Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
File:                     ydD7lgitlbS_5q4unxPgAv2raA0.mft (raw, json)
Hash identifier:          wX5FL2Qs0nDf9fRe0XYyiaVuH3fRfAcpvjkGK1yAsZ0=
Subject key identifier:   78:18:A1:BE:F5:B8:DC:73:5D:11:4D:8F:3C:BC:0E:C7:BD:FA:42:1D
Authority key identifier: C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D
Certificate issuer:       /CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
Certificate serial:       0199233161814575C4BF76CC8B6788265949
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
Manifest number:          050B
Signing time:             Sun 07 Sep 2025 08:01:02 +0000
Manifest this update:     Sun 07 Sep 2025 08:01:02 +0000
Manifest next update:     Mon 08 Sep 2025 08:01:02 +0000
Files and hashes:         1: ydD7lgitlbS_5q4unxPgAv2raA0.crl (hash: v9WcfTIYBdpo4FdOkb7MnowdQfej1E3nuh8p15ZGDcU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:31:61:81:45:75:c4:bf:76:cc:8b:67:88:26:59:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
        Validity
            Not Before: Sep  7 08:01:02 2025 GMT
            Not After : Sep  8 08:01:02 2025 GMT
        Subject: CN=7818a1bef5b8dc735d114d8f3cbc0ec7bdfa421d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:10:77:93:e6:27:3e:38:d9:22:ed:16:6d:47:
                    c3:0e:e9:15:86:dc:56:61:d9:1a:21:63:bb:57:e8:
                    fe:70:d6:6b:a0:45:3f:91:93:83:e2:2f:4e:ff:50:
                    69:40:98:f0:33:a3:32:e4:a5:f1:e8:92:19:42:ff:
                    f4:04:7e:72:9f:c7:07:c0:66:2a:30:9c:3f:ab:ab:
                    37:41:ee:c5:13:ff:9a:cb:2c:46:44:8b:85:ae:98:
                    9d:08:88:da:7a:b5:56:98:c7:5d:b0:75:f1:02:73:
                    8f:5d:ef:42:a5:a3:0f:f7:a3:63:12:26:11:72:22:
                    35:c0:fd:1c:40:26:c6:3b:a3:d6:8e:02:54:10:33:
                    5f:8e:1b:48:b2:a0:87:f2:a9:49:b8:a3:d3:7e:74:
                    66:78:28:a5:d0:9e:a7:a4:34:8a:10:b1:42:2b:0c:
                    cf:38:38:fc:cc:93:59:05:dd:cb:a9:a3:99:54:50:
                    f3:18:c7:60:57:06:65:0c:ee:8b:53:e0:fe:a3:41:
                    8c:7f:ef:ad:a8:4a:f2:8e:c3:72:2f:b9:92:56:26:
                    cf:42:18:26:28:c8:8c:e8:d4:00:ff:23:58:4b:71:
                    f8:ec:e4:b2:40:ad:0d:85:0d:79:da:5c:f2:1f:4a:
                    48:73:9d:10:da:49:77:e2:d4:fa:55:45:4d:6a:7e:
                    f2:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:18:A1:BE:F5:B8:DC:73:5D:11:4D:8F:3C:BC:0E:C7:BD:FA:42:1D
            X509v3 Authority Key Identifier:
                keyid:C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:1a:67:e7:fb:31:32:b9:0f:28:b4:47:92:0c:2e:28:17:be:
         77:4f:cf:66:b8:20:74:0a:10:0d:4f:59:25:ff:c6:5f:68:98:
         ce:7a:0a:5a:23:ef:3f:86:0b:f1:1b:5c:2f:0b:c2:a1:60:9f:
         2b:80:68:9b:bf:d1:0a:76:89:ce:9f:93:13:ff:87:9e:69:99:
         c9:9e:65:4c:17:9b:53:a5:14:6d:f2:cf:30:bf:af:94:e1:22:
         3b:7a:f4:9d:3d:fd:a7:62:b3:39:35:50:2a:9d:51:48:88:9b:
         b9:ef:40:e7:09:66:c9:b1:01:4e:78:f4:3d:97:c6:60:13:3b:
         f3:e0:94:40:f4:d2:51:75:60:65:69:e7:31:7f:16:bc:df:21:
         a4:5d:ff:9f:5e:ae:fe:c2:8f:57:19:22:2c:97:d6:49:16:c3:
         d5:dc:ac:66:10:f2:4e:c9:6c:5a:de:b2:3b:6d:df:51:fa:a7:
         ab:55:e2:77:07:30:58:f9:01:c5:d8:ac:00:0a:10:b3:2d:b2:
         3c:47:8a:ca:57:1b:82:b5:fa:da:ec:ac:9c:0a:66:ae:b5:dd:
         b4:d9:ce:ce:09:87:89:f8:c6:71:b8:c0:57:7f:74:f3:ff:de:
         c6:79:cc:ef:be:ea:58:dd:6f:8a:e6:90:45:19:68:e2:6e:72:
         28:58:35:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMWGBRXXEv3bMi2eIJllJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDBmYjk2MDhhZDk1YjRiZmU2YWUyZTlmMTNlMDAyZmRh
YjY4MGQwHhcNMjUwOTA3MDgwMTAyWhcNMjUwOTA4MDgwMTAyWjAzMTEwLwYDVQQD
Eyg3ODE4YTFiZWY1YjhkYzczNWQxMTRkOGYzY2JjMGVjN2JkZmE0MjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhB3k+YnPjjZIu0WbUfDDukVhtxW
YdkaIWO7V+j+cNZroEU/kZOD4i9O/1BpQJjwM6My5KXx6JIZQv/0BH5yn8cHwGYq
MJw/q6s3Qe7FE/+ayyxGRIuFrpidCIjaerVWmMddsHXxAnOPXe9CpaMP96NjEiYR
ciI1wP0cQCbGO6PWjgJUEDNfjhtIsqCH8qlJuKPTfnRmeCil0J6npDSKELFCKwzP
ODj8zJNZBd3LqaOZVFDzGMdgVwZlDO6LU+D+o0GMf++tqEryjsNyL7mSVibPQhgm
KMiM6NQA/yNYS3H47OSyQK0NhQ152lzyH0pIc50Q2kl34tT6VUVNan7y+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHgYob71uNxzXRFNjzy8Dse9+kIdMB8GA1UdIwQY
MBaAFMnQ+5YIrZW0v+auLp8T4AL9q2gNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjkt
MDUzNDk1ODc1OWFjLzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjktMDUzNDk1ODc1OWFj
LzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACRpn5/sx
MrkPKLRHkgwuKBe+d0/PZrggdAoQDU9ZJf/GX2iYznoKWiPvP4YL8RtcLwvCoWCf
K4Bom7/RCnaJzp+TE/+HnmmZyZ5lTBebU6UUbfLPML+vlOEiO3r0nT39p2KzOTVQ
Kp1RSIibue9A5wlmybEBTnj0PZfGYBM78+CUQPTSUXVgZWnnMX8WvN8hpF3/n16u
/sKPVxkiLJfWSRbD1dysZhDyTslsWt6yO23fUfqnq1XidwcwWPkBxdisAAoQsy2y
PEeKylcbgrX62uysnApmrrXdtNnOzgmHifjGcbjAV3908//exnnM777qWN1viuaQ
RRlo4m5yKFg1qg==
-----END CERTIFICATE-----