Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft
File:                     yGEQ5MdkHRgOjxkgrGX7788G18c.mft (raw, json)
Hash identifier:          PeeTHztBcyHezJ6Tib9qUjzV8JJ8wHZD2mQKTPti5+c=
Subject key identifier:   0C:2C:18:5D:B5:73:26:1F:0D:BA:52:73:7C:57:F5:AF:A4:37:69:43
Authority key identifier: C8:61:10:E4:C7:64:1D:18:0E:8F:19:20:AC:65:FB:EF:CF:06:D7:C7
Certificate issuer:       /CN=c86110e4c7641d180e8f1920ac65fbefcf06d7c7
Certificate serial:       01974DE9CA2F78A6D8FEDCA0B39346F54F0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yGEQ5MdkHRgOjxkgrGX7788G18c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft
Manifest number:          12
Signing time:             Sun 08 Jun 2025 05:00:56 +0000
Manifest this update:     Sun 08 Jun 2025 05:00:56 +0000
Manifest next update:     Mon 09 Jun 2025 05:00:56 +0000
Files and hashes:         1: yGEQ5MdkHRgOjxkgrGX7788G18c.crl (hash: V74AAPLQ+KzZnA4rfiSsTsgVz9sPL0HCZ19mWG6l2Po=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yGEQ5MdkHRgOjxkgrGX7788G18c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:e9:ca:2f:78:a6:d8:fe:dc:a0:b3:93:46:f5:4f:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c86110e4c7641d180e8f1920ac65fbefcf06d7c7
        Validity
            Not Before: Jun  8 05:00:56 2025 GMT
            Not After : Jun  9 05:00:56 2025 GMT
        Subject: CN=0c2c185db573261f0dba52737c57f5afa4376943
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:62:9c:39:57:3c:0d:df:3f:81:e3:f2:37:52:
                    4d:59:ce:51:a3:25:04:2b:85:88:5b:13:a2:74:33:
                    33:c9:9f:bb:3c:42:49:2c:60:28:bd:bd:13:8e:0f:
                    a7:70:ce:26:68:26:a9:20:14:55:6f:89:1f:9c:f3:
                    3b:9f:57:12:6a:cc:e1:de:4c:78:81:d7:38:b4:da:
                    cf:9b:7f:d8:77:ce:e8:b5:8d:47:28:09:f3:6e:94:
                    32:b8:ba:45:3a:e1:95:9e:9f:27:6b:cd:a1:89:4b:
                    45:7b:cb:6c:63:d9:57:0d:7b:f8:db:43:77:c4:79:
                    3a:d3:f0:42:45:8e:be:53:05:26:0f:5a:e7:0e:fc:
                    d9:d1:08:6f:46:bc:ab:05:58:28:50:11:12:f4:99:
                    83:c8:10:ec:37:92:fe:38:43:a9:d7:a9:73:4c:f4:
                    b7:ce:40:ae:fb:e1:33:04:18:a5:75:d9:d3:14:ed:
                    29:f0:93:09:5c:e6:58:75:fa:0a:5d:9e:1f:a4:ac:
                    21:3d:20:c1:52:04:ab:98:0a:cb:9b:88:98:3b:29:
                    cb:4f:9b:c9:27:de:88:6f:8e:89:2d:de:d4:4d:ee:
                    b0:91:2d:d4:d1:a0:2b:5c:ad:56:a6:3d:e9:6d:de:
                    1a:11:08:8a:46:65:99:1b:91:3e:f1:6e:bc:d2:cc:
                    63:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:2C:18:5D:B5:73:26:1F:0D:BA:52:73:7C:57:F5:AF:A4:37:69:43
            X509v3 Authority Key Identifier:
