Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
File:                     Yonrndlo7aSnlWTC4GpoOEIpegQ.mft (raw, json)
Hash identifier:          Tsg9NZ+/ZoDEFYBUdTc9CPhfZ5GHQNaXg1hJRX/1RkA=
Subject key identifier:   A9:36:04:6C:C4:0F:33:85:6E:C3:66:14:F5:5F:62:42:2C:8A:EB:1A
Authority key identifier: 62:89:EB:9D:D9:68:ED:A4:A7:95:64:C2:E0:6A:68:38:42:29:7A:04
Certificate issuer:       /CN=6289eb9dd968eda4a79564c2e06a683842297a04
Certificate serial:       0196783149AD8806747B6842FE9826FEAED9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
Manifest number:          022F
Signing time:             Sun 27 Apr 2025 17:00:18 +0000
Manifest this update:     Sun 27 Apr 2025 17:00:18 +0000
Manifest next update:     Mon 28 Apr 2025 17:00:18 +0000
Files and hashes:         1: Yonrndlo7aSnlWTC4GpoOEIpegQ.crl (hash: WIRQf63kc0U69RblXn/pOne2qeR64ZjVpPF7kHpXryc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:31:49:ad:88:06:74:7b:68:42:fe:98:26:fe:ae:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6289eb9dd968eda4a79564c2e06a683842297a04
        Validity
            Not Before: Apr 27 17:00:18 2025 GMT
            Not After : Apr 28 17:00:18 2025 GMT
        Subject: CN=a936046cc40f33856ec36614f55f62422c8aeb1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:e1:f4:c1:b3:10:90:60:19:11:86:3d:0c:d1:
                    e6:65:2f:b4:1a:d9:e6:28:f0:55:d1:57:ff:45:f9:
                    72:fc:cf:4b:f7:c7:1b:60:11:d2:6e:b8:ca:55:91:
                    2c:70:68:a7:09:66:51:0c:6a:00:6b:b1:ed:4e:a0:
                    d0:27:85:48:37:be:21:c8:08:0c:4e:c8:72:42:78:
                    97:85:c4:b1:c6:3b:a0:fd:c6:a2:01:03:02:cf:7a:
                    a7:62:22:5a:7b:b0:4e:ab:6c:31:e6:20:d2:e4:12:
                    9d:14:ee:de:6d:ec:00:23:ff:90:69:ae:c0:07:13:
                    bc:4a:e4:3c:f1:8e:cb:e2:4b:e9:13:64:93:2d:9a:
                    fe:e9:c0:99:42:9a:cf:a6:6a:7b:26:1b:cb:ba:c1:
                    0f:19:22:45:45:db:bf:21:eb:19:fc:d5:8e:c5:f4:
                    60:cb:7b:56:6e:39:fb:a8:f9:30:21:62:9d:24:6a:
                    b2:9e:7b:cb:a1:4c:ff:da:7c:f9:b1:0a:db:61:2d:
                    d5:eb:30:5e:02:54:c2:b6:4f:b8:f9:9c:e5:d5:1b:
                    e2:28:63:e7:37:f9:e0:55:c2:6e:54:88:56:7d:b9:
                    b3:39:bf:8c:0b:29:82:8c:54:ca:2a:0c:e2:e3:76:
                    63:69:a4:e6:14:09:b5:09:8a:eb:f2:4b:b8:55:e5:
                    c4:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:36:04:6C:C4:0F:33:85:6E:C3:66:14:F5:5F:62:42:2C:8A:EB:1A
