Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
File:                     YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft (raw, json)
Hash identifier:          4sjh34aBYuOHFZmcN6BXYebZSTv7anIkb9ECwVhRMVA=
Subject key identifier:   B9:BD:43:AD:E9:E9:C3:9B:99:31:2F:C0:FE:E9:3B:CF:4B:D9:FE:DD
Authority key identifier: 60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F
Certificate issuer:       /CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
Certificate serial:       0197518FD10FB299242E178DA164E505E081
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
Manifest number:          071A
Signing time:             Sun 08 Jun 2025 22:01:09 +0000
Manifest this update:     Sun 08 Jun 2025 22:01:09 +0000
Manifest next update:     Mon 09 Jun 2025 22:01:09 +0000
Files and hashes:         1: YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl (hash: +sVwxtvCOiHlGlzL3wP0fgATJfnelUcNJSb9kcFqfKc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 17:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:51:8f:d1:0f:b2:99:24:2e:17:8d:a1:64:e5:05:e0:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
        Validity
            Not Before: Jun  8 22:01:09 2025 GMT
            Not After : Jun  9 22:01:09 2025 GMT
        Subject: CN=b9bd43ade9e9c39b99312fc0fee93bcf4bd9fedd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:9c:75:96:30:1a:65:85:1a:52:99:0c:d3:aa:
                    95:e3:18:f6:ff:8a:a1:91:26:ed:4c:2a:1c:9b:cd:
                    25:b4:f9:86:c3:d8:5b:aa:46:c7:d7:ea:05:c4:20:
                    3e:39:86:e5:80:ad:b4:36:c3:75:81:f0:5e:4a:79:
                    5e:e3:55:2a:ca:40:61:59:13:52:a0:fa:bc:25:e9:
                    a2:7d:c7:9e:ac:f1:b1:30:e3:66:76:81:0e:db:9f:
                    a0:b1:c0:7f:73:10:19:b3:ca:e9:a1:2f:d8:53:08:
                    23:a7:55:cc:cf:aa:f3:b0:16:13:70:97:7b:22:f3:
                    83:89:c5:d0:0c:3b:d4:9d:9d:51:c6:55:7b:9b:72:
                    0a:52:ef:66:d7:56:0c:78:4a:e4:f8:9a:af:73:b6:
                    27:73:80:16:c9:3f:35:04:0a:0e:21:cd:ac:48:f0:
                    c7:c1:3f:49:f5:32:01:ae:c9:0f:5e:08:74:d8:57:
                    72:f3:75:65:1c:4c:4a:a6:42:2e:58:d5:3c:bd:7f:
                    84:c1:4b:6d:75:93:e6:ba:64:ac:9f:0e:af:77:33:
                    76:df:0e:b4:45:d5:3f:05:85:0c:d2:4d:92:0e:ea:
                    0b:71:c6:9a:f5:2b:99:4c:16:84:ec:fa:ad:0f:ac:
                    2f:8e:c9:8a:99:90:59:ae:01:1d:85:52:34:d8:14:
                    4f:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:BD:43:AD:E9:E9:C3:9B:99:31:2F:C0:FE:E9:3B:CF:4B:D9:FE:DD
            X509v3 Authority Key Identifier:
                keyid:60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:a3:67:77:3a:42:fa:51:d3:27:f7:a5:03:49:d5:14:59:61:
         25:2b:3a:1e:b8:de:ec:da:d4:d0:ca:f8:f0:ee:45:ca:74:91:
         de:7c:1d:8d:e5:86:4b:36:0f:3a:44:2d:df:03:a6:74:6d:68:
         ad:2f:f2:84:a7:7f:56:2c:e3:24:7a:d9:ff:41:56:71:69:8d:
         8a:89:31:e2:df:15:b3:ef:3d:b9:3e:94:7e:10:c7:d6:6d:f1:
         fa:7b:8b:e8:32:08:16:18:e2:21:11:51:ff:b8:26:72:2e:43:
         e3:9b:f8:36:9a:37:49:d7:07:1c:94:ae:de:73:31:ef:89:27:
         5d:e4:85:53:94:1e:73:ac:d5:f4:d6:66:8d:50:02:7c:31:e0:
         e4:e6:43:7b:ac:76:8f:9d:88:93:63:3f:f4:85:7c:68:17:18:
         b3:e7:17:d4:6c:f1:92:2a:4a:08:2e:d4:d6:d7:97:c9:44:56:
         e5:5b:2d:c0:f1:63:d5:ed:91:92:8a:89:59:20:16:75:65:c6:
         ea:aa:bf:d6:9e:31:9f:be:49:ab:0c:c7:9b:bf:40:09:a3:80:
         f3:ae:aa:55:0c:5b:d8:55:9e:15:a7:e3:c5:e5:73:b0:09:d8:
         5f:c6:04:75:db:7e:98:02:95:6b:78:0b:25:d1:14:22:0f:69:
         13:e9:6a:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdRj9EPspkkLheNoWTlBeCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYTQzNGZkNmJmZjhiNmZiYjBkNTJmOGRhNDJlOTFmOGE1
YTI5MmYwHhcNMjUwNjA4MjIwMTA5WhcNMjUwNjA5MjIwMTA5WjAzMTEwLwYDVQQD
EyhiOWJkNDNhZGU5ZTljMzliOTkzMTJmYzBmZWU5M2JjZjRiZDlmZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA95x1ljAaZYUaUpkM06qV4xj2/4qh
kSbtTCocm80ltPmGw9hbqkbH1+oFxCA+OYblgK20NsN1gfBeSnle41UqykBhWRNS
oPq8JemifceerPGxMONmdoEO25+gscB/cxAZs8rpoS/YUwgjp1XMz6rzsBYTcJd7
IvODicXQDDvUnZ1RxlV7m3IKUu9m11YMeErk+Jqvc7Ync4AWyT81BAoOIc2sSPDH
wT9J9TIBrskPXgh02Fdy83VlHExKpkIuWNU8vX+EwUttdZPmumSsnw6vdzN23w60
RdU/BYUM0k2SDuoLccaa9SuZTBaE7PqtD6wvjsmKmZBZrgEdhVI02BRPwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLm9Q63p6cObmTEvwP7pO89L2f7dMB8GA1UdIwQY
MBaAFGCkNP1r/4tvuw1S+NpC6R+KWikvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAt
NmEzZjAxZDljYjUwLzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAtNmEzZjAxZDljYjUw
LzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASKNndzpC
+lHTJ/elA0nVFFlhJSs6Hrje7NrU0Mr48O5FynSR3nwdjeWGSzYPOkQt3wOmdG1o
rS/yhKd/VizjJHrZ/0FWcWmNiokx4t8Vs+89uT6UfhDH1m3x+nuL6DIIFhjiIRFR
/7gmci5D45v4Npo3SdcHHJSu3nMx74knXeSFU5Qec6zV9NZmjVACfDHg5OZDe6x2
j52Ik2M/9IV8aBcYs+cX1GzxkipKCC7U1teXyURW5VstwPFj1e2RkoqJWSAWdWXG
6qq/1p4xn75JqwzHm79ACaOA866qVQxb2FWeFafjxeVzsAnYX8YEddt+mAKVa3gL
JdEUIg9pE+lqqA==
-----END CERTIFICATE-----