Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.mft
File:                     Y-ftmpXgsiN2kMdL_njP7eLETnw.mft (raw, json)
Hash identifier:          4EmZKK0EDS567bszSM1NhRFZzXOqWZh87mceDwlhZ60=
Subject key identifier:   42:71:66:21:C1:06:EB:2F:D8:E4:58:0D:E4:B5:6E:0D:34:E5:A4:F8
Authority key identifier: 63:E7:ED:9A:95:E0:B2:23:76:90:C7:4B:FE:78:CF:ED:E2:C4:4E:7C
Certificate issuer:       /CN=63e7ed9a95e0b2237690c74bfe78cfede2c44e7c
Certificate serial:       0199239EE92598C6D30A7B2878F80B1472B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-ftmpXgsiN2kMdL_njP7eLETnw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.mft
Manifest number:          09C8
Signing time:             Sun 07 Sep 2025 10:00:40 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:40 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:40 +0000
Files and hashes:         1: Y-ftmpXgsiN2kMdL_njP7eLETnw.crl (hash: iVWgwqmSTgB64u4G4fZpF0i6yiDJdMte6TbaW1nYorY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y-ftmpXgsiN2kMdL_njP7eLETnw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:e9:25:98:c6:d3:0a:7b:28:78:f8:0b:14:72:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e7ed9a95e0b2237690c74bfe78cfede2c44e7c
        Validity
            Not Before: Sep  7 10:00:40 2025 GMT
            Not After : Sep  8 10:00:40 2025 GMT
        Subject: CN=42716621c106eb2fd8e4580de4b56e0d34e5a4f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:be:83:a2:49:58:af:15:d7:97:ee:c8:39:7e:
                    32:e8:51:4d:4f:76:4f:24:33:26:56:6c:3d:7a:95:
                    78:cc:a4:1f:dd:fe:cb:0e:69:6f:4e:f6:3d:b3:79:
                    ae:67:94:cf:51:78:7d:f1:bd:3e:a1:b9:79:fa:6b:
                    10:45:23:c5:6a:b9:72:60:7c:65:bb:82:10:f6:61:
                    e4:b1:e2:3b:41:58:b2:87:9d:78:d7:57:82:5a:84:
                    13:4e:79:40:31:0a:86:9c:06:f6:df:20:44:e0:c5:
                    13:7b:96:a5:60:5e:53:33:52:23:83:bf:94:e3:b2:
                    31:f5:68:fd:bd:1f:af:e9:a5:68:0a:c6:6f:c9:ad:
                    6d:c6:96:a3:ba:cb:7c:2e:ba:64:e0:8b:57:75:c6:
                    e5:a3:2e:2a:7a:8f:cf:65:09:55:17:4e:dd:9f:97:
                    e0:e7:f5:69:82:52:07:33:e6:37:4f:40:2a:2d:ec:
                    97:e3:f4:11:9e:3e:09:fe:3f:39:3d:e0:cd:b7:4a:
                    67:7e:7c:33:46:0d:b1:c3:c3:c7:76:c4:13:9c:aa:
                    cf:88:bd:96:55:51:0a:c8:6b:db:b0:f6:d1:94:77:
                    f9:13:39:bf:27:e9:c5:d9:21:1e:b9:62:42:3e:42:
                    c2:ca:0b:5d:3b:50:f5:04:58:c0:eb:06:10:9f:1d:
                    bd:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:71:66:21:C1:06:EB:2F:D8:E4:58:0D:E4:B5:6E:0D:34:E5:A4:F8
            X509v3 Authority Key Identifier:
