Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
File:                     yj7NoA-sC_tjsoVD6itdXx5N9ss.mft (raw, json)
Hash identifier:          OqbAtn+vRqVK2UjWplWaUek3PE9+97V5E46s6uZgn90=
Subject key identifier:   96:AB:EC:A2:64:5E:A0:3E:35:C8:2B:E6:A8:A5:D3:86:D9:9C:C4:2F
Authority key identifier: CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB
Certificate issuer:       /CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
Certificate serial:       01967AFBC47B28DAB82B525C1D6DA0A22381
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
Manifest number:          010E
Signing time:             Mon 28 Apr 2025 06:00:42 +0000
Manifest this update:     Mon 28 Apr 2025 06:00:42 +0000
Manifest next update:     Tue 29 Apr 2025 06:00:42 +0000
Files and hashes:         1: yj7NoA-sC_tjsoVD6itdXx5N9ss.crl (hash: pwyqGSiG/JHpIhdyHBWpFqZx+j/9lOWXaC+NhOyOHPg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7a:fb:c4:7b:28:da:b8:2b:52:5c:1d:6d:a0:a2:23:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
        Validity
            Not Before: Apr 28 06:00:42 2025 GMT
            Not After : Apr 29 06:00:42 2025 GMT
        Subject: CN=96abeca2645ea03e35c82be6a8a5d386d99cc42f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:5f:f4:ba:e3:8f:19:27:76:0f:e3:7a:d1:d0:
                    77:34:78:71:9b:2b:86:05:34:2b:dd:b6:4b:c5:74:
                    12:62:ae:4d:e2:8f:4a:68:d2:be:ad:97:1b:60:db:
                    35:c9:d9:0c:13:64:ec:33:40:26:92:ca:a5:8d:7d:
                    06:6c:12:ec:86:44:32:2d:19:e7:4e:1f:89:ef:a8:
                    43:a5:db:55:28:75:16:4b:db:6c:95:4c:17:6a:8d:
                    70:98:84:a2:0b:da:87:ad:d7:9f:06:42:f8:2f:fb:
                    47:b5:01:2e:d4:7d:76:c1:16:ff:54:f5:1e:e3:46:
                    14:be:7a:50:e2:71:ea:b5:87:22:e0:d0:a2:98:34:
                    3a:b2:d8:48:42:f9:bf:05:7e:d5:54:0f:91:93:15:
                    3f:e1:b7:04:96:bf:41:59:d7:37:5c:f3:17:a5:df:
                    b4:dc:1f:ef:64:37:9e:d3:69:d1:b5:a8:a1:2c:b4:
                    cb:e2:ee:83:25:8b:ed:2b:62:cd:01:68:c5:65:23:
                    6b:c2:a2:76:ef:55:2b:ab:6c:d1:16:2c:3d:b0:6c:
                    75:9f:5a:8d:cb:63:90:44:f1:e3:5d:06:f6:af:5d:
                    cb:94:98:85:15:12:a3:5e:41:1e:9e:b6:86:9c:da:
                    91:32:63:ab:0c:95:b9:37:6f:0c:43:a2:b2:a6:8f:
                    68:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:AB:EC:A2:64:5E:A0:3E:35:C8:2B:E6:A8:A5:D3:86:D9:9C:C4:2F
            X509v3 Authority Key Identifier:
                keyid:CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:fa:98:65:81:f1:61:a3:38:22:e9:05:30:0a:b4:22:af:4d:
         8b:b2:14:6d:78:ed:56:d1:64:63:ea:fd:42:ae:8b:72:01:c2:
         4a:31:ff:a4:58:01:27:99:aa:b3:67:3c:15:59:68:db:16:f1:
         81:46:82:a9:cf:8c:56:55:04:50:43:8a:5c:ca:e3:6a:88:5f:
         a5:68:a9:80:ac:a2:35:d2:d7:5e:6c:db:48:6e:bd:e5:0a:b7:
         ae:de:b3:79:36:1d:e4:ac:eb:ff:29:01:66:74:7a:a6:b0:cb:
         24:9f:ad:54:95:67:79:60:dc:2c:b5:56:ef:c6:82:82:48:ce:
         2d:d8:6d:d3:83:91:18:04:a4:b0:f5:c0:88:cc:c9:66:c9:75:
         af:65:b0:ba:f8:0c:34:db:f4:49:7f:8a:6d:03:52:66:04:2a:
         dd:5a:bf:db:71:17:49:d3:f9:13:4d:e6:e5:98:ec:89:fc:dd:
         53:37:8f:50:1d:d8:6f:fa:27:3d:36:cd:72:5d:be:30:bd:6f:
         dd:6b:4e:d4:fe:29:9e:60:db:fe:6c:bd:d9:c0:17:66:6c:73:
         40:89:cb:5f:39:9a:f4:54:44:2a:51:d9:54:25:20:37:f0:52:
         d6:7c:f2:45:40:aa:5b:09:fe:95:82:f5:fa:6e:b7:cb:03:23:
         e1:8b:e9:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ6+8R7KNq4K1JcHW2goiOBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhM2VjZGEwMGZhYzBiZmI2M2IyODU0M2VhMmI1ZDVmMWU0
ZGY2Y2IwHhcNMjUwNDI4MDYwMDQyWhcNMjUwNDI5MDYwMDQyWjAzMTEwLwYDVQQD
Eyg5NmFiZWNhMjY0NWVhMDNlMzVjODJiZTZhOGE1ZDM4NmQ5OWNjNDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuF/0uuOPGSd2D+N60dB3NHhxmyuG
BTQr3bZLxXQSYq5N4o9KaNK+rZcbYNs1ydkME2TsM0AmksqljX0GbBLshkQyLRnn
Th+J76hDpdtVKHUWS9tslUwXao1wmISiC9qHrdefBkL4L/tHtQEu1H12wRb/VPUe
40YUvnpQ4nHqtYci4NCimDQ6sthIQvm/BX7VVA+RkxU/4bcElr9BWdc3XPMXpd+0
3B/vZDee02nRtaihLLTL4u6DJYvtK2LNAWjFZSNrwqJ271Urq2zRFiw9sGx1n1qN
y2OQRPHjXQb2r13LlJiFFRKjXkEenraGnNqRMmOrDJW5N28MQ6Kypo9o5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJar7KJkXqA+Ncgr5qil04bZnMQvMB8GA1UdIwQY
MBaAFMo+zaAPrAv7Y7KFQ+orXV8eTfbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgt
M2Y5OTYwODY1ZDBmLzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgtM2Y5OTYwODY1ZDBm
LzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR/qYZYHx
YaM4IukFMAq0Iq9Ni7IUbXjtVtFkY+r9Qq6LcgHCSjH/pFgBJ5mqs2c8FVlo2xbx
gUaCqc+MVlUEUEOKXMrjaohfpWipgKyiNdLXXmzbSG695Qq3rt6zeTYd5Kzr/ykB
ZnR6prDLJJ+tVJVneWDcLLVW78aCgkjOLdht04ORGASksPXAiMzJZsl1r2WwuvgM
NNv0SX+KbQNSZgQq3Vq/23EXSdP5E03m5ZjsifzdUzePUB3Yb/onPTbNcl2+ML1v
3WtO1P4pnmDb/my92cAXZmxzQInLXzma9FREKlHZVCUgN/BS1nzyRUCqWwn+lYL1
+m63ywMj4YvpjA==
-----END CERTIFICATE-----