Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/39a6d4-b937-4d5f-8016-f2700864c187/1/yyaLUpOTAY1LyfxUBzAwoD2SlyE.mft
File:                     yyaLUpOTAY1LyfxUBzAwoD2SlyE.mft (raw, json)
Hash identifier:          atZ88MOsbZ2N+2jg39PEhlAaWaulJ64umq7zxjhIXxk=
Subject key identifier:   C7:E5:A5:D2:DD:22:DC:FE:8E:4A:D0:C8:A8:56:B1:34:C4:82:ED:18
Authority key identifier: CB:26:8B:52:93:93:01:8D:4B:C9:FC:54:07:30:30:A0:3D:92:97:21
Certificate issuer:       /CN=cb268b529393018d4bc9fc54073030a03d929721
Certificate serial:       01968AA5BF1405B72D3EF744AEF3B8B114E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yyaLUpOTAY1LyfxUBzAwoD2SlyE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/39a6d4-b937-4d5f-8016-f2700864c187/1/yyaLUpOTAY1LyfxUBzAwoD2SlyE.mft
Manifest number:          11AE
Signing time:             Thu 01 May 2025 07:00:40 +0000
Manifest this update:     Thu 01 May 2025 07:00:40 +0000
Manifest next update:     Fri 02 May 2025 07:00:40 +0000
Files and hashes:         1: yyaLUpOTAY1LyfxUBzAwoD2SlyE.crl (hash: J4+OVeZ2lwq5Nk+Nn1C0EJv49f4XAEfBG4PBkDdvAkk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/39a6d4-b937-4d5f-8016-f2700864c187/1/yyaLUpOTAY1LyfxUBzAwoD2SlyE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/39a6d4-b937-4d5f-8016-f2700864c187/1/yyaLUpOTAY1LyfxUBzAwoD2SlyE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yyaLUpOTAY1LyfxUBzAwoD2SlyE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8a:a5:bf:14:05:b7:2d:3e:f7:44:ae:f3:b8:b1:14:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb268b529393018d4bc9fc54073030a03d929721
        Validity
            Not Before: May  1 07:00:40 2025 GMT
            Not After : May  2 07:00:40 2025 GMT
        Subject: CN=c7e5a5d2dd22dcfe8e4ad0c8a856b134c482ed18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:0c:f2:32:60:24:66:74:fd:de:77:4f:2f:cf:
                    3c:ef:08:2e:18:fa:f3:f7:e3:1a:a6:56:c4:d3:37:
                    b0:16:cc:11:7f:1f:06:cb:26:74:52:c3:48:b2:20:
                    df:a4:d5:e0:70:c5:82:c6:af:3c:4f:0e:7f:35:8a:
                    ad:85:2f:f1:cf:40:ba:18:52:84:46:fd:40:af:2c:
                    45:56:69:b6:14:39:02:18:1b:92:6c:4b:5e:bd:39:
                    fd:78:91:9f:d3:4f:56:2f:a1:d7:e5:44:ca:6d:47:
                    25:6a:0b:37:74:cd:bd:89:3f:94:d5:5b:d3:4c:e9:
                    0e:a0:13:89:bb:64:6c:69:20:43:d0:0a:c9:a2:69:
                    2d:07:36:a5:6a:d6:77:d9:89:61:a3:aa:50:9f:e3:
                    ab:f9:c4:89:bd:60:ff:63:c3:a1:e8:61:46:62:e3:
                    82:b5:1e:77:a6:75:35:60:e0:1c:d2:6b:77:10:d5:
                    d6:53:da:69:ce:d1:4e:8a:d8:a4:b0:b0:cf:24:15:
                    61:bf:8e:f2:2b:60:4e:c9:7b:54:80:c3:6c:7b:46:
                    80:06:4e:e4:88:02:d9:3c:da:a3:bf:d1:be:47:82:
                    2b:8c:a6:e0:7a:86:11:48:fb:b5:00:ce:0a:58:14:
                    ea:5a:94:2e:e7:5b:39:52:07:8f:e6:0e:f9:28:53:
                    88:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:E5:A5:D2:DD:22:DC:FE:8E:4A:D0:C8:A8:56:B1:34:C4:82:ED:18
