Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/66cecf-bdfc-4278-ae03-ad1cde1b8542/1/yrjSpYc51mIvFaU8wb1U-dsIAcY.mft
File:                     yrjSpYc51mIvFaU8wb1U-dsIAcY.mft (raw, json)
Hash identifier:          B9qlsBv2kMk2yo2l43Oswqh91ei8qM++XwXyBXy5JVc=
Subject key identifier:   BD:A7:27:1A:B0:43:41:D3:69:E2:F1:4B:8D:BA:46:35:F4:55:93:6C
Authority key identifier: CA:B8:D2:A5:87:39:D6:62:2F:15:A5:3C:C1:BD:54:F9:DB:08:01:C6
Certificate issuer:       /CN=cab8d2a58739d6622f15a53cc1bd54f9db0801c6
Certificate serial:       01967C7BE72C30F7126674A07517272F636D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yrjSpYc51mIvFaU8wb1U-dsIAcY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/66cecf-bdfc-4278-ae03-ad1cde1b8542/1/yrjSpYc51mIvFaU8wb1U-dsIAcY.mft
Manifest number:          0349
Signing time:             Mon 28 Apr 2025 13:00:16 +0000
Manifest this update:     Mon 28 Apr 2025 13:00:16 +0000
Manifest next update:     Tue 29 Apr 2025 13:00:16 +0000
Files and hashes:         1: yrjSpYc51mIvFaU8wb1U-dsIAcY.crl (hash: ql9K19wnWxVC0eAaFkKgN69J/jCm+lio/1q6EXJJLUk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/66cecf-bdfc-4278-ae03-ad1cde1b8542/1/yrjSpYc51mIvFaU8wb1U-dsIAcY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/66cecf-bdfc-4278-ae03-ad1cde1b8542/1/yrjSpYc51mIvFaU8wb1U-dsIAcY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yrjSpYc51mIvFaU8wb1U-dsIAcY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 13:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7c:7b:e7:2c:30:f7:12:66:74:a0:75:17:27:2f:63:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cab8d2a58739d6622f15a53cc1bd54f9db0801c6
        Validity
            Not Before: Apr 28 13:00:16 2025 GMT
            Not After : Apr 29 13:00:16 2025 GMT
        Subject: CN=bda7271ab04341d369e2f14b8dba4635f455936c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:68:e9:27:c1:10:f5:67:f2:6e:66:d8:3b:da:
                    77:14:38:5d:4a:82:b8:52:bd:aa:f4:d1:5a:74:4e:
                    73:94:e6:a2:77:00:7c:4f:e3:63:ff:3b:f7:c8:a9:
                    52:d8:e5:53:67:f5:77:ff:12:67:1c:59:e7:37:82:
                    4c:21:75:5a:9f:a5:db:b7:3e:59:e2:3e:1a:88:b2:
                    63:13:8a:c5:65:df:85:5d:23:a6:75:44:f8:39:c5:
                    06:01:ff:96:93:f1:42:df:09:00:5b:93:c3:20:1d:
                    d4:ca:38:ce:8b:fa:e1:ae:38:91:1b:ba:22:b2:9e:
                    99:f6:2a:6c:97:67:33:3a:c6:69:e1:0d:de:3b:7d:
                    26:13:16:6b:8e:25:a2:04:4b:a4:c3:a5:69:8e:9b:
                    59:30:87:bb:fa:6f:16:b0:b3:3e:53:60:d8:10:a5:
                    bc:a3:22:68:66:e5:77:69:a5:ae:5c:ea:0e:2a:e0:
                    ab:66:1d:b8:5f:10:b0:c5:73:a9:77:ee:24:d0:ed:
                    be:ff:6d:ae:86:e2:e2:74:5e:9d:17:95:6e:e5:6f:
                    40:71:ac:52:bf:19:3b:5a:97:f6:2f:fc:66:71:06:
                    3f:90:be:6c:25:26:17:6f:f3:75:53:17:40:a1:4e:
                    9c:98:f1:95:81:62:5e:52:8d:03:2a:aa:1a:5f:c1:
                    e1:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:A7:27:1A:B0:43:41:D3:69:E2:F1:4B:8D:BA:46:35:F4:55:93:6C
