Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a20d6a-91ba-442f-8927-dc0043e9bb4d/1/YG03z4fxLyqy3vMTgMOGuCbBnWU.mft
File:                     YG03z4fxLyqy3vMTgMOGuCbBnWU.mft (raw, json)
Hash identifier:          /Oxl6B+CqGxBMAJvgGIYWb5cu85Scm/ZbbVlNrq5KuM=
Subject key identifier:   D1:1A:2D:57:C4:FB:69:8E:06:C6:B1:18:18:FA:B0:57:01:C7:02:B0
Authority key identifier: 60:6D:37:CF:87:F1:2F:2A:B2:DE:F3:13:80:C3:86:B8:26:C1:9D:65
Certificate issuer:       /CN=606d37cf87f12f2ab2def31380c386b826c19d65
Certificate serial:       019676B106CA3F9E643D4DBC78FC3883EA34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YG03z4fxLyqy3vMTgMOGuCbBnWU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/a20d6a-91ba-442f-8927-dc0043e9bb4d/1/YG03z4fxLyqy3vMTgMOGuCbBnWU.mft
Manifest number:          150B
Signing time:             Sun 27 Apr 2025 10:00:35 +0000
Manifest this update:     Sun 27 Apr 2025 10:00:35 +0000
Manifest next update:     Mon 28 Apr 2025 10:00:35 +0000
Files and hashes:         1: YG03z4fxLyqy3vMTgMOGuCbBnWU.crl (hash: gaZM5FMOFpfzrSl3K7AzS/P7mG2iw5zEc1TWdwcfTS4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/a20d6a-91ba-442f-8927-dc0043e9bb4d/1/YG03z4fxLyqy3vMTgMOGuCbBnWU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/a20d6a-91ba-442f-8927-dc0043e9bb4d/1/YG03z4fxLyqy3vMTgMOGuCbBnWU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YG03z4fxLyqy3vMTgMOGuCbBnWU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:b1:06:ca:3f:9e:64:3d:4d:bc:78:fc:38:83:ea:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606d37cf87f12f2ab2def31380c386b826c19d65
        Validity
            Not Before: Apr 27 10:00:35 2025 GMT
            Not After : Apr 28 10:00:35 2025 GMT
        Subject: CN=d11a2d57c4fb698e06c6b11818fab05701c702b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:96:a7:31:0e:34:0c:f5:f8:69:b5:bb:5b:ff:
                    2d:a5:aa:61:42:af:46:f2:04:61:35:e2:ca:e5:6c:
                    21:9a:ea:42:e7:37:0d:3b:a1:dc:bb:c5:18:8d:94:
                    27:27:1a:7c:e2:30:52:a9:d2:75:b1:49:95:72:84:
                    87:32:93:d2:a0:c4:ba:de:3c:f7:33:62:93:ac:0a:
                    83:33:0b:ff:37:ed:2e:b1:32:d2:99:91:4e:4e:d1:
                    5a:b4:ec:c6:f8:f2:14:87:fc:51:d6:89:e0:5f:a8:
                    be:b7:4f:ad:7a:80:b9:2c:0d:4f:34:c1:4c:ee:e2:
                    27:b2:a1:f8:ec:02:16:f6:36:48:a9:7c:b3:6f:e2:
                    eb:f8:9f:b8:77:64:f6:64:15:e6:26:0f:7f:3b:84:
                    15:d1:71:a8:53:7f:90:8e:fd:1b:c8:bf:84:d4:ee:
                    dd:8e:71:77:85:f1:22:98:9f:ea:0c:54:72:7d:74:
                    f9:27:e7:60:e2:3b:ef:a5:ef:5f:32:e8:a8:14:5e:
                    f6:d2:1b:d4:5d:53:bb:d4:30:18:36:ec:f4:4f:d8:
                    8d:b2:79:ea:6a:95:ab:40:af:6e:df:9f:4f:8e:7a:
                    c9:db:c7:6b:ba:fc:e0:e0:05:8a:3b:98:9d:90:bf:
                    4e:97:cf:63:fe:29:3c:dd:c2:89:2d:fb:50:7c:48:
                    bf:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:1A:2D:57:C4:FB:69:8E:06:C6:B1:18:18:FA:B0:57:01:C7:02:B0
