Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
File:                     YTChAogFFzqiJUSk67mECskbyNA.mft (raw, json)
Hash identifier:          /mRrSJtvOk46tRHVLulsUG206a1mz1+NKvIS6KW4aBw=
Subject key identifier:   B6:0A:36:50:54:38:4B:E3:BF:F8:79:A4:07:A6:55:73:DF:AC:81:E9
Authority key identifier: 61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0
Certificate issuer:       /CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
Certificate serial:       0196741E0C90E693BF4D8E207DF3FC11B460
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
Manifest number:          0C6E
Signing time:             Sat 26 Apr 2025 22:00:48 +0000
Manifest this update:     Sat 26 Apr 2025 22:00:48 +0000
Manifest next update:     Sun 27 Apr 2025 22:00:48 +0000
Files and hashes:         1: YTChAogFFzqiJUSk67mECskbyNA.crl (hash: qIS4DzIAM94uz6yyNwHnmnICwTN8HkCuGuMi71FUqDQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 20:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:1e:0c:90:e6:93:bf:4d:8e:20:7d:f3:fc:11:b4:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
        Validity
            Not Before: Apr 26 22:00:48 2025 GMT
            Not After : Apr 27 22:00:48 2025 GMT
        Subject: CN=b60a365054384be3bff879a407a65573dfac81e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:22:64:ee:a3:aa:aa:2f:9f:c1:1c:26:57:3a:
                    67:37:a6:3e:56:98:93:75:64:25:f2:34:52:f8:3b:
                    95:57:c4:60:4e:5a:07:5e:9e:14:90:6f:91:e6:07:
                    2b:a1:8a:da:f8:69:c9:b2:4c:08:5e:d6:23:a8:13:
                    cc:0b:18:27:b1:4a:4c:1a:c3:68:57:91:ce:92:8b:
                    e5:ad:94:ed:63:1e:10:0a:b0:a2:66:b3:dd:30:b3:
                    62:2f:f9:d5:1a:0c:23:9c:57:0c:33:44:33:51:27:
                    1c:fd:2a:80:3b:13:5b:43:49:1d:77:cf:29:34:57:
                    07:a1:d4:5c:16:b9:0d:43:d6:f5:68:fc:01:d1:39:
                    6e:f8:cc:53:a3:51:9f:dd:9e:f1:68:01:52:a1:65:
                    d5:95:9e:c1:2e:af:d9:08:e6:b0:a6:f6:50:aa:71:
                    d9:05:46:a2:ff:cb:39:7d:31:bb:44:3e:5c:63:ec:
                    14:62:71:ec:92:ad:54:19:45:8e:1d:db:88:e8:fd:
                    08:f3:b8:38:a1:65:0b:b1:9c:19:5d:a9:6a:db:03:
                    34:7a:e8:93:4f:0c:35:6e:e8:ef:b0:08:15:a2:be:
                    8a:21:86:0d:66:d4:32:fd:34:c9:d0:f9:4a:4a:20:
                    dd:ae:c5:5e:97:b3:90:ec:6c:12:83:83:79:70:af:
                    8d:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:0A:36:50:54:38:4B:E3:BF:F8:79:A4:07:A6:55:73:DF:AC:81:E9
            X509v3 Authority Key Identifier:
                keyid:61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:8a:2e:84:91:7e:0f:e2:c5:18:3e:62:86:d7:5c:d9:f9:92:
         a2:31:de:f2:ac:cf:43:41:6f:3d:88:a5:43:b7:ba:3e:76:b4:
         f1:a2:c4:94:69:e5:a6:62:12:3c:23:2d:8d:f5:00:81:30:15:
         ce:a8:2c:fa:fa:95:e3:aa:7a:05:10:19:c0:9b:d2:3a:2f:95:
         af:8e:26:a6:63:8e:19:5c:7d:fb:51:7b:23:52:62:2e:3d:c9:
         32:15:71:f9:8e:fb:54:7e:b8:1f:50:4f:dc:8d:66:cd:56:c3:
         d8:52:25:c2:50:55:6f:18:61:a8:f4:a6:18:7d:49:8a:82:3c:
         5c:43:df:2b:54:05:e8:00:d0:a0:8b:c5:c5:c6:4d:de:87:ff:
         6e:b1:77:9b:be:f6:a7:53:7c:81:c7:ca:78:2a:17:3c:47:a3:
         b9:9c:d1:70:53:4e:b9:61:82:42:09:81:54:6a:19:74:c0:6c:
         aa:54:4a:9f:0d:08:b9:31:ca:f4:15:24:fc:d8:5b:5b:5e:e0:
         3b:23:3d:1e:36:73:3e:5e:17:87:fe:35:08:6c:0f:2b:84:32:
         29:64:87:ff:f7:8b:34:6a:5b:ac:00:30:96:b4:3a:7e:d7:5d:
         7e:b4:54:e6:26:e1:24:02:a1:2c:f9:e9:fc:aa:3f:9b:10:6e:
         4f:0e:37:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0HgyQ5pO/TY4gffP8EbRgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzBhMTAyODgwNTE3M2FhMjI1NDRhNGViYjk4NDBhYzkx
YmM4ZDAwHhcNMjUwNDI2MjIwMDQ4WhcNMjUwNDI3MjIwMDQ4WjAzMTEwLwYDVQQD
EyhiNjBhMzY1MDU0Mzg0YmUzYmZmODc5YTQwN2E2NTU3M2RmYWM4MWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCJk7qOqqi+fwRwmVzpnN6Y+VpiT
dWQl8jRS+DuVV8RgTloHXp4UkG+R5gcroYra+GnJskwIXtYjqBPMCxgnsUpMGsNo
V5HOkovlrZTtYx4QCrCiZrPdMLNiL/nVGgwjnFcMM0QzUScc/SqAOxNbQ0kdd88p
NFcHodRcFrkNQ9b1aPwB0Tlu+MxTo1Gf3Z7xaAFSoWXVlZ7BLq/ZCOawpvZQqnHZ
BUai/8s5fTG7RD5cY+wUYnHskq1UGUWOHduI6P0I87g4oWULsZwZXalq2wM0euiT
Tww1bujvsAgVor6KIYYNZtQy/TTJ0PlKSiDdrsVel7OQ7GwSg4N5cK+N4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLYKNlBUOEvjv/h5pAemVXPfrIHpMB8GA1UdIwQY
MBaAFGEwoQKIBRc6oiVEpOu5hArJG8jQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAt
YTUzYjVlOTc5MTMxLzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAtYTUzYjVlOTc5MTMx
LzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk4ouhJF+
D+LFGD5ihtdc2fmSojHe8qzPQ0FvPYilQ7e6Pna08aLElGnlpmISPCMtjfUAgTAV
zqgs+vqV46p6BRAZwJvSOi+Vr44mpmOOGVx9+1F7I1JiLj3JMhVx+Y77VH64H1BP
3I1mzVbD2FIlwlBVbxhhqPSmGH1JioI8XEPfK1QF6ADQoIvFxcZN3of/brF3m772
p1N8gcfKeCoXPEejuZzRcFNOuWGCQgmBVGoZdMBsqlRKnw0IuTHK9BUk/NhbW17g
OyM9HjZzPl4Xh/41CGwPK4QyKWSH//eLNGpbrAAwlrQ6ftddfrRU5ibhJAKhLPnp
/Ko/mxBuTw43yQ==
-----END CERTIFICATE-----