Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft
File:                     Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft (raw, json)
Hash identifier:          xJllc1A5ZDpeod16i5VPxlSwZqfzCCNL6BCRfDEWzjU=
Subject key identifier:   51:B3:C2:C8:9E:7F:0F:B8:EB:F5:AD:C3:88:ED:86:CF:0C:1B:ED:84
Authority key identifier: 62:D6:E4:BF:FA:2B:4D:1B:C4:0E:92:B3:0A:F0:D2:1A:74:B0:BB:D0
Certificate issuer:       /CN=62d6e4bffa2b4d1bc40e92b30af0d21a74b0bbd0
Certificate serial:       0196760C39E1FDE2FCD1A89599543DD70E14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ytbkv_orTRvEDpKzCvDSGnSwu9A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft
Manifest number:          150B
Signing time:             Sun 27 Apr 2025 07:00:34 +0000
Manifest this update:     Sun 27 Apr 2025 07:00:34 +0000
Manifest next update:     Mon 28 Apr 2025 07:00:34 +0000
Files and hashes:         1: Ytbkv_orTRvEDpKzCvDSGnSwu9A.crl (hash: KjNwT/Ylq414n9WJ8Kp2CXqih1Y+/oqCuIiiRGPbygs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ytbkv_orTRvEDpKzCvDSGnSwu9A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:39:e1:fd:e2:fc:d1:a8:95:99:54:3d:d7:0e:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62d6e4bffa2b4d1bc40e92b30af0d21a74b0bbd0
        Validity
            Not Before: Apr 27 07:00:34 2025 GMT
            Not After : Apr 28 07:00:34 2025 GMT
        Subject: CN=51b3c2c89e7f0fb8ebf5adc388ed86cf0c1bed84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:2a:a8:2c:17:a4:95:0e:c3:ac:4f:6d:58:3a:
                    f4:6e:6c:09:08:76:be:1d:89:06:79:ab:6b:0a:ea:
                    21:9e:b1:e3:6d:ea:18:e1:fb:19:fa:32:73:24:f2:
                    f0:d9:99:d7:05:6b:04:0b:70:13:00:41:25:31:0a:
                    32:5a:59:83:8b:ca:0b:5b:e1:c6:92:1e:53:74:b2:
                    4c:7e:1e:e3:cc:85:6d:1e:83:5c:bb:d2:32:b6:79:
                    ea:ce:99:4e:66:e3:c2:6e:50:4c:c9:cc:b4:ea:59:
                    84:1c:6f:a4:12:9b:48:2f:94:44:50:89:cb:c9:10:
                    44:25:05:ad:47:fa:b9:53:d8:12:e7:f3:3a:d5:04:
                    8d:41:3f:7c:4e:e1:a1:41:be:c8:c8:45:38:12:f2:
                    7c:ee:e5:ba:b7:a1:9c:8a:79:64:1d:11:bf:c2:e8:
                    d7:2f:eb:a3:bb:93:46:4a:73:80:bc:d6:d5:a7:70:
                    02:d5:f3:c6:4c:90:49:01:11:34:05:68:5e:85:1e:
                    01:16:41:fa:ca:37:68:ac:6b:fc:a6:52:20:c9:1e:
                    d2:77:09:b0:b2:0b:4e:82:55:b2:f5:d8:e4:d1:de:
                    72:8b:bd:ba:30:59:f3:3a:e7:b5:ea:ce:7f:70:79:
                    d6:15:b1:cd:1a:23:b4:61:76:59:09:4a:95:9f:2f:
                    8a:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:B3:C2:C8:9E:7F:0F:B8:EB:F5:AD:C3:88:ED:86:CF:0C:1B:ED:84
            X509v3 Authority Key Identifier:
