Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
File:                     pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft (raw, json)
Hash identifier:          HchCGPPQ1ahWt8iDacoVpuZKgaajLDnQLcMfTB6xjK4=
Subject key identifier:   39:BF:06:35:B2:78:BE:B1:A9:4C:C0:79:6B:AF:5D:D3:42:01:5A:2E
Authority key identifier: A5:8D:49:83:C9:C6:3B:D8:A1:58:00:3C:58:5F:43:D9:94:C1:2D:C2
Certificate issuer:       /CN=a58d4983c9c63bd8a158003c585f43d994c12dc2
Certificate serial:       019922FAF39D488AEDC8D93BAF87057AB3A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
Manifest number:          0AD0
Signing time:             Sun 07 Sep 2025 07:01:35 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:35 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:35 +0000
Files and hashes:         1: pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl (hash: ynwyUyyuPQyeNruW1cd6pyGh+yQEgrDMeg/uug0S8Lg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:f3:9d:48:8a:ed:c8:d9:3b:af:87:05:7a:b3:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a58d4983c9c63bd8a158003c585f43d994c12dc2
        Validity
            Not Before: Sep  7 07:01:35 2025 GMT
            Not After : Sep  8 07:01:35 2025 GMT
        Subject: CN=39bf0635b278beb1a94cc0796baf5dd342015a2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:54:a4:25:71:76:af:5c:4d:b9:27:94:a1:41:
                    c7:8b:e8:71:5b:0c:b6:4f:18:04:48:71:60:31:d2:
                    d1:45:a3:f7:3f:44:f7:54:11:51:1e:51:18:61:25:
                    84:fd:88:fa:df:87:e4:0f:f4:db:7b:7e:7d:f9:da:
                    46:5f:f8:08:34:63:03:82:a8:9f:79:c9:f1:cf:91:
                    5f:53:7f:96:5b:be:1f:25:f9:84:9e:30:3a:5b:86:
                    8a:1e:05:4a:94:09:be:5a:b5:f1:1d:f7:45:45:62:
                    5a:fb:57:b3:bf:99:3f:2f:5c:a5:7d:20:32:22:1a:
                    47:66:90:38:86:5f:e2:09:0f:3c:6d:7a:69:85:91:
                    a9:48:1c:10:7a:89:c8:76:60:dd:13:da:75:d3:58:
                    33:f5:2c:2f:fe:8a:d6:c0:f8:3a:a8:6b:fc:91:e5:
                    15:46:25:48:0d:2f:f0:9d:8a:e5:65:2a:20:a7:90:
                    be:b9:79:ad:77:11:c2:ab:15:3e:26:7d:88:9c:ac:
                    1b:11:8d:03:40:9e:38:c8:0c:2e:85:11:42:05:ed:
                    59:f5:98:bf:73:b2:a8:93:de:3e:d4:fa:c7:3a:57:
                    6f:5c:4a:58:bc:0a:b5:20:15:5c:e5:77:71:2d:a1:
                    66:86:97:b4:0c:64:2b:88:2c:29:79:e3:a0:1b:9e:
                    41:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:BF:06:35:B2:78:BE:B1:A9:4C:C0:79:6B:AF:5D:D3:42:01:5A:2E
