Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
File:                     iYDaJ6VQ15vmUa15rnGcz8vFo28.mft (raw, json)
Hash identifier:          G70uZQfc8kYchkzTpZNnM6R8VjFPwq3hOgsT1XC72Nc=
Subject key identifier:   50:10:A5:74:2B:1A:CE:CC:3C:BB:A9:67:6C:4A:AE:75:D4:4C:8E:02
Authority key identifier: 89:80:DA:27:A5:50:D7:9B:E6:51:AD:79:AE:71:9C:CF:CB:C5:A3:6F
Certificate issuer:       /CN=8980da27a550d79be651ad79ae719ccfcbc5a36f
Certificate serial:       019689CA7238686D523FE9D48F5ED4C6FA29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
Manifest number:          0283
Signing time:             Thu 01 May 2025 03:01:08 +0000
Manifest this update:     Thu 01 May 2025 03:01:08 +0000
Manifest next update:     Fri 02 May 2025 03:01:08 +0000
Files and hashes:         1: iYDaJ6VQ15vmUa15rnGcz8vFo28.crl (hash: aLbOBk85LQ++65RtbSo3JOGitR+KlGqtugjL613aZVc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 03:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:89:ca:72:38:68:6d:52:3f:e9:d4:8f:5e:d4:c6:fa:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8980da27a550d79be651ad79ae719ccfcbc5a36f
        Validity
            Not Before: May  1 03:01:08 2025 GMT
            Not After : May  2 03:01:08 2025 GMT
        Subject: CN=5010a5742b1acecc3cbba9676c4aae75d44c8e02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:f6:9c:ca:d9:f2:2a:66:44:d1:e5:d7:0f:ad:
                    46:68:64:eb:13:0b:b4:04:cd:bd:ef:62:14:08:19:
                    46:b6:6e:8f:08:b3:48:05:2a:46:30:7c:e2:3b:51:
                    fc:da:59:05:b4:e5:c9:b7:33:59:25:18:d0:f3:b5:
                    ed:50:7c:e8:38:8a:66:90:f2:9b:6e:cd:83:c9:3e:
                    de:af:6c:d5:77:25:ad:16:d5:00:bb:57:f0:ad:5f:
                    31:ec:5f:06:c6:49:1a:0d:93:6b:66:e3:71:19:27:
                    eb:c1:ae:43:01:55:df:22:74:2f:f5:52:26:2f:48:
                    9f:e0:74:74:39:9a:3f:90:c3:ba:08:49:81:f7:f6:
                    1f:e3:51:7e:7b:51:2b:05:8f:86:9c:bb:7e:a9:58:
                    44:76:89:ce:04:08:68:63:0e:11:1a:a6:f4:a0:96:
                    53:ea:58:30:e3:bd:eb:a0:fa:34:77:5c:8a:94:19:
                    89:f7:1c:e8:78:57:ec:a6:02:00:0d:5a:0f:07:50:
                    cf:94:fe:d2:52:6c:62:5e:ef:89:22:f0:02:7b:77:
                    51:96:0d:a5:a9:1b:4d:8e:49:1d:3f:3f:b6:23:f4:
                    5f:5a:f7:c0:f4:49:4d:2e:75:94:79:15:d3:5f:3c:
                    d5:e6:42:e0:d7:3f:5e:57:c8:4e:d9:85:c9:54:c6:
                    c6:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:10:A5:74:2B:1A:CE:CC:3C:BB:A9:67:6C:4A:AE:75:D4:4C:8E:02
