Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft
File:                     yYDRnDv8xARxVndvAqNJiY5GuQ0.mft (raw, json)
Hash identifier:          9dKGJI4TGK9x7BB8tLEu4O5hh56rZGiXmJ8VE1OqCig=
Subject key identifier:   FA:65:78:F9:5A:35:1B:8E:0B:90:AF:D0:D2:B3:D7:7F:F6:40:F0:22
Authority key identifier: C9:80:D1:9C:3B:FC:C4:04:71:56:77:6F:02:A3:49:89:8E:46:B9:0D
Certificate issuer:       /CN=c980d19c3bfcc4047156776f02a349898e46b90d
Certificate serial:       019923A04D4B8A4D0CFCCDC79051D9DDBF92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yYDRnDv8xARxVndvAqNJiY5GuQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft
Manifest number:          098D
Signing time:             Sun 07 Sep 2025 10:02:12 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:12 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:12 +0000
Files and hashes:         1: yYDRnDv8xARxVndvAqNJiY5GuQ0.crl (hash: jg5UkJCIEbDvyGQYR1qd/vLUUkdirsK7zf5mw8t2ssw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yYDRnDv8xARxVndvAqNJiY5GuQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:4d:4b:8a:4d:0c:fc:cd:c7:90:51:d9:dd:bf:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c980d19c3bfcc4047156776f02a349898e46b90d
        Validity
            Not Before: Sep  7 10:02:12 2025 GMT
            Not After : Sep  8 10:02:12 2025 GMT
        Subject: CN=fa6578f95a351b8e0b90afd0d2b3d77ff640f022
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:a5:7a:cd:4a:b0:f0:ce:ab:c8:4e:48:52:06:
                    f6:db:2c:3f:0c:60:73:8b:b5:e8:e4:51:9a:1d:e3:
                    37:59:81:0f:60:ee:0f:f4:af:3c:a7:5f:23:02:41:
                    4b:f0:fe:96:98:d1:90:d0:bd:8e:ec:82:3b:ea:95:
                    31:e8:e2:5d:8f:9d:b2:a2:7f:e5:1d:55:a3:b8:bd:
                    b1:bc:73:52:6d:78:ad:0f:24:72:32:4c:23:2e:77:
                    31:1b:d8:6b:72:0a:04:8b:93:ed:67:a2:5e:db:0a:
                    99:52:8e:e7:c7:83:6e:a0:b8:0b:f4:cc:f7:26:e4:
                    7f:4a:1a:78:52:98:5d:e5:8e:37:d8:1f:01:76:65:
                    5e:be:1f:a6:f9:25:a9:c7:a8:08:69:1b:fe:db:90:
                    5d:13:a9:d0:21:b9:ad:dc:e1:bd:55:8c:1d:1a:0f:
                    ee:79:eb:5e:04:67:47:79:29:de:a1:52:61:b1:08:
                    58:4b:54:ac:9e:d7:01:c4:8f:90:54:3e:0d:ca:5f:
                    02:fa:67:24:d4:62:3b:ba:95:1a:66:c4:c7:e9:c0:
                    ba:d1:52:5a:91:f2:64:77:f6:9e:bd:fb:2a:be:cf:
                    52:ac:a1:19:44:94:fb:c3:cf:ec:b3:6c:17:0e:cb:
                    6e:a0:a9:37:4e:b1:7d:f2:d6:f0:41:5a:25:8c:30:
                    ad:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:65:78:F9:5A:35:1B:8E:0B:90:AF:D0:D2:B3:D7:7F:F6:40:F0:22
            X509v3 Authority Key Identifier:
