Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft
File:                     yGEQ5MdkHRgOjxkgrGX7788G18c.mft (raw, json)
Hash identifier:          5W05gxQ4KECzvEDpE1QnmCpdpLQxNi8pHOpmPBzwc0k=
Subject key identifier:   0C:0A:F7:21:29:68:1C:B3:16:1F:B6:D8:22:F3:5B:55:4C:F0:C8:14
Authority key identifier: C8:61:10:E4:C7:64:1D:18:0E:8F:19:20:AC:65:FB:EF:CF:06:D7:C7
Certificate issuer:       /CN=c86110e4c7641d180e8f1920ac65fbefcf06d7c7
Certificate serial:       01992331007BA520BAA9EE4132516F612D82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yGEQ5MdkHRgOjxkgrGX7788G18c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft
Manifest number:          0105
Signing time:             Sun 07 Sep 2025 08:00:37 +0000
Manifest this update:     Sun 07 Sep 2025 08:00:37 +0000
Manifest next update:     Mon 08 Sep 2025 08:00:37 +0000
Files and hashes:         1: yGEQ5MdkHRgOjxkgrGX7788G18c.crl (hash: pHQXTIoiqVgc9giGlo35631sWheU25BJHA75mT0KzNE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yGEQ5MdkHRgOjxkgrGX7788G18c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:31:00:7b:a5:20:ba:a9:ee:41:32:51:6f:61:2d:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c86110e4c7641d180e8f1920ac65fbefcf06d7c7
        Validity
            Not Before: Sep  7 08:00:37 2025 GMT
            Not After : Sep  8 08:00:37 2025 GMT
        Subject: CN=0c0af72129681cb3161fb6d822f35b554cf0c814
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:dc:15:63:32:23:9f:aa:13:e6:b2:63:b2:d9:
                    34:4b:83:9b:06:a0:09:34:44:af:e3:42:e2:a1:13:
                    e0:35:35:ae:21:e0:7d:6a:ec:40:04:32:e4:b1:b7:
                    63:a5:5f:bf:9e:c3:4a:18:8d:36:69:93:4e:ba:7e:
                    08:8e:74:d6:b5:27:c8:38:a6:cc:64:a7:6e:18:d1:
                    39:65:de:2a:78:d9:42:ed:2b:f8:3c:db:8f:db:c5:
                    2a:45:4e:34:d2:b1:4d:cb:af:dc:82:d1:7b:20:4e:
                    f9:fa:e5:45:34:4e:51:f8:33:5a:f5:d9:87:4d:e7:
                    4c:b2:4b:59:1f:27:09:3b:ca:91:61:5c:cc:c9:43:
                    96:99:b7:70:31:26:84:a7:6d:f3:f7:43:44:f7:f7:
                    e3:0c:0e:02:d5:6f:62:47:ce:0d:af:f1:03:59:94:
                    8f:a8:17:a2:30:79:fa:bd:88:d5:12:3d:78:2b:e1:
                    e3:1d:92:8e:e0:33:0e:b2:71:6b:91:c8:58:35:d7:
                    8c:46:49:f7:83:89:23:b0:eb:2a:43:0e:d7:8a:f4:
                    58:fe:56:d4:bb:21:0b:87:4f:61:4d:6e:29:fe:0a:
                    b2:36:3b:d5:cc:12:18:d0:3a:fd:dc:33:bc:7e:bf:
                    87:53:bb:6a:86:fd:14:ec:ee:21:63:94:95:5e:e0:
                    61:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:0A:F7:21:29:68:1C:B3:16:1F:B6:D8:22:F3:5B:55:4C:F0:C8:14
            X509v3 Authority Key Identifier:
