Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
File:                     Y31k1HJWO36HP1t5-RydP__D2_k.mft (raw, json)
Hash identifier:          Oee7430+j0BfND8kof/ldoOxaIfS3/shIHXzBHpoB2k=
Subject key identifier:   3C:9F:D8:74:5D:47:3E:71:62:22:27:C7:CF:86:27:38:C5:0F:0B:79
Authority key identifier: 63:7D:64:D4:72:56:3B:7E:87:3F:5B:79:F9:1C:9D:3F:FF:C3:DB:F9
Certificate issuer:       /CN=637d64d472563b7e873f5b79f91c9d3fffc3dbf9
Certificate serial:       0196767A25887ADC40FD0701AC35F3A68362
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
Manifest number:          0DCA
Signing time:             Sun 27 Apr 2025 09:00:38 +0000
Manifest this update:     Sun 27 Apr 2025 09:00:38 +0000
Manifest next update:     Mon 28 Apr 2025 09:00:38 +0000
Files and hashes:         1: Y31k1HJWO36HP1t5-RydP__D2_k.crl (hash: 3DratojWSfs5Kx0pWpDUdndF7ld6/A3zqtDnhyj14/w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:29:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:7a:25:88:7a:dc:40:fd:07:01:ac:35:f3:a6:83:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=637d64d472563b7e873f5b79f91c9d3fffc3dbf9
        Validity
            Not Before: Apr 27 09:00:38 2025 GMT
            Not After : Apr 28 09:00:38 2025 GMT
        Subject: CN=3c9fd8745d473e71622227c7cf862738c50f0b79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:7d:26:f7:98:09:d8:d9:01:b1:c7:26:e9:77:
                    81:92:d7:e0:b6:0f:94:d0:ef:ae:64:a8:ea:9d:b1:
                    60:77:cd:d3:a9:7d:0c:5d:a9:6b:2b:b3:a2:45:c0:
                    32:80:9e:cc:b1:2e:cb:b4:c7:19:17:3b:b8:49:48:
                    58:7d:f7:7d:2c:83:71:be:3e:04:3f:23:b5:86:08:
                    1e:d7:53:fd:7d:73:7b:b0:cf:74:18:0d:e3:27:7f:
                    d6:d3:d9:77:dd:30:13:bb:43:af:6a:07:68:6b:9c:
                    15:88:6b:6e:f2:e1:1f:6a:32:e3:e2:5b:a8:bc:97:
                    e5:98:47:2e:f2:85:07:7a:a4:45:cb:d0:ea:82:51:
                    d0:69:c9:a7:9a:54:48:70:bb:12:d1:99:cc:32:90:
                    a5:69:14:d4:e0:b9:a7:6b:5d:47:73:0b:54:94:3f:
                    9e:52:c5:7b:a1:1e:0b:55:aa:3e:46:90:ca:87:87:
                    b7:ae:c5:93:d1:9f:34:32:ae:11:55:b2:07:53:25:
                    f2:23:c2:4d:90:49:b9:bb:86:ad:bf:5b:32:6d:d1:
                    ce:f0:41:ed:b6:c9:aa:96:60:76:b6:ba:b6:43:c2:
                    95:37:7a:3d:e5:91:80:05:78:f4:46:32:18:4a:82:
                    8e:2c:46:8a:5d:69:c7:27:8c:73:56:c4:33:f6:fc:
                    64:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:9F:D8:74:5D:47:3E:71:62:22:27:C7:CF:86:27:38:C5:0F:0B:79