                keyid:C9:80:D1:9C:3B:FC:C4:04:71:56:77:6F:02:A3:49:89:8E:46:B9:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYDRnDv8xARxVndvAqNJiY5GuQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:26:4e:5c:b3:ba:f2:ef:e8:73:4b:61:c8:3a:19:10:2d:8e:
         24:ae:20:52:5a:90:59:f9:f2:72:04:2b:00:3c:5d:45:90:49:
         11:84:d6:cb:d7:56:d0:e7:ba:f1:61:44:45:d8:bf:2c:12:a7:
         0c:e0:7d:8b:01:e2:fd:d1:19:e4:61:af:74:b0:bd:52:d8:04:
         a3:fa:9b:ae:4e:79:35:e4:7e:02:32:bd:7e:40:c8:03:d6:d9:
         10:e3:29:d8:f9:8d:96:35:7a:fd:f0:f5:b2:a8:43:1b:c2:a5:
         0d:15:a2:7e:8e:6e:ee:b0:ff:d2:33:1e:4f:f2:1a:3d:ad:a6:
         71:ff:24:c4:a8:c1:77:a5:ba:98:13:7f:11:91:79:4c:e4:23:
         9d:a6:bb:76:d8:8b:64:0e:ac:b9:5f:04:65:8c:33:cc:9a:dd:
         b8:f7:bd:7b:a3:ab:19:eb:1a:80:8b:99:4d:24:84:73:03:8b:
         08:35:e9:4e:72:59:a2:e4:b9:5d:c8:12:3a:ad:15:83:ff:2c:
         4b:ed:8c:b0:12:c9:ea:1a:5d:93:ba:0d:71:ee:3f:89:30:9b:
         ac:f2:23:50:9b:25:19:ef:6b:4c:d5:94:9f:70:1a:d9:f3:0f:
         82:ae:45:2a:34:58:d8:9f:19:74:1a:fa:78:07:c3:a5:b2:30:
         4e:44:40:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoE1Lik0M/M3HkFHZ3b+SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ODBkMTljM2JmY2M0MDQ3MTU2Nzc2ZjAyYTM0OTg5OGU0
NmI5MGQwHhcNMjUwOTA3MTAwMjEyWhcNMjUwOTA4MTAwMjEyWjAzMTEwLwYDVQQD
EyhmYTY1NzhmOTVhMzUxYjhlMGI5MGFmZDBkMmIzZDc3ZmY2NDBmMDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5aV6zUqw8M6ryE5IUgb22yw/DGBz
i7Xo5FGaHeM3WYEPYO4P9K88p18jAkFL8P6WmNGQ0L2O7II76pUx6OJdj52yon/l
HVWjuL2xvHNSbXitDyRyMkwjLncxG9hrcgoEi5PtZ6Je2wqZUo7nx4NuoLgL9Mz3
JuR/Shp4Uphd5Y432B8BdmVevh+m+SWpx6gIaRv+25BdE6nQIbmt3OG9VYwdGg/u
eeteBGdHeSneoVJhsQhYS1SsntcBxI+QVD4Nyl8C+mck1GI7upUaZsTH6cC60VJa
kfJkd/aevfsqvs9SrKEZRJT7w8/ss2wXDstuoKk3TrF98tbwQVoljDCt6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPplePlaNRuOC5Cv0NKz13/2QPAiMB8GA1UdIwQY
MBaAFMmA0Zw7/MQEcVZ3bwKjSYmORrkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVlEUm5Edjh4QVJ4Vm5kdkFxTkppWTVHdVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy82OGMwNjMtNDAwYS00ZWQxLTlmYmYt
Yjg2NjE5NzUyMDM5LzEveVlEUm5Edjh4QVJ4Vm5kdkFxTkppWTVHdVEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy82OGMwNjMtNDAwYS00ZWQxLTlmYmYtYjg2NjE5NzUyMDM5
LzEveVlEUm5Edjh4QVJ4Vm5kdkFxTkppWTVHdVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZSZOXLO6
8u/oc0thyDoZEC2OJK4gUlqQWfnycgQrADxdRZBJEYTWy9dW0Oe68WFERdi/LBKn
DOB9iwHi/dEZ5GGvdLC9UtgEo/qbrk55NeR+AjK9fkDIA9bZEOMp2PmNljV6/fD1
sqhDG8KlDRWifo5u7rD/0jMeT/IaPa2mcf8kxKjBd6W6mBN/EZF5TOQjnaa7dtiL
ZA6suV8EZYwzzJrduPe9e6OrGesagIuZTSSEcwOLCDXpTnJZouS5XcgSOq0Vg/8s
S+2MsBLJ6hpdk7oNce4/iTCbrPIjUJslGe9rTNWUn3Aa2fMPgq5FKjRY2J8ZdBr6
eAfDpbIwTkRApw==
-----END CERTIFICATE-----