Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
File:                     pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft (raw, json)
Hash identifier:          vk0w7+6gEaeyEEU1ZXJ7t/PHndN4/tOFQpqWj6WO9FE=
Subject key identifier:   17:2B:70:84:5B:FB:2E:90:C0:74:A3:B8:44:89:3A:73:20:0E:9D:69
Authority key identifier: A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92
Certificate issuer:       /CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92
Certificate serial:       019681A25591152A4A310C4A9AE6C2304B1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
Manifest number:          1012
Signing time:             Tue 29 Apr 2025 13:00:21 +0000
Manifest this update:     Tue 29 Apr 2025 13:00:21 +0000
Manifest next update:     Wed 30 Apr 2025 13:00:21 +0000
Files and hashes:         1: pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl (hash: U/9PHAhugrtZpNWkQih1J5tllIsOnGxQVSDtoOO8Wy0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 13:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:81:a2:55:91:15:2a:4a:31:0c:4a:9a:e6:c2:30:4b:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92
        Validity
            Not Before: Apr 29 13:00:21 2025 GMT
            Not After : Apr 30 13:00:21 2025 GMT
        Subject: CN=172b70845bfb2e90c074a3b844893a73200e9d69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:50:bb:0d:d2:6d:2e:6d:c2:fd:58:d4:9c:9d:
                    ad:9e:70:fd:d5:39:23:3b:e1:a6:1f:7f:c4:6c:7f:
                    07:d4:ca:4a:28:d0:44:2f:89:c6:9c:53:c8:09:eb:
                    31:26:cf:9a:64:e2:ae:4e:33:98:a5:86:83:41:ba:
                    e3:50:af:c8:9f:d1:5d:54:03:2f:02:28:bf:eb:42:
                    73:67:db:4f:49:85:4e:41:a8:5d:b6:fc:72:19:a5:
                    a4:57:4f:91:6c:20:0a:8d:62:4f:88:9c:48:14:c7:
                    e9:b1:fc:4b:bd:d6:a8:a3:27:e1:8f:9a:d6:1b:c3:
                    be:80:ed:50:ea:1d:fa:4c:f1:6b:b9:c5:d0:ca:10:
                    b2:12:71:45:8f:de:6a:81:03:33:31:a8:48:d3:f3:
                    0a:03:ff:81:f7:cf:0c:22:6a:dc:e1:5e:b7:77:27:
                    ab:5a:0c:a3:b1:98:04:54:d3:c0:e3:c2:64:07:ac:
                    01:a8:63:3d:cb:fc:78:18:34:91:7a:34:ca:8d:14:
                    72:9e:63:93:cf:00:0b:e6:ea:4c:d7:53:5f:99:93:
                    4c:7f:b9:93:19:d7:63:91:b8:7c:f4:b8:9a:3d:e2:
                    24:56:f2:43:0b:f9:a6:b9:03:89:3b:18:e5:c3:9e:
                    1c:d4:7d:16:8b:0a:c0:87:4f:6e:c9:97:84:72:86:
                    33:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:2B:70:84:5B:FB:2E:90:C0:74:A3:B8:44:89:3A:73:20:0E:9D:69
            X509v3 Authority Key Identifier:
                keyid:A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:37:7d:a8:f4:04:63:8c:79:39:ba:b5:b4:a0:99:01:e7:d2:
         03:81:34:8b:c6:ab:2c:d1:05:09:42:c4:9b:22:ed:2c:ad:1c:
         08:a8:63:73:43:d3:75:3b:53:b7:5f:b2:15:78:55:40:5d:5e:
         17:98:00:39:65:85:62:f5:4d:b2:38:a3:f0:29:41:ba:7a:a1:
         03:c7:4b:69:17:73:26:27:8f:88:c2:d0:1d:e0:9f:e6:24:ab:
         13:d4:49:13:c7:15:bf:f8:3e:c4:ce:a8:97:36:7e:f2:35:4d:
         17:73:6b:95:c6:0f:11:92:fe:49:03:de:a8:8c:86:7e:4b:68:
         96:50:f0:d1:a7:97:3f:99:34:29:12:dd:a2:83:83:36:29:97:
         18:7a:30:cb:81:d2:d4:3f:04:c5:b2:05:b6:7e:9b:a9:12:21:
         03:d9:55:be:21:87:80:03:ae:4a:3f:7d:a3:51:c2:ee:24:5d:
         54:b2:9a:02:fa:30:8b:a0:b3:0a:a4:24:27:35:62:66:d0:79:
         f6:45:93:52:44:5a:b5:eb:7b:93:a9:15:4b:6c:e2:0b:a7:21:
         be:04:af:48:6e:33:10:c8:a8:ff:26:57:c1:ce:b1:ac:3e:8d:
         82:41:24:89:55:75:47:33:35:05:a6:f3:b8:14:1f:d2:c2:0b:
         6d:52:2f:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaBolWRFSpKMQxKmubCMEsbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OGVmZDEwOGQ0YzViMGY0ZjlhODhhZTUzYmI3ZmVjOWQ1
OTRiOTIwHhcNMjUwNDI5MTMwMDIxWhcNMjUwNDMwMTMwMDIxWjAzMTEwLwYDVQQD
EygxNzJiNzA4NDViZmIyZTkwYzA3NGEzYjg0NDg5M2E3MzIwMGU5ZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVC7DdJtLm3C/VjUnJ2tnnD91Tkj
O+GmH3/EbH8H1MpKKNBEL4nGnFPICesxJs+aZOKuTjOYpYaDQbrjUK/In9FdVAMv
Aii/60JzZ9tPSYVOQahdtvxyGaWkV0+RbCAKjWJPiJxIFMfpsfxLvdaooyfhj5rW
G8O+gO1Q6h36TPFrucXQyhCyEnFFj95qgQMzMahI0/MKA/+B988MImrc4V63dyer
WgyjsZgEVNPA48JkB6wBqGM9y/x4GDSRejTKjRRynmOTzwAL5upM11NfmZNMf7mT
Gddjkbh89LiaPeIkVvJDC/mmuQOJOxjlw54c1H0WiwrAh09uyZeEcoYzGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBcrcIRb+y6QwHSjuESJOnMgDp1pMB8GA1UdIwQY
MBaAFKWO/RCNTFsPT5qIrlO7f+ydWUuSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUt
MTVjYzVkYTA3ODI2LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUtMTVjYzVkYTA3ODI2
LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEjd9qPQE
Y4x5Obq1tKCZAefSA4E0i8arLNEFCULEmyLtLK0cCKhjc0PTdTtTt1+yFXhVQF1e
F5gAOWWFYvVNsjij8ClBunqhA8dLaRdzJiePiMLQHeCf5iSrE9RJE8cVv/g+xM6o
lzZ+8jVNF3NrlcYPEZL+SQPeqIyGfktollDw0aeXP5k0KRLdooODNimXGHowy4HS
1D8ExbIFtn6bqRIhA9lVviGHgAOuSj99o1HC7iRdVLKaAvowi6CzCqQkJzViZtB5
9kWTUkRatet7k6kVS2ziC6chvgSvSG4zEMio/yZXwc6xrD6NgkEkiVV1RzM1Babz
uBQf0sILbVIvXg==
-----END CERTIFICATE-----