            X509v3 Authority Key Identifier:
                keyid:63:7D:64:D4:72:56:3B:7E:87:3F:5B:79:F9:1C:9D:3F:FF:C3:DB:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:32:86:7d:84:e5:9b:51:de:93:d9:95:bf:78:b4:3f:34:f7:
         f5:bd:99:cc:ce:78:be:77:6e:3d:dd:70:a1:01:53:ac:e7:40:
         70:2e:37:d8:23:52:ac:d6:f2:3f:4b:2a:6b:b3:28:bb:14:e2:
         42:71:fb:e4:89:0c:08:34:32:d2:da:29:4d:45:82:48:48:b5:
         c4:d4:7f:80:8a:93:e4:76:22:cb:0c:6c:00:ae:34:71:4f:15:
         58:6a:6f:cb:31:75:60:92:92:78:a5:ac:19:3c:11:3d:d3:f3:
         5f:84:12:28:a3:76:b9:cd:a8:48:a2:c5:20:64:5e:0b:72:0d:
         03:a7:c5:23:ed:49:0d:09:48:84:a0:58:34:66:a9:bf:54:c4:
         49:eb:de:dd:7e:8f:eb:33:e2:98:20:96:c9:05:c7:64:80:0a:
         eb:27:1d:84:69:41:29:4e:3d:61:29:08:6b:36:7b:a0:b8:a3:
         2e:52:53:3a:f9:58:bd:96:9d:d9:78:2a:67:b1:a8:a3:f9:38:
         98:72:15:c2:bd:fc:d1:50:95:36:b7:fe:cc:3c:7c:a5:e3:82:
         f0:3e:ef:ec:9f:be:f1:96:3e:bb:3a:3d:49:55:9c:27:92:d5:
         65:f4:78:84:bd:f0:bf:9e:97:ef:64:95:3f:01:02:b7:54:65:
         c1:4d:ac:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2eiWIetxA/QcBrDXzpoNiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzN2Q2NGQ0NzI1NjNiN2U4NzNmNWI3OWY5MWM5ZDNmZmZj
M2RiZjkwHhcNMjUwNDI3MDkwMDM4WhcNMjUwNDI4MDkwMDM4WjAzMTEwLwYDVQQD
EygzYzlmZDg3NDVkNDczZTcxNjIyMjI3YzdjZjg2MjczOGM1MGYwYjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkX0m95gJ2NkBsccm6XeBktfgtg+U
0O+uZKjqnbFgd83TqX0MXalrK7OiRcAygJ7MsS7LtMcZFzu4SUhYffd9LINxvj4E
PyO1hgge11P9fXN7sM90GA3jJ3/W09l33TATu0Ovagdoa5wViGtu8uEfajLj4luo
vJflmEcu8oUHeqRFy9DqglHQacmnmlRIcLsS0ZnMMpClaRTU4Lmna11HcwtUlD+e
UsV7oR4LVao+RpDKh4e3rsWT0Z80Mq4RVbIHUyXyI8JNkEm5u4atv1sybdHO8EHt
tsmqlmB2trq2Q8KVN3o95ZGABXj0RjIYSoKOLEaKXWnHJ4xzVsQz9vxk4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDyf2HRdRz5xYiInx8+GJzjFDwt5MB8GA1UdIwQY
MBaAFGN9ZNRyVjt+hz9befkcnT//w9v5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yYmQ2YjQtZWViMi00ZjFiLThhYWYt
ODE3YWY4YTc2MjUwLzEvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yYmQ2YjQtZWViMi00ZjFiLThhYWYtODE3YWY4YTc2MjUw
LzEvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACjKGfYTl
m1Hek9mVv3i0PzT39b2ZzM54vnduPd1woQFTrOdAcC432CNSrNbyP0sqa7MouxTi
QnH75IkMCDQy0topTUWCSEi1xNR/gIqT5HYiywxsAK40cU8VWGpvyzF1YJKSeKWs
GTwRPdPzX4QSKKN2uc2oSKLFIGReC3INA6fFI+1JDQlIhKBYNGapv1TESeve3X6P
6zPimCCWyQXHZIAK6ycdhGlBKU49YSkIazZ7oLijLlJTOvlYvZad2XgqZ7Goo/k4
mHIVwr380VCVNrf+zDx8peOC8D7v7J++8ZY+uzo9SVWcJ5LVZfR4hL3wv56X72SV
PwECt1RlwU2sPQ==
-----END CERTIFICATE-----