Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft
File:                     y_sCefzSOo5YPzRauQRyjm0OTGI.mft (raw, json)
Hash identifier:          TEx3oeh1jC3WKicyybn+jLfu+SLZoI8NMhh/K3AGGqo=
Subject key identifier:   2C:5D:AE:1B:D6:5A:9C:9A:30:1B:02:10:E9:2B:67:75:D0:66:51:52
Authority key identifier: CB:FB:02:79:FC:D2:3A:8E:58:3F:34:5A:B9:04:72:8E:6D:0E:4C:62
Certificate issuer:       /CN=cbfb0279fcd23a8e583f345ab904728e6d0e4c62
Certificate serial:       019678D6973AB84A70AC8F8994774F9AA972
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y_sCefzSOo5YPzRauQRyjm0OTGI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft
Manifest number:          053A
Signing time:             Sun 27 Apr 2025 20:00:51 +0000
Manifest this update:     Sun 27 Apr 2025 20:00:51 +0000
Manifest next update:     Mon 28 Apr 2025 20:00:51 +0000
Files and hashes:         1: y_sCefzSOo5YPzRauQRyjm0OTGI.crl (hash: 3b0pcBcBoBCIA4JWo0GJqtpyBIdVuLinRYV3HSJqCrY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y_sCefzSOo5YPzRauQRyjm0OTGI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:d6:97:3a:b8:4a:70:ac:8f:89:94:77:4f:9a:a9:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbfb0279fcd23a8e583f345ab904728e6d0e4c62
        Validity
            Not Before: Apr 27 20:00:51 2025 GMT
            Not After : Apr 28 20:00:51 2025 GMT
        Subject: CN=2c5dae1bd65a9c9a301b0210e92b6775d0665152
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:da:34:38:47:89:27:c8:fc:30:83:9a:5d:5f:
                    ea:19:dc:f3:e7:b6:0c:98:d9:18:dd:a3:2a:3c:3e:
                    d1:80:0a:36:b7:6c:18:b7:6e:4c:83:7e:0f:5c:8f:
                    69:5e:d0:1b:9d:d3:6e:53:a8:cb:dd:45:d2:10:90:
                    c8:90:b0:9d:e1:3f:53:2c:f0:27:cd:da:f3:8b:08:
                    dd:a6:a7:22:3d:c5:b0:60:4e:cc:42:38:1e:98:7e:
                    5a:11:61:27:9b:f3:15:93:69:52:ee:1b:bb:07:19:
                    d3:c7:37:33:e1:53:cf:9a:6d:4d:73:0f:a0:1c:34:
                    67:c6:1d:87:fe:ec:07:0d:35:f0:a6:63:fa:ae:0e:
                    23:a3:fd:30:7d:a0:66:85:7e:78:b4:39:8a:84:0d:
                    e4:7d:eb:31:ca:66:34:6e:38:40:e1:28:29:fa:69:
                    37:af:dc:c9:be:9f:5e:d9:27:64:b8:d8:7f:c6:21:
                    a7:bd:d8:57:b2:45:65:79:09:fd:a3:30:be:3c:52:
                    1b:69:d7:61:bb:92:d9:cc:61:62:98:92:b4:5e:59:
                    7a:41:4e:f0:71:bd:1f:7a:c8:f7:7b:83:4c:75:2a:
                    39:7b:f4:ba:ce:fb:65:b6:ed:d3:84:70:71:94:e6:
                    b4:e1:f1:26:fa:28:fa:47:5f:dd:1a:18:63:68:fd:
                    d9:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:5D:AE:1B:D6:5A:9C:9A:30:1B:02:10:E9:2B:67:75:D0:66:51:52
            X509v3 Authority Key Identifier:
