Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
File:                     yAH8mVpSGvH1Atnq8S1mIaZMr00.mft (raw, json)
Hash identifier:          lILrUAhQf8zkqj5hi5yWPoCh2jIQZnMfmi8tyA5r3kk=
Subject key identifier:   59:EA:35:F1:F3:24:5A:5F:30:A2:5F:C2:AA:C9:57:28:E1:71:C8:59
Authority key identifier: C8:01:FC:99:5A:52:1A:F1:F5:02:D9:EA:F1:2D:66:21:A6:4C:AF:4D
Certificate issuer:       /CN=c801fc995a521af1f502d9eaf12d6621a64caf4d
Certificate serial:       01967BD77CADCEA7CFE9A68631267CEDBED7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
Manifest number:          150E
Signing time:             Mon 28 Apr 2025 10:00:41 +0000
Manifest this update:     Mon 28 Apr 2025 10:00:41 +0000
Manifest next update:     Tue 29 Apr 2025 10:00:41 +0000
Files and hashes:         1: yAH8mVpSGvH1Atnq8S1mIaZMr00.crl (hash: 4bp1gQCLGIbQK4dQ3sbzKRmaja4xUp2i2sIuMut9lRM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 10:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7b:d7:7c:ad:ce:a7:cf:e9:a6:86:31:26:7c:ed:be:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c801fc995a521af1f502d9eaf12d6621a64caf4d
        Validity
            Not Before: Apr 28 10:00:41 2025 GMT
            Not After : Apr 29 10:00:41 2025 GMT
        Subject: CN=59ea35f1f3245a5f30a25fc2aac95728e171c859
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:01:86:b5:7c:78:0e:ab:0a:cd:4d:38:75:68:
                    b8:f7:74:c2:9e:cd:c1:f6:fe:cc:fe:f4:2e:61:5d:
                    50:a3:e7:9c:f4:a4:d7:93:93:c3:83:47:37:7e:fc:
                    14:60:b2:0d:81:c2:ba:07:98:2d:7d:a0:23:21:e2:
                    7d:73:68:ea:e0:4a:2e:f3:4c:ec:8f:29:91:3d:f9:
                    5f:17:6e:9b:74:26:03:e7:0d:dc:1c:fa:a0:99:ac:
                    42:09:05:c8:4f:ad:89:dd:90:d6:60:9b:2d:fb:45:
                    43:04:92:d6:05:b4:4f:c4:2c:e9:97:de:e7:b6:ff:
                    5b:84:3a:87:08:9c:a8:d4:51:f0:e4:a6:b8:14:f5:
                    63:b4:29:54:61:9a:58:12:2c:33:4c:51:bf:81:f9:
                    98:09:ac:7b:a5:1b:26:6b:39:ed:df:1d:ce:53:fb:
                    a2:75:1e:d0:04:a3:76:c8:7c:77:be:bb:e0:2f:26:
                    7c:f7:53:04:77:b9:1b:ce:09:62:24:55:64:c6:0b:
                    e9:9c:b0:b1:18:36:9c:17:70:55:24:4c:78:c8:c0:
                    28:ce:91:ad:91:21:08:95:68:9c:9d:cc:99:94:f9:
                    d4:b6:08:3f:81:64:4b:04:d0:c5:07:65:b6:0f:9b:
                    46:50:6c:3c:92:db:de:d9:3f:88:86:fa:65:c7:c8:
                    3b:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:EA:35:F1:F3:24:5A:5F:30:A2:5F:C2:AA:C9:57:28:E1:71:C8:59