            X509v3 Authority Key Identifier:
                keyid:60:6D:37:CF:87:F1:2F:2A:B2:DE:F3:13:80:C3:86:B8:26:C1:9D:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YG03z4fxLyqy3vMTgMOGuCbBnWU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a20d6a-91ba-442f-8927-dc0043e9bb4d/1/YG03z4fxLyqy3vMTgMOGuCbBnWU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a20d6a-91ba-442f-8927-dc0043e9bb4d/1/YG03z4fxLyqy3vMTgMOGuCbBnWU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:95:76:cc:52:51:48:7d:f8:47:c0:26:71:d6:38:ed:0f:a5:
         14:76:ca:f2:fc:4a:5b:a9:87:8b:a8:f5:66:5e:ea:7d:84:2c:
         50:c7:ab:f0:32:c2:62:9e:c8:3e:3a:46:1a:7e:e1:95:16:8a:
         94:c9:8a:8f:9a:bd:be:46:d3:30:5c:36:5c:38:81:63:33:b2:
         01:ef:d2:70:12:9c:fd:7a:e7:a6:ca:ce:af:09:63:74:ec:1f:
         69:89:89:92:7c:37:de:df:4e:7b:ad:06:57:f4:30:1b:32:53:
         c8:1c:fa:55:c5:30:6a:b8:db:bd:1f:0e:88:7b:fe:3d:3c:78:
         e4:a5:74:ee:14:25:b2:74:48:e9:7b:b3:45:e8:68:75:20:bc:
         9c:f2:d3:4d:4d:a9:de:f5:58:d5:c7:1c:d5:09:c7:b5:f4:ed:
         d8:aa:4c:e9:2f:94:d9:25:01:a6:9f:1f:06:d2:cd:01:81:c0:
         24:ef:11:4d:2c:5b:dd:07:14:62:e8:62:02:3f:8f:3e:ff:62:
         71:35:e6:a5:1d:08:80:06:23:43:43:c3:7e:6e:e5:14:96:55:
         ac:79:56:70:b3:60:aa:0b:fd:dd:a7:3e:96:93:8c:f6:96:28:
         fb:9b:e1:88:e2:24:0d:24:9d:4f:fd:e2:04:87:cb:23:01:d8:
         89:54:27:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2sQbKP55kPU28ePw4g+o0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNmQzN2NmODdmMTJmMmFiMmRlZjMxMzgwYzM4NmI4MjZj
MTlkNjUwHhcNMjUwNDI3MTAwMDM1WhcNMjUwNDI4MTAwMDM1WjAzMTEwLwYDVQQD
EyhkMTFhMmQ1N2M0ZmI2OThlMDZjNmIxMTgxOGZhYjA1NzAxYzcwMmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpanMQ40DPX4abW7W/8tpaphQq9G
8gRhNeLK5WwhmupC5zcNO6Hcu8UYjZQnJxp84jBSqdJ1sUmVcoSHMpPSoMS63jz3
M2KTrAqDMwv/N+0usTLSmZFOTtFatOzG+PIUh/xR1ongX6i+t0+teoC5LA1PNMFM
7uInsqH47AIW9jZIqXyzb+Lr+J+4d2T2ZBXmJg9/O4QV0XGoU3+Qjv0byL+E1O7d
jnF3hfEimJ/qDFRyfXT5J+dg4jvvpe9fMuioFF720hvUXVO71DAYNuz0T9iNsnnq
apWrQK9u359PjnrJ28druvzg4AWKO5idkL9Ol89j/ik83cKJLftQfEi/vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNEaLVfE+2mOBsaxGBj6sFcBxwKwMB8GA1UdIwQY
MBaAFGBtN8+H8S8qst7zE4DDhrgmwZ1lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUcwM3o0ZnhMeXF5M3ZNVGdNT0d1Q2JCbldVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hMjBkNmEtOTFiYS00NDJmLTg5Mjct
ZGMwMDQzZTliYjRkLzEvWUcwM3o0ZnhMeXF5M3ZNVGdNT0d1Q2JCbldVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hMjBkNmEtOTFiYS00NDJmLTg5MjctZGMwMDQzZTliYjRk
LzEvWUcwM3o0ZnhMeXF5M3ZNVGdNT0d1Q2JCbldVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACJV2zFJR
SH34R8AmcdY47Q+lFHbK8vxKW6mHi6j1Zl7qfYQsUMer8DLCYp7IPjpGGn7hlRaK
lMmKj5q9vkbTMFw2XDiBYzOyAe/ScBKc/XrnpsrOrwljdOwfaYmJknw33t9Oe60G
V/QwGzJTyBz6VcUwarjbvR8OiHv+PTx45KV07hQlsnRI6XuzRehodSC8nPLTTU2p
3vVY1ccc1QnHtfTt2KpM6S+U2SUBpp8fBtLNAYHAJO8RTSxb3QcUYuhiAj+PPv9i
cTXmpR0IgAYjQ0PDfm7lFJZVrHlWcLNgqgv93ac+lpOM9pYo+5vhiOIkDSSdT/3i
BIfLIwHYiVQnKQ==
-----END CERTIFICATE-----