                keyid:63:E7:ED:9A:95:E0:B2:23:76:90:C7:4B:FE:78:CF:ED:E2:C4:4E:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-ftmpXgsiN2kMdL_njP7eLETnw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:7e:a5:ce:f3:b7:fe:05:3b:b3:86:a5:f2:e2:72:5f:46:14:
         45:7f:8d:d5:ce:23:fc:d5:0f:50:ca:1f:cc:10:04:0a:bd:f7:
         0f:83:ee:ba:55:df:d2:41:02:79:82:7d:91:ee:c3:14:23:bb:
         a5:b5:9c:63:bc:87:cb:8a:ca:f7:1b:70:41:39:a4:35:c5:00:
         85:c4:e1:5a:d1:e8:a8:17:37:70:9d:b5:94:e2:f7:a6:27:96:
         8d:21:8e:1a:8c:e5:ba:0a:64:0e:a0:60:b9:18:65:ee:06:73:
         2a:e3:34:d3:9a:64:39:a8:45:c8:bc:1a:01:3f:c3:af:fa:d2:
         d4:1f:7c:2b:eb:9b:e8:59:93:ed:cf:b6:ae:46:fd:60:a8:75:
         5b:b7:00:cf:65:f0:6b:97:1a:92:f4:cc:de:e1:b8:07:e5:34:
         fc:1a:7e:86:3d:fc:da:c1:d0:fd:75:33:bf:6e:4a:3a:64:37:
         02:9d:e8:92:53:a7:fb:f5:01:49:52:c3:56:97:14:fa:16:9b:
         87:c6:7e:86:70:f5:69:44:8c:1d:67:2e:9d:de:00:72:f7:ce:
         af:45:0d:e9:a9:d5:db:49:e0:a9:31:e2:9c:7e:17:4e:9d:88:
         6c:14:5c:6d:37:26:d8:c4:7a:42:d6:22:84:cc:31:31:b9:36:
         5f:51:c9:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnuklmMbTCnsoePgLFHK3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTdlZDlhOTVlMGIyMjM3NjkwYzc0YmZlNzhjZmVkZTJj
NDRlN2MwHhcNMjUwOTA3MTAwMDQwWhcNMjUwOTA4MTAwMDQwWjAzMTEwLwYDVQQD
Eyg0MjcxNjYyMWMxMDZlYjJmZDhlNDU4MGRlNGI1NmUwZDM0ZTVhNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA676DoklYrxXXl+7IOX4y6FFNT3ZP
JDMmVmw9epV4zKQf3f7LDmlvTvY9s3muZ5TPUXh98b0+obl5+msQRSPFarlyYHxl
u4IQ9mHkseI7QViyh51411eCWoQTTnlAMQqGnAb23yBE4MUTe5alYF5TM1Ijg7+U
47Ix9Wj9vR+v6aVoCsZvya1txpajust8Lrpk4ItXdcbloy4qeo/PZQlVF07dn5fg
5/VpglIHM+Y3T0AqLeyX4/QRnj4J/j85PeDNt0pnfnwzRg2xw8PHdsQTnKrPiL2W
VVEKyGvbsPbRlHf5Ezm/J+nF2SEeuWJCPkLCygtdO1D1BFjA6wYQnx29qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEJxZiHBBusv2ORYDeS1bg005aT4MB8GA1UdIwQY
MBaAFGPn7ZqV4LIjdpDHS/54z+3ixE58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1mdG1wWGdzaU4ya01kTF9ualA3ZUxFVG53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mMGM5MTQtZTgzZi00OTNhLThiMDct
MTliMmQ0MWJlYTc5LzEvWS1mdG1wWGdzaU4ya01kTF9ualA3ZUxFVG53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mMGM5MTQtZTgzZi00OTNhLThiMDctMTliMmQ0MWJlYTc5
LzEvWS1mdG1wWGdzaU4ya01kTF9ualA3ZUxFVG53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGX6lzvO3
/gU7s4al8uJyX0YURX+N1c4j/NUPUMofzBAECr33D4PuulXf0kECeYJ9ke7DFCO7
pbWcY7yHy4rK9xtwQTmkNcUAhcThWtHoqBc3cJ21lOL3pieWjSGOGozlugpkDqBg
uRhl7gZzKuM005pkOahFyLwaAT/Dr/rS1B98K+ub6FmT7c+2rkb9YKh1W7cAz2Xw
a5cakvTM3uG4B+U0/Bp+hj382sHQ/XUzv25KOmQ3Ap3oklOn+/UBSVLDVpcU+hab
h8Z+hnD1aUSMHWcund4AcvfOr0UN6anV20ngqTHinH4XTp2IbBRcbTcm2MR6QtYi
hMwxMbk2X1HJDw==
-----END CERTIFICATE-----