Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
File:                     yyDpqru2GRVGEQI1z3bEg4S0UdA.mft (raw, json)
Hash identifier:          pG4Uh6tnLDze514ljC0UCOnhuBt5bDHIJX0jd7Pn2AU=
Subject key identifier:   4E:C0:FD:1E:72:38:5C:9C:95:06:C1:8E:0D:34:C6:17:F0:A9:B2:0D
Authority key identifier: CB:20:E9:AA:BB:B6:19:15:46:11:02:35:CF:76:C4:83:84:B4:51:D0
Certificate issuer:       /CN=cb20e9aabbb6191546110235cf76c48384b451d0
Certificate serial:       019921B06D8FB282DF885F25518BFA5B83B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
Manifest number:          05BE
Signing time:             Sun 07 Sep 2025 01:00:34 +0000
Manifest this update:     Sun 07 Sep 2025 01:00:34 +0000
Manifest next update:     Mon 08 Sep 2025 01:00:34 +0000
Files and hashes:         1: yyDpqru2GRVGEQI1z3bEg4S0UdA.crl (hash: 6NTfHaWpA0TxMSYsey4oGrWW5pxOMXPPmcLADZVRGGg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:6d:8f:b2:82:df:88:5f:25:51:8b:fa:5b:83:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb20e9aabbb6191546110235cf76c48384b451d0
        Validity
            Not Before: Sep  7 01:00:34 2025 GMT
            Not After : Sep  8 01:00:34 2025 GMT
        Subject: CN=4ec0fd1e72385c9c9506c18e0d34c617f0a9b20d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:17:d3:e4:1e:1e:13:39:0c:70:65:ca:59:7e:
                    7e:84:61:5c:1b:a6:fb:ca:79:d9:3c:3b:9a:08:0a:
                    ef:01:33:39:b4:60:62:8f:3e:cb:ac:7b:61:8f:41:
                    59:87:36:37:5e:5c:e4:92:5d:c0:6d:b6:76:bb:20:
                    bc:cf:0e:a0:4f:04:2e:66:77:41:27:5f:2d:8c:a4:
                    a6:ce:b9:20:3b:71:97:15:92:f7:ad:fe:36:ee:86:
                    52:92:d2:55:d1:3b:9e:f4:c3:87:fa:38:d0:0d:3c:
                    03:23:e7:58:7f:f4:76:b0:46:6c:28:d7:ee:06:ca:
                    69:ae:c8:b9:d0:ba:2c:af:bd:ce:09:0c:49:45:97:
                    12:48:99:42:ef:20:88:90:4e:82:9f:8a:92:b9:82:
                    65:71:4e:5a:16:56:09:9b:46:ab:3b:e5:a2:3c:56:
                    b9:77:d9:db:16:d3:db:34:e6:e3:4a:f2:42:c8:38:
                    27:09:22:ca:13:fa:0a:53:68:bd:7b:19:26:f4:95:
                    90:8a:cf:e4:e6:36:2c:00:0d:1f:50:fd:34:c6:9e:
                    46:5a:c0:87:57:d6:c8:bb:05:79:2c:25:b1:89:c4:
                    a4:dc:12:80:c6:ee:69:17:46:1b:60:7f:f7:f2:43:
                    dc:54:a7:27:51:88:83:d7:c2:bc:8e:d7:cc:6e:25:
                    f7:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:C0:FD:1E:72:38:5C:9C:95:06:C1:8E:0D:34:C6:17:F0:A9:B2:0D
