Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/974d80-d394-4962-a6a3-ce4d845554fd/1/JxuYpgqSaCCkjLQ6SvMIyI_ycho.mft
File:                     JxuYpgqSaCCkjLQ6SvMIyI_ycho.mft (raw, json)
Hash identifier:          B7foEhJ9UYcLhdZTEiy6hT2NUAoQwKKwWxRnNXl3rME=
Subject key identifier:   67:E3:1A:D5:9A:63:85:1A:6E:C2:BA:DA:39:87:21:CE:BF:3A:90:26
Authority key identifier: 27:1B:98:A6:0A:92:68:20:A4:8C:B4:3A:4A:F3:08:C8:8F:F2:72:1A
Certificate issuer:       /CN=271b98a60a926820a48cb43a4af308c88ff2721a
Certificate serial:       019686C8E6ACDBCAAC4CBCB7E94875078AE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JxuYpgqSaCCkjLQ6SvMIyI_ycho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/974d80-d394-4962-a6a3-ce4d845554fd/1/JxuYpgqSaCCkjLQ6SvMIyI_ycho.mft
Manifest number:          0DDC
Signing time:             Wed 30 Apr 2025 13:00:35 +0000
Manifest this update:     Wed 30 Apr 2025 13:00:35 +0000
Manifest next update:     Thu 01 May 2025 13:00:35 +0000
Files and hashes:         1: JxuYpgqSaCCkjLQ6SvMIyI_ycho.crl (hash: XCwtDA4Jlwsd7k9OaCf/RAXFiQX3nM4F0CiLK8GMmcE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/974d80-d394-4962-a6a3-ce4d845554fd/1/JxuYpgqSaCCkjLQ6SvMIyI_ycho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/974d80-d394-4962-a6a3-ce4d845554fd/1/JxuYpgqSaCCkjLQ6SvMIyI_ycho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JxuYpgqSaCCkjLQ6SvMIyI_ycho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 13:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:86:c8:e6:ac:db:ca:ac:4c:bc:b7:e9:48:75:07:8a:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=271b98a60a926820a48cb43a4af308c88ff2721a
        Validity
            Not Before: Apr 30 13:00:35 2025 GMT
            Not After : May  1 13:00:35 2025 GMT
        Subject: CN=67e31ad59a63851a6ec2bada398721cebf3a9026
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:d2:16:f2:57:62:0a:32:05:91:54:a7:f8:80:
                    da:9d:29:97:19:5a:eb:64:e0:50:da:3c:07:84:78:
                    26:76:e2:29:8a:44:1d:70:66:37:95:36:3d:cd:44:
                    ad:db:ea:c6:e0:ad:82:6d:eb:d2:07:ff:5a:b8:1c:
                    19:33:bf:70:1d:32:4e:d3:c9:d3:13:30:f1:89:65:
                    a7:34:f2:ae:a3:8f:bf:42:0f:c7:7e:69:f0:57:4a:
                    62:4a:6c:74:2b:88:4b:a5:4a:ad:68:86:bc:0d:05:
                    94:8f:20:ed:ff:84:8f:08:0b:44:a6:9e:c3:7c:8a:
                    0f:86:2d:04:07:3e:53:b7:a2:43:00:9e:db:dd:c2:
                    fd:98:f5:7d:29:11:74:6d:56:e5:ac:82:54:e8:8c:
                    55:37:0f:6f:25:70:ac:00:df:0c:1d:2b:32:95:7e:
                    a4:cf:56:98:b1:5a:8e:b8:2f:96:7b:1c:9b:14:46:
                    83:84:c2:c1:a2:30:46:86:d9:6c:d8:b8:04:f4:c5:
                    02:72:7f:fb:06:dd:4d:c0:ca:c9:5d:6f:01:54:26:
                    76:49:95:ad:5c:e3:32:00:dd:47:0f:65:79:0d:45:
                    58:85:1c:0f:bf:2b:cc:16:60:d7:4b:2d:f9:ec:4a:
                    ea:6d:3e:b3:fc:69:c0:83:bc:08:3c:be:6c:c7:a8:
                    c0:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:E3:1A:D5:9A:63:85:1A:6E:C2:BA:DA:39:87:21:CE:BF:3A:90:26
