Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft
File:                     YE1FsSrOCsIjA-08d5S4MGpqtbA.mft (raw, json)
Hash identifier:          97ixucMbgSOoTZU+IK5/w+P5OIlMHvoOirLQ1ULjKoU=
Subject key identifier:   0A:03:DA:D2:49:A6:E9:C3:9B:A9:72:E2:49:12:FF:3F:40:85:EF:7A
Authority key identifier: 60:4D:45:B1:2A:CE:0A:C2:23:03:ED:3C:77:94:B8:30:6A:6A:B5:B0
Certificate issuer:       /CN=604d45b12ace0ac22303ed3c7794b8306a6ab5b0
Certificate serial:       01967FB5109A0100B84D2E85D0D13473F1DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YE1FsSrOCsIjA-08d5S4MGpqtbA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft
Manifest number:          14A4
Signing time:             Tue 29 Apr 2025 04:01:34 +0000
Manifest this update:     Tue 29 Apr 2025 04:01:34 +0000
Manifest next update:     Wed 30 Apr 2025 04:01:34 +0000
Files and hashes:         1: YE1FsSrOCsIjA-08d5S4MGpqtbA.crl (hash: uFD++B3uT3T2w56bH2qEtLJQIAWj53AzCYuKxWaqWaE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YE1FsSrOCsIjA-08d5S4MGpqtbA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7f:b5:10:9a:01:00:b8:4d:2e:85:d0:d1:34:73:f1:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=604d45b12ace0ac22303ed3c7794b8306a6ab5b0
        Validity
            Not Before: Apr 29 04:01:34 2025 GMT
            Not After : Apr 30 04:01:34 2025 GMT
        Subject: CN=0a03dad249a6e9c39ba972e24912ff3f4085ef7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:fd:2f:1c:07:af:b5:bb:eb:bd:cf:ff:90:05:
                    28:a9:a1:ef:89:4c:bd:a8:83:e2:20:e1:7d:55:d4:
                    49:ea:f2:ce:a6:49:f1:8a:fa:11:b7:48:d4:4e:2a:
                    37:56:73:7c:a0:86:ae:71:71:79:41:b6:ee:d4:53:
                    4f:92:b3:3c:f6:74:81:ae:0e:41:18:a3:09:f3:c3:
                    43:9e:d9:a9:9a:c2:b4:e5:1a:3e:35:97:0a:f9:9d:
                    f4:ea:22:0d:38:cc:a2:41:61:02:40:eb:d3:78:b3:
                    7b:d5:1b:1a:2a:3d:81:67:d8:2e:74:d6:76:1f:f5:
                    51:40:bd:02:da:21:b1:63:a5:fc:df:d7:e4:c5:6f:
                    30:b3:4e:48:4a:46:f0:37:b9:98:97:a8:8f:5c:8c:
                    1c:7b:1a:e2:1c:55:88:04:12:87:0a:62:1c:fa:83:
                    f5:95:be:61:9d:6d:6b:ca:d6:fe:ce:59:a5:21:a9:
                    fd:63:9c:a7:77:a1:31:b9:dc:cb:2f:a8:7c:65:f0:
                    5f:4b:94:99:1a:22:91:ac:e6:cb:b6:03:02:38:07:
                    c9:65:d1:6b:99:0a:d2:05:0a:22:88:c7:9e:1d:a0:
                    65:eb:2d:56:44:28:8c:1d:8d:72:7c:08:ec:0c:ef:
                    9c:83:f5:88:76:3a:73:9b:9f:64:5a:53:64:29:3c:
                    40:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:03:DA:D2:49:A6:E9:C3:9B:A9:72:E2:49:12:FF:3F:40:85:EF:7A
            X509v3 Authority Key Identifier:
