Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
File:                     YA09DkcUJu84PjkRODpJg78idkQ.mft (raw, json)
Hash identifier:          kcsPx1gWQKQ/iOk5FmoMybswA6FwuDJDZ8zj+/2034s=
Subject key identifier:   E3:55:BC:7B:69:7B:6F:BB:D1:B9:30:7D:35:5A:3F:23:C6:94:24:19
Authority key identifier: 60:0D:3D:0E:47:14:26:EF:38:3E:39:11:38:3A:49:83:BF:22:76:44
Certificate issuer:       /CN=600d3d0e471426ef383e3911383a4983bf227644
Certificate serial:       019922FA6EFB441A377D84E5328607A2F821
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
Manifest number:          0343
Signing time:             Sun 07 Sep 2025 07:01:01 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:01 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:01 +0000
Files and hashes:         1: YA09DkcUJu84PjkRODpJg78idkQ.crl (hash: qPbcsFV8HRfJYR2s1G5phgAtZC484UHgVAXOvTg5GHM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:6e:fb:44:1a:37:7d:84:e5:32:86:07:a2:f8:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=600d3d0e471426ef383e3911383a4983bf227644
        Validity
            Not Before: Sep  7 07:01:01 2025 GMT
            Not After : Sep  8 07:01:01 2025 GMT
        Subject: CN=e355bc7b697b6fbbd1b9307d355a3f23c6942419
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:44:03:df:a9:61:e4:f6:3e:da:e0:9b:c1:0b:
                    d2:b2:26:f1:b0:79:3d:b0:a3:f3:35:28:14:87:84:
                    f8:8f:d1:cf:55:87:e3:9c:6a:e0:34:1e:af:1a:03:
                    87:91:94:94:19:d7:0d:9b:d9:34:b1:86:4f:0b:44:
                    03:0e:26:5c:2b:dd:85:b4:bc:18:f6:0b:9e:7a:71:
                    41:9d:2b:28:b5:ac:b5:53:7a:2a:c7:1f:65:b2:d4:
                    bc:44:d7:eb:cb:ac:6c:18:86:5d:ba:a8:83:96:57:
                    b0:4b:39:dd:a2:2b:a7:eb:f8:47:4c:94:4d:12:5c:
                    33:23:8f:f6:00:30:66:95:c8:0f:18:4c:42:4d:de:
                    5b:35:9e:98:c0:9a:58:64:bd:88:2a:04:8f:89:a0:
                    af:9d:76:86:29:56:2c:e2:6d:c3:dd:7d:78:5b:b3:
                    db:4e:96:42:3c:66:a4:f6:5e:65:28:51:38:a4:96:
                    bd:7f:93:f1:56:81:4b:4b:c9:50:b6:cd:a9:5e:4b:
                    79:b2:84:b3:14:9f:01:98:f7:3a:f4:72:95:3d:f2:
                    62:19:c7:92:74:40:e0:24:26:69:2f:bf:91:c7:13:
                    77:9d:ac:f3:3a:8c:6e:dc:78:1f:d5:86:ec:85:ff:
                    28:92:16:1d:a4:ac:3d:09:3e:94:2e:79:1c:dd:38:
                    4b:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:55:BC:7B:69:7B:6F:BB:D1:B9:30:7D:35:5A:3F:23:C6:94:24:19
