Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/08ef87-cf55-4b5d-9821-03746d7bd294/1/yVcXmb2ok6GGC0phbFYnivXsksU.mft
File:                     yVcXmb2ok6GGC0phbFYnivXsksU.mft (raw, json)
Hash identifier:          VcaDnlicKfni8AtczZWQhEyzdNIPaJENVAeYPtKvPtw=
Subject key identifier:   BD:2E:A0:0D:2A:4A:68:A8:7D:A3:01:74:2D:DB:8C:87:EE:43:CB:C0
Authority key identifier: C9:57:17:99:BD:A8:93:A1:86:0B:4A:61:6C:56:27:8A:F5:EC:92:C5
Certificate issuer:       /CN=c9571799bda893a1860b4a616c56278af5ec92c5
Certificate serial:       019680FDE6F0B37F9C5100BD4AC25E41CA2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yVcXmb2ok6GGC0phbFYnivXsksU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/08ef87-cf55-4b5d-9821-03746d7bd294/1/yVcXmb2ok6GGC0phbFYnivXsksU.mft
Manifest number:          0A19
Signing time:             Tue 29 Apr 2025 10:00:45 +0000
Manifest this update:     Tue 29 Apr 2025 10:00:45 +0000
Manifest next update:     Wed 30 Apr 2025 10:00:45 +0000
Files and hashes:         1: yVcXmb2ok6GGC0phbFYnivXsksU.crl (hash: xVXbCkUeLtN2xS95PS7FoyhIFWKZ0mA8sJAJrwov12Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/08ef87-cf55-4b5d-9821-03746d7bd294/1/yVcXmb2ok6GGC0phbFYnivXsksU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/08ef87-cf55-4b5d-9821-03746d7bd294/1/yVcXmb2ok6GGC0phbFYnivXsksU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yVcXmb2ok6GGC0phbFYnivXsksU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 10:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:80:fd:e6:f0:b3:7f:9c:51:00:bd:4a:c2:5e:41:ca:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9571799bda893a1860b4a616c56278af5ec92c5
        Validity
            Not Before: Apr 29 10:00:45 2025 GMT
            Not After : Apr 30 10:00:45 2025 GMT
        Subject: CN=bd2ea00d2a4a68a87da301742ddb8c87ee43cbc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:e1:60:e8:2b:1a:4c:15:e0:99:58:02:27:64:
                    c2:33:dc:ab:b7:8a:f0:13:9a:3c:ac:f5:7f:ac:67:
                    03:0a:6b:27:b4:af:48:79:87:d1:c5:ef:88:7f:fc:
                    37:95:db:98:c3:fe:0d:9a:93:e3:23:73:7d:7d:c4:
                    17:50:99:39:13:35:5d:ee:58:b0:42:9a:0f:e1:48:
                    2e:8e:a4:9f:02:02:99:fc:95:95:7c:28:de:e2:9f:
                    2b:ca:aa:06:5b:00:58:ed:14:0a:96:07:9c:02:e6:
                    6c:b5:d1:c6:dd:5e:2c:3f:31:10:3d:5b:58:d6:fd:
                    0f:4f:a8:9c:33:14:16:bf:26:54:02:2d:ea:8e:8e:
                    64:47:bc:b5:52:6a:a3:38:df:c2:69:a2:92:f5:6b:
                    3c:55:5b:c6:7c:bf:4f:74:7f:af:73:67:99:ae:99:
                    69:ce:eb:01:41:90:6f:56:7f:a6:51:58:34:de:14:
                    8e:a1:11:22:ef:60:04:1c:91:52:84:93:4e:28:ff:
                    e5:f0:85:44:7a:4d:37:5d:5c:b4:b9:ee:92:3e:65:
                    72:19:51:cb:8b:55:04:b8:a8:6b:90:36:81:a1:8b:
                    81:49:4d:b9:3c:fb:3b:5b:a2:a9:98:41:65:f1:bf:
                    ed:3c:2a:1a:e3:ee:57:bf:f1:c5:10:cf:9c:00:e7:
                    89:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:2E:A0:0D:2A:4A:68:A8:7D:A3:01:74:2D:DB:8C:87:EE:43:CB:C0