            X509v3 Authority Key Identifier:
                keyid:27:1B:98:A6:0A:92:68:20:A4:8C:B4:3A:4A:F3:08:C8:8F:F2:72:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JxuYpgqSaCCkjLQ6SvMIyI_ycho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/974d80-d394-4962-a6a3-ce4d845554fd/1/JxuYpgqSaCCkjLQ6SvMIyI_ycho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/974d80-d394-4962-a6a3-ce4d845554fd/1/JxuYpgqSaCCkjLQ6SvMIyI_ycho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:8b:fa:9b:bf:2c:91:d7:52:ff:14:fc:31:a2:a7:e0:59:9c:
         0d:de:b2:e8:18:e9:98:a6:cf:18:f8:d4:4d:e8:f8:0c:52:03:
         f4:68:5d:7b:ab:b9:36:64:f2:0c:eb:37:b8:34:92:ec:07:d9:
         c2:2e:2c:c8:97:a2:97:a8:62:e7:b3:e0:45:07:c1:c3:f5:20:
         e0:56:f8:d4:8e:29:32:77:1d:20:d3:aa:5a:ee:9f:69:6f:27:
         14:a5:15:e0:9a:f9:f5:a5:2a:c5:8f:7b:1d:e6:89:9c:eb:82:
         43:cc:e2:56:ac:90:90:37:69:2b:ce:a0:3c:ed:71:2c:49:54:
         af:9f:4a:a6:83:2a:86:9a:8d:93:92:29:5a:96:52:dc:8b:e5:
         3b:d9:f6:67:0c:87:a0:eb:04:78:a8:34:8d:60:0c:48:d9:b5:
         e8:92:a6:6f:17:96:dd:bd:16:41:a5:e7:9a:1d:9c:b3:18:c1:
         bf:98:fc:77:47:f8:ac:b4:34:8e:cb:26:46:03:c4:93:39:84:
         cc:55:98:26:de:44:d3:31:ad:11:5f:77:44:58:38:41:6c:27:
         82:c4:c7:88:c5:00:f5:ec:e5:20:6a:c2:a5:7f:ab:3a:9a:6e:
         38:86:9c:33:cf:cd:ed:8b:95:c9:37:f8:c7:d4:ae:f9:8e:e0:
         53:fa:68:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaGyOas28qsTLy36Uh1B4riMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MWI5OGE2MGE5MjY4MjBhNDhjYjQzYTRhZjMwOGM4OGZm
MjcyMWEwHhcNMjUwNDMwMTMwMDM1WhcNMjUwNTAxMTMwMDM1WjAzMTEwLwYDVQQD
Eyg2N2UzMWFkNTlhNjM4NTFhNmVjMmJhZGEzOTg3MjFjZWJmM2E5MDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9IW8ldiCjIFkVSn+IDanSmXGVrr
ZOBQ2jwHhHgmduIpikQdcGY3lTY9zUSt2+rG4K2CbevSB/9auBwZM79wHTJO08nT
EzDxiWWnNPKuo4+/Qg/HfmnwV0piSmx0K4hLpUqtaIa8DQWUjyDt/4SPCAtEpp7D
fIoPhi0EBz5Tt6JDAJ7b3cL9mPV9KRF0bVblrIJU6IxVNw9vJXCsAN8MHSsylX6k
z1aYsVqOuC+WexybFEaDhMLBojBGhtls2LgE9MUCcn/7Bt1NwMrJXW8BVCZ2SZWt
XOMyAN1HD2V5DUVYhRwPvyvMFmDXSy357ErqbT6z/GnAg7wIPL5sx6jAJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfjGtWaY4UabsK62jmHIc6/OpAmMB8GA1UdIwQY
MBaAFCcbmKYKkmggpIy0OkrzCMiP8nIaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnh1WXBncVNhQ0NrakxRNlN2TUl5SV95Y2hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi85NzRkODAtZDM5NC00OTYyLWE2YTMt
Y2U0ZDg0NTU1NGZkLzEvSnh1WXBncVNhQ0NrakxRNlN2TUl5SV95Y2hvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi85NzRkODAtZDM5NC00OTYyLWE2YTMtY2U0ZDg0NTU1NGZk
LzEvSnh1WXBncVNhQ0NrakxRNlN2TUl5SV95Y2hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASIv6m78s
kddS/xT8MaKn4FmcDd6y6BjpmKbPGPjUTej4DFID9Ghde6u5NmTyDOs3uDSS7AfZ
wi4syJeil6hi57PgRQfBw/Ug4Fb41I4pMncdINOqWu6faW8nFKUV4Jr59aUqxY97
HeaJnOuCQ8ziVqyQkDdpK86gPO1xLElUr59KpoMqhpqNk5IpWpZS3IvlO9n2ZwyH
oOsEeKg0jWAMSNm16JKmbxeW3b0WQaXnmh2csxjBv5j8d0f4rLQ0jssmRgPEkzmE
zFWYJt5E0zGtEV93RFg4QWwngsTHiMUA9ezlIGrCpX+rOppuOIacM8/N7YuVyTf4
x9Su+Y7gU/po8g==
-----END CERTIFICATE-----