                keyid:C8:61:10:E4:C7:64:1D:18:0E:8F:19:20:AC:65:FB:EF:CF:06:D7:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGEQ5MdkHRgOjxkgrGX7788G18c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:7a:9a:eb:31:df:dd:71:45:be:65:36:e0:0c:06:ca:21:11:
         bc:aa:ad:2c:6f:a4:a9:d9:71:18:59:c2:fb:2d:bd:91:2e:c2:
         01:87:b2:c0:02:c3:c7:76:65:f0:7f:20:d7:14:a0:0a:6a:b6:
         d3:da:5d:2c:c4:f5:d9:86:47:80:d2:9a:a9:97:05:93:69:b5:
         29:37:6a:a2:ef:e6:82:a8:6b:26:5e:4b:18:f7:08:16:dd:46:
         23:88:0c:4a:df:e7:69:c1:45:66:28:6c:1b:92:df:ea:8e:63:
         7f:9c:9c:4b:b7:63:c5:3f:47:72:9c:e8:39:14:71:75:a7:44:
         07:84:a2:bf:75:2d:ef:6a:f9:b1:9a:13:44:7c:4e:f8:2e:1e:
         d7:82:9e:35:30:f5:33:9c:c5:e2:a9:38:7e:c9:23:93:84:3a:
         b1:4b:7b:21:28:dc:ab:f3:16:4f:9a:50:3d:10:26:4e:d3:ab:
         fc:00:2c:3f:c4:36:23:8a:4b:60:20:ae:59:d7:12:4c:44:10:
         93:ff:3d:b6:62:ba:d7:81:af:21:2d:b0:ed:db:4f:4d:9d:91:
         1b:0f:67:eb:38:11:21:a1:01:94:4c:99:0a:01:57:84:6a:f2:
         07:35:55:d4:ff:e9:b6:3b:1c:ab:98:c5:14:16:77:66:9d:e1:
         60:c8:a7:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdN6coveKbY/tygs5NG9U8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NjExMGU0Yzc2NDFkMTgwZThmMTkyMGFjNjVmYmVmY2Yw
NmQ3YzcwHhcNMjUwNjA4MDUwMDU2WhcNMjUwNjA5MDUwMDU2WjAzMTEwLwYDVQQD
EygwYzJjMTg1ZGI1NzMyNjFmMGRiYTUyNzM3YzU3ZjVhZmE0Mzc2OTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGKcOVc8Dd8/gePyN1JNWc5RoyUE
K4WIWxOidDMzyZ+7PEJJLGAovb0Tjg+ncM4maCapIBRVb4kfnPM7n1cSaszh3kx4
gdc4tNrPm3/Yd87otY1HKAnzbpQyuLpFOuGVnp8na82hiUtFe8tsY9lXDXv420N3
xHk60/BCRY6+UwUmD1rnDvzZ0QhvRryrBVgoUBES9JmDyBDsN5L+OEOp16lzTPS3
zkCu++EzBBilddnTFO0p8JMJXOZYdfoKXZ4fpKwhPSDBUgSrmArLm4iYOynLT5vJ
J96Ib46JLd7UTe6wkS3U0aArXK1Wpj3pbd4aEQiKRmWZG5E+8W680sxjaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAwsGF21cyYfDbpSc3xX9a+kN2lDMB8GA1UdIwQY
MBaAFMhhEOTHZB0YDo8ZIKxl++/PBtfHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdFUTVNZGtIUmdPanhrZ3JHWDc3ODhHMThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8yMDhjMjUtZWRjZS00MTMxLWIzMWIt
NjZhNTJjN2M4YzAwLzEveUdFUTVNZGtIUmdPanhrZ3JHWDc3ODhHMThjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8yMDhjMjUtZWRjZS00MTMxLWIzMWItNjZhNTJjN2M4YzAw
LzEveUdFUTVNZGtIUmdPanhrZ3JHWDc3ODhHMThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXnqa6zHf
3XFFvmU24AwGyiERvKqtLG+kqdlxGFnC+y29kS7CAYeywALDx3Zl8H8g1xSgCmq2
09pdLMT12YZHgNKaqZcFk2m1KTdqou/mgqhrJl5LGPcIFt1GI4gMSt/nacFFZihs
G5Lf6o5jf5ycS7djxT9HcpzoORRxdadEB4Siv3Ut72r5sZoTRHxO+C4e14KeNTD1
M5zF4qk4fskjk4Q6sUt7ISjcq/MWT5pQPRAmTtOr/AAsP8Q2I4pLYCCuWdcSTEQQ
k/89tmK614GvIS2w7dtPTZ2RGw9n6zgRIaEBlEyZCgFXhGryBzVV1P/ptjscq5jF
FBZ3Zp3hYMinxg==
-----END CERTIFICATE-----