Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
File:                     _ypds7oz42wW2_UmCy_idK5_siI.mft (raw, json)
Hash identifier:          1RcNAiHIxtB6ELn9dmApmOLLwGgTA4iMQQ9DqtS1zRE=
Subject key identifier:   92:AE:09:F8:A5:79:88:0F:37:97:11:18:9A:31:41:DB:95:BB:E5:03
Authority key identifier: FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22
Certificate issuer:       /CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
Certificate serial:       01967567210C1578685F4583E33001826C78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
Manifest number:          0BEE
Signing time:             Sun 27 Apr 2025 04:00:14 +0000
Manifest this update:     Sun 27 Apr 2025 04:00:14 +0000
Manifest next update:     Mon 28 Apr 2025 04:00:14 +0000
Files and hashes:         1: _ypds7oz42wW2_UmCy_idK5_siI.crl (hash: brASKfFQMidltJXnUUTKBAyk/INHeGsOidmNADf2Oho=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 04:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:75:67:21:0c:15:78:68:5f:45:83:e3:30:01:82:6c:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
        Validity
            Not Before: Apr 27 04:00:14 2025 GMT
            Not After : Apr 28 04:00:14 2025 GMT
        Subject: CN=92ae09f8a579880f379711189a3141db95bbe503
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:19:d8:81:e2:e3:a9:2e:cb:f6:6b:18:4b:33:
                    5b:ee:b6:d5:00:02:2a:fc:78:2f:56:fe:d5:96:72:
                    b0:a3:95:8d:04:46:1f:37:d5:03:7a:d1:9b:f0:3c:
                    3b:b7:08:54:f1:d5:12:79:1a:bd:ea:30:c6:ce:55:
                    cb:c4:06:65:0e:4f:9d:2f:0e:d6:f8:e8:a2:dd:69:
                    78:88:73:40:1b:51:f9:5c:64:3e:19:76:97:80:2b:
                    8b:b4:8a:52:60:c2:a4:42:ff:87:72:51:ad:9d:a2:
                    b5:5a:6b:0d:33:5a:fc:5f:59:3b:ed:47:13:13:fe:
                    dc:35:3e:33:95:4e:df:e2:41:7f:98:b0:b6:05:51:
                    b0:9f:39:e0:6a:21:67:d5:96:73:76:7d:e3:d5:4e:
                    d6:ec:66:4d:65:81:e2:97:46:9a:fc:30:4d:6a:8d:
                    ac:f4:56:96:41:76:04:0c:40:26:ff:93:af:3c:5d:
                    4e:79:f6:35:64:2e:d1:81:4d:a9:e0:75:27:ed:be:
                    24:09:65:0c:37:7b:04:91:15:c1:95:23:42:b4:ff:
                    99:75:90:d7:ac:95:15:29:d0:78:b7:5f:f3:a8:53:
                    d2:bd:00:bc:40:45:d9:9c:08:cc:6a:2f:77:b1:36:
                    bc:1e:9c:c7:65:c2:7a:36:13:3e:99:46:a1:2e:25:
                    98:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:AE:09:F8:A5:79:88:0F:37:97:11:18:9A:31:41:DB:95:BB:E5:03
            X509v3 Authority Key Identifier:
                keyid:FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:59:6e:15:64:9d:07:95:7b:eb:bd:d4:f3:1e:01:45:01:dd:
         c7:a8:ab:53:c0:71:52:fa:f1:13:c0:ec:1f:84:77:b5:aa:e7:
         04:e7:9a:4e:c2:15:ec:71:58:24:91:b4:86:20:53:60:b7:e5:
         d5:90:0e:68:e6:97:5a:b1:18:48:55:31:2c:62:b1:c6:ea:0d:
         8f:00:78:83:fa:35:ee:be:d7:9f:87:18:97:48:ab:22:a2:26:
         5f:73:32:05:c2:be:25:ff:a1:f7:60:af:0c:6d:e7:2a:39:64:
         ba:51:de:1a:b2:05:55:7b:69:69:6d:b1:02:51:0c:e4:c7:ec:
         dc:fb:22:e9:3c:9b:ba:36:19:a0:d6:64:00:18:90:a5:e3:bf:
         8b:c7:0e:0f:ca:40:c2:2b:eb:9c:f2:f9:56:48:65:c2:c2:ea:
         aa:52:52:c1:e4:3a:43:db:e0:79:43:0f:1a:4d:1f:9d:df:e8:
         c0:72:58:82:90:3d:78:8e:fe:62:8d:ec:9d:3c:c7:ce:1b:05:
         10:17:8a:36:7d:8f:7a:48:94:7f:d2:99:0d:00:e0:a8:ad:0c:
         51:6a:58:5d:d3:bc:9e:3e:f4:1c:88:c9:53:5c:04:c9:af:dc:
         46:0f:a9:70:c8:40:b7:ba:3b:26:42:49:19:30:d9:5c:7a:24:
         0b:a9:73:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ1ZyEMFXhoX0WD4zABgmx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMmE1ZGIzYmEzM2UzNmMxNmRiZjUyNjBiMmZlMjc0YWU3
ZmIyMjIwHhcNMjUwNDI3MDQwMDE0WhcNMjUwNDI4MDQwMDE0WjAzMTEwLwYDVQQD
Eyg5MmFlMDlmOGE1Nzk4ODBmMzc5NzExMTg5YTMxNDFkYjk1YmJlNTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xnYgeLjqS7L9msYSzNb7rbVAAIq
/HgvVv7VlnKwo5WNBEYfN9UDetGb8Dw7twhU8dUSeRq96jDGzlXLxAZlDk+dLw7W
+Oii3Wl4iHNAG1H5XGQ+GXaXgCuLtIpSYMKkQv+HclGtnaK1WmsNM1r8X1k77UcT
E/7cNT4zlU7f4kF/mLC2BVGwnzngaiFn1ZZzdn3j1U7W7GZNZYHil0aa/DBNao2s
9FaWQXYEDEAm/5OvPF1OefY1ZC7RgU2p4HUn7b4kCWUMN3sEkRXBlSNCtP+ZdZDX
rJUVKdB4t1/zqFPSvQC8QEXZnAjMai93sTa8HpzHZcJ6NhM+mUahLiWYnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJKuCfileYgPN5cRGJoxQduVu+UDMB8GA1UdIwQY
MBaAFP8qXbO6M+NsFtv1Jgsv4nSuf7IiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTIt
NTI2MGNkNWMyNGMzLzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTItNTI2MGNkNWMyNGMz
LzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaVluFWSd
B5V7673U8x4BRQHdx6irU8BxUvrxE8DsH4R3tarnBOeaTsIV7HFYJJG0hiBTYLfl
1ZAOaOaXWrEYSFUxLGKxxuoNjwB4g/o17r7Xn4cYl0irIqImX3MyBcK+Jf+h92Cv
DG3nKjlkulHeGrIFVXtpaW2xAlEM5Mfs3Psi6TybujYZoNZkABiQpeO/i8cOD8pA
wivrnPL5VkhlwsLqqlJSweQ6Q9vgeUMPGk0fnd/owHJYgpA9eI7+Yo3snTzHzhsF
EBeKNn2PekiUf9KZDQDgqK0MUWpYXdO8nj70HIjJU1wEya/cRg+pcMhAt7o7JkJJ
GTDZXHokC6lz5w==
-----END CERTIFICATE-----