Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
File:                     Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft (raw, json)
Hash identifier:          yzFDccng22BRfJuleNfInPQP7U900wNKNw6wODfdZLU=
Subject key identifier:   77:4E:03:FE:5B:51:55:D3:E3:8D:6E:09:FA:0A:E2:4C:DC:11:8C:57
Authority key identifier: 63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0
Certificate issuer:       /CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
Certificate serial:       019676B11D523662AA0CD6B6DA9D858CCF35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
Manifest number:          069A
Signing time:             Sun 27 Apr 2025 10:00:40 +0000
Manifest this update:     Sun 27 Apr 2025 10:00:40 +0000
Manifest next update:     Mon 28 Apr 2025 10:00:40 +0000
Files and hashes:         1: Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl (hash: bwOjIxt0c72a60Vv83uxPa+bAPjAFYzEwPU0C7SkP08=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 10:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:b1:1d:52:36:62:aa:0c:d6:b6:da:9d:85:8c:cf:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
        Validity
            Not Before: Apr 27 10:00:40 2025 GMT
            Not After : Apr 28 10:00:40 2025 GMT
        Subject: CN=774e03fe5b5155d3e38d6e09fa0ae24cdc118c57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:ef:d6:9c:44:9e:f4:11:d8:fa:e1:cb:52:7e:
                    79:44:67:ed:7a:de:f6:99:0b:54:b3:ae:d3:4e:d9:
                    3b:a9:bf:5e:e7:92:fb:67:e7:3d:ea:f3:9e:9a:cb:
                    1b:f9:42:cc:dd:85:fe:fa:7c:53:30:59:99:f7:ec:
                    28:39:9b:da:9d:11:b0:4d:09:75:44:dc:ce:91:c5:
                    94:e5:2e:6f:37:78:6b:32:41:3b:14:26:04:59:5f:
                    8e:1b:25:13:b9:75:17:ca:18:35:d7:bc:fe:a1:98:
                    62:8b:16:fd:1a:2a:e1:86:22:cb:f7:8c:bd:c9:8f:
                    45:c4:cf:78:5c:3b:76:0b:d0:62:9d:69:3e:63:99:
                    de:0d:23:b8:10:e7:08:8b:36:71:e9:32:a7:a1:97:
                    af:66:b2:aa:23:c7:7f:b4:b3:e0:7c:61:5c:c2:ad:
                    51:ac:a0:21:f2:db:29:d7:fb:3f:ff:2d:ef:68:3f:
                    e9:bb:d1:aa:54:f8:97:43:d5:39:5a:85:03:3a:2c:
                    61:be:40:ab:57:ef:60:ae:19:68:05:6c:4f:53:fe:
                    a5:cc:41:6f:5f:fc:ce:aa:68:57:fe:5d:41:be:55:
                    6c:8d:0e:13:da:9c:07:77:69:24:7e:85:8c:d7:23:
                    ce:6a:30:ee:9e:cd:17:6b:eb:60:10:81:5e:84:f4:
                    92:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:4E:03:FE:5B:51:55:D3:E3:8D:6E:09:FA:0A:E2:4C:DC:11:8C:57
            X509v3 Authority Key Identifier:
                keyid:63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:05:0a:c1:34:31:4c:96:6c:fb:8b:a6:1c:d7:ff:32:b6:13:
         6c:96:80:b6:02:8d:0d:a9:ef:94:27:8e:3c:a9:20:0a:5a:dd:
         0e:5f:a3:c7:84:1f:0e:8a:7f:95:62:1b:2d:fb:84:bf:06:61:
         f7:c6:88:44:eb:f2:ec:8b:5d:60:da:9a:b5:40:4b:29:97:66:
         f3:31:6a:d7:1d:f9:46:84:9a:f5:a7:67:ef:0b:ec:fc:1b:9e:
         30:c2:72:d1:4f:a2:1d:bc:70:78:e0:a6:2d:90:d4:fc:36:50:
         95:d8:ae:e3:02:58:8b:b3:f0:4d:82:f5:ab:6c:6a:e1:95:b9:
         f9:30:6f:4a:81:25:0c:94:64:0e:3b:c9:81:e8:a6:e5:b4:25:
         b3:5a:a6:b0:6e:be:41:71:ea:01:66:68:09:59:2b:67:1a:7d:
         bf:49:55:ad:67:bd:a6:64:ed:a6:e4:33:5d:03:cc:6e:0f:44:
         98:9a:22:4e:98:9b:2f:a6:89:44:db:40:ad:b3:cc:7b:af:4a:
         59:f4:28:21:8a:08:08:98:84:ad:a3:62:93:5d:62:67:26:7a:
         00:93:35:f3:23:3f:81:8b:4f:1c:43:c1:25:8e:dc:42:c6:95:
         33:e5:de:cf:69:05:3f:3b:db:6f:a3:b4:ab:7f:64:d4:c1:50:
         1b:c9:3d:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2sR1SNmKqDNa22p2FjM81MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYThjYTE2NjYyMDZkMmNmMTJiNTA3ODcyZWFkMGY1YTc5
M2QwZTAwHhcNMjUwNDI3MTAwMDQwWhcNMjUwNDI4MTAwMDQwWjAzMTEwLwYDVQQD
Eyg3NzRlMDNmZTViNTE1NWQzZTM4ZDZlMDlmYTBhZTI0Y2RjMTE4YzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2u/WnESe9BHY+uHLUn55RGftet72
mQtUs67TTtk7qb9e55L7Z+c96vOemssb+ULM3YX++nxTMFmZ9+woOZvanRGwTQl1
RNzOkcWU5S5vN3hrMkE7FCYEWV+OGyUTuXUXyhg117z+oZhiixb9GirhhiLL94y9
yY9FxM94XDt2C9BinWk+Y5neDSO4EOcIizZx6TKnoZevZrKqI8d/tLPgfGFcwq1R
rKAh8tsp1/s//y3vaD/pu9GqVPiXQ9U5WoUDOixhvkCrV+9grhloBWxPU/6lzEFv
X/zOqmhX/l1BvlVsjQ4T2pwHd2kkfoWM1yPOajDuns0Xa+tgEIFehPSSpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHdOA/5bUVXT441uCfoK4kzcEYxXMB8GA1UdIwQY
MBaAFGOoyhZmIG0s8StQeHLq0PWnk9DgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEt
NzVhYjIxZjNiM2QwLzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEtNzVhYjIxZjNiM2Qw
LzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWgUKwTQx
TJZs+4umHNf/MrYTbJaAtgKNDanvlCeOPKkgClrdDl+jx4QfDop/lWIbLfuEvwZh
98aIROvy7ItdYNqatUBLKZdm8zFq1x35RoSa9adn7wvs/BueMMJy0U+iHbxweOCm
LZDU/DZQldiu4wJYi7PwTYL1q2xq4ZW5+TBvSoElDJRkDjvJgeim5bQls1qmsG6+
QXHqAWZoCVkrZxp9v0lVrWe9pmTtpuQzXQPMbg9EmJoiTpibL6aJRNtArbPMe69K
WfQoIYoICJiEraNik11iZyZ6AJM18yM/gYtPHEPBJY7cQsaVM+Xez2kFPzvbb6O0
q39k1MFQG8k9gg==
-----END CERTIFICATE-----