Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/f76a8e-1884-41bb-8113-f8d755b3d2a7/1/Yv8lPFoTQ6JWma4I51dnrya52-U.mft
File:                     Yv8lPFoTQ6JWma4I51dnrya52-U.mft (raw, json)
Hash identifier:          +mSgzFEaFl8q/9zydgCrVucnFWZzUdEVnYtIQmdsRQ4=
Subject key identifier:   98:4D:19:8C:3F:C6:77:08:DB:B4:47:64:48:14:54:7A:C7:CA:34:7F
Authority key identifier: 62:FF:25:3C:5A:13:43:A2:56:99:AE:08:E7:57:67:AF:26:B9:DB:E5
Certificate issuer:       /CN=62ff253c5a1343a25699ae08e75767af26b9dbe5
Certificate serial:       01967755F1CC1069890DA053E7A1ED3532A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv8lPFoTQ6JWma4I51dnrya52-U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/f76a8e-1884-41bb-8113-f8d755b3d2a7/1/Yv8lPFoTQ6JWma4I51dnrya52-U.mft
Manifest number:          149F
Signing time:             Sun 27 Apr 2025 13:00:43 +0000
Manifest this update:     Sun 27 Apr 2025 13:00:43 +0000
Manifest next update:     Mon 28 Apr 2025 13:00:43 +0000
Files and hashes:         1: Yv8lPFoTQ6JWma4I51dnrya52-U.crl (hash: jF8kXL/dFF8nh1FEG3Pgh1e+fPAdBKDF4LGetnvnkeE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/f76a8e-1884-41bb-8113-f8d755b3d2a7/1/Yv8lPFoTQ6JWma4I51dnrya52-U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/f76a8e-1884-41bb-8113-f8d755b3d2a7/1/Yv8lPFoTQ6JWma4I51dnrya52-U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yv8lPFoTQ6JWma4I51dnrya52-U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 13:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:55:f1:cc:10:69:89:0d:a0:53:e7:a1:ed:35:32:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62ff253c5a1343a25699ae08e75767af26b9dbe5
        Validity
            Not Before: Apr 27 13:00:43 2025 GMT
            Not After : Apr 28 13:00:43 2025 GMT
        Subject: CN=984d198c3fc67708dbb447644814547ac7ca347f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:aa:03:9f:2c:64:df:a1:33:90:d1:9c:f7:0e:
                    1d:cf:89:d7:dd:20:e4:ad:5f:a1:98:4a:6e:76:23:
                    31:66:e2:44:6b:c4:89:80:02:a6:4e:1a:7c:f7:70:
                    cb:ce:94:a7:6e:26:2f:1b:3b:ff:1e:3a:30:f9:a4:
                    94:a8:d7:fa:21:4c:47:d2:ce:b9:dd:47:ae:26:3c:
                    63:a3:6e:b1:2e:42:59:bb:c9:57:37:65:b4:fe:1b:
                    dc:b4:41:f2:c1:a7:d0:46:cf:f3:a4:85:11:dd:46:
                    e4:17:21:3c:f0:44:c4:13:f9:73:20:5a:02:1b:76:
                    ee:9b:db:9f:fe:97:2d:42:b7:a5:8e:2c:11:e7:05:
                    7b:83:19:1b:67:a3:c0:f4:a9:a1:05:b2:d3:3b:3c:
                    38:d1:cd:fb:40:22:0d:17:ed:9e:b7:cf:c4:42:4c:
                    05:3d:82:7f:71:43:2f:cf:bd:2d:e4:bf:24:94:5a:
                    54:2b:1b:f0:6d:e6:87:6a:ec:f4:7f:aa:f2:7a:63:
                    bd:bc:ff:58:37:0c:4b:ac:1a:c0:74:00:08:ee:d0:
                    00:f9:9d:c6:0a:f2:f6:5a:f8:f9:86:ed:10:46:d9:
                    c7:48:ed:2b:8f:d4:95:47:2b:61:32:c5:fe:2a:74:
                    a4:bc:40:f7:4b:1d:17:ab:4d:8e:7f:62:1a:a7:b4:
                    a9:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:4D:19:8C:3F:C6:77:08:DB:B4:47:64:48:14:54:7A:C7:CA:34:7F
