Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
File:                     YDe79svKAic6peIbuIjj4exnZ98.mft (raw, json)
Hash identifier:          FYskz0tVYitnT9kmepnoXUcgmUtbrIBQ9kF6fjdzFZM=
Subject key identifier:   23:AB:E7:95:FD:F5:68:83:57:E0:EA:14:C9:0D:60:83:60:9D:00:23
Authority key identifier: 60:37:BB:F6:CB:CA:02:27:3A:A5:E2:1B:B8:88:E3:E1:EC:67:67:DF
Certificate issuer:       /CN=6037bbf6cbca02273aa5e21bb888e3e1ec6767df
Certificate serial:       019693049F39288000C66B9BCFC0A44043B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
Manifest number:          0A3F
Signing time:             Fri 02 May 2025 22:01:15 +0000
Manifest this update:     Fri 02 May 2025 22:01:15 +0000
Manifest next update:     Sat 03 May 2025 22:01:15 +0000
Files and hashes:         1: YDe79svKAic6peIbuIjj4exnZ98.crl (hash: bicmHU4iAqB3Z7G+xQWlAt8DzYeBYmiF6lKf8NOXVKE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 22:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:93:04:9f:39:28:80:00:c6:6b:9b:cf:c0:a4:40:43:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6037bbf6cbca02273aa5e21bb888e3e1ec6767df
        Validity
            Not Before: May  2 22:01:15 2025 GMT
            Not After : May  3 22:01:15 2025 GMT
        Subject: CN=23abe795fdf5688357e0ea14c90d6083609d0023
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:31:63:0d:2e:e1:28:a4:ea:46:49:1c:57:9b:
                    2c:7b:e7:1e:b8:0b:8c:5d:15:aa:ed:86:7e:d8:8a:
                    51:5e:35:15:eb:86:02:0d:20:06:a1:90:54:57:fc:
                    7e:a4:ce:b7:9a:90:72:e3:18:07:c6:bd:c8:0a:90:
                    b1:71:cb:66:82:25:c4:91:8b:5d:dc:1c:8e:de:62:
                    f0:5e:55:50:ca:90:9d:3e:28:2f:88:01:01:e9:cc:
                    67:f5:ac:57:61:5d:5b:de:0b:29:db:db:f5:ab:fb:
                    ee:59:74:04:78:3d:00:20:52:cd:07:e3:93:ea:85:
                    e1:98:35:bc:c5:ad:da:16:b8:4c:be:5a:cf:7c:12:
                    28:c7:c9:ed:49:b7:f7:b1:eb:7e:24:6c:d1:72:ff:
                    73:7a:69:b8:57:dd:82:88:55:d5:74:ec:bd:ba:3e:
                    02:45:d0:09:9f:38:51:72:3e:08:86:ed:3a:ce:2a:
                    cb:fd:09:aa:bb:ef:d7:f0:5b:73:bd:96:3c:65:68:
                    9a:ad:ab:f4:66:b8:26:4a:37:f2:08:9e:10:e9:2f:
                    79:da:c7:59:39:d2:51:70:f2:17:40:b0:ee:ae:02:
                    07:bf:2f:81:96:40:5a:1c:a8:04:e2:5e:88:d4:9d:
                    8e:92:47:85:16:82:f1:9a:05:17:44:22:1b:06:0c:
                    23:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:AB:E7:95:FD:F5:68:83:57:E0:EA:14:C9:0D:60:83:60:9D:00:23