                keyid:CB:FB:02:79:FC:D2:3A:8E:58:3F:34:5A:B9:04:72:8E:6D:0E:4C:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_sCefzSOo5YPzRauQRyjm0OTGI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:d6:d9:5d:ba:18:e6:c3:7c:14:a0:21:13:9e:68:84:4f:37:
         83:d2:bb:fc:07:1f:f3:2d:4a:23:e5:ae:d8:52:d9:6c:01:c5:
         3a:3e:9a:5f:b0:42:86:cf:1d:f9:7f:83:fc:cb:cf:f2:42:39:
         4f:bb:61:f9:2b:53:3e:0a:a6:03:42:2b:72:fb:b3:4b:46:50:
         d8:5f:48:1c:2a:25:65:da:45:83:7d:8e:9c:20:05:3e:bf:b0:
         6e:b6:34:eb:e2:20:08:62:67:a7:89:36:de:19:60:7b:62:ee:
         f2:bf:8b:94:de:e3:d1:6d:87:4c:85:4f:1e:13:98:b3:77:77:
         bf:a0:a0:e9:9b:73:5e:46:d1:0a:fb:8b:68:e6:11:da:83:56:
         fc:30:4c:a7:ad:5a:e0:24:9a:bc:4a:db:c7:f3:09:f1:b0:d7:
         58:0d:25:68:f0:74:bb:66:64:c9:ca:e3:29:03:5b:a7:be:5f:
         0e:f1:f9:91:9c:dd:e3:d8:10:9c:2b:5d:6a:0e:29:e9:03:8f:
         f9:94:a4:0b:e9:f6:c7:25:8c:90:11:78:e8:24:6b:3d:a3:ba:
         24:e0:24:52:b5:5e:88:05:79:97:a0:76:4d:bf:5a:ed:a6:e9:
         a8:77:b2:b2:f0:11:c3:ca:2d:98:d8:9e:e4:15:05:52:52:fe:
         d2:fd:0a:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ41pc6uEpwrI+JlHdPmqlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZmIwMjc5ZmNkMjNhOGU1ODNmMzQ1YWI5MDQ3MjhlNmQw
ZTRjNjIwHhcNMjUwNDI3MjAwMDUxWhcNMjUwNDI4MjAwMDUxWjAzMTEwLwYDVQQD
EygyYzVkYWUxYmQ2NWE5YzlhMzAxYjAyMTBlOTJiNjc3NWQwNjY1MTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdo0OEeJJ8j8MIOaXV/qGdzz57YM
mNkY3aMqPD7RgAo2t2wYt25Mg34PXI9pXtAbndNuU6jL3UXSEJDIkLCd4T9TLPAn
zdrziwjdpqciPcWwYE7MQjgemH5aEWEnm/MVk2lS7hu7BxnTxzcz4VPPmm1Ncw+g
HDRnxh2H/uwHDTXwpmP6rg4jo/0wfaBmhX54tDmKhA3kfesxymY0bjhA4Sgp+mk3
r9zJvp9e2SdkuNh/xiGnvdhXskVleQn9ozC+PFIbaddhu5LZzGFimJK0Xll6QU7w
cb0fesj3e4NMdSo5e/S6zvtltu3ThHBxlOa04fEm+ij6R1/dGhhjaP3ZmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCxdrhvWWpyaMBsCEOkrZ3XQZlFSMB8GA1UdIwQY
MBaAFMv7Ann80jqOWD80WrkEco5tDkxiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9zQ2VmelNPbzVZUHpSYXVRUnlqbTBPVEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi85Njc3YjEtZDQzZS00NjZlLTliZjgt
ODBmODIwMjcxNGRhLzEveV9zQ2VmelNPbzVZUHpSYXVRUnlqbTBPVEdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi85Njc3YjEtZDQzZS00NjZlLTliZjgtODBmODIwMjcxNGRh
LzEveV9zQ2VmelNPbzVZUHpSYXVRUnlqbTBPVEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI9bZXboY
5sN8FKAhE55ohE83g9K7/Acf8y1KI+Wu2FLZbAHFOj6aX7BChs8d+X+D/MvP8kI5
T7th+StTPgqmA0IrcvuzS0ZQ2F9IHColZdpFg32OnCAFPr+wbrY06+IgCGJnp4k2
3hlge2Lu8r+LlN7j0W2HTIVPHhOYs3d3v6Cg6ZtzXkbRCvuLaOYR2oNW/DBMp61a
4CSavErbx/MJ8bDXWA0laPB0u2ZkycrjKQNbp75fDvH5kZzd49gQnCtdag4p6QOP
+ZSkC+n2xyWMkBF46CRrPaO6JOAkUrVeiAV5l6B2Tb9a7abpqHeysvARw8otmNie
5BUFUlL+0v0KAQ==
-----END CERTIFICATE-----