Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft
File:                     yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft (raw, json)
Hash identifier:          G80LvNrYt6TkKCebueN2N/WhY0mvoNn6gyT2+I20/9c=
Subject key identifier:   5D:6B:FB:1E:6A:1B:B1:AA:71:48:71:32:8C:8C:FB:44:1B:F6:8D:82
Authority key identifier: C8:DA:89:FB:15:2D:43:C6:3E:3D:A2:FD:6A:0B:0D:FB:22:A0:65:81
Certificate issuer:       /CN=c8da89fb152d43c63e3da2fd6a0b0dfb22a06581
Certificate serial:       01967AC4A01FA962819DD38BE46C107277A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft
Manifest number:          0CDF
Signing time:             Mon 28 Apr 2025 05:00:28 +0000
Manifest this update:     Mon 28 Apr 2025 05:00:28 +0000
Manifest next update:     Tue 29 Apr 2025 05:00:28 +0000
Files and hashes:         1: yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.crl (hash: 8wVJbhylgavr0jUwLg4Gq7sqXcyPTYgUmUgLp8MghNk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 05:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7a:c4:a0:1f:a9:62:81:9d:d3:8b:e4:6c:10:72:77:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8da89fb152d43c63e3da2fd6a0b0dfb22a06581
        Validity
            Not Before: Apr 28 05:00:28 2025 GMT
            Not After : Apr 29 05:00:28 2025 GMT
        Subject: CN=5d6bfb1e6a1bb1aa714871328c8cfb441bf68d82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:05:7c:62:6f:53:a3:66:c8:54:79:11:6e:cc:
                    37:ee:7d:30:4d:51:66:d8:76:e5:14:b4:e3:6d:39:
                    ed:66:c6:cd:25:dd:85:de:0e:c3:9e:6c:77:37:16:
                    10:13:b1:43:43:be:e8:13:80:a3:af:cb:2b:a4:f8:
                    1c:f9:fc:32:82:19:f8:0d:fb:ac:5b:d5:10:0a:34:
                    c5:0e:f2:55:6c:5a:3a:08:3f:83:6a:e1:42:f4:63:
                    2d:ef:75:9d:c6:6f:31:05:9a:34:47:b6:fa:ec:f9:
                    42:50:59:3e:b3:b3:f4:33:c0:8d:da:a5:e4:8c:3f:
                    eb:51:4c:20:1c:d1:5f:21:2a:14:a3:4e:55:6f:41:
                    a0:7f:96:94:ad:ab:21:50:ef:a2:0a:fe:81:67:c9:
                    c7:d9:e8:ae:bd:4f:37:d4:63:27:e3:f9:c1:29:2a:
                    a9:c5:1d:5f:fb:bf:57:2d:56:4a:e2:1d:91:1e:9e:
                    1b:f1:bc:97:73:34:83:0b:df:e7:22:48:f1:2f:3d:
                    51:68:66:56:bf:cf:e3:ec:91:4a:b0:27:a8:f3:f8:
                    78:6a:82:75:d5:d9:ea:8a:01:fc:7f:ef:77:cf:a0:
                    ee:e5:b2:c0:68:13:6f:af:81:0e:7f:63:5b:25:ca:
                    78:dd:3b:6b:f2:a8:de:1a:31:8c:de:4f:a0:55:86:
                    b6:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:6B:FB:1E:6A:1B:B1:AA:71:48:71:32:8C:8C:FB:44:1B:F6:8D:82
            X509v3 Authority Key Identifier:
