Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.mft
File:                     Y-ftmpXgsiN2kMdL_njP7eLETnw.mft (raw, json)
Hash identifier:          RpK85Q5VZ3JeQtcHo7tTsAoxp14+77NtILSEtfcBik4=
Subject key identifier:   26:37:B6:70:6B:56:74:C1:89:52:C7:8F:8A:40:05:AB:D4:F7:79:53
Authority key identifier: 63:E7:ED:9A:95:E0:B2:23:76:90:C7:4B:FE:78:CF:ED:E2:C4:4E:7C
Certificate issuer:       /CN=63e7ed9a95e0b2237690c74bfe78cfede2c44e7c
Certificate serial:       01974E572C684A414CB964EB60D6FECC00F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-ftmpXgsiN2kMdL_njP7eLETnw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.mft
Manifest number:          08D5
Signing time:             Sun 08 Jun 2025 07:00:25 +0000
Manifest this update:     Sun 08 Jun 2025 07:00:25 +0000
Manifest next update:     Mon 09 Jun 2025 07:00:25 +0000
Files and hashes:         1: Y-ftmpXgsiN2kMdL_njP7eLETnw.crl (hash: MOiug4ZXy071kAy6HMkY2lH/MqwYfa8N3FFpvo7hUWU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y-ftmpXgsiN2kMdL_njP7eLETnw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:57:2c:68:4a:41:4c:b9:64:eb:60:d6:fe:cc:00:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e7ed9a95e0b2237690c74bfe78cfede2c44e7c
        Validity
            Not Before: Jun  8 07:00:25 2025 GMT
            Not After : Jun  9 07:00:25 2025 GMT
        Subject: CN=2637b6706b5674c18952c78f8a4005abd4f77953
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:44:f3:55:5e:d4:03:7a:68:a1:19:eb:9a:bb:
                    e8:23:e5:8c:73:34:33:b4:22:b6:3c:2c:36:f9:d5:
                    dc:45:91:45:93:ef:07:a2:cc:1c:30:b0:21:b6:77:
                    41:0b:9b:00:51:5e:b0:ef:ff:b7:9b:bc:7e:3c:ed:
                    aa:3d:61:5a:88:dd:f0:b5:d2:2c:e5:79:88:c8:d1:
                    35:ae:5c:04:31:4b:49:8f:d4:90:d5:39:1c:e1:57:
                    af:59:aa:06:9c:d9:78:0f:56:58:21:6d:13:7b:ff:
                    3a:ea:de:9e:c2:94:75:31:5f:ae:fd:23:43:1a:8a:
                    6f:6b:13:a6:fd:50:23:47:a3:fa:d4:ba:e1:b0:e3:
                    82:94:f3:19:f5:30:67:3a:f8:8a:5b:4e:55:e4:40:
                    cd:50:ef:5c:79:29:16:18:ce:3b:cf:16:3b:ce:09:
                    42:08:11:7d:f5:25:5f:80:4f:01:64:56:05:da:1d:
                    43:f9:61:07:ee:14:d9:ca:c8:4a:95:fb:ac:53:50:
                    70:fa:3a:ea:51:0c:1b:f2:f3:07:67:ae:4e:5c:d0:
                    89:9f:98:88:57:fd:1c:bd:41:e9:d2:02:e7:34:7d:
                    48:f0:63:60:45:24:19:13:27:01:18:98:82:de:50:
                    d0:aa:e6:fb:7d:a3:b8:f7:35:12:c3:b7:b5:24:d0:
                    fa:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:37:B6:70:6B:56:74:C1:89:52:C7:8F:8A:40:05:AB:D4:F7:79:53
            X509v3 Authority Key Identifier:
