Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
File:                     yQDj7qi7474R-IxoK9E4wmUH99w.mft (raw, json)
Hash identifier:          K3l5GGeEiUR3cTEc9yPg+x4oI97uoAvr7fWMc5QoqW8=
Subject key identifier:   AB:F1:5A:30:00:60:88:CF:A9:A3:F7:76:8B:3F:39:4D:8E:36:8F:88
Authority key identifier: C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC
Certificate issuer:       /CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
Certificate serial:       0199239F9E2A9559CD2B55EC668D64136DB5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
Manifest number:          0D57
Signing time:             Sun 07 Sep 2025 10:01:26 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:26 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:26 +0000
Files and hashes:         1: yQDj7qi7474R-IxoK9E4wmUH99w.crl (hash: Up2ozhEaY5S4I+26g+8K4AimF390+TZm2HLYPL1Q0J0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:9e:2a:95:59:cd:2b:55:ec:66:8d:64:13:6d:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
        Validity
            Not Before: Sep  7 10:01:26 2025 GMT
            Not After : Sep  8 10:01:26 2025 GMT
        Subject: CN=abf15a30006088cfa9a3f7768b3f394d8e368f88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:d6:66:de:f5:35:13:13:f3:b2:70:fe:67:86:
                    5c:52:17:ee:38:8d:2d:5e:c1:34:19:f1:59:62:94:
                    fa:84:f6:92:cd:17:81:2f:97:19:7f:45:ce:ed:8b:
                    8d:8c:42:a5:41:46:aa:9f:7e:23:de:d8:9e:bd:f7:
                    4b:9f:52:93:9f:ef:55:c2:d5:7b:7e:30:0b:ce:b1:
                    54:31:08:4a:06:f6:c7:dd:cf:c5:94:59:01:7f:f7:
                    b9:3e:17:c9:c3:86:7a:e4:1d:a5:70:e0:4b:7d:c3:
                    9b:c6:13:28:30:b1:93:c2:7e:3f:2a:a4:92:0b:5d:
                    40:af:56:b6:ff:b0:2e:45:26:4b:90:62:4b:e3:4c:
                    77:44:2e:bd:41:1f:f4:70:ee:be:a8:61:30:38:94:
                    2c:cb:c9:09:c8:de:32:86:f6:54:9c:5a:1c:d1:7f:
                    11:be:9a:65:ab:16:93:2d:39:84:d5:4c:b3:73:52:
                    aa:6f:62:95:b9:96:1b:bc:1b:12:c1:e5:5f:cd:ca:
                    9b:5a:b3:ff:7b:14:20:92:b7:56:63:93:0f:3b:96:
                    17:d0:ef:c1:8b:b7:b3:cd:9e:08:4d:c6:2b:02:c2:
                    e5:d6:5b:ca:e0:c1:db:e9:ed:62:1b:14:34:13:dd:
                    8b:03:93:6b:2b:94:d8:07:08:bf:99:f3:48:dd:e5:
                    20:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:F1:5A:30:00:60:88:CF:A9:A3:F7:76:8B:3F:39:4D:8E:36:8F:88
            X509v3 Authority Key Identifier:
                keyid:C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:a2:e4:9f:87:81:30:be:97:7c:ab:1b:b4:66:02:b8:c6:e8:
         3f:c8:1b:61:76:4f:73:6c:aa:96:e8:61:80:d9:69:bf:21:92:
         27:a7:c0:72:24:43:22:5c:53:b5:63:fc:c9:e9:70:68:87:2d:
         f7:17:e1:3f:c7:42:51:aa:6c:cf:ca:2f:ee:84:15:b2:e1:d6:
         d2:5e:c8:16:3f:ad:b6:66:f5:45:56:c9:2c:8a:b2:12:69:42:
         40:37:73:ad:09:1e:09:84:dd:c5:29:aa:f3:75:69:bb:5e:e8:
         c2:07:b9:7a:46:47:09:07:3d:21:30:32:21:2c:74:47:5c:9b:
         e5:29:eb:ed:23:f7:37:ca:e8:91:f7:23:06:18:90:59:2d:2d:
         3b:6f:f3:c1:83:f0:7c:4a:74:83:c8:be:0d:ce:50:85:5f:f8:
         ed:e9:14:f3:10:82:dc:16:f8:75:c7:e8:e2:87:f4:71:ac:3d:
         29:01:be:8a:15:b3:a4:ea:74:97:0d:cd:32:43:21:a5:01:f5:
         43:68:32:f4:59:fd:91:9c:57:03:d5:98:f5:43:91:ec:e9:da:
         5c:76:f0:47:2d:e9:ea:ff:5c:bb:ee:d9:9b:29:2a:13:42:fe:
         1e:cc:1e:89:d7:43:0e:bc:d9:99:0e:d0:f3:dd:39:cd:c4:72:
         94:f5:70:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn54qlVnNK1XsZo1kE221MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MDBlM2VlYThiYmUzYmUxMWY4OGM2ODJiZDEzOGMyNjUw
N2Y3ZGMwHhcNMjUwOTA3MTAwMTI2WhcNMjUwOTA4MTAwMTI2WjAzMTEwLwYDVQQD
EyhhYmYxNWEzMDAwNjA4OGNmYTlhM2Y3NzY4YjNmMzk0ZDhlMzY4Zjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dZm3vU1ExPzsnD+Z4ZcUhfuOI0t
XsE0GfFZYpT6hPaSzReBL5cZf0XO7YuNjEKlQUaqn34j3tievfdLn1KTn+9VwtV7
fjALzrFUMQhKBvbH3c/FlFkBf/e5PhfJw4Z65B2lcOBLfcObxhMoMLGTwn4/KqSS
C11Ar1a2/7AuRSZLkGJL40x3RC69QR/0cO6+qGEwOJQsy8kJyN4yhvZUnFoc0X8R
vpplqxaTLTmE1Uyzc1Kqb2KVuZYbvBsSweVfzcqbWrP/exQgkrdWY5MPO5YX0O/B
i7ezzZ4ITcYrAsLl1lvK4MHb6e1iGxQ0E92LA5NrK5TYBwi/mfNI3eUgkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKvxWjAAYIjPqaP3dos/OU2ONo+IMB8GA1UdIwQY
MBaAFMkA4+6ou+O+EfiMaCvROMJlB/fcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMt
NDE2MjA0YTAyNzM3LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMtNDE2MjA0YTAyNzM3
LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb6Lkn4eB
ML6XfKsbtGYCuMboP8gbYXZPc2yqluhhgNlpvyGSJ6fAciRDIlxTtWP8yelwaIct
9xfhP8dCUapsz8ov7oQVsuHW0l7IFj+ttmb1RVbJLIqyEmlCQDdzrQkeCYTdxSmq
83Vpu17owge5ekZHCQc9ITAyISx0R1yb5Snr7SP3N8rokfcjBhiQWS0tO2/zwYPw
fEp0g8i+Dc5QhV/47ekU8xCC3Bb4dcfo4of0caw9KQG+ihWzpOp0lw3NMkMhpQH1
Q2gy9Fn9kZxXA9WY9UOR7OnaXHbwRy3p6v9cu+7ZmykqE0L+HsweiddDDrzZmQ7Q
8905zcRylPVwzg==
-----END CERTIFICATE-----