                keyid:C8:DA:89:FB:15:2D:43:C6:3E:3D:A2:FD:6A:0B:0D:FB:22:A0:65:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:cd:b7:67:6c:21:06:21:aa:5c:f8:47:b9:1f:a8:10:56:c1:
         11:15:68:07:cf:be:01:5d:e1:11:8b:d7:61:f3:0c:f2:69:c6:
         97:b6:1b:6c:51:39:c2:a6:9c:f5:04:e7:aa:e7:d7:32:5c:a8:
         20:33:03:09:c3:41:c0:28:8f:31:72:29:2e:95:4d:0b:10:b3:
         48:45:b4:fc:d3:a2:0a:08:e2:a3:e1:1d:b7:0d:9e:e3:62:4c:
         86:dc:28:c8:9c:57:78:94:98:68:3d:cd:f8:93:8c:8b:51:24:
         6e:e0:2b:1c:76:c3:d9:19:9b:19:b0:88:b8:31:ed:df:02:81:
         b9:cf:4c:f8:a6:68:6b:5e:f8:d8:9d:29:11:6e:94:8f:3d:07:
         e5:6d:91:35:11:71:af:0b:19:54:f6:98:cc:d3:fa:96:81:14:
         9e:9a:77:ba:6b:24:b1:3b:b3:dc:d2:5c:c5:7c:b8:f0:f4:82:
         2b:f2:b5:79:ab:8b:50:53:35:ab:29:e6:a3:0a:bc:70:ad:cd:
         24:4a:84:4d:0c:ce:52:1f:c2:59:39:92:41:d3:ac:62:b8:13:
         13:93:d6:2d:a4:bf:89:23:93:16:ca:dd:9b:0e:7d:9b:ad:58:
         54:4f:e3:f3:87:b6:17:17:2c:ba:ed:4b:af:37:dc:86:cf:ad:
         85:f2:ae:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ6xKAfqWKBndOL5GwQcnekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZGE4OWZiMTUyZDQzYzYzZTNkYTJmZDZhMGIwZGZiMjJh
MDY1ODEwHhcNMjUwNDI4MDUwMDI4WhcNMjUwNDI5MDUwMDI4WjAzMTEwLwYDVQQD
Eyg1ZDZiZmIxZTZhMWJiMWFhNzE0ODcxMzI4YzhjZmI0NDFiZjY4ZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQV8Ym9To2bIVHkRbsw37n0wTVFm
2HblFLTjbTntZsbNJd2F3g7Dnmx3NxYQE7FDQ77oE4Cjr8srpPgc+fwyghn4Dfus
W9UQCjTFDvJVbFo6CD+DauFC9GMt73Wdxm8xBZo0R7b67PlCUFk+s7P0M8CN2qXk
jD/rUUwgHNFfISoUo05Vb0Ggf5aUrashUO+iCv6BZ8nH2eiuvU831GMn4/nBKSqp
xR1f+79XLVZK4h2RHp4b8byXczSDC9/nIkjxLz1RaGZWv8/j7JFKsCeo8/h4aoJ1
1dnqigH8f+93z6Du5bLAaBNvr4EOf2NbJcp43Ttr8qjeGjGM3k+gVYa2ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1r+x5qG7GqcUhxMoyM+0Qb9o2CMB8GA1UdIwQY
MBaAFMjaifsVLUPGPj2i/WoLDfsioGWBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5xSi14VXRROFktUGFMOWFnc04teUtnWllFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iNTUwMDUtMDA1ZC00YTY0LWJlMWEt
ZGQyYjA2MWJkNGYyLzEveU5xSi14VXRROFktUGFMOWFnc04teUtnWllFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iNTUwMDUtMDA1ZC00YTY0LWJlMWEtZGQyYjA2MWJkNGYy
LzEveU5xSi14VXRROFktUGFMOWFnc04teUtnWllFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsc23Z2wh
BiGqXPhHuR+oEFbBERVoB8++AV3hEYvXYfMM8mnGl7YbbFE5wqac9QTnqufXMlyo
IDMDCcNBwCiPMXIpLpVNCxCzSEW0/NOiCgjio+Edtw2e42JMhtwoyJxXeJSYaD3N
+JOMi1EkbuArHHbD2RmbGbCIuDHt3wKBuc9M+KZoa1742J0pEW6Ujz0H5W2RNRFx
rwsZVPaYzNP6loEUnpp3umsksTuz3NJcxXy48PSCK/K1eauLUFM1qynmowq8cK3N
JEqETQzOUh/CWTmSQdOsYrgTE5PWLaS/iSOTFsrdmw59m61YVE/j84e2Fxcsuu1L
rzfchs+thfKucw==
-----END CERTIFICATE-----