            X509v3 Authority Key Identifier:
                keyid:A5:8D:49:83:C9:C6:3B:D8:A1:58:00:3C:58:5F:43:D9:94:C1:2D:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:76:ba:6c:59:02:f1:ea:14:da:56:96:e3:84:a8:b7:7e:fc:
         e1:92:19:9d:56:ea:01:c9:08:ef:fe:58:03:65:f4:c2:69:e0:
         29:14:21:dd:ba:17:8d:79:11:c9:86:35:3c:90:50:bb:29:f7:
         2a:5a:34:e6:b8:88:a9:d5:e8:dd:df:7f:d6:f6:fe:b6:cf:e9:
         f9:f6:78:cc:0d:09:59:d7:6e:cb:ab:a0:3b:23:6c:2c:3d:c5:
         19:69:ea:63:ed:a3:66:ca:5a:fc:70:8f:44:e6:f4:75:b6:24:
         c3:94:c0:86:b5:4a:93:dd:a0:cc:d5:bb:78:ae:8d:1c:b8:a2:
         63:fc:4c:36:10:0b:ec:ed:43:7c:c3:d9:ae:93:a6:b0:85:77:
         c6:99:99:cc:65:13:88:dc:bc:1e:d5:e1:71:af:c9:4f:0c:82:
         b9:bb:a7:c3:06:68:74:82:f7:df:d1:5d:12:46:59:24:95:e5:
         fa:8c:30:cf:94:02:3a:f7:25:30:ec:4a:fc:1f:74:4a:2d:02:
         37:f6:7f:de:12:45:e9:5e:64:9d:ff:37:2b:34:d2:30:69:ed:
         c7:c6:e7:94:8c:44:10:be:91:71:eb:31:15:9b:bf:df:3d:6b:
         cf:d9:26:6f:b1:f5:3e:2c:ae:e2:2a:0c:b6:1a:a0:5c:23:6f:
         4f:b2:e5:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+vOdSIrtyNk7r4cFerOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OGQ0OTgzYzljNjNiZDhhMTU4MDAzYzU4NWY0M2Q5OTRj
MTJkYzIwHhcNMjUwOTA3MDcwMTM1WhcNMjUwOTA4MDcwMTM1WjAzMTEwLwYDVQQD
EygzOWJmMDYzNWIyNzhiZWIxYTk0Y2MwNzk2YmFmNWRkMzQyMDE1YTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVSkJXF2r1xNuSeUoUHHi+hxWwy2
TxgESHFgMdLRRaP3P0T3VBFRHlEYYSWE/Yj634fkD/Tbe359+dpGX/gINGMDgqif
ecnxz5FfU3+WW74fJfmEnjA6W4aKHgVKlAm+WrXxHfdFRWJa+1ezv5k/L1ylfSAy
IhpHZpA4hl/iCQ88bXpphZGpSBwQeonIdmDdE9p101gz9Swv/orWwPg6qGv8keUV
RiVIDS/wnYrlZSogp5C+uXmtdxHCqxU+Jn2InKwbEY0DQJ44yAwuhRFCBe1Z9Zi/
c7Kok94+1PrHOldvXEpYvAq1IBVc5XdxLaFmhpe0DGQriCwpeeOgG55BGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDm/BjWyeL6xqUzAeWuvXdNCAVouMB8GA1UdIwQY
MBaAFKWNSYPJxjvYoVgAPFhfQ9mUwS3CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jM2EzNDMtZGE4Mi00MjdhLTk4YzYt
Y2UzMGQ0YTM5OGUwLzEvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jM2EzNDMtZGE4Mi00MjdhLTk4YzYtY2UzMGQ0YTM5OGUw
LzEvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK3a6bFkC
8eoU2laW44Sot3784ZIZnVbqAckI7/5YA2X0wmngKRQh3boXjXkRyYY1PJBQuyn3
Klo05riIqdXo3d9/1vb+ts/p+fZ4zA0JWdduy6ugOyNsLD3FGWnqY+2jZspa/HCP
ROb0dbYkw5TAhrVKk92gzNW7eK6NHLiiY/xMNhAL7O1DfMPZrpOmsIV3xpmZzGUT
iNy8HtXhca/JTwyCubunwwZodIL339FdEkZZJJXl+owwz5QCOvclMOxK/B90Si0C
N/Z/3hJF6V5knf83KzTSMGntx8bnlIxEEL6RcesxFZu/3z1rz9kmb7H1Piyu4ioM
thqgXCNvT7LllA==
-----END CERTIFICATE-----