Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
File:                     yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft (raw, json)
Hash identifier:          psFHrZrnH8A8IqJx0UgdILApFiXFs0BEHNZ69q5grLs=
Subject key identifier:   D1:E9:7C:3F:51:B0:E9:D2:A3:44:F4:7F:AE:51:FF:BA:7C:48:4C:FB
Authority key identifier: CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13
Certificate issuer:       /CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
Certificate serial:       0196865B14ABF54DA552661DE5165B361CE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
Manifest number:          082F
Signing time:             Wed 30 Apr 2025 11:00:38 +0000
Manifest this update:     Wed 30 Apr 2025 11:00:38 +0000
Manifest next update:     Thu 01 May 2025 11:00:38 +0000
Files and hashes:         1: yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl (hash: 73w5fJZ2WBvE+ZOQXeDx/dCsL1OF1RllopRQPv3JnJI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 09:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:86:5b:14:ab:f5:4d:a5:52:66:1d:e5:16:5b:36:1c:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
        Validity
            Not Before: Apr 30 11:00:38 2025 GMT
            Not After : May  1 11:00:38 2025 GMT
        Subject: CN=d1e97c3f51b0e9d2a344f47fae51ffba7c484cfb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:d5:9f:73:d7:91:49:a9:79:bd:cb:e1:4a:95:
                    40:d5:a3:64:00:33:ca:ff:cb:dc:b5:39:1a:38:02:
                    a1:2a:c8:66:12:25:1d:42:04:84:79:09:c2:92:7d:
                    08:da:ad:a5:69:a0:a6:5f:0e:ce:d5:0e:60:36:f6:
                    82:6e:fb:f3:a9:ce:7f:a3:3a:cc:34:b6:c5:4f:0d:
                    35:c8:e4:2e:68:2e:d2:d0:df:2b:9d:71:14:08:76:
                    73:ce:a1:eb:bb:42:9c:82:c9:3e:ee:1d:f1:59:f2:
                    e8:5c:1f:62:35:31:1c:d5:0d:c5:77:b0:1e:52:6b:
                    8a:f0:7d:40:36:0c:d2:df:92:e7:15:3e:c0:36:f0:
                    75:b6:4d:1f:cc:01:fb:b3:78:02:16:c4:20:15:b0:
                    49:bd:ae:cc:7f:60:d6:38:4c:97:48:59:e9:19:31:
                    34:35:d2:1f:96:6a:94:c8:1d:d8:e2:f8:18:c6:be:
                    52:43:2c:8a:34:2a:80:8b:7b:4d:ad:78:8c:0b:d1:
                    66:c1:a4:e7:db:24:b2:8a:9e:52:ea:a8:a2:50:c5:
                    72:db:ef:0f:38:08:dc:88:72:d2:2e:37:78:b8:7b:
                    da:9f:a4:32:5a:7f:90:2d:11:8e:38:d8:e5:dc:8a:
                    b1:7f:13:b6:4f:bf:09:4b:bf:45:8c:2d:4f:2b:ae:
                    1e:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:E9:7C:3F:51:B0:E9:D2:A3:44:F4:7F:AE:51:FF:BA:7C:48:4C:FB
            X509v3 Authority Key Identifier:
                keyid:CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:ea:c2:b4:ea:8e:63:80:d4:dd:e3:a3:18:55:ef:51:e0:c5:
         32:8d:b3:b2:c2:eb:78:d9:0f:46:93:f9:34:cb:12:e7:4a:1b:
         c9:a6:bf:7a:5a:e6:46:0a:71:19:c4:9d:85:a9:38:19:7c:95:
         99:d8:1a:a2:68:99:5f:ca:e9:59:ce:c3:4b:df:e0:3a:76:c8:
         72:e1:e6:ed:f2:35:e1:59:d6:88:9f:5e:2f:92:86:d5:47:64:
         cd:6d:4a:e8:9a:06:6d:7d:06:ff:2d:64:a4:61:4b:8e:f7:ff:
         00:83:0e:d6:e3:13:39:3d:98:d2:e0:a4:97:1e:68:9a:8b:51:
         c7:e2:a7:3a:18:7b:9c:01:83:91:77:9f:37:31:dc:de:8d:7f:
         b0:e1:25:0f:46:b9:bd:fd:78:ee:77:a2:d8:0b:40:fe:6b:94:
         be:05:9e:68:2c:43:c7:66:52:86:f4:db:31:48:bc:f4:bb:17:
         97:13:84:50:02:0a:b9:8f:bd:de:47:2b:67:b2:c0:71:7e:ec:
         dc:0a:99:c8:9b:50:50:56:cd:c9:7c:04:16:23:86:31:99:37:
         b0:63:c7:51:82:57:30:d5:3c:3d:30:2b:1f:91:a8:0c:6c:7c:
         4a:a6:b7:1e:1f:69:9e:37:5d:86:fb:da:7e:24:06:e5:74:b0:
         3e:2a:9a:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaGWxSr9U2lUmYd5RZbNhzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWExYTYyYzgwYjBmMzMzNGM1ZGMxOGRjNjRiN2JmOTc4
ODkwMTMwHhcNMjUwNDMwMTEwMDM4WhcNMjUwNTAxMTEwMDM4WjAzMTEwLwYDVQQD
EyhkMWU5N2MzZjUxYjBlOWQyYTM0NGY0N2ZhZTUxZmZiYTdjNDg0Y2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dWfc9eRSal5vcvhSpVA1aNkADPK
/8vctTkaOAKhKshmEiUdQgSEeQnCkn0I2q2laaCmXw7O1Q5gNvaCbvvzqc5/ozrM
NLbFTw01yOQuaC7S0N8rnXEUCHZzzqHru0Kcgsk+7h3xWfLoXB9iNTEc1Q3Fd7Ae
UmuK8H1ANgzS35LnFT7ANvB1tk0fzAH7s3gCFsQgFbBJva7Mf2DWOEyXSFnpGTE0
NdIflmqUyB3Y4vgYxr5SQyyKNCqAi3tNrXiMC9FmwaTn2ySyip5S6qiiUMVy2+8P
OAjciHLSLjd4uHvan6QyWn+QLRGOONjl3IqxfxO2T78JS79FjC1PK64e2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNHpfD9RsOnSo0T0f65R/7p8SEz7MB8GA1UdIwQY
MBaAFMoaGmLICw8zNMXcGNxkt7+XiJATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2Qt
YTA5ODU0YWI2NWEyLzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2QtYTA5ODU0YWI2NWEy
LzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAROrCtOqO
Y4DU3eOjGFXvUeDFMo2zssLreNkPRpP5NMsS50obyaa/elrmRgpxGcSdhak4GXyV
mdgaomiZX8rpWc7DS9/gOnbIcuHm7fI14VnWiJ9eL5KG1UdkzW1K6JoGbX0G/y1k
pGFLjvf/AIMO1uMTOT2Y0uCklx5omotRx+KnOhh7nAGDkXefNzHc3o1/sOElD0a5
vf147nei2AtA/muUvgWeaCxDx2ZShvTbMUi89LsXlxOEUAIKuY+93kcrZ7LAcX7s
3AqZyJtQUFbNyXwEFiOGMZk3sGPHUYJXMNU8PTArH5GoDGx8Sqa3Hh9pnjddhvva
fiQG5XSwPiqa7w==
-----END CERTIFICATE-----