Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
File:                     y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft (raw, json)
Hash identifier:          zRpBp8FeonbqfFpr0Jggs+5+yDt9IW5kIjLPymixuFc=
Subject key identifier:   25:B0:AD:92:66:15:AA:A7:27:42:C0:74:04:55:46:11:C0:92:4D:F9
Authority key identifier: CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06
Certificate issuer:       /CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
Certificate serial:       01967868FB5AC3AFE4A98D1BA7AEB89CDEE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
Manifest number:          0228
Signing time:             Sun 27 Apr 2025 18:01:08 +0000
Manifest this update:     Sun 27 Apr 2025 18:01:08 +0000
Manifest next update:     Mon 28 Apr 2025 18:01:08 +0000
Files and hashes:         1: y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl (hash: LCgZY6oD3Ger2h/1EW7qlZfBPChGiaxvtZUv/M5ERto=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:68:fb:5a:c3:af:e4:a9:8d:1b:a7:ae:b8:9c:de:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
        Validity
            Not Before: Apr 27 18:01:08 2025 GMT
            Not After : Apr 28 18:01:08 2025 GMT
        Subject: CN=25b0ad926615aaa72742c07404554611c0924df9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:14:26:11:1f:2a:66:f8:51:7d:1f:e0:7a:af:
                    e3:6b:cd:a6:00:39:ff:30:34:5b:36:23:4f:1d:c0:
                    3e:d2:54:34:ad:42:37:da:d3:8f:ef:19:09:22:a9:
                    e8:9b:72:23:36:58:14:de:b2:3e:1d:95:24:a0:76:
                    af:d1:68:18:9e:11:1f:17:3c:e6:24:2f:68:a1:8c:
                    78:e8:d4:73:75:cf:55:6c:0d:84:71:28:77:ff:6b:
                    db:bf:37:5c:d8:4a:c7:20:9c:23:68:d0:33:14:73:
                    3a:f4:10:d1:9f:a8:b0:8d:1a:f6:a8:7c:4d:db:70:
                    aa:5f:69:dc:d2:a1:48:5a:ed:75:87:9a:7d:02:07:
                    50:ea:e8:fb:d7:e4:b8:03:da:5a:c8:d5:e9:d4:0b:
                    e1:84:e4:de:cc:ce:bc:c2:5c:0c:a6:3d:17:df:e4:
                    02:c6:16:27:0a:1c:f1:a3:d5:77:4c:06:e2:f7:09:
                    0c:03:aa:0b:22:f6:da:cb:26:21:84:72:31:de:79:
                    4a:43:cd:0d:ce:47:20:3a:fb:3c:ae:16:ef:aa:30:
                    0a:66:f4:87:e0:53:67:34:71:b2:30:d8:5a:dc:2f:
                    7a:8d:79:27:94:eb:13:38:69:55:de:89:42:85:7c:
                    1c:97:55:57:4a:ae:4e:a5:5f:27:07:12:76:ad:0e:
                    de:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:B0:AD:92:66:15:AA:A7:27:42:C0:74:04:55:46:11:C0:92:4D:F9
            X509v3 Authority Key Identifier:
                keyid:CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:c6:53:94:59:f3:b1:8e:b8:d5:c8:6c:bc:d1:0a:56:11:06:
         b9:c8:f5:ad:cf:08:38:f3:e0:9b:36:33:82:51:a5:ff:2a:2f:
         a4:9c:ff:5d:92:b1:cc:da:a4:99:c2:ca:19:18:a7:1c:5a:9d:
         cc:42:28:6c:97:7a:24:ee:4a:0d:c2:c6:39:b1:cd:78:c9:4c:
         50:7b:8f:3c:15:0a:2d:b4:c6:29:e5:e5:cf:29:6a:9e:55:9f:
         82:d2:97:73:e1:0f:d5:30:c9:a8:16:6d:24:83:f1:1d:19:a6:
         a6:98:c1:aa:f0:7f:6b:b5:52:43:d4:4e:a7:7d:af:4a:17:db:
         08:d3:fb:c8:54:11:d5:df:06:a1:8f:52:01:74:f1:1f:28:2a:
         80:65:62:c1:06:33:29:0f:cf:61:92:98:cc:c4:0f:11:0a:20:
         64:3f:26:7e:ba:85:b6:3d:bf:5a:1b:5b:aa:4c:48:d7:76:7e:
         d6:32:62:eb:03:df:1f:b7:69:ea:0d:50:81:0d:cb:c9:e8:40:
         a2:65:97:81:e9:68:95:27:8a:1d:5f:49:a9:8c:92:c4:c5:36:
         0e:60:28:6f:67:17:27:08:56:4f:0d:7f:2f:ef:44:47:51:61:
         e7:6b:ec:4c:3a:a0:65:64:80:ba:60:43:61:cb:73:4a:81:e4:
         ee:10:07:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ4aPtaw6/kqY0bp664nN7gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOWExY2I4MGZiNjM3MzJlNTMwMDQ3YTFlYzU1MjlmOGM4
YjFhMDYwHhcNMjUwNDI3MTgwMTA4WhcNMjUwNDI4MTgwMTA4WjAzMTEwLwYDVQQD
EygyNWIwYWQ5MjY2MTVhYWE3Mjc0MmMwNzQwNDU1NDYxMWMwOTI0ZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBQmER8qZvhRfR/geq/ja82mADn/
MDRbNiNPHcA+0lQ0rUI32tOP7xkJIqnom3IjNlgU3rI+HZUkoHav0WgYnhEfFzzm
JC9ooYx46NRzdc9VbA2EcSh3/2vbvzdc2ErHIJwjaNAzFHM69BDRn6iwjRr2qHxN
23CqX2nc0qFIWu11h5p9AgdQ6uj71+S4A9payNXp1AvhhOTezM68wlwMpj0X3+QC
xhYnChzxo9V3TAbi9wkMA6oLIvbayyYhhHIx3nlKQ80NzkcgOvs8rhbvqjAKZvSH
4FNnNHGyMNha3C96jXknlOsTOGlV3olChXwcl1VXSq5OpV8nBxJ2rQ7e2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCWwrZJmFaqnJ0LAdARVRhHAkk35MB8GA1UdIwQY
MBaAFMuaHLgPtjcy5TAEeh7FUp+MixoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMt
MTEzZWRlM2FmZjc5LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMtMTEzZWRlM2FmZjc5
LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE8ZTlFnz
sY641chsvNEKVhEGucj1rc8IOPPgmzYzglGl/yovpJz/XZKxzNqkmcLKGRinHFqd
zEIobJd6JO5KDcLGObHNeMlMUHuPPBUKLbTGKeXlzylqnlWfgtKXc+EP1TDJqBZt
JIPxHRmmppjBqvB/a7VSQ9ROp32vShfbCNP7yFQR1d8GoY9SAXTxHygqgGViwQYz
KQ/PYZKYzMQPEQogZD8mfrqFtj2/WhtbqkxI13Z+1jJi6wPfH7dp6g1QgQ3LyehA
omWXgelolSeKHV9JqYySxMU2DmAob2cXJwhWTw1/L+9ER1Fh52vsTDqgZWSAumBD
YctzSoHk7hAH2g==
-----END CERTIFICATE-----