            X509v3 Authority Key Identifier:
                keyid:60:0D:3D:0E:47:14:26:EF:38:3E:39:11:38:3A:49:83:BF:22:76:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:98:3b:37:28:41:61:81:b6:10:38:a0:89:de:7b:f4:de:a3:
         22:b0:c7:c2:2c:ff:7e:e7:81:de:2e:e9:82:10:52:66:14:d7:
         cf:2a:f2:4a:1f:91:fe:34:cf:6c:18:1c:23:36:f5:29:6b:a3:
         d4:6e:2e:e2:81:cb:95:95:08:82:f5:e8:d8:cd:86:61:00:86:
         de:d0:0a:fa:8f:cd:35:cb:35:16:8e:ca:2c:48:3b:55:8e:64:
         53:5f:5f:07:0d:0c:01:da:43:ff:c0:ca:98:97:13:55:a7:18:
         fc:a0:27:5b:2d:e1:35:9e:4f:61:5a:6e:3c:a6:3e:31:e6:43:
         77:26:9f:5b:b4:ac:cb:31:0a:07:d9:bc:b7:6e:2b:9d:08:ed:
         a4:b4:8b:0e:80:a4:7c:2c:65:e6:5e:02:f9:0b:a4:7b:ed:eb:
         81:03:4d:8c:dc:97:fc:70:6f:6f:a1:ae:12:c9:60:7e:ee:1f:
         8e:28:01:96:fd:82:40:f0:fc:5f:76:f1:2d:a1:77:a5:83:3a:
         c1:63:2e:f3:cf:fd:0e:00:b5:39:7e:33:a4:a9:e4:28:b5:a9:
         8b:41:c0:c1:c0:0d:8e:79:3e:7a:58:8d:d6:91:3b:56:b6:e2:
         1e:98:5d:92:de:27:bc:11:7d:b5:9c:e7:52:6d:c9:fb:e6:a5:
         5e:34:74:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+m77RBo3fYTlMoYHovghMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMGQzZDBlNDcxNDI2ZWYzODNlMzkxMTM4M2E0OTgzYmYy
Mjc2NDQwHhcNMjUwOTA3MDcwMTAxWhcNMjUwOTA4MDcwMTAxWjAzMTEwLwYDVQQD
EyhlMzU1YmM3YjY5N2I2ZmJiZDFiOTMwN2QzNTVhM2YyM2M2OTQyNDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEQD36lh5PY+2uCbwQvSsibxsHk9
sKPzNSgUh4T4j9HPVYfjnGrgNB6vGgOHkZSUGdcNm9k0sYZPC0QDDiZcK92FtLwY
9gueenFBnSsotay1U3oqxx9lstS8RNfry6xsGIZduqiDllewSzndoiun6/hHTJRN
ElwzI4/2ADBmlcgPGExCTd5bNZ6YwJpYZL2IKgSPiaCvnXaGKVYs4m3D3X14W7Pb
TpZCPGak9l5lKFE4pJa9f5PxVoFLS8lQts2pXkt5soSzFJ8BmPc69HKVPfJiGceS
dEDgJCZpL7+RxxN3nazzOoxu3Hgf1Ybshf8okhYdpKw9CT6ULnkc3ThL3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFONVvHtpe2+70bkwfTVaPyPGlCQZMB8GA1UdIwQY
MBaAFGANPQ5HFCbvOD45ETg6SYO/InZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8xYWY1MWItN2IxNy00OTgwLTk4Yzct
M2MyZmE4YWFmMDMxLzEvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8xYWY1MWItN2IxNy00OTgwLTk4YzctM2MyZmE4YWFmMDMx
LzEvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk5g7NyhB
YYG2EDigid579N6jIrDHwiz/fueB3i7pghBSZhTXzyrySh+R/jTPbBgcIzb1KWuj
1G4u4oHLlZUIgvXo2M2GYQCG3tAK+o/NNcs1Fo7KLEg7VY5kU19fBw0MAdpD/8DK
mJcTVacY/KAnWy3hNZ5PYVpuPKY+MeZDdyafW7SsyzEKB9m8t24rnQjtpLSLDoCk
fCxl5l4C+Quke+3rgQNNjNyX/HBvb6GuEslgfu4fjigBlv2CQPD8X3bxLaF3pYM6
wWMu88/9DgC1OX4zpKnkKLWpi0HAwcANjnk+eliN1pE7VrbiHphdkt4nvBF9tZzn
Um3J++alXjR0ig==
-----END CERTIFICATE-----