Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
File:                     yh3vhAA2XhysFuj3iHCS2smDtz4.mft (raw, json)
Hash identifier:          cO1BXfYQHxV6+7ZsQNaDPtoLntas6tHwBuoZUhlVSxw=
Subject key identifier:   1F:FB:A2:6A:BC:E5:C3:13:9F:53:31:B3:42:AA:C8:A4:75:F1:9C:60
Authority key identifier: CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E
Certificate issuer:       /CN=ca1def8400365e1cac16e8f7887092dac983b73e
Certificate serial:       0199240D7D6C6CAC719643801B9C4294305B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
Manifest number:          120F
Signing time:             Sun 07 Sep 2025 12:01:27 +0000
Manifest this update:     Sun 07 Sep 2025 12:01:27 +0000
Manifest next update:     Mon 08 Sep 2025 12:01:27 +0000
Files and hashes:         1: yh3vhAA2XhysFuj3iHCS2smDtz4.crl (hash: DXJE7VQvnG+3U7Pomg+WwVsGr/qF7XZR6mq7LWo0HTg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:0d:7d:6c:6c:ac:71:96:43:80:1b:9c:42:94:30:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca1def8400365e1cac16e8f7887092dac983b73e
        Validity
            Not Before: Sep  7 12:01:27 2025 GMT
            Not After : Sep  8 12:01:27 2025 GMT
        Subject: CN=1ffba26abce5c3139f5331b342aac8a475f19c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:3c:3f:ef:e6:4c:26:21:a1:ae:71:13:1b:cc:
                    00:a4:02:c1:e2:50:07:c5:1e:ec:6f:68:4e:0d:2d:
                    fe:38:55:99:2d:92:16:db:c6:f6:c1:f9:80:69:af:
                    6b:a6:59:62:2a:46:f1:29:6a:60:ce:bf:2e:44:0d:
                    4a:9c:86:4f:98:3b:ee:06:08:f7:6e:92:cb:81:34:
                    49:c1:63:c7:c0:1c:e8:bc:a9:40:0f:70:ca:69:a7:
                    65:aa:5d:b4:85:ec:e7:d7:dc:9c:ed:dc:0c:06:5a:
                    dc:c5:76:2b:47:35:f3:ce:ac:d6:6b:ec:35:d3:a0:
                    8f:53:6c:06:4c:61:3d:73:3c:43:3e:4c:d5:b6:c5:
                    59:ff:88:0d:d5:e8:28:31:dc:6e:fa:6d:30:2a:5a:
                    2d:22:ba:93:7b:bc:a4:1e:a2:c3:7c:32:0f:01:34:
                    00:20:ab:28:77:82:c9:18:b4:da:55:77:de:ec:4d:
                    ec:80:f8:2c:de:51:7d:8c:b1:62:3d:34:c2:86:14:
                    dc:33:ba:03:73:3f:a2:9d:f9:0e:b8:cf:31:00:43:
                    51:8d:eb:7c:c2:d1:14:29:ec:05:2c:c4:09:48:47:
                    f2:10:ce:3a:0b:c0:31:f4:4c:c1:4b:07:cb:16:5a:
                    0d:f0:36:5f:c1:66:89:1e:72:09:5e:2e:22:86:b5:
                    0d:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:FB:A2:6A:BC:E5:C3:13:9F:53:31:B3:42:AA:C8:A4:75:F1:9C:60
            X509v3 Authority Key Identifier:
                keyid:CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:7b:e0:f0:2a:a0:f2:b5:0d:9f:7a:14:14:0a:92:ec:90:d9:
         c9:2f:03:6e:56:e9:38:f4:37:95:a0:12:a7:41:4e:68:e0:05:
         9c:cd:2c:14:42:fa:9c:b1:db:32:5e:69:1c:eb:31:f2:40:a1:
         b7:df:97:b1:62:ad:d0:78:11:c3:69:bc:22:9d:ea:d3:62:66:
         51:ab:73:fa:42:ce:cb:63:b4:c3:c3:eb:26:ec:2f:fe:d8:04:
         5b:82:06:33:57:94:05:98:31:83:3c:d5:a9:10:7e:91:a5:aa:
         e4:5f:f9:99:ed:fe:c6:cf:db:8f:17:84:c2:ba:0f:dc:ee:e8:
         92:30:ed:ee:5c:99:47:0f:a2:f5:57:77:4f:71:50:c7:1f:33:
         3c:b4:e5:3b:28:cb:1b:81:eb:36:0a:8b:a5:b0:38:2f:07:f7:
         42:72:39:9d:a3:8f:f7:86:8d:53:ca:89:6b:15:e0:41:72:a5:
         d0:62:18:e8:dd:ea:92:0f:27:c6:73:aa:8e:f9:f7:74:19:07:
         dd:14:fe:f1:f5:8d:f6:62:06:a2:ed:7d:03:e7:c4:d8:58:f0:
         b8:36:34:b1:5f:55:d1:a1:fa:09:a6:a8:6d:a8:9b:30:96:0a:
         c8:32:80:6f:a7:ae:47:3d:b6:94:63:d9:86:61:44:b5:a5:93:
         d2:b7:a3:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDX1sbKxxlkOAG5xClDBbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWRlZjg0MDAzNjVlMWNhYzE2ZThmNzg4NzA5MmRhYzk4
M2I3M2UwHhcNMjUwOTA3MTIwMTI3WhcNMjUwOTA4MTIwMTI3WjAzMTEwLwYDVQQD
EygxZmZiYTI2YWJjZTVjMzEzOWY1MzMxYjM0MmFhYzhhNDc1ZjE5YzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjw/7+ZMJiGhrnETG8wApALB4lAH
xR7sb2hODS3+OFWZLZIW28b2wfmAaa9rplliKkbxKWpgzr8uRA1KnIZPmDvuBgj3
bpLLgTRJwWPHwBzovKlAD3DKaadlql20hezn19yc7dwMBlrcxXYrRzXzzqzWa+w1
06CPU2wGTGE9czxDPkzVtsVZ/4gN1egoMdxu+m0wKlotIrqTe7ykHqLDfDIPATQA
IKsod4LJGLTaVXfe7E3sgPgs3lF9jLFiPTTChhTcM7oDcz+infkOuM8xAENRjet8
wtEUKewFLMQJSEfyEM46C8Ax9EzBSwfLFloN8DZfwWaJHnIJXi4ihrUNswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB/7omq85cMTn1Mxs0KqyKR18ZxgMB8GA1UdIwQY
MBaAFMod74QANl4crBbo94hwktrJg7c+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEt
Zjk4ZWM5ZDE2MmJlLzEveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEtZjk4ZWM5ZDE2MmJl
LzEveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm3vg8Cqg
8rUNn3oUFAqS7JDZyS8DblbpOPQ3laASp0FOaOAFnM0sFEL6nLHbMl5pHOsx8kCh
t9+XsWKt0HgRw2m8Ip3q02JmUatz+kLOy2O0w8PrJuwv/tgEW4IGM1eUBZgxgzzV
qRB+kaWq5F/5me3+xs/bjxeEwroP3O7okjDt7lyZRw+i9Vd3T3FQxx8zPLTlOyjL
G4HrNgqLpbA4Lwf3QnI5naOP94aNU8qJaxXgQXKl0GIY6N3qkg8nxnOqjvn3dBkH
3RT+8fWN9mIGou19A+fE2FjwuDY0sV9V0aH6CaaobaibMJYKyDKAb6euRz22lGPZ
hmFEtaWT0rejrg==
-----END CERTIFICATE-----