Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
File:                     Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft (raw, json)
Hash identifier:          +aCoNlg2CQDVfaJiHMgVHLw1CZwf+BiFLpfIM7ButLs=
Subject key identifier:   29:85:14:71:2A:C5:15:DD:88:E4:B3:9C:00:6B:C3:44:CF:43:03:40
Authority key identifier: 63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7
Certificate issuer:       /CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7
Certificate serial:       019923A0047551093ECEEC3008BDE7D439B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
Manifest number:          0B52
Signing time:             Sun 07 Sep 2025 10:01:53 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:53 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:53 +0000
Files and hashes:         1: Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl (hash: KIAYcPh7dgXhPcDbChgWX9G6kjo5cfWsLpyH0YPB9ng=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:04:75:51:09:3e:ce:ec:30:08:bd:e7:d4:39:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7
        Validity
            Not Before: Sep  7 10:01:53 2025 GMT
            Not After : Sep  8 10:01:53 2025 GMT
        Subject: CN=298514712ac515dd88e4b39c006bc344cf430340
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:88:da:81:cf:de:8e:8b:ff:77:62:1b:25:1b:
                    ac:e8:96:5f:5f:ef:c7:3c:91:dd:2f:5a:e5:12:e5:
                    d8:38:5b:e6:2f:e3:f8:25:57:a7:ac:3f:a9:18:55:
                    3d:19:89:10:af:c4:24:6d:1a:d3:57:a7:33:23:8a:
                    14:64:41:40:e2:e3:37:d5:b3:32:57:69:73:de:26:
                    47:f2:75:bd:37:1d:ef:2a:68:4a:a0:11:22:c0:b9:
                    cb:96:6a:16:97:25:78:d8:70:c8:24:4d:01:f5:0f:
                    b7:c3:74:b2:0c:08:01:4c:e1:3a:40:95:b3:74:de:
                    22:55:9c:a0:36:ec:54:1f:bb:e0:b6:10:40:3e:fd:
                    de:d0:01:f1:8d:c1:6c:61:23:2b:2c:ad:15:4e:82:
                    62:61:0b:e6:44:9e:93:9c:ff:29:76:eb:5e:a9:39:
                    70:a5:62:12:e7:e3:14:1a:41:f8:df:f8:ce:28:60:
                    c8:c9:b6:c2:f8:e6:d3:01:26:12:f2:e3:ec:e5:76:
                    86:4e:36:f9:21:59:06:3b:99:99:47:21:7e:63:2f:
                    f6:63:12:fc:a1:85:cc:e9:55:2a:08:70:37:ad:06:
                    19:9d:d5:43:4d:b2:4b:a6:e5:52:9e:49:04:20:e3:
                    dc:19:f2:4f:36:99:ea:26:74:df:41:10:36:ff:16:
                    8e:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:85:14:71:2A:C5:15:DD:88:E4:B3:9C:00:6B:C3:44:CF:43:03:40
            X509v3 Authority Key Identifier:
                keyid:63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:71:89:45:59:b5:13:8c:c6:74:89:1e:0d:42:ee:72:83:4b:
         c0:8c:8f:12:7f:e6:8d:7b:fb:75:3b:46:15:7f:a3:bc:26:3e:
         f6:ca:19:65:4b:1a:15:a8:29:b6:14:8f:23:59:08:92:06:4f:
         8e:29:b7:56:10:ea:48:5a:3f:8d:9c:54:fe:a1:e4:d3:63:32:
         8c:07:41:28:68:e5:1d:0f:4f:93:a1:27:e7:4e:54:b5:60:7f:
         bf:b9:c0:98:f6:ad:d1:6d:96:23:56:64:6d:85:b6:d9:c1:7c:
         6b:a4:00:5c:ae:6a:2b:1d:2e:e5:7d:01:a2:35:85:46:a9:42:
         b9:4d:12:79:29:a4:4d:ce:de:f2:1f:48:af:92:40:c7:9d:4f:
         30:f6:12:9b:b3:3f:77:ed:89:5e:b7:a1:98:8b:fa:ac:af:6c:
         78:c3:65:f1:70:4e:09:39:f4:b8:61:0f:a3:dc:ad:9e:9e:7f:
         05:de:c0:0b:aa:95:0f:79:25:1b:30:12:d7:28:37:2e:1f:90:
         ad:53:de:78:4a:6c:33:5f:31:60:d0:ab:95:5e:80:2b:f8:0d:
         11:f7:aa:59:66:1b:1a:30:13:14:83:04:3a:7a:09:68:c8:cb:
         e9:ba:68:14:04:78:b1:74:0b:16:fb:d2:25:bd:d8:bc:f5:d5:
         bf:1d:ae:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoAR1UQk+zuwwCL3n1DmwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNzFkMmZiZWNmMmY5MGRjN2Y0OTUxN2E0NDBkYTUzMzlm
NGE2YzcwHhcNMjUwOTA3MTAwMTUzWhcNMjUwOTA4MTAwMTUzWjAzMTEwLwYDVQQD
EygyOTg1MTQ3MTJhYzUxNWRkODhlNGIzOWMwMDZiYzM0NGNmNDMwMzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYjagc/ejov/d2IbJRus6JZfX+/H
PJHdL1rlEuXYOFvmL+P4JVenrD+pGFU9GYkQr8QkbRrTV6czI4oUZEFA4uM31bMy
V2lz3iZH8nW9Nx3vKmhKoBEiwLnLlmoWlyV42HDIJE0B9Q+3w3SyDAgBTOE6QJWz
dN4iVZygNuxUH7vgthBAPv3e0AHxjcFsYSMrLK0VToJiYQvmRJ6TnP8pduteqTlw
pWIS5+MUGkH43/jOKGDIybbC+ObTASYS8uPs5XaGTjb5IVkGO5mZRyF+Yy/2YxL8
oYXM6VUqCHA3rQYZndVDTbJLpuVSnkkEIOPcGfJPNpnqJnTfQRA2/xaOEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCmFFHEqxRXdiOSznABrw0TPQwNAMB8GA1UdIwQY
MBaAFGNx0vvs8vkNx/SVF6RA2lM59KbHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAt
N2UxNGQzNTk4ZjA5LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAtN2UxNGQzNTk4ZjA5
LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaXGJRVm1
E4zGdIkeDULucoNLwIyPEn/mjXv7dTtGFX+jvCY+9soZZUsaFagpthSPI1kIkgZP
jim3VhDqSFo/jZxU/qHk02MyjAdBKGjlHQ9Pk6En505UtWB/v7nAmPat0W2WI1Zk
bYW22cF8a6QAXK5qKx0u5X0BojWFRqlCuU0SeSmkTc7e8h9Ir5JAx51PMPYSm7M/
d+2JXrehmIv6rK9seMNl8XBOCTn0uGEPo9ytnp5/Bd7AC6qVD3klGzAS1yg3Lh+Q
rVPeeEpsM18xYNCrlV6AK/gNEfeqWWYbGjATFIMEOnoJaMjL6bpoFAR4sXQLFvvS
Jb3YvPXVvx2u/Q==
-----END CERTIFICATE-----