9:06:bf:
         f6:44:a0:46:16:0f:02:a0:4c:ef:fd:ab:4a:0c:c5:1d:83:74:
         d7:f0:22:fe:54:07:6a:04:40:80:01:6e:c4:68:91:c1:dd:53:
         dc:93:98:c8:42:f7:07:6e:f6:12:43:47:85:dd:91:9b:aa:d3:
         c0:62:54:0e:3b:96:bd:29:1d:8c:0d:11:0a:2e:e9:65:98:14:
         de:75:52:19:d6:c4:c6:2f:3d:06:97:fc:6d:5d:d4:4a:82:0c:
         4b:53:f3:a3:82:a3:9e:72:9f:8b:65:be:4e:57:9e:51:43:36:
         4b:e1:a7:ad:0d:e7:f3:04:c5:78:fb:7e:ae:c3:1a:16:6d:ea:
         0b:98:28:09:12:64:06:5a:a9:8a:4b:33:1a:66:69:e1:52:61:
         b7:2f:2d:28:16:5a:10:32:0b:4b:6c:f1:05:d0:fd:0a:ea:4e:
         d4:57:be:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsNQ5uuP/eHzveDDqn/M4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTdlMDk0NGM3N2IyNmIzMDI5N2MyZDQ5YzNiZTZhZWIy
NzM3MTEwHhcNMjUwOTA3MDEwMTAwWhcNMjUwOTA4MDEwMTAwWjAzMTEwLwYDVQQD
EyhlMmQ2ODc3OTIzMjBlZjJmYjhhMTgwMmMzNjM0NjE5YTA1ZjQ3NDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FbsGU4FAZ/2aZQfEk3+rWUlVXJ1
akVv+qOLks/C6W8T/nMuAg6ePzYD40jlFE8d7ZAAC1EfBdtXXklx0nvmno6JE4JE
ihxkxQj1sntYZE4ons2L/m9m4wcQpnPQzW6mWzo51YmCMwVYbHRFqO7iXAIOf1wa
uM4TavBmDziVFDIAES3UMIE3U+jltvEbxxwuArFc+k2ugYqSd5aEULqnL/SjzJed
TL47f0wKBadCOaWnMGU87Lotn/5SEMTYG2gCk0NT15O75YUUtq3u/Y4bg43d4zCv
Trfs5LZRA3ekd7mnW2bAGFbMD1Op6FCxr/yWX6umcfdF/VrDYsVNtBhJrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOLWh3kjIO8vuKGALDY0YZoF9HSSMB8GA1UdIwQY
MBaAFMqX4JRMd7JrMCl8LUnDvmrrJzcRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBmZ2xFeDNzbXN3S1h3dFNjTy1hdXNuTnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jMGUzODUtY2JlNS00N2YzLTgwOGQt
ZTY4NzY3YzE4ZjAyLzEveXBmZ2xFeDNzbXN3S1h3dFNjTy1hdXNuTnhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jMGUzODUtY2JlNS00N2YzLTgwOGQtZTY4NzY3YzE4ZjAy
LzEveXBmZ2xFeDNzbXN3S1h3dFNjTy1hdXNuTnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKLd3CW5f
JfgSx4oP5/JoTY77d32bmrv59gjq9lPB+rpHY/TIlgne2oMnLUYes2V9jbYcPu6b
5i3PIMOCcbKiu1MRhbRg0j+lPGGxymT00w58+AoiYE13qQa/9kSgRhYPAqBM7/2r
SgzFHYN01/Ai/lQHagRAgAFuxGiRwd1T3JOYyEL3B272EkNHhd2Rm6rTwGJUDjuW
vSkdjA0RCi7pZZgU3nVSGdbExi89Bpf8bV3USoIMS1Pzo4KjnnKfi2W+TleeUUM2
S+GnrQ3n8wTFePt+rsMaFm3qC5goCRJkBlqpikszGmZp4VJhty8tKBZaEDILS2zx
BdD9CupO1Fe+kA==
-----END CERTIFICATE-----