Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
File:                     YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft (raw, json)
Hash identifier:          rWOq4AkiqX7TWYPghNPHW+HgZ6I4rLOe8Mc8BRprFUg=
Subject key identifier:   93:67:C8:83:00:69:D7:6E:09:4E:CC:65:B8:F1:03:53:5A:B5:CE:8D
Authority key identifier: 60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30
Certificate issuer:       /CN=6062b21fb6655b897923e29d6fcb644ab10ac530
Certificate serial:       01967EA17F098A772996210924A5C0284D06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
Manifest number:          1510
Signing time:             Mon 28 Apr 2025 23:00:34 +0000
Manifest this update:     Mon 28 Apr 2025 23:00:34 +0000
Manifest next update:     Tue 29 Apr 2025 23:00:34 +0000
Files and hashes:         1: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl (hash: SOi8s5lLaoJBC10LnOkwpzeoXVZKevJk8uh5BtDKgtk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 22:36:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7e:a1:7f:09:8a:77:29:96:21:09:24:a5:c0:28:4d:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6062b21fb6655b897923e29d6fcb644ab10ac530
        Validity
            Not Before: Apr 28 23:00:34 2025 GMT
            Not After : Apr 29 23:00:34 2025 GMT
        Subject: CN=9367c8830069d76e094ecc65b8f103535ab5ce8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:06:a2:e6:4d:30:ca:55:6a:8a:fb:a2:a5:56:
                    3e:09:fb:4b:04:ac:d8:bd:ad:16:4a:87:4f:65:f6:
                    5c:a3:15:f0:f1:d4:c5:68:12:3a:04:14:b4:4f:74:
                    ea:08:e1:2e:5b:c8:54:7f:1f:28:81:b6:43:aa:9d:
                    45:b5:5a:0d:14:60:96:e9:f8:6c:7d:e6:fc:03:cd:
                    c0:e1:6e:47:a4:1e:52:37:d8:4e:71:07:99:9e:9a:
                    e3:68:e7:d7:5c:44:e8:2a:c4:44:12:6d:41:1e:ec:
                    27:61:57:dd:58:4d:7d:8b:d1:33:62:77:e2:ea:c4:
                    08:8e:44:b2:2c:e9:de:f6:6d:8d:1b:56:2b:0f:71:
                    34:c4:ac:6a:1d:67:fa:e2:3e:d2:6a:ab:8a:82:9a:
                    55:92:52:9f:b0:a7:1e:53:8a:6d:d2:78:0c:f1:b2:
                    38:e8:6e:6b:bc:85:b4:11:64:36:ef:cd:ae:98:85:
                    6f:dc:a2:16:56:e0:24:a1:6d:be:ba:39:53:9d:3f:
                    a9:0e:f9:1c:e4:b7:8a:ae:f0:04:f6:46:cf:ac:4c:
                    71:fe:52:1d:37:ab:23:ff:45:a9:3c:65:0b:b1:50:
                    ee:8f:56:b8:c3:76:1f:2e:b3:9d:8b:8d:6d:79:d2:
                    36:e1:3e:84:51:72:c6:c0:76:01:7d:a3:be:eb:8f:
                    9b:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:67:C8:83:00:69:D7:6E:09:4E:CC:65:B8:F1:03:53:5A:B5:CE:8D
            X509v3 Authority Key Identifier:
                keyid:60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:88:69:f6:9d:2d:07:5a:4f:1f:08:f1:0c:6f:f6:5c:9e:18:
         e5:1a:4b:cd:c0:ee:fa:5d:9b:5c:0f:5e:a5:32:e3:13:39:66:
         96:79:e5:05:dd:5c:74:86:94:7e:38:7d:d4:6c:76:a4:f6:bb:
         f1:8c:f2:67:4b:a7:e3:8b:31:16:dd:88:84:48:9b:de:46:2a:
         91:41:5b:78:de:5c:2b:a1:dc:00:d2:fd:46:10:8b:04:72:4c:
         2e:57:d3:0f:9f:aa:0e:bb:c4:0d:00:2c:25:3e:a2:4b:61:c1:
         f5:9f:26:4f:71:66:2e:ff:bf:81:1a:c6:fb:5b:3e:14:08:45:
         74:55:16:55:cc:20:50:ad:a6:c6:c6:f0:8a:14:80:e2:a2:da:
         2d:75:a6:52:42:4d:17:3c:05:f7:65:de:a8:67:07:22:78:39:
         5e:be:80:a4:38:1d:9a:28:ba:52:7f:fa:fd:64:71:fa:bc:1a:
         ba:78:5c:5c:39:9b:db:a7:fc:14:21:36:2b:a7:7b:ca:77:4e:
         9e:c4:93:d5:15:f6:fe:02:fd:f4:9e:01:cf:e3:c9:ea:55:50:
         58:33:a7:22:3b:65:da:6b:4c:cc:b6:4d:5a:bc:8d:9e:cc:14:
         de:76:ea:ef:d3:8c:e1:fd:8d:bd:b7:27:a1:5d:a2:ab:81:05:
         a7:23:f8:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ+oX8JincpliEJJKXAKE0GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjJiMjFmYjY2NTViODk3OTIzZTI5ZDZmY2I2NDRhYjEw
YWM1MzAwHhcNMjUwNDI4MjMwMDM0WhcNMjUwNDI5MjMwMDM0WjAzMTEwLwYDVQQD
Eyg5MzY3Yzg4MzAwNjlkNzZlMDk0ZWNjNjViOGYxMDM1MzVhYjVjZThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogai5k0wylVqivuipVY+CftLBKzY
va0WSodPZfZcoxXw8dTFaBI6BBS0T3TqCOEuW8hUfx8ogbZDqp1FtVoNFGCW6fhs
feb8A83A4W5HpB5SN9hOcQeZnprjaOfXXEToKsREEm1BHuwnYVfdWE19i9EzYnfi
6sQIjkSyLOne9m2NG1YrD3E0xKxqHWf64j7SaquKgppVklKfsKceU4pt0ngM8bI4
6G5rvIW0EWQ2782umIVv3KIWVuAkoW2+ujlTnT+pDvkc5LeKrvAE9kbPrExx/lId
N6sj/0WpPGULsVDuj1a4w3YfLrOdi41tedI24T6EUXLGwHYBfaO+64+bFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJNnyIMAadduCU7MZbjxA1Natc6NMB8GA1UdIwQY
MBaAFGBish+2ZVuJeSPinW/LZEqxCsUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYt
YjUyMGJlZGE2NjI2LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYtYjUyMGJlZGE2NjI2
LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD4hp9p0t
B1pPHwjxDG/2XJ4Y5RpLzcDu+l2bXA9epTLjEzlmlnnlBd1cdIaUfjh91Gx2pPa7
8YzyZ0un44sxFt2IhEib3kYqkUFbeN5cK6HcANL9RhCLBHJMLlfTD5+qDrvEDQAs
JT6iS2HB9Z8mT3FmLv+/gRrG+1s+FAhFdFUWVcwgUK2mxsbwihSA4qLaLXWmUkJN
FzwF92XeqGcHIng5Xr6ApDgdmii6Un/6/WRx+rwaunhcXDmb26f8FCE2K6d7yndO
nsST1RX2/gL99J4Bz+PJ6lVQWDOnIjtl2mtMzLZNWryNnswU3nbq79OM4f2Nvbcn
oV2iq4EFpyP4dQ==
-----END CERTIFICATE-----