Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
File:                     yj7NoA-sC_tjsoVD6itdXx5N9ss.mft (raw, json)
Hash identifier:          jk/m1HKtCZe31CrvqD/v9jAoS+PjAXunGFDDd/G+jxY=
Subject key identifier:   E6:9A:7C:78:13:FB:5F:45:47:22:84:FE:D2:D2:A8:FC:11:E3:A3:87
Authority key identifier: CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB
Certificate issuer:       /CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
Certificate serial:       019745C23363D4A725CAC430E8DA64CE5AC7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
Manifest number:          0177
Signing time:             Fri 06 Jun 2025 15:00:44 +0000
Manifest this update:     Fri 06 Jun 2025 15:00:44 +0000
Manifest next update:     Sat 07 Jun 2025 15:00:44 +0000
Files and hashes:         1: yj7NoA-sC_tjsoVD6itdXx5N9ss.crl (hash: GEq4sjsGQG6QfL6UYafK+bE6rC2Kpq+cb3hBABg0/IY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:45:c2:33:63:d4:a7:25:ca:c4:30:e8:da:64:ce:5a:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
        Validity
            Not Before: Jun  6 15:00:44 2025 GMT
            Not After : Jun  7 15:00:44 2025 GMT
        Subject: CN=e69a7c7813fb5f45472284fed2d2a8fc11e3a387
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:63:4f:e4:d4:d2:7e:c9:32:48:ca:38:92:92:
                    88:c3:27:c6:56:ce:23:95:36:6b:06:4e:d5:52:56:
                    5c:0f:37:67:b5:f5:ff:cc:e3:35:47:c8:cf:43:4a:
                    e0:62:ec:d4:46:81:20:08:28:dc:6c:30:27:43:39:
                    e2:ab:83:b2:6b:65:90:e9:a0:c2:6c:1c:8d:fd:1b:
                    f7:ee:6d:c0:a6:e0:3d:8e:8e:d4:e9:15:40:96:19:
                    f3:64:a4:b2:f8:48:44:1d:b0:e7:72:f1:d5:e4:2d:
                    0b:4a:fd:7e:3f:ab:d9:36:8a:b9:89:c1:35:fe:0c:
                    5a:54:b1:0c:32:cc:3a:6e:26:6c:9b:87:86:a1:77:
                    e7:07:18:fd:42:ee:8b:87:ec:5c:9e:c2:ff:75:0d:
                    86:1e:83:31:42:83:e2:11:0e:55:5d:fc:df:49:7c:
                    82:b6:09:52:b1:e2:d4:0f:01:29:f8:99:9d:18:e9:
                    09:e7:08:b6:c2:08:b7:c2:06:a5:6f:74:47:f5:0e:
                    75:5b:67:0e:4b:a6:e0:8a:ff:d2:d4:b8:3f:10:59:
                    2a:82:a8:18:94:bf:6c:2b:bc:c0:50:cb:28:07:74:
                    42:1b:05:2b:4e:21:cb:71:3b:ca:91:cd:25:74:09:
                    42:fc:9d:8b:a7:08:5e:00:a2:02:c4:d1:96:69:60:
                    ef:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:9A:7C:78:13:FB:5F:45:47:22:84:FE:D2:D2:A8:FC:11:E3:A3:87
            X509v3 Authority Key Identifier:
                keyid:CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:dd:ca:76:8f:2f:ff:84:88:13:3d:e8:53:c2:42:b2:3a:d5:
         9d:60:de:5e:64:0d:1e:aa:64:2c:4a:31:c9:18:72:4f:80:47:
         06:ef:9e:00:d3:4a:78:7d:4d:70:d4:d1:fb:38:4a:04:4c:ae:
         4a:4c:6a:90:f8:94:44:55:c5:49:85:60:1f:43:2f:9a:27:ae:
         0f:21:f4:db:96:b1:cb:0d:20:2f:a4:46:77:d8:49:a8:5f:83:
         57:46:89:6a:f2:b9:82:34:3c:5d:05:b5:14:c5:ac:8b:9a:a2:
         bc:59:7b:23:30:d7:5c:b7:9a:64:e8:37:e0:25:e0:cf:e7:7e:
         29:0d:53:db:c4:91:a1:93:44:34:b3:3a:20:95:88:ae:77:e9:
         68:0d:6f:2a:4a:f4:8c:d5:6c:ff:fe:1c:58:01:12:5b:75:77:
         f4:81:b1:dd:68:1c:06:fa:31:9b:af:d4:52:3f:cf:5e:b4:12:
         b1:79:b2:59:b4:03:cf:e6:07:3d:d2:60:12:8f:bd:05:dc:9b:
         8d:d0:58:d4:09:fe:5c:61:c4:56:a7:c0:43:fa:a4:2a:8c:c0:
         5d:ff:94:22:0a:09:22:6b:b5:77:4e:92:65:8e:5f:fb:a4:98:
         8d:2a:e8:f2:f7:b0:9c:ea:3c:14:2b:da:8a:a6:ad:00:23:23:
         af:a2:59:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdFwjNj1KclysQw6NpkzlrHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhM2VjZGEwMGZhYzBiZmI2M2IyODU0M2VhMmI1ZDVmMWU0
ZGY2Y2IwHhcNMjUwNjA2MTUwMDQ0WhcNMjUwNjA3MTUwMDQ0WjAzMTEwLwYDVQQD
EyhlNjlhN2M3ODEzZmI1ZjQ1NDcyMjg0ZmVkMmQyYThmYzExZTNhMzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWNP5NTSfskySMo4kpKIwyfGVs4j
lTZrBk7VUlZcDzdntfX/zOM1R8jPQ0rgYuzURoEgCCjcbDAnQzniq4Oya2WQ6aDC
bByN/Rv37m3ApuA9jo7U6RVAlhnzZKSy+EhEHbDncvHV5C0LSv1+P6vZNoq5icE1
/gxaVLEMMsw6biZsm4eGoXfnBxj9Qu6Lh+xcnsL/dQ2GHoMxQoPiEQ5VXfzfSXyC
tglSseLUDwEp+JmdGOkJ5wi2wgi3wgalb3RH9Q51W2cOS6bgiv/S1Lg/EFkqgqgY
lL9sK7zAUMsoB3RCGwUrTiHLcTvKkc0ldAlC/J2LpwheAKICxNGWaWDvywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOaafHgT+19FRyKE/tLSqPwR46OHMB8GA1UdIwQY
MBaAFMo+zaAPrAv7Y7KFQ+orXV8eTfbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgt
M2Y5OTYwODY1ZDBmLzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgtM2Y5OTYwODY1ZDBm
LzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkt3Kdo8v
/4SIEz3oU8JCsjrVnWDeXmQNHqpkLEoxyRhyT4BHBu+eANNKeH1NcNTR+zhKBEyu
SkxqkPiURFXFSYVgH0MvmieuDyH025axyw0gL6RGd9hJqF+DV0aJavK5gjQ8XQW1
FMWsi5qivFl7IzDXXLeaZOg34CXgz+d+KQ1T28SRoZNENLM6IJWIrnfpaA1vKkr0
jNVs//4cWAESW3V39IGx3WgcBvoxm6/UUj/PXrQSsXmyWbQDz+YHPdJgEo+9Bdyb
jdBY1An+XGHEVqfAQ/qkKozAXf+UIgoJImu1d06SZY5f+6SYjSro8vewnOo8FCva
iqatACMjr6JZQQ==
-----END CERTIFICATE-----