Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
File:                     yQDj7qi7474R-IxoK9E4wmUH99w.mft (raw, json)
Hash identifier:          zBvqEzoY2QOna4CsJqSd24gOgmD90Puls9ofVi5qQHY=
Subject key identifier:   EE:BC:A2:BE:1E:D2:5D:ED:68:C4:6D:47:8A:34:4E:A5:81:4F:21:2F
Authority key identifier: C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC
Certificate issuer:       /CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
Certificate serial:       0197488C36FFABE814867018D1408F0567DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
Manifest number:          0C61
Signing time:             Sat 07 Jun 2025 04:00:38 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:38 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:38 +0000
Files and hashes:         1: yQDj7qi7474R-IxoK9E4wmUH99w.crl (hash: TVdhRmRJWKke/uHu2BQJWvUUG1UX0e1NHkRAxGN0Cgo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:36:ff:ab:e8:14:86:70:18:d1:40:8f:05:67:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
        Validity
            Not Before: Jun  7 04:00:38 2025 GMT
            Not After : Jun  8 04:00:38 2025 GMT
        Subject: CN=eebca2be1ed25ded68c46d478a344ea5814f212f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:dd:44:49:14:cf:be:19:1e:07:91:4a:bc:2b:
                    05:2e:1e:3c:d0:73:fb:a7:3b:10:d5:73:9b:2f:b6:
                    6f:95:17:da:ed:2c:7a:d7:ed:39:cd:b9:b6:3f:03:
                    ea:cf:20:e7:fe:72:6f:b7:b4:ea:36:e7:6f:3c:63:
                    66:04:da:bb:e4:06:95:54:fc:fc:12:dc:60:01:82:
                    15:89:1c:ee:7c:38:fd:ca:0e:24:c5:47:72:c4:b0:
                    ca:ee:4d:10:2d:6d:ea:96:71:1f:05:b4:6d:19:5c:
                    f1:0a:c4:36:a4:3c:97:32:23:0f:eb:b1:a7:28:05:
                    da:e4:05:d8:af:86:72:02:c5:c3:72:d4:16:01:60:
                    aa:f0:26:dc:e8:71:a7:25:f7:c6:bd:1d:17:0f:e9:
                    09:3e:b9:39:ba:57:6c:14:5c:5f:4f:75:26:04:6c:
                    6e:c3:17:80:97:3b:4e:ce:0a:cb:21:43:e4:df:20:
                    e4:8e:d8:54:cf:a2:46:75:07:90:02:d2:1d:63:25:
                    dc:ff:86:a8:de:d8:88:af:a5:26:93:09:fd:20:5e:
                    16:6f:f9:d8:1e:83:d5:f4:67:bb:11:10:c6:6e:88:
                    02:f3:94:7d:0b:3b:ce:a9:b2:98:c5:77:47:70:22:
                    8d:a9:62:f9:44:ad:4e:4a:7e:fb:3b:bd:72:52:7e:
                    be:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:BC:A2:BE:1E:D2:5D:ED:68:C4:6D:47:8A:34:4E:A5:81:4F:21:2F
            X509v3 Authority Key Identifier:
                keyid:C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:69:6d:4e:ab:7c:06:07:41:26:28:cf:8c:42:c8:83:c8:2f:
         6e:43:20:8a:19:5d:59:c2:41:83:bc:d8:db:9d:40:9d:ed:3c:
         89:33:23:1e:d4:73:56:37:ef:ef:1e:0d:fc:b0:64:e3:b3:ce:
         04:3e:2d:53:ed:db:ff:34:8c:cc:a1:72:3a:dc:e7:ac:77:4a:
         53:29:fc:ac:55:7c:92:62:b5:a8:7f:b5:b9:67:59:06:25:a2:
         51:3d:b1:aa:23:ac:4c:97:4a:28:a2:91:33:65:da:b3:06:01:
         9e:59:87:64:76:20:80:b2:90:4f:78:c3:4d:b0:a4:f7:58:9d:
         d1:3e:cb:d2:cf:fe:4f:95:99:62:87:1a:56:97:7d:ae:cf:d5:
         79:7b:23:c8:e6:5b:09:f9:66:9e:e2:a5:a9:41:d9:12:32:2d:
         f7:d9:30:f3:d4:5c:32:c6:29:e3:89:0a:e6:1f:16:d7:e1:e8:
         80:02:b4:0b:06:3a:8c:42:9e:fb:49:08:c5:f3:17:52:52:05:
         6f:a1:12:89:35:77:20:2e:88:00:de:8b:64:33:b1:5a:f1:eb:
         97:7a:cd:f8:4e:91:89:c8:2a:5d:2d:cc:6b:07:a7:93:3d:93:
         c0:08:23:f7:e2:a7:96:90:73:b4:1f:35:6d:3d:03:ec:f5:f1:
         2b:8d:b8:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjDb/q+gUhnAY0UCPBWfcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MDBlM2VlYThiYmUzYmUxMWY4OGM2ODJiZDEzOGMyNjUw
N2Y3ZGMwHhcNMjUwNjA3MDQwMDM4WhcNMjUwNjA4MDQwMDM4WjAzMTEwLwYDVQQD
EyhlZWJjYTJiZTFlZDI1ZGVkNjhjNDZkNDc4YTM0NGVhNTgxNGYyMTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqd1ESRTPvhkeB5FKvCsFLh480HP7
pzsQ1XObL7ZvlRfa7Sx61+05zbm2PwPqzyDn/nJvt7TqNudvPGNmBNq75AaVVPz8
EtxgAYIViRzufDj9yg4kxUdyxLDK7k0QLW3qlnEfBbRtGVzxCsQ2pDyXMiMP67Gn
KAXa5AXYr4ZyAsXDctQWAWCq8Cbc6HGnJffGvR0XD+kJPrk5uldsFFxfT3UmBGxu
wxeAlztOzgrLIUPk3yDkjthUz6JGdQeQAtIdYyXc/4ao3tiIr6Umkwn9IF4Wb/nY
HoPV9Ge7ERDGbogC85R9CzvOqbKYxXdHcCKNqWL5RK1OSn77O71yUn6+UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO68or4e0l3taMRtR4o0TqWBTyEvMB8GA1UdIwQY
MBaAFMkA4+6ou+O+EfiMaCvROMJlB/fcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMt
NDE2MjA0YTAyNzM3LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMtNDE2MjA0YTAyNzM3
LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFmltTqt8
BgdBJijPjELIg8gvbkMgihldWcJBg7zY251Ane08iTMjHtRzVjfv7x4N/LBk47PO
BD4tU+3b/zSMzKFyOtznrHdKUyn8rFV8kmK1qH+1uWdZBiWiUT2xqiOsTJdKKKKR
M2XaswYBnlmHZHYggLKQT3jDTbCk91id0T7L0s/+T5WZYocaVpd9rs/VeXsjyOZb
CflmnuKlqUHZEjIt99kw89RcMsYp44kK5h8W1+HogAK0CwY6jEKe+0kIxfMXUlIF
b6ESiTV3IC6IAN6LZDOxWvHrl3rN+E6RicgqXS3Mawenkz2TwAgj9+KnlpBztB81
bT0D7PXxK4246A==
-----END CERTIFICATE-----