            X509v3 Authority Key Identifier:
                keyid:60:37:BB:F6:CB:CA:02:27:3A:A5:E2:1B:B8:88:E3:E1:EC:67:67:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:43:f7:19:de:63:70:43:8e:32:b0:ad:f2:2e:8c:25:85:be:
         6b:b1:b6:85:88:7c:ef:6e:d3:26:4c:94:b3:66:44:c2:d9:1f:
         54:28:ec:35:c3:08:d3:c7:f3:48:b4:5a:d8:e3:52:c2:bd:06:
         d1:8e:7c:02:f3:a4:30:68:93:ba:13:cc:eb:a5:a9:86:d0:07:
         99:1d:07:29:52:a9:88:62:4b:87:71:fa:8a:9f:fd:2a:bd:a2:
         e7:d4:85:95:a8:54:77:65:0e:2e:ad:5b:24:88:53:08:22:c7:
         8a:62:e4:42:ca:b8:c2:68:e1:0b:d5:c7:d6:4d:29:8a:56:28:
         75:34:38:a2:3c:1c:e7:cb:b0:88:18:62:69:32:ad:85:ce:61:
         d9:db:7a:6f:a8:1c:4c:99:ad:95:c1:e1:2d:05:b0:21:5a:a9:
         cd:f9:5d:72:8c:79:c5:44:32:41:b7:91:7e:89:83:10:5e:c2:
         a2:fe:7e:7f:8e:52:25:f0:0e:5c:8c:88:2a:5d:22:1f:0c:8b:
         57:c1:26:23:5d:3d:54:b2:26:bc:76:62:da:08:d6:eb:58:b1:
         83:1d:97:92:50:b7:c2:91:78:b9:de:0d:2b:62:e4:2d:73:97:
         3e:e0:a4:c4:0b:e6:fe:f1:dc:ff:5b:ef:62:e8:9c:97:20:3c:
         e0:f0:a2:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaTBJ85KIAAxmubz8CkQEO5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzdiYmY2Y2JjYTAyMjczYWE1ZTIxYmI4ODhlM2UxZWM2
NzY3ZGYwHhcNMjUwNTAyMjIwMTE1WhcNMjUwNTAzMjIwMTE1WjAzMTEwLwYDVQQD
EygyM2FiZTc5NWZkZjU2ODgzNTdlMGVhMTRjOTBkNjA4MzYwOWQwMDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTFjDS7hKKTqRkkcV5sse+ceuAuM
XRWq7YZ+2IpRXjUV64YCDSAGoZBUV/x+pM63mpBy4xgHxr3ICpCxcctmgiXEkYtd
3ByO3mLwXlVQypCdPigviAEB6cxn9axXYV1b3gsp29v1q/vuWXQEeD0AIFLNB+OT
6oXhmDW8xa3aFrhMvlrPfBIox8ntSbf3set+JGzRcv9zemm4V92CiFXVdOy9uj4C
RdAJnzhRcj4Ihu06zirL/Qmqu+/X8FtzvZY8ZWiarav0ZrgmSjfyCJ4Q6S952sdZ
OdJRcPIXQLDurgIHvy+BlkBaHKgE4l6I1J2OkkeFFoLxmgUXRCIbBgwjFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCOr55X99WiDV+DqFMkNYINgnQAjMB8GA1UdIwQY
MBaAFGA3u/bLygInOqXiG7iI4+HsZ2ffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC82NGUyMGMtOGY2MS00MzUxLTgwNzct
ZmMzYjNlMTExNjFkLzEvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC82NGUyMGMtOGY2MS00MzUxLTgwNzctZmMzYjNlMTExNjFk
LzEvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU0P3Gd5j
cEOOMrCt8i6MJYW+a7G2hYh8727TJkyUs2ZEwtkfVCjsNcMI08fzSLRa2ONSwr0G
0Y58AvOkMGiTuhPM66WphtAHmR0HKVKpiGJLh3H6ip/9Kr2i59SFlahUd2UOLq1b
JIhTCCLHimLkQsq4wmjhC9XH1k0pilYodTQ4ojwc58uwiBhiaTKthc5h2dt6b6gc
TJmtlcHhLQWwIVqpzfldcox5xUQyQbeRfomDEF7Cov5+f45SJfAOXIyIKl0iHwyL
V8EmI109VLImvHZi2gjW61ixgx2XklC3wpF4ud4NK2LkLXOXPuCkxAvm/vHc/1vv
YuiclyA84PCiSw==
-----END CERTIFICATE-----