Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
File:                     iYDaJ6VQ15vmUa15rnGcz8vFo28.mft (raw, json)
Hash identifier:          VueO8gayGrcZ3JSzZ00bSeZbuJRNm0AI9GNSJZnjlC0=
Subject key identifier:   EC:7C:77:1C:F6:33:EA:98:3B:F9:0E:C7:24:A4:CE:E0:BC:08:9D:A2
Authority key identifier: 89:80:DA:27:A5:50:D7:9B:E6:51:AD:79:AE:71:9C:CF:CB:C5:A3:6F
Certificate issuer:       /CN=8980da27a550d79be651ad79ae719ccfcbc5a36f
Certificate serial:       019916889863EB637FDE20B8DDCEB4A60AF5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
Manifest number:          03D5
Signing time:             Thu 04 Sep 2025 21:01:14 +0000
Manifest this update:     Thu 04 Sep 2025 21:01:14 +0000
Manifest next update:     Fri 05 Sep 2025 21:01:14 +0000
Files and hashes:         1: iYDaJ6VQ15vmUa15rnGcz8vFo28.crl (hash: WlLr+Ph5IH0S9iqtGrPiW94wU/anNEzUBiGEJeADnBk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 19:46:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:16:88:98:63:eb:63:7f:de:20:b8:dd:ce:b4:a6:0a:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8980da27a550d79be651ad79ae719ccfcbc5a36f
        Validity
            Not Before: Sep  4 21:01:14 2025 GMT
            Not After : Sep  5 21:01:14 2025 GMT
        Subject: CN=ec7c771cf633ea983bf90ec724a4cee0bc089da2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:15:29:38:58:18:d4:5f:52:41:0e:8b:e5:83:
                    ff:c6:e2:c2:6e:59:04:a3:0e:85:11:bc:6c:2a:17:
                    61:5b:10:3d:59:2c:46:4b:4e:bd:86:fd:3b:7c:f3:
                    99:cf:c3:4b:83:00:45:ee:36:25:19:cf:d1:af:0d:
                    3f:6e:40:84:e1:50:92:bf:20:6c:63:f6:cb:14:04:
                    ab:f1:ac:7e:fd:3a:d7:49:4d:0a:db:b5:a8:93:b6:
                    6c:6f:ce:f4:1e:4b:fa:a0:5b:17:2d:7a:2e:36:8b:
                    fe:71:d9:ae:ff:bf:42:e1:19:43:16:f6:db:33:6f:
                    c2:5e:b0:d9:9d:b2:6b:15:db:bf:57:17:0f:c9:11:
                    2e:0f:8e:2a:d2:79:64:9a:88:7c:1f:0f:23:08:ec:
                    90:b2:af:c4:7d:3a:0d:cf:44:b6:ae:26:ee:7e:45:
                    51:d1:e5:b6:ec:3d:62:3d:5b:0e:8f:63:1c:2b:42:
                    65:64:13:59:c6:8e:2d:2f:d3:c5:22:ea:66:08:66:
                    1f:69:6a:c6:82:d6:df:2c:bb:de:3b:a3:fe:ec:98:
                    6d:17:1d:47:93:6a:dc:08:ed:a2:99:49:cb:7a:25:
                    e3:e4:cc:e7:5a:58:88:eb:62:a7:c5:9d:a1:67:5b:
                    81:4e:47:fd:db:bb:eb:7f:be:f6:7c:10:50:22:49:
                    a9:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:7C:77:1C:F6:33:EA:98:3B:F9:0E:C7:24:A4:CE:E0:BC:08:9D:A2