                keyid:62:D6:E4:BF:FA:2B:4D:1B:C4:0E:92:B3:0A:F0:D2:1A:74:B0:BB:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ytbkv_orTRvEDpKzCvDSGnSwu9A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:1f:a7:92:4e:90:65:bb:16:06:1d:2e:19:3e:3d:4f:09:ac:
         bf:bc:b4:3b:59:6e:61:fb:63:44:61:da:08:5a:2e:e1:47:00:
         db:35:95:b7:46:83:8f:38:19:7d:ee:e6:aa:ca:43:a9:71:57:
         f7:74:52:95:96:f2:95:fe:60:4c:bf:d8:0f:d3:31:e1:3e:9b:
         d8:a7:b0:2a:5c:60:a8:55:fd:bf:1b:85:2f:20:07:74:4b:93:
         f1:2d:92:a6:71:2a:f9:bf:bd:b2:d4:79:a5:0e:6b:2e:e2:db:
         a0:5b:3f:6d:ed:b1:d9:22:3e:a4:6b:ab:72:8c:86:27:d8:61:
         d3:c2:17:01:88:05:b5:8e:c8:43:12:5c:62:ca:50:a4:6d:2a:
         12:70:e6:8a:8f:d9:39:d4:9e:bc:37:4c:5a:f5:88:3f:7f:35:
         45:d3:1b:54:bb:52:08:8f:13:f0:05:9c:e7:57:e4:81:0c:37:
         7e:ab:91:35:14:ae:ca:7c:98:92:8b:39:9d:c8:a8:51:85:4e:
         e7:7d:e5:4f:d0:16:af:f2:c6:b7:7f:c0:5f:a1:f6:22:17:95:
         c5:7e:d0:3b:cc:ae:bc:17:0f:8c:4a:bd:0f:0d:42:fd:d7:fa:
         4c:8b:08:c3:fe:22:0f:38:0f:47:79:c5:74:a7:39:50:ad:11:
         8c:b8:8d:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DDnh/eL80aiVmVQ91w4UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZDZlNGJmZmEyYjRkMWJjNDBlOTJiMzBhZjBkMjFhNzRi
MGJiZDAwHhcNMjUwNDI3MDcwMDM0WhcNMjUwNDI4MDcwMDM0WjAzMTEwLwYDVQQD
Eyg1MWIzYzJjODllN2YwZmI4ZWJmNWFkYzM4OGVkODZjZjBjMWJlZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyqoLBeklQ7DrE9tWDr0bmwJCHa+
HYkGeatrCuohnrHjbeoY4fsZ+jJzJPLw2ZnXBWsEC3ATAEElMQoyWlmDi8oLW+HG
kh5TdLJMfh7jzIVtHoNcu9IytnnqzplOZuPCblBMycy06lmEHG+kEptIL5REUInL
yRBEJQWtR/q5U9gS5/M61QSNQT98TuGhQb7IyEU4EvJ87uW6t6GcinlkHRG/wujX
L+uju5NGSnOAvNbVp3AC1fPGTJBJARE0BWhehR4BFkH6yjdorGv8plIgyR7Sdwmw
sgtOglWy9djk0d5yi726MFnzOue16s5/cHnWFbHNGiO0YXZZCUqVny+K0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFGzwsiefw+46/Wtw4jths8MG+2EMB8GA1UdIwQY
MBaAFGLW5L/6K00bxA6Sswrw0hp0sLvQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXRia3Zfb3JUUnZFRHBLekN2RFNHblN3dTlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi84NzY3NTAtYTIzMC00ZjI2LWI0NDIt
ZjE1NTU0ZmE0YjBiLzEvWXRia3Zfb3JUUnZFRHBLekN2RFNHblN3dTlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi84NzY3NTAtYTIzMC00ZjI2LWI0NDItZjE1NTU0ZmE0YjBi
LzEvWXRia3Zfb3JUUnZFRHBLekN2RFNHblN3dTlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABB+nkk6Q
ZbsWBh0uGT49Twmsv7y0O1luYftjRGHaCFou4UcA2zWVt0aDjzgZfe7mqspDqXFX
93RSlZbylf5gTL/YD9Mx4T6b2KewKlxgqFX9vxuFLyAHdEuT8S2SpnEq+b+9stR5
pQ5rLuLboFs/be2x2SI+pGurcoyGJ9hh08IXAYgFtY7IQxJcYspQpG0qEnDmio/Z
OdSevDdMWvWIP381RdMbVLtSCI8T8AWc51fkgQw3fquRNRSuynyYkos5ncioUYVO
533lT9AWr/LGt3/AX6H2IheVxX7QO8yuvBcPjEq9Dw1C/df6TIsIw/4iDzgPR3nF
dKc5UK0RjLiNVQ==
-----END CERTIFICATE-----