Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
File:                     yyDpqru2GRVGEQI1z3bEg4S0UdA.mft (raw, json)
Hash identifier:          2phFtW6sYzApAqci9Vz6Lze1AIZ4YXeMdp9+mpreGBQ=
Subject key identifier:   0A:9F:3A:55:3E:10:34:6A:86:2F:C4:BC:E7:ED:41:4D:12:B4:E2:41
Authority key identifier: CB:20:E9:AA:BB:B6:19:15:46:11:02:35:CF:76:C4:83:84:B4:51:D0
Certificate issuer:       /CN=cb20e9aabbb6191546110235cf76c48384b451d0
Certificate serial:       01974A4403008B4F1C6FFCDEBBB6C16F0C40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
Manifest number:          04CA
Signing time:             Sat 07 Jun 2025 12:01:00 +0000
Manifest this update:     Sat 07 Jun 2025 12:01:00 +0000
Manifest next update:     Sun 08 Jun 2025 12:01:00 +0000
Files and hashes:         1: yyDpqru2GRVGEQI1z3bEg4S0UdA.crl (hash: B/RcsHdJt7zEXtJFHXXvhe////v3TmwRQwLI08sMr3A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:44:03:00:8b:4f:1c:6f:fc:de:bb:b6:c1:6f:0c:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb20e9aabbb6191546110235cf76c48384b451d0
        Validity
            Not Before: Jun  7 12:01:00 2025 GMT
            Not After : Jun  8 12:01:00 2025 GMT
        Subject: CN=0a9f3a553e10346a862fc4bce7ed414d12b4e241
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:72:1b:c8:39:4b:74:96:79:dd:36:65:92:2b:
                    5c:9e:3f:a1:25:3d:08:29:14:e5:b6:39:4b:ec:dc:
                    96:e6:1e:3e:0a:2e:4a:0d:4c:67:9d:4c:8a:a4:69:
                    21:8f:87:e5:7a:39:3b:0f:e0:fe:6b:42:f0:05:75:
                    53:f0:15:62:d6:bb:c6:aa:da:a4:ac:33:2e:75:b5:
                    08:df:f0:76:bd:a5:d2:7f:38:c3:ff:32:52:32:51:
                    ae:48:dc:54:d2:05:c6:c7:39:cf:1f:a6:82:5f:f5:
                    02:c5:0b:d0:e1:01:81:cb:6c:14:20:3f:67:37:07:
                    1a:c1:66:ee:1d:0c:ef:f7:eb:13:b3:b0:05:7b:88:
                    57:bb:48:ce:ea:45:6c:0a:f4:e4:3b:55:ec:4b:cf:
                    38:09:a5:f8:28:f2:25:5e:8c:07:6f:30:24:cb:0c:
                    d2:d0:05:a9:d3:dd:22:3e:f3:f6:43:18:97:cc:12:
                    7e:fe:17:fb:06:a3:b5:a9:05:9b:f3:26:23:ce:4c:
                    f0:c7:4a:67:ed:07:e3:37:71:7f:67:7d:d4:29:1a:
                    19:95:5c:e2:6e:4a:60:1c:95:d3:b0:a5:e9:c1:0d:
                    10:19:d6:fc:4d:c1:da:c1:35:ef:7e:58:f8:8c:59:
                    f7:94:f9:2d:a3:b0:32:e4:00:4d:31:c5:ca:3e:7d:
                    14:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:9F:3A:55:3E:10:34:6A:86:2F:C4:BC:E7:ED:41:4D:12:B4:E2:41