                keyid:C8:61:10:E4:C7:64:1D:18:0E:8F:19:20:AC:65:FB:EF:CF:06:D7:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGEQ5MdkHRgOjxkgrGX7788G18c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:4b:26:70:2c:8f:71:7b:3d:96:0f:e9:1f:1e:80:cb:bd:fa:
         5f:3b:35:4c:9a:83:bb:2f:65:cb:ce:6a:c6:fe:0b:94:b5:b2:
         73:8e:df:73:93:dd:d1:ae:46:73:80:68:ae:ca:c5:4b:2d:08:
         ba:db:86:c7:97:80:f9:e5:ca:17:55:9f:69:41:13:11:cb:09:
         ed:09:32:2b:2e:b3:64:ee:0d:6f:29:cf:cc:80:ac:c3:84:a3:
         f1:e6:aa:52:a9:56:ac:01:ed:3a:db:25:d3:1e:27:17:ee:f2:
         d9:6a:3a:41:e3:9d:6a:ba:5b:22:77:2b:c6:ee:af:7f:b7:81:
         6f:35:20:91:f2:fd:5c:2a:ee:57:0f:6f:e7:95:05:ca:8d:08:
         f8:87:ea:20:6c:7f:2a:74:8a:4a:d9:88:bb:22:ab:fb:78:53:
         c8:97:de:0f:24:6e:47:91:21:84:4a:a8:61:65:f3:45:12:02:
         f0:68:3e:ad:45:32:a7:c5:07:8f:6f:a1:05:39:a9:15:09:b3:
         b7:0e:fa:cc:bb:e5:9f:7a:b0:3c:be:ba:96:60:d1:08:a4:f1:
         c3:4a:50:9a:cc:71:75:1e:d6:e6:a5:61:24:66:d0:32:50:7b:
         4c:a3:eb:8b:ca:2d:fe:e5:bb:6d:c3:9b:02:e9:35:bc:7e:23:
         f2:20:ba:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMQB7pSC6qe5BMlFvYS2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NjExMGU0Yzc2NDFkMTgwZThmMTkyMGFjNjVmYmVmY2Yw
NmQ3YzcwHhcNMjUwOTA3MDgwMDM3WhcNMjUwOTA4MDgwMDM3WjAzMTEwLwYDVQQD
EygwYzBhZjcyMTI5NjgxY2IzMTYxZmI2ZDgyMmYzNWI1NTRjZjBjODE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NwVYzIjn6oT5rJjstk0S4ObBqAJ
NESv40LioRPgNTWuIeB9auxABDLksbdjpV+/nsNKGI02aZNOun4IjnTWtSfIOKbM
ZKduGNE5Zd4qeNlC7Sv4PNuP28UqRU400rFNy6/cgtF7IE75+uVFNE5R+DNa9dmH
TedMsktZHycJO8qRYVzMyUOWmbdwMSaEp23z90NE9/fjDA4C1W9iR84Nr/EDWZSP
qBeiMHn6vYjVEj14K+HjHZKO4DMOsnFrkchYNdeMRkn3g4kjsOsqQw7XivRY/lbU
uyELh09hTW4p/gqyNjvVzBIY0Dr93DO8fr+HU7tqhv0U7O4hY5SVXuBh/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAwK9yEpaByzFh+22CLzW1VM8MgUMB8GA1UdIwQY
MBaAFMhhEOTHZB0YDo8ZIKxl++/PBtfHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdFUTVNZGtIUmdPanhrZ3JHWDc3ODhHMThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8yMDhjMjUtZWRjZS00MTMxLWIzMWIt
NjZhNTJjN2M4YzAwLzEveUdFUTVNZGtIUmdPanhrZ3JHWDc3ODhHMThjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8yMDhjMjUtZWRjZS00MTMxLWIzMWItNjZhNTJjN2M4YzAw
LzEveUdFUTVNZGtIUmdPanhrZ3JHWDc3ODhHMThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj0smcCyP
cXs9lg/pHx6Ay736Xzs1TJqDuy9ly85qxv4LlLWyc47fc5Pd0a5Gc4BorsrFSy0I
utuGx5eA+eXKF1WfaUETEcsJ7QkyKy6zZO4NbynPzICsw4Sj8eaqUqlWrAHtOtsl
0x4nF+7y2Wo6QeOdarpbIncrxu6vf7eBbzUgkfL9XCruVw9v55UFyo0I+IfqIGx/
KnSKStmIuyKr+3hTyJfeDyRuR5EhhEqoYWXzRRIC8Gg+rUUyp8UHj2+hBTmpFQmz
tw76zLvln3qwPL66lmDRCKTxw0pQmsxxdR7W5qVhJGbQMlB7TKPri8ot/uW7bcOb
Auk1vH4j8iC6jg==
-----END CERTIFICATE-----