            X509v3 Authority Key Identifier:
                keyid:CB:26:8B:52:93:93:01:8D:4B:C9:FC:54:07:30:30:A0:3D:92:97:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyaLUpOTAY1LyfxUBzAwoD2SlyE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/39a6d4-b937-4d5f-8016-f2700864c187/1/yyaLUpOTAY1LyfxUBzAwoD2SlyE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/39a6d4-b937-4d5f-8016-f2700864c187/1/yyaLUpOTAY1LyfxUBzAwoD2SlyE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:e0:15:b1:dd:65:c1:0d:11:60:d1:dc:a7:2c:44:51:78:e9:
         5e:c3:ef:50:7e:c2:aa:8c:bc:6c:0e:b5:10:a1:21:f1:c4:6d:
         14:cb:7a:2d:88:a0:22:62:d0:99:09:b1:26:39:a2:2e:2f:68:
         b8:7d:e7:de:eb:f2:fb:3a:40:92:91:fc:e1:da:dd:d0:eb:38:
         f6:f6:7c:83:73:a2:70:06:f3:23:18:c8:77:c3:9c:53:49:51:
         e2:34:af:98:ba:62:12:b1:8a:0a:19:1f:3f:40:d3:cf:07:a9:
         b7:53:87:ea:0a:c1:98:72:61:15:93:db:df:de:bc:2f:45:85:
         6c:a6:f2:a9:b6:d4:53:8d:8b:9f:80:ba:7e:62:d0:25:d1:24:
         0b:3a:15:91:94:5a:54:8a:50:b1:07:50:a9:e2:e2:8b:67:0e:
         93:23:39:82:96:04:e9:ce:7f:69:ac:c9:99:fb:7e:2f:1a:87:
         ac:d6:e7:87:cf:7b:e0:a9:a2:77:81:5b:51:81:a5:6e:19:46:
         f1:91:01:6c:22:26:b8:c3:62:70:07:55:b6:4d:bd:46:96:f3:
         17:9b:e3:27:db:f7:6a:c8:f6:a5:47:67:60:79:4c:bc:5a:1d:
         3f:c8:b0:b5:14:1e:c6:cd:70:3e:7d:5d:19:51:30:52:03:c9:
         50:57:40:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaKpb8UBbctPvdErvO4sRTkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMjY4YjUyOTM5MzAxOGQ0YmM5ZmM1NDA3MzAzMGEwM2Q5
Mjk3MjEwHhcNMjUwNTAxMDcwMDQwWhcNMjUwNTAyMDcwMDQwWjAzMTEwLwYDVQQD
EyhjN2U1YTVkMmRkMjJkY2ZlOGU0YWQwYzhhODU2YjEzNGM0ODJlZDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gzyMmAkZnT93ndPL8887wguGPrz
9+MaplbE0zewFswRfx8GyyZ0UsNIsiDfpNXgcMWCxq88Tw5/NYqthS/xz0C6GFKE
Rv1AryxFVmm2FDkCGBuSbEtevTn9eJGf009WL6HX5UTKbUclags3dM29iT+U1VvT
TOkOoBOJu2RsaSBD0ArJomktBzalatZ32Ylho6pQn+Or+cSJvWD/Y8Oh6GFGYuOC
tR53pnU1YOAc0mt3ENXWU9ppztFOitiksLDPJBVhv47yK2BOyXtUgMNse0aABk7k
iALZPNqjv9G+R4IrjKbgeoYRSPu1AM4KWBTqWpQu51s5UgeP5g75KFOIXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMflpdLdItz+jkrQyKhWsTTEgu0YMB8GA1UdIwQY
MBaAFMsmi1KTkwGNS8n8VAcwMKA9kpchMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXlhTFVwT1RBWTFMeWZ4VUJ6QXdvRDJTbHlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi8zOWE2ZDQtYjkzNy00ZDVmLTgwMTYt
ZjI3MDA4NjRjMTg3LzEveXlhTFVwT1RBWTFMeWZ4VUJ6QXdvRDJTbHlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi8zOWE2ZDQtYjkzNy00ZDVmLTgwMTYtZjI3MDA4NjRjMTg3
LzEveXlhTFVwT1RBWTFMeWZ4VUJ6QXdvRDJTbHlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZOAVsd1l
wQ0RYNHcpyxEUXjpXsPvUH7Cqoy8bA61EKEh8cRtFMt6LYigImLQmQmxJjmiLi9o
uH3n3uvy+zpAkpH84drd0Os49vZ8g3OicAbzIxjId8OcU0lR4jSvmLpiErGKChkf
P0DTzwept1OH6grBmHJhFZPb3968L0WFbKbyqbbUU42Ln4C6fmLQJdEkCzoVkZRa
VIpQsQdQqeLii2cOkyM5gpYE6c5/aazJmft+LxqHrNbnh8974Kmid4FbUYGlbhlG
8ZEBbCImuMNicAdVtk29RpbzF5vjJ9v3asj2pUdnYHlMvFodP8iwtRQexs1wPn1d
GVEwUgPJUFdAzQ==
-----END CERTIFICATE-----