Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
File:                     ydD7lgitlbS_5q4unxPgAv2raA0.mft (raw, json)
Hash identifier:          b1iUGh/o6Br7bpUGbkGAd4ONI6R0WAWe1XseL02DEa8=
Subject key identifier:   15:09:A0:41:7F:C1:9D:B5:D7:07:9B:DD:7A:3D:26:8B:76:3C:C7:F9
Authority key identifier: C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D
Certificate issuer:       /CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
Certificate serial:       01967D5807B7F5C6769DD97210B6EEC38358
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
Manifest number:          03AC
Signing time:             Mon 28 Apr 2025 17:00:43 +0000
Manifest this update:     Mon 28 Apr 2025 17:00:43 +0000
Manifest next update:     Tue 29 Apr 2025 17:00:43 +0000
Files and hashes:         1: ydD7lgitlbS_5q4unxPgAv2raA0.crl (hash: Qu9DwwSlvaW60SRzM+hpHt55rAQeSB98QTuV9fEqQPM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 15:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7d:58:07:b7:f5:c6:76:9d:d9:72:10:b6:ee:c3:83:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
        Validity
            Not Before: Apr 28 17:00:43 2025 GMT
            Not After : Apr 29 17:00:43 2025 GMT
        Subject: CN=1509a0417fc19db5d7079bdd7a3d268b763cc7f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:27:87:26:2e:72:17:ad:de:14:a3:95:55:af:
                    23:f3:36:3c:10:bc:90:d7:54:16:a9:93:00:41:eb:
                    e9:f9:04:97:e0:59:33:3d:11:38:8d:e5:61:73:de:
                    65:eb:a8:48:ec:4d:a6:67:1c:d0:79:67:33:6d:0b:
                    cb:39:77:a9:fc:34:be:11:24:55:98:29:13:ad:f3:
                    64:ef:8d:f9:5f:5f:7e:43:a1:15:91:15:cc:fa:da:
                    fb:e3:ae:04:ea:e3:61:b7:42:5d:49:ad:6c:05:8f:
                    6c:d4:e9:9a:6b:96:ea:36:45:57:05:7f:15:5a:3a:
                    3e:19:4d:cb:e9:56:88:a5:b5:ff:a9:f8:94:7c:2b:
                    30:c7:45:22:90:e5:68:18:f8:aa:a5:e2:94:5e:48:
                    9c:6b:5a:e2:e8:60:58:c3:d7:b5:97:60:25:1b:8f:
                    00:4c:7a:78:eb:fd:50:84:11:1c:2f:b2:f0:00:7f:
                    3a:02:4c:9e:c9:3a:03:15:c2:cd:8a:c6:d2:34:c7:
                    96:c2:cc:84:fe:8c:c4:35:b2:44:47:5a:52:6b:66:
                    59:b1:3f:6d:3d:b4:db:e4:65:67:a7:35:05:ec:75:
                    f8:5c:9b:6a:af:b7:5a:70:ea:b2:76:8e:fd:75:ac:
                    9d:3f:23:c0:71:95:b5:b6:59:88:e5:a0:4e:55:87:
                    ce:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:09:A0:41:7F:C1:9D:B5:D7:07:9B:DD:7A:3D:26:8B:76:3C:C7:F9
            X509v3 Authority Key Identifier:
                keyid:C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:15:f2:94:bd:73:87:2c:c4:00:47:af:02:89:54:09:69:83:
         79:d5:96:13:29:a3:99:b9:23:a4:80:49:14:20:40:cf:d5:8b:
         7c:fb:93:51:57:7c:b8:35:f2:95:86:ae:42:3b:54:f8:a9:23:
         14:87:cc:25:aa:04:8d:d8:53:90:5f:73:0b:fb:88:d5:2d:49:
         86:01:2c:eb:9a:00:32:03:8e:b6:2f:a8:94:a7:bf:9f:bd:25:
         68:b3:b4:3d:0c:fd:43:98:bf:56:03:fd:67:ab:29:24:3b:e8:
         58:59:4d:55:b1:79:11:cf:d3:47:9e:88:fe:57:20:65:a5:d9:
         db:5b:91:6e:9d:16:c0:24:2e:9a:4d:f0:3c:48:86:43:54:3a:
         74:b4:4e:00:1e:d1:76:95:88:f9:12:1e:6e:24:a1:fd:87:de:
         55:42:db:5c:dd:72:cc:22:fc:4b:f3:94:bf:2d:2f:0a:ff:90:
         9e:aa:2e:f9:7e:a2:6a:9b:e9:6b:54:67:8c:b0:71:f4:13:bd:
         c3:8e:74:ea:1e:2e:a1:2a:10:d9:e5:08:7a:97:84:b0:bd:c2:
         eb:3d:c8:3c:7c:48:c2:f2:06:97:e3:eb:80:6d:a4:45:13:90:
         b1:83:b0:70:24:db:bd:b5:bf:27:f0:41:19:4d:51:ca:fd:b4:
         b6:be:d6:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ9WAe39cZ2ndlyELbuw4NYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDBmYjk2MDhhZDk1YjRiZmU2YWUyZTlmMTNlMDAyZmRh
YjY4MGQwHhcNMjUwNDI4MTcwMDQzWhcNMjUwNDI5MTcwMDQzWjAzMTEwLwYDVQQD
EygxNTA5YTA0MTdmYzE5ZGI1ZDcwNzliZGQ3YTNkMjY4Yjc2M2NjN2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yeHJi5yF63eFKOVVa8j8zY8ELyQ
11QWqZMAQevp+QSX4FkzPRE4jeVhc95l66hI7E2mZxzQeWczbQvLOXep/DS+ESRV
mCkTrfNk7435X19+Q6EVkRXM+tr7464E6uNht0JdSa1sBY9s1Omaa5bqNkVXBX8V
Wjo+GU3L6VaIpbX/qfiUfCswx0UikOVoGPiqpeKUXkica1ri6GBYw9e1l2AlG48A
THp46/1QhBEcL7LwAH86AkyeyToDFcLNisbSNMeWwsyE/ozENbJER1pSa2ZZsT9t
PbTb5GVnpzUF7HX4XJtqr7dacOqydo79daydPyPAcZW1tlmI5aBOVYfOoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBUJoEF/wZ211web3Xo9Jot2PMf5MB8GA1UdIwQY
MBaAFMnQ+5YIrZW0v+auLp8T4AL9q2gNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjkt
MDUzNDk1ODc1OWFjLzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjktMDUzNDk1ODc1OWFj
LzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHBXylL1z
hyzEAEevAolUCWmDedWWEymjmbkjpIBJFCBAz9WLfPuTUVd8uDXylYauQjtU+Kkj
FIfMJaoEjdhTkF9zC/uI1S1JhgEs65oAMgOOti+olKe/n70laLO0PQz9Q5i/VgP9
Z6spJDvoWFlNVbF5Ec/TR56I/lcgZaXZ21uRbp0WwCQumk3wPEiGQ1Q6dLROAB7R
dpWI+RIebiSh/YfeVULbXN1yzCL8S/OUvy0vCv+Qnqou+X6iapvpa1RnjLBx9BO9
w4506h4uoSoQ2eUIepeEsL3C6z3IPHxIwvIGl+PrgG2kRROQsYOwcCTbvbW/J/BB
GU1Ryv20tr7WOA==
-----END CERTIFICATE-----