            X509v3 Authority Key Identifier:
                keyid:89:80:DA:27:A5:50:D7:9B:E6:51:AD:79:AE:71:9C:CF:CB:C5:A3:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:b3:32:7d:79:a5:53:f6:99:c2:5e:96:7a:d5:51:dc:d0:46:
         55:a6:2b:13:0e:20:48:c6:ec:0b:2f:d2:82:f4:9d:0a:f0:9b:
         75:d4:b8:8e:f2:65:d1:3f:4e:11:1f:7a:3b:f4:30:fc:d1:23:
         79:85:db:8f:36:df:b9:7c:27:9c:21:a6:19:0e:02:59:d6:f7:
         ac:c8:b4:2c:66:8d:2a:91:e9:2f:0b:e9:fd:b3:2d:d3:cd:34:
         ab:0f:3d:71:f0:f1:ef:8c:75:ce:41:7d:a3:cc:33:90:b0:9d:
         6c:78:5e:d4:16:03:f9:41:ae:b6:da:77:3e:98:f1:36:26:11:
         56:2d:54:c5:e7:18:da:fa:42:b8:d0:88:aa:c0:86:24:22:c1:
         cb:de:5e:cf:21:f1:5a:66:d2:3d:05:7c:50:bf:73:dd:14:65:
         54:d6:f8:1b:f9:cc:e3:8e:01:81:6e:02:a9:28:de:33:37:98:
         e2:be:3c:0c:c3:1f:9d:dc:d0:84:cb:55:99:bd:46:29:e6:60:
         8b:da:55:59:93:46:13:4a:8f:13:66:c6:15:0b:ab:07:42:ca:
         e8:d1:40:58:48:29:d4:f4:31:48:34:28:d2:76:61:05:ff:bf:
         7d:d0:97:e1:26:57:be:cb:fd:cc:14:2d:1e:48:cd:fd:1c:d2:
         63:36:ba:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkWiJhj62N/3iC43c60pgr1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ODBkYTI3YTU1MGQ3OWJlNjUxYWQ3OWFlNzE5Y2NmY2Jj
NWEzNmYwHhcNMjUwOTA0MjEwMTE0WhcNMjUwOTA1MjEwMTE0WjAzMTEwLwYDVQQD
EyhlYzdjNzcxY2Y2MzNlYTk4M2JmOTBlYzcyNGE0Y2VlMGJjMDg5ZGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxUpOFgY1F9SQQ6L5YP/xuLCblkE
ow6FEbxsKhdhWxA9WSxGS069hv07fPOZz8NLgwBF7jYlGc/Rrw0/bkCE4VCSvyBs
Y/bLFASr8ax+/TrXSU0K27Wok7Zsb870Hkv6oFsXLXouNov+cdmu/79C4RlDFvbb
M2/CXrDZnbJrFdu/VxcPyREuD44q0nlkmoh8Hw8jCOyQsq/EfToNz0S2ribufkVR
0eW27D1iPVsOj2McK0JlZBNZxo4tL9PFIupmCGYfaWrGgtbfLLveO6P+7JhtFx1H
k2rcCO2imUnLeiXj5MznWliI62KnxZ2hZ1uBTkf927vrf772fBBQIkmplQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOx8dxz2M+qYO/kOxySkzuC8CJ2iMB8GA1UdIwQY
MBaAFImA2ielUNeb5lGtea5xnM/LxaNvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iZjRmNDEtMjc5Ny00MWI5LWJhZjYt
Mjk3NjJjMWFhZjY1LzEvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iZjRmNDEtMjc5Ny00MWI5LWJhZjYtMjk3NjJjMWFhZjY1
LzEvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAELMyfXml
U/aZwl6WetVR3NBGVaYrEw4gSMbsCy/SgvSdCvCbddS4jvJl0T9OER96O/Qw/NEj
eYXbjzbfuXwnnCGmGQ4CWdb3rMi0LGaNKpHpLwvp/bMt0800qw89cfDx74x1zkF9
o8wzkLCdbHhe1BYD+UGuttp3PpjxNiYRVi1UxecY2vpCuNCIqsCGJCLBy95ezyHx
WmbSPQV8UL9z3RRlVNb4G/nM444BgW4CqSjeMzeY4r48DMMfndzQhMtVmb1GKeZg
i9pVWZNGE0qPE2bGFQurB0LK6NFAWEgp1PQxSDQo0nZhBf+/fdCX4SZXvsv9zBQt
HkjN/RzSYza6jQ==
-----END CERTIFICATE-----