Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft
File:                     yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft (raw, json)
Hash identifier:          5DEhjoxYIK75EZ/J0y4/Cs6NGjz+kKDXcXpMyU0KfA0=
Subject key identifier:   2F:9E:05:27:7C:C8:85:CE:D1:E4:CA:08:5A:A4:F9:31:32:D6:55:F9
Authority key identifier: C8:67:6F:FD:E3:17:F2:EC:1B:81:00:D2:D9:D4:4A:3E:7D:8F:78:D6
Certificate issuer:       /CN=c8676ffde317f2ec1b8100d2d9d44a3e7d8f78d6
Certificate serial:       019686C927CD2A249FCFEF812BD0C8A58CB6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yGdv_eMX8uwbgQDS2dRKPn2PeNY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft
Manifest number:          0BD0
Signing time:             Wed 30 Apr 2025 13:00:51 +0000
Manifest this update:     Wed 30 Apr 2025 13:00:51 +0000
Manifest next update:     Thu 01 May 2025 13:00:51 +0000
Files and hashes:         1: yGdv_eMX8uwbgQDS2dRKPn2PeNY.crl (hash: o/hkOr13nDFEY+o9NloQMSYuuQAO4ln2Aglo+Lzp1/I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yGdv_eMX8uwbgQDS2dRKPn2PeNY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 13:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:86:c9:27:cd:2a:24:9f:cf:ef:81:2b:d0:c8:a5:8c:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8676ffde317f2ec1b8100d2d9d44a3e7d8f78d6
        Validity
            Not Before: Apr 30 13:00:51 2025 GMT
            Not After : May  1 13:00:51 2025 GMT
        Subject: CN=2f9e05277cc885ced1e4ca085aa4f93132d655f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d5:94:43:be:9f:c5:8b:44:91:5e:9b:88:96:
                    d5:2f:29:ba:24:f9:d2:9a:d9:ce:0c:e3:34:e5:99:
                    e5:e1:e9:f7:b5:8e:08:ec:95:1c:1c:a2:ca:8c:d7:
                    10:de:c9:58:22:51:34:d5:93:ad:f0:3d:5c:98:81:
                    84:a9:31:de:8f:6e:a6:8a:27:cc:ea:3d:b2:c5:59:
                    0b:76:8c:aa:c2:49:f6:19:d3:28:60:a6:fd:a9:a3:
                    23:45:94:86:de:41:09:72:3c:a1:4b:62:7a:5d:cb:
                    ca:75:61:a4:8a:b3:cd:46:49:df:60:f4:31:eb:12:
                    9c:b9:fd:2e:53:27:41:c6:68:bc:04:c4:a6:7e:cb:
                    15:82:66:05:97:97:30:8c:51:e9:1c:b2:de:12:d8:
                    57:ab:eb:b0:de:76:5c:5c:05:af:f5:65:47:79:ac:
                    d7:da:9f:81:e8:6e:da:c0:b0:18:e4:d0:a3:cf:5d:
                    1e:53:ff:73:4b:25:0f:0d:71:eb:4d:37:78:be:af:
                    bd:9a:ca:69:40:ef:f5:e5:c7:f7:0d:31:dd:98:10:
                    ba:89:fe:c9:62:bb:5f:07:32:0c:44:9b:32:b7:18:
                    ab:f7:61:aa:72:88:74:da:b4:eb:20:8d:38:a3:a9:
                    41:18:82:6d:2e:6a:96:07:bc:05:01:0e:9d:67:ec:
                    2e:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:9E:05:27:7C:C8:85:CE:D1:E4:CA:08:5A:A4:F9:31:32:D6:55:F9