            X509v3 Authority Key Identifier:
                keyid:C8:01:FC:99:5A:52:1A:F1:F5:02:D9:EA:F1:2D:66:21:A6:4C:AF:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:f1:c6:39:1a:75:c9:61:9e:a0:c7:7f:d0:cd:bd:b6:5b:1d:
         e5:5f:dc:af:28:30:4c:9d:65:2d:19:1f:7b:5d:37:b0:ac:55:
         ba:44:2a:5c:96:f8:45:79:0f:a3:c7:be:e4:e2:94:f5:51:b1:
         b1:82:60:db:23:41:a8:4b:23:83:9e:46:a7:9d:d7:33:94:ea:
         45:26:18:db:ec:a3:01:7d:68:4c:22:44:7f:9b:2b:1e:54:1d:
         ba:55:1e:47:bf:9f:29:9f:ac:eb:2d:06:66:16:f5:c4:58:5c:
         af:e5:c3:47:81:91:f2:12:30:5a:b6:4e:3e:5e:88:0e:85:22:
         54:38:84:47:b9:19:e1:f0:d4:4f:88:67:fe:6f:7d:46:96:42:
         27:0d:04:db:80:ca:90:99:cd:6b:e1:94:bf:96:ff:88:30:9b:
         33:28:50:83:97:6b:bb:71:cd:bc:81:db:0d:fd:51:28:ea:f0:
         60:62:62:14:86:68:8b:28:a3:9b:ec:4c:70:55:5a:b5:51:67:
         57:3a:0d:ca:72:32:d0:0b:64:a4:bc:b0:ea:75:fb:1e:28:27:
         81:57:45:01:ec:a6:03:fd:af:1f:ff:a4:1e:93:15:f2:6e:7f:
         9c:28:c4:6b:2d:85:6d:97:b1:2f:5b:67:59:8b:5a:a8:3f:65:
         c9:08:b6:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ713ytzqfP6aaGMSZ87b7XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MDFmYzk5NWE1MjFhZjFmNTAyZDllYWYxMmQ2NjIxYTY0
Y2FmNGQwHhcNMjUwNDI4MTAwMDQxWhcNMjUwNDI5MTAwMDQxWjAzMTEwLwYDVQQD
Eyg1OWVhMzVmMWYzMjQ1YTVmMzBhMjVmYzJhYWM5NTcyOGUxNzFjODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAGGtXx4DqsKzU04dWi493TCns3B
9v7M/vQuYV1Qo+ec9KTXk5PDg0c3fvwUYLINgcK6B5gtfaAjIeJ9c2jq4Eou80zs
jymRPflfF26bdCYD5w3cHPqgmaxCCQXIT62J3ZDWYJst+0VDBJLWBbRPxCzpl97n
tv9bhDqHCJyo1FHw5Ka4FPVjtClUYZpYEiwzTFG/gfmYCax7pRsmaznt3x3OU/ui
dR7QBKN2yHx3vrvgLyZ891MEd7kbzgliJFVkxgvpnLCxGDacF3BVJEx4yMAozpGt
kSEIlWicncyZlPnUtgg/gWRLBNDFB2W2D5tGUGw8ktve2T+Ihvplx8g7yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFnqNfHzJFpfMKJfwqrJVyjhcchZMB8GA1UdIwQY
MBaAFMgB/JlaUhrx9QLZ6vEtZiGmTK9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9iMDQxYjgtNmIyNC00NGYzLWE3NDgt
NzJjMGQ1MDkzMzRkLzEveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9iMDQxYjgtNmIyNC00NGYzLWE3NDgtNzJjMGQ1MDkzMzRk
LzEveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk/HGORp1
yWGeoMd/0M29tlsd5V/crygwTJ1lLRkfe103sKxVukQqXJb4RXkPo8e+5OKU9VGx
sYJg2yNBqEsjg55Gp53XM5TqRSYY2+yjAX1oTCJEf5srHlQdulUeR7+fKZ+s6y0G
Zhb1xFhcr+XDR4GR8hIwWrZOPl6IDoUiVDiER7kZ4fDUT4hn/m99RpZCJw0E24DK
kJnNa+GUv5b/iDCbMyhQg5dru3HNvIHbDf1RKOrwYGJiFIZoiyijm+xMcFVatVFn
VzoNynIy0AtkpLyw6nX7HigngVdFAeymA/2vH/+kHpMV8m5/nCjEay2FbZexL1tn
WYtaqD9lyQi2fA==
-----END CERTIFICATE-----