            X509v3 Authority Key Identifier:
                keyid:CB:20:E9:AA:BB:B6:19:15:46:11:02:35:CF:76:C4:83:84:B4:51:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:c9:8b:47:70:7e:3a:c0:b1:cd:0b:58:dd:1e:28:eb:ce:01:
         9f:a5:70:5b:97:2a:03:f6:60:be:35:14:be:08:07:5c:65:85:
         6c:ec:5d:7b:e6:70:9c:0d:54:d9:d6:fc:62:81:00:4c:62:a8:
         ab:a4:88:ce:e5:8c:b5:a4:d0:c4:af:78:59:64:bd:dc:d6:a5:
         e1:a0:ec:8d:c8:c2:b2:55:55:10:21:42:21:2f:fe:b3:1b:4b:
         a0:78:3e:e7:43:ca:3f:db:24:47:11:65:6a:89:4c:63:fa:31:
         bb:6a:bf:be:16:8d:4b:db:dd:c3:80:79:00:80:98:78:af:75:
         c1:1e:1f:ed:e3:65:75:0e:27:8b:ca:59:42:bc:8d:75:e5:70:
         dc:86:2c:01:87:15:ee:83:fb:72:45:d0:4b:35:d6:1e:65:60:
         e9:0a:da:d1:00:16:9a:39:69:0a:10:3f:b4:f0:4f:cb:d3:ca:
         b0:ef:33:61:f3:3d:ae:b6:40:65:bc:09:4d:39:bb:d3:29:00:
         d2:95:aa:09:6f:32:d6:9d:9f:32:cd:ed:aa:f2:e8:c8:2f:10:
         8f:e7:41:8d:4f:17:c3:41:40:0e:77:42:2e:c9:1c:0c:06:e7:
         54:a6:48:70:9d:aa:83:1c:d0:6e:4f:c2:11:f4:ab:62:ec:77:
         98:2c:fd:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKRAMAi08cb/zeu7bBbwxAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMjBlOWFhYmJiNjE5MTU0NjExMDIzNWNmNzZjNDgzODRi
NDUxZDAwHhcNMjUwNjA3MTIwMTAwWhcNMjUwNjA4MTIwMTAwWjAzMTEwLwYDVQQD
EygwYTlmM2E1NTNlMTAzNDZhODYyZmM0YmNlN2VkNDE0ZDEyYjRlMjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HIbyDlLdJZ53TZlkitcnj+hJT0I
KRTltjlL7NyW5h4+Ci5KDUxnnUyKpGkhj4flejk7D+D+a0LwBXVT8BVi1rvGqtqk
rDMudbUI3/B2vaXSfzjD/zJSMlGuSNxU0gXGxznPH6aCX/UCxQvQ4QGBy2wUID9n
NwcawWbuHQzv9+sTs7AFe4hXu0jO6kVsCvTkO1XsS884CaX4KPIlXowHbzAkywzS
0AWp090iPvP2QxiXzBJ+/hf7BqO1qQWb8yYjzkzwx0pn7QfjN3F/Z33UKRoZlVzi
bkpgHJXTsKXpwQ0QGdb8TcHawTXvflj4jFn3lPkto7Ay5ABNMcXKPn0UHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAqfOlU+EDRqhi/EvOftQU0StOJBMB8GA1UdIwQY
MBaAFMsg6aq7thkVRhECNc92xIOEtFHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84ZDliYjUtYjRlNS00MzQ0LTg5MWIt
MDgwN2Y5NmNhNGEyLzEveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84ZDliYjUtYjRlNS00MzQ0LTg5MWItMDgwN2Y5NmNhNGEy
LzEveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc8mLR3B+
OsCxzQtY3R4o684Bn6VwW5cqA/ZgvjUUvggHXGWFbOxde+ZwnA1U2db8YoEATGKo
q6SIzuWMtaTQxK94WWS93Nal4aDsjcjCslVVECFCIS/+sxtLoHg+50PKP9skRxFl
aolMY/oxu2q/vhaNS9vdw4B5AICYeK91wR4f7eNldQ4ni8pZQryNdeVw3IYsAYcV
7oP7ckXQSzXWHmVg6Qra0QAWmjlpChA/tPBPy9PKsO8zYfM9rrZAZbwJTTm70ykA
0pWqCW8y1p2fMs3tqvLoyC8Qj+dBjU8Xw0FADndCLskcDAbnVKZIcJ2qgxzQbk/C
EfSrYux3mCz9pA==
-----END CERTIFICATE-----