            X509v3 Authority Key Identifier:
                keyid:CA:B8:D2:A5:87:39:D6:62:2F:15:A5:3C:C1:BD:54:F9:DB:08:01:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yrjSpYc51mIvFaU8wb1U-dsIAcY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/66cecf-bdfc-4278-ae03-ad1cde1b8542/1/yrjSpYc51mIvFaU8wb1U-dsIAcY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/66cecf-bdfc-4278-ae03-ad1cde1b8542/1/yrjSpYc51mIvFaU8wb1U-dsIAcY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:42:fc:be:83:de:e6:22:f2:18:38:01:18:5e:32:f7:cd:33:
         8a:a7:94:1b:87:c3:e3:ee:cf:fc:87:30:f8:b7:5a:68:19:61:
         45:7f:5f:6f:a9:11:c2:d5:c0:5e:b2:03:82:7b:ee:e9:59:a4:
         a8:68:35:cb:ce:cd:fd:2b:68:49:2a:0d:2d:b6:d4:01:1c:09:
         26:9e:97:3e:ff:8c:f7:3e:ce:d2:bc:d6:f3:5a:b8:e2:b0:5f:
         98:75:1d:a8:9c:52:d4:32:fd:5f:5c:47:02:af:e6:ef:18:97:
         bf:c6:01:d3:3e:4d:11:6b:58:79:8c:28:a8:dd:74:e0:11:d9:
         5e:34:b8:50:49:06:9f:e4:f0:f3:c8:43:9f:23:7e:83:9c:eb:
         77:98:d1:6c:12:94:b0:64:56:ff:23:c6:e2:de:55:e5:b5:1c:
         59:dc:99:7e:97:7d:6d:4f:ae:1a:5e:60:04:da:54:c9:d3:9e:
         62:5b:f0:87:34:2f:45:3c:df:5d:5c:2c:c2:53:f8:49:c9:45:
         e5:c3:6d:80:13:ea:a8:10:d3:5c:ce:14:c7:80:eb:13:d5:ad:
         24:8a:da:eb:79:ee:ef:e1:4d:5c:ae:2f:06:a7:a5:82:c7:cf:
         cd:f5:87:7a:b6:4a:81:f3:6f:40:55:96:be:c1:10:f4:d9:16:
         37:09:87:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ8e+csMPcSZnSgdRcnL2NtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYjhkMmE1ODczOWQ2NjIyZjE1YTUzY2MxYmQ1NGY5ZGIw
ODAxYzYwHhcNMjUwNDI4MTMwMDE2WhcNMjUwNDI5MTMwMDE2WjAzMTEwLwYDVQQD
EyhiZGE3MjcxYWIwNDM0MWQzNjllMmYxNGI4ZGJhNDYzNWY0NTU5MzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2jpJ8EQ9WfybmbYO9p3FDhdSoK4
Ur2q9NFadE5zlOaidwB8T+Nj/zv3yKlS2OVTZ/V3/xJnHFnnN4JMIXVan6Xbtz5Z
4j4aiLJjE4rFZd+FXSOmdUT4OcUGAf+Wk/FC3wkAW5PDIB3UyjjOi/rhrjiRG7oi
sp6Z9ipsl2czOsZp4Q3eO30mExZrjiWiBEukw6VpjptZMIe7+m8WsLM+U2DYEKW8
oyJoZuV3aaWuXOoOKuCrZh24XxCwxXOpd+4k0O2+/22uhuLidF6dF5Vu5W9AcaxS
vxk7Wpf2L/xmcQY/kL5sJSYXb/N1UxdAoU6cmPGVgWJeUo0DKqoaX8HhxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL2nJxqwQ0HTaeLxS426RjX0VZNsMB8GA1UdIwQY
MBaAFMq40qWHOdZiLxWlPMG9VPnbCAHGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXJqU3BZYzUxbUl2RmFVOHdiMVUtZHNJQWNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC82NmNlY2YtYmRmYy00Mjc4LWFlMDMt
YWQxY2RlMWI4NTQyLzEveXJqU3BZYzUxbUl2RmFVOHdiMVUtZHNJQWNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC82NmNlY2YtYmRmYy00Mjc4LWFlMDMtYWQxY2RlMWI4NTQy
LzEveXJqU3BZYzUxbUl2RmFVOHdiMVUtZHNJQWNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOUL8voPe
5iLyGDgBGF4y980ziqeUG4fD4+7P/Icw+LdaaBlhRX9fb6kRwtXAXrIDgnvu6Vmk
qGg1y87N/StoSSoNLbbUARwJJp6XPv+M9z7O0rzW81q44rBfmHUdqJxS1DL9X1xH
Aq/m7xiXv8YB0z5NEWtYeYwoqN104BHZXjS4UEkGn+Tw88hDnyN+g5zrd5jRbBKU
sGRW/yPG4t5V5bUcWdyZfpd9bU+uGl5gBNpUydOeYlvwhzQvRTzfXVwswlP4SclF
5cNtgBPqqBDTXM4Ux4DrE9WtJIra63nu7+FNXK4vBqelgsfPzfWHerZKgfNvQFWW
vsEQ9NkWNwmH1w==
-----END CERTIFICATE-----