                keyid:63:E7:ED:9A:95:E0:B2:23:76:90:C7:4B:FE:78:CF:ED:E2:C4:4E:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-ftmpXgsiN2kMdL_njP7eLETnw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:c0:12:27:0c:30:ed:8c:39:65:c2:74:bb:06:6b:56:85:05:
         06:93:d9:e7:a0:a9:57:58:8b:f6:a7:9f:a5:d4:41:55:c1:2e:
         be:fe:e2:e6:07:15:cc:a4:58:35:62:55:a5:a8:b7:fe:64:c2:
         71:8f:54:a9:06:11:11:e8:fd:5e:23:2e:b7:9c:a6:4b:32:83:
         fb:36:c0:41:10:bc:a9:51:a0:c9:76:48:55:53:95:f9:09:26:
         33:f4:7e:ec:34:c9:57:ff:54:79:43:fe:9c:ae:bd:50:11:ce:
         07:34:e5:68:76:91:94:18:76:97:48:22:26:00:6e:16:a3:b4:
         82:fc:44:13:f1:bb:a3:ea:86:6e:63:bc:3c:09:03:55:a8:2e:
         ee:13:33:e2:02:55:ae:fb:55:82:c5:b5:90:2d:fa:ab:c2:2b:
         bd:81:04:6c:23:9c:ca:74:01:cb:d6:25:ff:a3:dc:fc:65:d2:
         3c:9c:22:19:bb:bb:02:53:1b:4c:38:76:eb:3e:17:dd:c0:ba:
         7a:4a:96:ba:72:87:c8:7d:93:26:ef:db:65:ce:58:a0:4d:53:
         aa:6f:3e:a2:95:5d:9d:b6:a3:1d:5c:2e:ee:be:31:37:21:a5:
         07:e6:49:c8:14:61:40:5f:4e:01:de:8f:84:e4:ae:3f:91:ed:
         a0:9f:83:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOVyxoSkFMuWTrYNb+zAD3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTdlZDlhOTVlMGIyMjM3NjkwYzc0YmZlNzhjZmVkZTJj
NDRlN2MwHhcNMjUwNjA4MDcwMDI1WhcNMjUwNjA5MDcwMDI1WjAzMTEwLwYDVQQD
EygyNjM3YjY3MDZiNTY3NGMxODk1MmM3OGY4YTQwMDVhYmQ0Zjc3OTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUTzVV7UA3pooRnrmrvoI+WMczQz
tCK2PCw2+dXcRZFFk+8HoswcMLAhtndBC5sAUV6w7/+3m7x+PO2qPWFaiN3wtdIs
5XmIyNE1rlwEMUtJj9SQ1Tkc4VevWaoGnNl4D1ZYIW0Te/866t6ewpR1MV+u/SND
GopvaxOm/VAjR6P61LrhsOOClPMZ9TBnOviKW05V5EDNUO9ceSkWGM47zxY7zglC
CBF99SVfgE8BZFYF2h1D+WEH7hTZyshKlfusU1Bw+jrqUQwb8vMHZ65OXNCJn5iI
V/0cvUHp0gLnNH1I8GNgRSQZEycBGJiC3lDQqub7faO49zUSw7e1JND6UQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCY3tnBrVnTBiVLHj4pABavU93lTMB8GA1UdIwQY
MBaAFGPn7ZqV4LIjdpDHS/54z+3ixE58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1mdG1wWGdzaU4ya01kTF9ualA3ZUxFVG53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mMGM5MTQtZTgzZi00OTNhLThiMDct
MTliMmQ0MWJlYTc5LzEvWS1mdG1wWGdzaU4ya01kTF9ualA3ZUxFVG53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mMGM5MTQtZTgzZi00OTNhLThiMDctMTliMmQ0MWJlYTc5
LzEvWS1mdG1wWGdzaU4ya01kTF9ualA3ZUxFVG53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb8ASJwww
7Yw5ZcJ0uwZrVoUFBpPZ56CpV1iL9qefpdRBVcEuvv7i5gcVzKRYNWJVpai3/mTC
cY9UqQYREej9XiMut5ymSzKD+zbAQRC8qVGgyXZIVVOV+QkmM/R+7DTJV/9UeUP+
nK69UBHOBzTlaHaRlBh2l0giJgBuFqO0gvxEE/G7o+qGbmO8PAkDVagu7hMz4gJV
rvtVgsW1kC36q8IrvYEEbCOcynQBy9Yl/6Pc/GXSPJwiGbu7AlMbTDh26z4X3cC6
ekqWunKHyH2TJu/bZc5YoE1Tqm8+opVdnbajHVwu7r4xNyGlB+ZJyBRhQF9OAd6P
hOSuP5HtoJ+Dig==
-----END CERTIFICATE-----