Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft
File:                     _yBr0QgxynN4dWteFhc4lqYLAZE.mft (raw, json)
Hash identifier:          TBxWWY8TrOcac8te2mqe3a8nEY0roaPsXNxACGFE1Qc=
Subject key identifier:   91:D9:83:B7:AC:01:91:AA:D2:6B:07:36:AF:20:47:C8:2F:01:36:93
Authority key identifier: FF:20:6B:D1:08:31:CA:73:78:75:6B:5E:16:17:38:96:A6:0B:01:91
Certificate issuer:       /CN=ff206bd10831ca7378756b5e16173896a60b0191
Certificate serial:       01974A7B13BDF7F7285C169DB82AE019BF66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_yBr0QgxynN4dWteFhc4lqYLAZE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft
Manifest number:          0D3C
Signing time:             Sat 07 Jun 2025 13:01:09 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:09 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:09 +0000
Files and hashes:         1: _yBr0QgxynN4dWteFhc4lqYLAZE.crl (hash: 6GI/3H6jiOKyKmTAmFYk8bSosxdlOPge0OUHDAdF0gM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_yBr0QgxynN4dWteFhc4lqYLAZE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 13:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:13:bd:f7:f7:28:5c:16:9d:b8:2a:e0:19:bf:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff206bd10831ca7378756b5e16173896a60b0191
        Validity
            Not Before: Jun  7 13:01:09 2025 GMT
            Not After : Jun  8 13:01:09 2025 GMT
        Subject: CN=91d983b7ac0191aad26b0736af2047c82f013693
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:8c:27:40:8b:b7:44:3c:2d:ae:10:29:45:03:
                    66:2a:3b:09:70:69:f6:c5:aa:67:cb:24:f5:ff:2c:
                    96:c3:df:f5:b3:b5:eb:72:f1:49:d2:68:52:24:7a:
                    a9:70:b0:e3:82:65:2c:dd:8e:23:1e:83:88:ff:62:
                    8f:5e:ee:a1:98:33:14:cf:af:15:9d:3f:02:3e:bb:
                    67:6a:68:01:9f:6c:6b:73:d3:1f:87:8f:2e:2d:99:
                    24:64:65:34:dc:2e:97:3a:4d:2c:60:bc:91:27:01:
                    50:99:97:48:e0:da:70:99:2a:90:02:3c:d1:17:a2:
                    5e:3e:f2:c6:7b:e3:1f:41:17:f6:0c:f2:67:01:5e:
                    7e:f0:f3:d4:0e:eb:97:48:37:b3:54:e8:07:f3:b7:
                    27:38:99:c2:27:46:74:0b:8d:57:9c:17:32:59:5c:
                    64:c4:e1:2d:48:46:14:dc:17:ec:f1:8c:c1:e8:5d:
                    31:75:12:2b:6d:b7:d9:c8:48:e2:ac:e7:60:36:69:
                    02:c6:5e:09:d7:bd:6f:d7:b0:f8:bf:53:13:50:5f:
                    a7:f5:33:b0:5f:ab:4c:20:e8:4e:8b:c0:02:9d:5e:
                    54:a1:39:cb:93:c7:56:fe:bc:af:6e:4e:ef:72:0f:
                    d7:39:f8:b9:1a:8d:94:1f:0e:b8:59:8f:6b:c5:11:
                    9d:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:D9:83:B7:AC:01:91:AA:D2:6B:07:36:AF:20:47:C8:2F:01:36:93