            X509v3 Authority Key Identifier:
                keyid:62:FF:25:3C:5A:13:43:A2:56:99:AE:08:E7:57:67:AF:26:B9:DB:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv8lPFoTQ6JWma4I51dnrya52-U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f76a8e-1884-41bb-8113-f8d755b3d2a7/1/Yv8lPFoTQ6JWma4I51dnrya52-U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f76a8e-1884-41bb-8113-f8d755b3d2a7/1/Yv8lPFoTQ6JWma4I51dnrya52-U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:8e:5c:29:f6:6c:3a:7e:f8:55:d3:6b:f5:97:29:a4:04:70:
         7e:d3:d5:89:47:9d:a0:7c:81:f9:85:37:61:8f:84:a7:8c:0d:
         36:f4:df:d1:2a:63:7d:e9:a8:1a:2c:bd:ee:3c:c6:09:fe:16:
         d0:f7:50:bc:24:c9:e2:2a:ca:71:65:a7:77:a2:70:24:b3:40:
         91:0a:3c:c7:87:be:e2:39:5b:2a:bf:f9:4c:72:b8:b1:3e:c6:
         aa:81:0c:0a:3a:9e:3c:7e:96:30:b7:5e:a4:50:fc:c4:28:02:
         4d:78:30:f2:79:ee:9d:cb:69:53:ce:a4:90:6e:a9:0e:04:cd:
         a1:3f:93:b2:2d:9a:0e:65:5e:45:6f:81:e3:61:c3:9b:e4:95:
         af:d7:59:fb:51:63:58:e1:b9:a4:99:0e:ff:f1:34:4d:11:89:
         1a:37:3e:c9:18:0c:cd:10:06:a0:31:82:57:ec:65:13:ae:4b:
         1e:e5:cb:03:0d:05:2b:e7:7c:f9:9e:8b:f5:d1:02:a4:fa:97:
         4c:19:7d:99:b3:bd:cb:05:fe:65:c7:c2:1b:17:86:08:e6:86:
         6e:84:73:13:7f:d9:82:ca:34:b2:26:23:fb:46:65:a0:b8:0e:
         36:b3:56:bc:78:8e:7e:a6:06:ef:a1:01:34:d1:17:6d:7c:98:
         7c:e4:06:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3VfHMEGmJDaBT56HtNTKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmYyNTNjNWExMzQzYTI1Njk5YWUwOGU3NTc2N2FmMjZi
OWRiZTUwHhcNMjUwNDI3MTMwMDQzWhcNMjUwNDI4MTMwMDQzWjAzMTEwLwYDVQQD
Eyg5ODRkMTk4YzNmYzY3NzA4ZGJiNDQ3NjQ0ODE0NTQ3YWM3Y2EzNDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6oDnyxk36EzkNGc9w4dz4nX3SDk
rV+hmEpudiMxZuJEa8SJgAKmThp893DLzpSnbiYvGzv/Hjow+aSUqNf6IUxH0s65
3UeuJjxjo26xLkJZu8lXN2W0/hvctEHywafQRs/zpIUR3UbkFyE88ETEE/lzIFoC
G3bum9uf/pctQreljiwR5wV7gxkbZ6PA9KmhBbLTOzw40c37QCINF+2et8/EQkwF
PYJ/cUMvz70t5L8klFpUKxvwbeaHauz0f6ryemO9vP9YNwxLrBrAdAAI7tAA+Z3G
CvL2Wvj5hu0QRtnHSO0rj9SVRythMsX+KnSkvED3Sx0Xq02Of2Iap7SpnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJhNGYw/xncI27RHZEgUVHrHyjR/MB8GA1UdIwQY
MBaAFGL/JTxaE0OiVpmuCOdXZ68mudvlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXY4bFBGb1RRNkpXbWE0STUxZG5yeWE1Mi1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9mNzZhOGUtMTg4NC00MWJiLTgxMTMt
ZjhkNzU1YjNkMmE3LzEvWXY4bFBGb1RRNkpXbWE0STUxZG5yeWE1Mi1VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9mNzZhOGUtMTg4NC00MWJiLTgxMTMtZjhkNzU1YjNkMmE3
LzEvWXY4bFBGb1RRNkpXbWE0STUxZG5yeWE1Mi1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAo5cKfZs
On74VdNr9ZcppARwftPViUedoHyB+YU3YY+Ep4wNNvTf0SpjfemoGiy97jzGCf4W
0PdQvCTJ4irKcWWnd6JwJLNAkQo8x4e+4jlbKr/5THK4sT7GqoEMCjqePH6WMLde
pFD8xCgCTXgw8nnunctpU86kkG6pDgTNoT+Tsi2aDmVeRW+B42HDm+SVr9dZ+1Fj
WOG5pJkO//E0TRGJGjc+yRgMzRAGoDGCV+xlE65LHuXLAw0FK+d8+Z6L9dECpPqX
TBl9mbO9ywX+ZcfCGxeGCOaGboRzE3/Zgso0siYj+0ZloLgONrNWvHiOfqYG76EB
NNEXbXyYfOQG9Q==
-----END CERTIFICATE-----