            X509v3 Authority Key Identifier:
                keyid:62:89:EB:9D:D9:68:ED:A4:A7:95:64:C2:E0:6A:68:38:42:29:7A:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:fa:1e:c1:55:58:4b:75:cf:1a:d1:62:d7:d0:59:c5:fa:8c:
         62:76:85:b9:95:09:e8:fd:3c:5e:ca:2e:4a:4a:e6:06:77:ed:
         77:b5:fe:b8:38:52:6c:d8:20:9b:8e:a0:d2:80:6f:78:97:83:
         db:cd:ee:c1:6b:70:c5:ca:10:71:26:73:cc:2b:5d:7a:ab:e0:
         3c:68:fe:db:af:16:95:73:97:6d:8d:63:1c:43:46:7c:62:b4:
         cd:cb:ed:af:b7:ef:d3:88:64:42:f3:4a:a3:fa:f1:81:c4:de:
         2b:eb:3d:d1:e3:a6:5e:c6:2a:22:60:53:63:9c:fc:9b:5c:6e:
         8f:7a:b6:88:38:00:cc:78:57:be:76:80:00:f0:18:9f:62:67:
         66:59:f8:19:d0:12:68:cf:f7:db:56:21:34:cb:33:8b:84:3f:
         38:e1:0b:b1:06:51:f9:fb:d8:d6:d9:b9:3e:b3:7b:a3:87:68:
         89:c9:8e:be:de:a0:25:a6:88:b8:43:af:7f:1c:96:7f:66:58:
         60:c5:24:75:03:14:33:4f:d8:11:40:8d:d6:4f:35:53:b2:e3:
         37:42:cf:11:1b:38:d0:c9:9c:46:2a:ab:b6:77:4c:0c:85:24:
         8d:88:67:71:44:84:96:8f:67:bf:e0:24:a7:c4:32:bf:3d:57:
         ca:d0:b8:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ4MUmtiAZ0e2hC/pgm/q7ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyODllYjlkZDk2OGVkYTRhNzk1NjRjMmUwNmE2ODM4NDIy
OTdhMDQwHhcNMjUwNDI3MTcwMDE4WhcNMjUwNDI4MTcwMDE4WjAzMTEwLwYDVQQD
EyhhOTM2MDQ2Y2M0MGYzMzg1NmVjMzY2MTRmNTVmNjI0MjJjOGFlYjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eH0wbMQkGAZEYY9DNHmZS+0Gtnm
KPBV0Vf/Rfly/M9L98cbYBHSbrjKVZEscGinCWZRDGoAa7HtTqDQJ4VIN74hyAgM
TshyQniXhcSxxjug/caiAQMCz3qnYiJae7BOq2wx5iDS5BKdFO7ebewAI/+Qaa7A
BxO8SuQ88Y7L4kvpE2STLZr+6cCZQprPpmp7JhvLusEPGSJFRdu/IesZ/NWOxfRg
y3tWbjn7qPkwIWKdJGqynnvLoUz/2nz5sQrbYS3V6zBeAlTCtk+4+Zzl1RviKGPn
N/ngVcJuVIhWfbmzOb+MCymCjFTKKgzi43ZjaaTmFAm1CYrr8ku4VeXE6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKk2BGzEDzOFbsNmFPVfYkIsiusaMB8GA1UdIwQY
MBaAFGKJ653ZaO2kp5VkwuBqaDhCKXoEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81ZTdkYzgtN2JmNS00MDMzLTkwOTIt
ZmM3ZWI5OTFkYjQwLzEvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81ZTdkYzgtN2JmNS00MDMzLTkwOTItZmM3ZWI5OTFkYjQw
LzEvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi/oewVVY
S3XPGtFi19BZxfqMYnaFuZUJ6P08XsouSkrmBnftd7X+uDhSbNggm46g0oBveJeD
283uwWtwxcoQcSZzzCtdeqvgPGj+268WlXOXbY1jHENGfGK0zcvtr7fv04hkQvNK
o/rxgcTeK+s90eOmXsYqImBTY5z8m1xuj3q2iDgAzHhXvnaAAPAYn2JnZln4GdAS
aM/321YhNMszi4Q/OOELsQZR+fvY1tm5PrN7o4doicmOvt6gJaaIuEOvfxyWf2ZY
YMUkdQMUM0/YEUCN1k81U7LjN0LPERs40MmcRiqrtndMDIUkjYhncUSElo9nv+Ak
p8Qyvz1XytC44g==
-----END CERTIFICATE-----