            X509v3 Authority Key Identifier:
                keyid:C9:57:17:99:BD:A8:93:A1:86:0B:4A:61:6C:56:27:8A:F5:EC:92:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yVcXmb2ok6GGC0phbFYnivXsksU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/08ef87-cf55-4b5d-9821-03746d7bd294/1/yVcXmb2ok6GGC0phbFYnivXsksU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/08ef87-cf55-4b5d-9821-03746d7bd294/1/yVcXmb2ok6GGC0phbFYnivXsksU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:a3:e2:61:00:a2:7a:d5:8f:c6:ac:55:e6:74:57:d4:4a:33:
         e2:aa:b5:d9:00:49:dd:fd:4a:7a:8f:4c:4b:43:37:a6:ba:15:
         20:ab:38:a2:45:ef:76:23:d0:a2:b4:8b:df:24:9f:98:4e:3d:
         4d:f1:67:93:57:7d:87:f4:5b:c9:35:dd:b4:32:4d:3b:ef:2e:
         03:d6:1b:2e:cb:07:5b:65:2d:e9:22:76:77:bd:21:6c:19:eb:
         aa:bb:66:7d:55:71:98:b7:b1:b1:97:b5:5d:a6:d8:cc:78:57:
         e3:2d:30:b1:29:1e:7c:4f:3b:02:23:07:27:31:9f:76:1c:1e:
         cf:6d:cf:bd:d5:1c:80:a5:a1:76:05:a9:02:0f:56:a6:e2:09:
         2c:ba:9b:40:3a:ac:07:63:5b:1d:fc:eb:a8:01:5d:03:c0:b8:
         61:22:71:66:d5:ea:4d:a0:7c:34:88:c7:7c:c2:ba:98:aa:c0:
         f4:56:e6:8f:74:56:ad:2c:06:ea:d0:f1:a2:58:a5:76:49:b3:
         3f:d0:9b:21:37:2e:bf:47:07:77:1b:3c:45:ea:d7:26:70:02:
         09:55:1d:04:9d:ef:c1:e1:a6:6d:86:b1:72:d7:16:32:71:eb:
         29:10:1f:34:5e:37:ac:64:e9:9b:45:eb:70:db:85:cd:b0:7b:
         fa:10:22:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaA/ebws3+cUQC9SsJeQcovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NTcxNzk5YmRhODkzYTE4NjBiNGE2MTZjNTYyNzhhZjVl
YzkyYzUwHhcNMjUwNDI5MTAwMDQ1WhcNMjUwNDMwMTAwMDQ1WjAzMTEwLwYDVQQD
EyhiZDJlYTAwZDJhNGE2OGE4N2RhMzAxNzQyZGRiOGM4N2VlNDNjYmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOFg6CsaTBXgmVgCJ2TCM9yrt4rw
E5o8rPV/rGcDCmsntK9IeYfRxe+If/w3lduYw/4NmpPjI3N9fcQXUJk5EzVd7liw
QpoP4UgujqSfAgKZ/JWVfCje4p8ryqoGWwBY7RQKlgecAuZstdHG3V4sPzEQPVtY
1v0PT6icMxQWvyZUAi3qjo5kR7y1UmqjON/CaaKS9Ws8VVvGfL9PdH+vc2eZrplp
zusBQZBvVn+mUVg03hSOoREi72AEHJFShJNOKP/l8IVEek03XVy0ue6SPmVyGVHL
i1UEuKhrkDaBoYuBSU25PPs7W6KpmEFl8b/tPCoa4+5Xv/HFEM+cAOeJHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL0uoA0qSmiofaMBdC3bjIfuQ8vAMB8GA1UdIwQY
MBaAFMlXF5m9qJOhhgtKYWxWJ4r17JLFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVZjWG1iMm9rNkdHQzBwaGJGWW5pdlhza3NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wOGVmODctY2Y1NS00YjVkLTk4MjEt
MDM3NDZkN2JkMjk0LzEveVZjWG1iMm9rNkdHQzBwaGJGWW5pdlhza3NVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8wOGVmODctY2Y1NS00YjVkLTk4MjEtMDM3NDZkN2JkMjk0
LzEveVZjWG1iMm9rNkdHQzBwaGJGWW5pdlhza3NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkaPiYQCi
etWPxqxV5nRX1Eoz4qq12QBJ3f1Keo9MS0M3proVIKs4okXvdiPQorSL3ySfmE49
TfFnk1d9h/RbyTXdtDJNO+8uA9YbLssHW2Ut6SJ2d70hbBnrqrtmfVVxmLexsZe1
XabYzHhX4y0wsSkefE87AiMHJzGfdhwez23PvdUcgKWhdgWpAg9WpuIJLLqbQDqs
B2NbHfzrqAFdA8C4YSJxZtXqTaB8NIjHfMK6mKrA9Fbmj3RWrSwG6tDxolildkmz
P9CbITcuv0cHdxs8RerXJnACCVUdBJ3vweGmbYaxctcWMnHrKRAfNF43rGTpm0Xr
cNuFzbB7+hAihQ==
-----END CERTIFICATE-----