            X509v3 Authority Key Identifier:
                keyid:C8:67:6F:FD:E3:17:F2:EC:1B:81:00:D2:D9:D4:4A:3E:7D:8F:78:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGdv_eMX8uwbgQDS2dRKPn2PeNY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:6b:46:81:ce:e4:a5:7e:d3:51:c5:ec:14:24:b1:47:19:3d:
         3e:1b:bf:95:3d:d4:6b:5d:fd:ce:64:54:25:84:c1:25:57:bb:
         30:3e:9a:b1:7a:89:92:00:55:cb:b1:9a:36:c0:9b:12:2c:f6:
         88:41:90:c4:6a:cc:06:16:d4:f1:6c:2f:e3:2f:f6:96:bb:87:
         dc:96:a7:07:37:78:a2:48:aa:66:2a:ad:da:d4:3b:8a:a5:56:
         ef:f3:e4:c3:00:6e:f3:16:9b:cd:a6:89:f5:a5:40:e5:39:72:
         6f:60:62:5e:28:3a:42:e3:0e:bf:28:3f:8c:d8:eb:8b:21:f6:
         40:9c:4a:38:1a:a4:0f:cb:e8:76:c7:8f:56:dc:f1:de:47:6e:
         3c:46:e2:7b:d2:b6:60:89:ff:f6:d6:7a:7f:f1:a9:ab:76:e1:
         5c:30:cb:72:4c:40:5c:cd:9c:ae:f4:fb:74:ea:db:9d:68:85:
         60:54:09:e8:05:da:75:10:20:f3:24:9c:de:00:f0:8e:a5:c9:
         c4:5d:97:5b:77:0d:53:a4:f8:91:a6:42:d5:08:ee:29:af:72:
         38:5e:10:c3:a1:f3:bb:91:19:8e:b3:50:40:01:ab:69:10:80:
         ba:7f:88:30:e4:85:7a:33:82:92:09:97:88:55:72:a3:0c:35:
         68:cd:da:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaGySfNKiSfz++BK9DIpYy2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4Njc2ZmZkZTMxN2YyZWMxYjgxMDBkMmQ5ZDQ0YTNlN2Q4
Zjc4ZDYwHhcNMjUwNDMwMTMwMDUxWhcNMjUwNTAxMTMwMDUxWjAzMTEwLwYDVQQD
EygyZjllMDUyNzdjYzg4NWNlZDFlNGNhMDg1YWE0ZjkzMTMyZDY1NWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdWUQ76fxYtEkV6biJbVLym6JPnS
mtnODOM05Znl4en3tY4I7JUcHKLKjNcQ3slYIlE01ZOt8D1cmIGEqTHej26miifM
6j2yxVkLdoyqwkn2GdMoYKb9qaMjRZSG3kEJcjyhS2J6XcvKdWGkirPNRknfYPQx
6xKcuf0uUydBxmi8BMSmfssVgmYFl5cwjFHpHLLeEthXq+uw3nZcXAWv9WVHeazX
2p+B6G7awLAY5NCjz10eU/9zSyUPDXHrTTd4vq+9msppQO/15cf3DTHdmBC6if7J
YrtfBzIMRJsytxir92Gqcoh02rTrII04o6lBGIJtLmqWB7wFAQ6dZ+wu+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC+eBSd8yIXO0eTKCFqk+TEy1lX5MB8GA1UdIwQY
MBaAFMhnb/3jF/LsG4EA0tnUSj59j3jWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdkdl9lTVg4dXdiZ1FEUzJkUktQbjJQZU5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS80OWIzMDctZmRjYS00YzU3LWFmZGYt
NzA5NzkzY2QwMTIzLzEveUdkdl9lTVg4dXdiZ1FEUzJkUktQbjJQZU5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS80OWIzMDctZmRjYS00YzU3LWFmZGYtNzA5NzkzY2QwMTIz
LzEveUdkdl9lTVg4dXdiZ1FEUzJkUktQbjJQZU5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAGtGgc7k
pX7TUcXsFCSxRxk9Phu/lT3Ua139zmRUJYTBJVe7MD6asXqJkgBVy7GaNsCbEiz2
iEGQxGrMBhbU8Wwv4y/2lruH3JanBzd4okiqZiqt2tQ7iqVW7/PkwwBu8xabzaaJ
9aVA5Tlyb2BiXig6QuMOvyg/jNjriyH2QJxKOBqkD8vodsePVtzx3kduPEbie9K2
YIn/9tZ6f/Gpq3bhXDDLckxAXM2crvT7dOrbnWiFYFQJ6AXadRAg8ySc3gDwjqXJ
xF2XW3cNU6T4kaZC1QjuKa9yOF4Qw6Hzu5EZjrNQQAGraRCAun+IMOSFejOCkgmX
iFVyoww1aM3aYg==
-----END CERTIFICATE-----