            X509v3 Authority Key Identifier:
                keyid:FF:20:6B:D1:08:31:CA:73:78:75:6B:5E:16:17:38:96:A6:0B:01:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_yBr0QgxynN4dWteFhc4lqYLAZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:46:ed:53:e5:4b:4a:86:fe:3f:1e:48:2d:75:29:96:cf:48:
         2c:dd:e6:8e:83:97:6d:62:05:0d:a4:a9:80:8e:47:b6:0a:01:
         4d:60:a7:9c:e3:7b:08:64:a5:5d:53:f0:05:6d:32:b7:67:be:
         2b:4b:d6:09:19:bf:b1:92:04:d4:cf:01:34:a1:44:51:06:3d:
         ca:de:df:66:3c:3e:6c:53:34:c8:0a:3b:b5:d6:54:20:f3:8c:
         0d:8b:4f:bf:0b:3e:a4:7e:73:ea:68:a1:34:67:f3:16:e9:39:
         a5:a6:67:17:61:2a:5d:74:59:c5:09:2d:90:ee:c3:d6:a3:5e:
         9b:ff:8a:2d:b4:f3:86:15:22:60:33:93:ba:aa:e6:fb:db:b8:
         d4:42:bf:8c:9f:71:2b:5f:1c:eb:43:63:fc:f0:d7:ff:b3:c1:
         86:52:57:31:67:62:2e:fe:f8:3c:ec:5a:e5:72:cd:8b:6d:63:
         fb:89:9d:51:74:a8:b2:c1:85:a3:7c:9a:54:74:a5:7f:c0:c3:
         c1:45:aa:e1:d2:c6:d1:0b:e9:eb:e5:ac:a2:45:49:b8:25:7b:
         c3:34:4a:18:40:95:95:a4:3b:3a:0f:ad:23:3f:d6:d6:fe:b4:
         27:9a:29:b4:d6:0c:17:95:74:47:6a:c4:38:bb:7c:81:ee:a6:
         44:ed:f9:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKexO99/coXBaduCrgGb9mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMjA2YmQxMDgzMWNhNzM3ODc1NmI1ZTE2MTczODk2YTYw
YjAxOTEwHhcNMjUwNjA3MTMwMTA5WhcNMjUwNjA4MTMwMTA5WjAzMTEwLwYDVQQD
Eyg5MWQ5ODNiN2FjMDE5MWFhZDI2YjA3MzZhZjIwNDdjODJmMDEzNjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYwnQIu3RDwtrhApRQNmKjsJcGn2
xapnyyT1/yyWw9/1s7XrcvFJ0mhSJHqpcLDjgmUs3Y4jHoOI/2KPXu6hmDMUz68V
nT8CPrtnamgBn2xrc9Mfh48uLZkkZGU03C6XOk0sYLyRJwFQmZdI4NpwmSqQAjzR
F6JePvLGe+MfQRf2DPJnAV5+8PPUDuuXSDezVOgH87cnOJnCJ0Z0C41XnBcyWVxk
xOEtSEYU3Bfs8YzB6F0xdRIrbbfZyEjirOdgNmkCxl4J171v17D4v1MTUF+n9TOw
X6tMIOhOi8ACnV5UoTnLk8dW/ryvbk7vcg/XOfi5Go2UHw64WY9rxRGdpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJHZg7esAZGq0msHNq8gR8gvATaTMB8GA1UdIwQY
MBaAFP8ga9EIMcpzeHVrXhYXOJamCwGRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lCcjBRZ3h5bk40ZFd0ZUZoYzRscVlMQVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9hMzVkMzctNzQ0Ny00Y2Y0LTk4MmYt
NTBmMzk4YmIyNmU5LzEvX3lCcjBRZ3h5bk40ZFd0ZUZoYzRscVlMQVpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9hMzVkMzctNzQ0Ny00Y2Y0LTk4MmYtNTBmMzk4YmIyNmU5
LzEvX3lCcjBRZ3h5bk40ZFd0ZUZoYzRscVlMQVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARUbtU+VL
Sob+Px5ILXUpls9ILN3mjoOXbWIFDaSpgI5HtgoBTWCnnON7CGSlXVPwBW0yt2e+
K0vWCRm/sZIE1M8BNKFEUQY9yt7fZjw+bFM0yAo7tdZUIPOMDYtPvws+pH5z6mih
NGfzFuk5paZnF2EqXXRZxQktkO7D1qNem/+KLbTzhhUiYDOTuqrm+9u41EK/jJ9x
K18c60Nj/PDX/7PBhlJXMWdiLv74POxa5XLNi21j+4mdUXSossGFo3yaVHSlf8DD
wUWq4dLG0Qvp6+WsokVJuCV7wzRKGECVlaQ7Og+tIz/W1v60J5optNYMF5V0R2rE
OLt8ge6mRO355w==
-----END CERTIFICATE-----