            X509v3 Authority Key Identifier:
                keyid:CB:20:E9:AA:BB:B6:19:15:46:11:02:35:CF:76:C4:83:84:B4:51:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:64:1c:52:c6:a6:7c:1a:40:87:e8:f7:75:c3:ed:80:96:4f:
         7b:da:a6:df:b9:c6:eb:37:fd:82:d5:fb:b7:1b:5a:7d:48:54:
         08:06:e2:c0:d8:28:2c:a6:7a:01:22:7d:b8:3c:9a:a3:86:38:
         ad:d6:69:e7:96:98:f1:86:71:49:5f:60:cf:7f:2b:0e:72:8c:
         32:3d:18:5d:88:d0:14:3f:61:03:02:7a:17:ae:75:12:31:9e:
         e2:7a:06:32:58:3e:8a:6c:de:af:f7:c9:07:95:1a:a8:3c:71:
         7e:8c:7b:fb:55:08:51:7a:73:df:2d:ad:c4:5c:47:cd:2f:74:
         f5:31:80:6d:69:5b:17:ff:df:b3:2d:3e:49:7a:23:86:19:d0:
         77:ef:0b:82:39:c2:0a:cd:d0:d5:7e:46:ed:88:01:ba:0d:b3:
         07:69:c2:5c:85:97:7f:25:43:a7:6e:32:65:f5:f7:37:c2:eb:
         c3:3a:b2:ae:a7:1f:2a:5d:8f:27:8b:4c:ca:b6:7b:32:50:b6:
         27:f6:06:25:d8:1f:7f:4f:30:88:20:5e:cf:48:b5:46:68:7d:
         19:d0:d6:e2:e7:a5:2d:d2:c1:a4:bb:66:c1:df:10:22:fe:7e:
         e3:d6:30:8b:b6:d3:b6:43:24:b4:7d:59:a9:e0:d5:c0:8e:b0:
         98:59:69:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsG2PsoLfiF8lUYv6W4OxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMjBlOWFhYmJiNjE5MTU0NjExMDIzNWNmNzZjNDgzODRi
NDUxZDAwHhcNMjUwOTA3MDEwMDM0WhcNMjUwOTA4MDEwMDM0WjAzMTEwLwYDVQQD
Eyg0ZWMwZmQxZTcyMzg1YzljOTUwNmMxOGUwZDM0YzYxN2YwYTliMjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xfT5B4eEzkMcGXKWX5+hGFcG6b7
ynnZPDuaCArvATM5tGBijz7LrHthj0FZhzY3Xlzkkl3AbbZ2uyC8zw6gTwQuZndB
J18tjKSmzrkgO3GXFZL3rf427oZSktJV0Tue9MOH+jjQDTwDI+dYf/R2sEZsKNfu
Bspprsi50Losr73OCQxJRZcSSJlC7yCIkE6Cn4qSuYJlcU5aFlYJm0arO+WiPFa5
d9nbFtPbNObjSvJCyDgnCSLKE/oKU2i9exkm9JWQis/k5jYsAA0fUP00xp5GWsCH
V9bIuwV5LCWxicSk3BKAxu5pF0YbYH/38kPcVKcnUYiD18K8jtfMbiX3/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE7A/R5yOFyclQbBjg00xhfwqbINMB8GA1UdIwQY
MBaAFMsg6aq7thkVRhECNc92xIOEtFHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84ZDliYjUtYjRlNS00MzQ0LTg5MWIt
MDgwN2Y5NmNhNGEyLzEveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84ZDliYjUtYjRlNS00MzQ0LTg5MWItMDgwN2Y5NmNhNGEy
LzEveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfGQcUsam
fBpAh+j3dcPtgJZPe9qm37nG6zf9gtX7txtafUhUCAbiwNgoLKZ6ASJ9uDyao4Y4
rdZp55aY8YZxSV9gz38rDnKMMj0YXYjQFD9hAwJ6F651EjGe4noGMlg+imzer/fJ
B5UaqDxxfox7+1UIUXpz3y2txFxHzS909TGAbWlbF//fsy0+SXojhhnQd+8LgjnC
Cs3Q1X5G7YgBug2zB2nCXIWXfyVDp24yZfX3N8LrwzqyrqcfKl2PJ4tMyrZ7MlC2
J/YGJdgff08wiCBez0i1Rmh9GdDW4uelLdLBpLtmwd8QIv5+49Ywi7bTtkMktH1Z
qeDVwI6wmFlpCw==
-----END CERTIFICATE-----