                keyid:60:4D:45:B1:2A:CE:0A:C2:23:03:ED:3C:77:94:B8:30:6A:6A:B5:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YE1FsSrOCsIjA-08d5S4MGpqtbA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:05:ad:81:de:23:53:07:2b:3b:e8:78:f2:1b:b0:8f:8d:ef:
         89:bb:00:f4:31:e7:12:a8:14:a7:5e:95:7b:19:36:79:45:a3:
         03:45:47:56:9c:2f:e2:b4:dd:94:91:4b:71:f2:7c:a4:62:82:
         c1:42:a7:ee:0d:71:e2:ee:07:db:bc:42:4a:c6:bf:f8:2c:39:
         24:f9:59:f9:42:09:3c:6e:0b:a8:bd:1e:ce:77:a2:37:16:e9:
         c2:24:89:ee:dd:a4:de:fe:b3:f1:b3:9c:67:20:cf:b1:c8:20:
         bc:2d:46:26:26:42:be:0f:30:5d:a9:c0:8f:2d:19:8c:55:b5:
         d6:a9:b6:1d:a9:8f:88:bd:b7:02:c3:49:d6:e0:4e:7c:c5:33:
         d2:6e:65:53:0f:94:78:f2:7b:21:49:00:17:90:f9:0a:d8:c1:
         4c:a7:ee:28:f7:b1:8f:d1:97:6d:5a:8a:d8:1b:e9:bb:f8:04:
         38:f4:9f:7a:e6:99:e5:eb:f6:d6:ab:93:97:76:6b:f5:44:83:
         2a:9b:b0:a4:51:be:49:cb:56:0a:a6:84:99:96:1c:6d:50:64:
         2a:7c:55:c8:f3:b2:53:8e:e8:4f:f2:bb:c8:d1:b0:29:74:8d:
         b0:c4:fc:4a:4a:cf:7b:e0:f3:25:ff:34:29:bf:db:30:80:e0:
         dc:27:8b:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/tRCaAQC4TS6F0NE0c/HfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNGQ0NWIxMmFjZTBhYzIyMzAzZWQzYzc3OTRiODMwNmE2
YWI1YjAwHhcNMjUwNDI5MDQwMTM0WhcNMjUwNDMwMDQwMTM0WjAzMTEwLwYDVQQD
EygwYTAzZGFkMjQ5YTZlOWMzOWJhOTcyZTI0OTEyZmYzZjQwODVlZjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkP0vHAevtbvrvc//kAUoqaHviUy9
qIPiIOF9VdRJ6vLOpknxivoRt0jUTio3VnN8oIaucXF5Qbbu1FNPkrM89nSBrg5B
GKMJ88NDntmpmsK05Ro+NZcK+Z306iINOMyiQWECQOvTeLN71RsaKj2BZ9gudNZ2
H/VRQL0C2iGxY6X839fkxW8ws05ISkbwN7mYl6iPXIwcexriHFWIBBKHCmIc+oP1
lb5hnW1rytb+zlmlIan9Y5ynd6ExudzLL6h8ZfBfS5SZGiKRrObLtgMCOAfJZdFr
mQrSBQoiiMeeHaBl6y1WRCiMHY1yfAjsDO+cg/WIdjpzm59kWlNkKTxAIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAoD2tJJpunDm6ly4kkS/z9Ahe96MB8GA1UdIwQY
MBaAFGBNRbEqzgrCIwPtPHeUuDBqarWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUUxRnNTck9Dc0lqQS0wOGQ1UzRNR3BxdGJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jYTY4NTUtMThmNi00YmMwLThmYWIt
Mzc1N2Y5MzA4YWNjLzEvWUUxRnNTck9Dc0lqQS0wOGQ1UzRNR3BxdGJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jYTY4NTUtMThmNi00YmMwLThmYWItMzc1N2Y5MzA4YWNj
LzEvWUUxRnNTck9Dc0lqQS0wOGQ1UzRNR3BxdGJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArgWtgd4j
UwcrO+h48huwj43vibsA9DHnEqgUp16Vexk2eUWjA0VHVpwv4rTdlJFLcfJ8pGKC
wUKn7g1x4u4H27xCSsa/+Cw5JPlZ+UIJPG4LqL0ezneiNxbpwiSJ7t2k3v6z8bOc
ZyDPscggvC1GJiZCvg8wXanAjy0ZjFW11qm2HamPiL23AsNJ1uBOfMUz0m5lUw+U
ePJ7IUkAF5D5CtjBTKfuKPexj9GXbVqK2Bvpu/gEOPSfeuaZ5ev21quTl3Zr9USD
KpuwpFG+SctWCqaEmZYcbVBkKnxVyPOyU47oT/K7yNGwKXSNsMT8SkrPe+DzJf80
Kb/bMIDg3CeL9g==
-----END CERTIFICATE-----