            X509v3 Authority Key Identifier:
                keyid:89:80:DA:27:A5:50:D7:9B:E6:51:AD:79:AE:71:9C:CF:CB:C5:A3:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:31:17:f8:09:e6:2b:7a:27:e7:70:50:9b:eb:94:25:ec:12:
         16:4a:f6:7f:2d:7b:c9:bf:06:6a:ca:37:07:94:40:f0:1d:d0:
         c3:b8:c6:d7:8d:c8:b5:5d:ca:e6:4e:2f:45:91:9b:76:40:6e:
         75:4f:c3:8c:56:c8:1f:46:76:f2:22:2e:e2:66:7c:21:98:47:
         22:d3:9b:3a:12:55:43:5e:80:27:b6:fa:82:c8:29:c6:ee:a8:
         35:80:78:f4:2f:d4:32:37:3f:b7:43:61:c0:0d:96:33:90:01:
         97:27:32:a9:17:31:59:ed:6d:b8:a6:b2:da:ff:6f:32:00:5d:
         cb:87:7a:16:3b:35:f7:e3:10:50:8d:17:d8:4f:07:d6:80:46:
         d0:fe:02:15:c8:d3:49:34:47:42:09:d8:7d:9b:9d:cf:e8:cf:
         54:75:e9:4b:d4:5d:b8:72:ff:0b:75:7f:d5:5b:b6:7f:cc:8d:
         a3:f0:26:13:e1:17:40:eb:57:72:66:cc:90:e2:66:71:85:f5:
         03:e9:0a:77:8a:94:48:15:04:8a:d0:9f:e7:95:5f:c3:27:79:
         97:86:32:ef:4c:dd:f9:66:05:dc:b4:ac:94:13:bc:cf:56:d2:
         d6:ce:ba:21:0b:13:26:39:2e:dc:f7:f0:c4:6c:24:94:32:9f:
         77:cd:95:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaJynI4aG1SP+nUj17UxvopMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ODBkYTI3YTU1MGQ3OWJlNjUxYWQ3OWFlNzE5Y2NmY2Jj
NWEzNmYwHhcNMjUwNTAxMDMwMTA4WhcNMjUwNTAyMDMwMTA4WjAzMTEwLwYDVQQD
Eyg1MDEwYTU3NDJiMWFjZWNjM2NiYmE5Njc2YzRhYWU3NWQ0NGM4ZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/acytnyKmZE0eXXD61GaGTrEwu0
BM2972IUCBlGtm6PCLNIBSpGMHziO1H82lkFtOXJtzNZJRjQ87XtUHzoOIpmkPKb
bs2DyT7er2zVdyWtFtUAu1fwrV8x7F8GxkkaDZNrZuNxGSfrwa5DAVXfInQv9VIm
L0if4HR0OZo/kMO6CEmB9/Yf41F+e1ErBY+GnLt+qVhEdonOBAhoYw4RGqb0oJZT
6lgw473roPo0d1yKlBmJ9xzoeFfspgIADVoPB1DPlP7SUmxiXu+JIvACe3dRlg2l
qRtNjkkdPz+2I/RfWvfA9ElNLnWUeRXTXzzV5kLg1z9eV8hO2YXJVMbGBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFAQpXQrGs7MPLupZ2xKrnXUTI4CMB8GA1UdIwQY
MBaAFImA2ielUNeb5lGtea5xnM/LxaNvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iZjRmNDEtMjc5Ny00MWI5LWJhZjYt
Mjk3NjJjMWFhZjY1LzEvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iZjRmNDEtMjc5Ny00MWI5LWJhZjYtMjk3NjJjMWFhZjY1
LzEvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARTEX+Anm
K3on53BQm+uUJewSFkr2fy17yb8Gaso3B5RA8B3Qw7jG143ItV3K5k4vRZGbdkBu
dU/DjFbIH0Z28iIu4mZ8IZhHItObOhJVQ16AJ7b6gsgpxu6oNYB49C/UMjc/t0Nh
wA2WM5ABlycyqRcxWe1tuKay2v9vMgBdy4d6Fjs19+MQUI0X2E8H1oBG0P4CFcjT
STRHQgnYfZudz+jPVHXpS9RduHL/C3V/1Vu2f8yNo/AmE+EXQOtXcmbMkOJmcYX1
A+kKd4qUSBUEitCf55Vfwyd5l4Yy70zd+WYF3LSslBO8z1bS1s66IQsTJjku3Pfw
xGwklDKfd82VQA==
-----END CERTIFICATE-----