Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/aa9d76-305d-4ad7-9cb6-4c068ee8897f/1/WZyb6F-CikOPCNH1CvrCUz0qbsI.mft
File:                     WZyb6F-CikOPCNH1CvrCUz0qbsI.mft (raw, json)
Hash identifier:          QMDtQD1dUywcvUIHn4OoCTmiUgiFnhFOJNcfoMeqcN4=
Subject key identifier:   28:52:7D:B0:A3:FE:4B:B9:31:2A:62:FB:4E:C5:B1:ED:CC:9B:6C:06
Authority key identifier: 59:9C:9B:E8:5F:82:8A:43:8F:08:D1:F5:0A:FA:C2:53:3D:2A:6E:C2
Certificate issuer:       /CN=599c9be85f828a438f08d1f50afac2533d2a6ec2
Certificate serial:       019655A539F5AF3D672D9C0EB87DE632DC11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WZyb6F-CikOPCNH1CvrCUz0qbsI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/aa9d76-305d-4ad7-9cb6-4c068ee8897f/1/WZyb6F-CikOPCNH1CvrCUz0qbsI.mft
Manifest number:          04CE
Signing time:             Mon 21 Apr 2025 00:00:13 +0000
Manifest this update:     Mon 21 Apr 2025 00:00:13 +0000
Manifest next update:     Tue 22 Apr 2025 00:00:13 +0000
Files and hashes:         1: WZyb6F-CikOPCNH1CvrCUz0qbsI.crl (hash: 8MZdRfRUZHAno2QuZdomturf4Wl7SaXMdvAYq6BlyIE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/aa9d76-305d-4ad7-9cb6-4c068ee8897f/1/WZyb6F-CikOPCNH1CvrCUz0qbsI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/aa9d76-305d-4ad7-9cb6-4c068ee8897f/1/WZyb6F-CikOPCNH1CvrCUz0qbsI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WZyb6F-CikOPCNH1CvrCUz0qbsI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 00:00:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:a5:39:f5:af:3d:67:2d:9c:0e:b8:7d:e6:32:dc:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=599c9be85f828a438f08d1f50afac2533d2a6ec2
        Validity
            Not Before: Apr 21 00:00:13 2025 GMT
            Not After : Apr 22 00:00:13 2025 GMT
        Subject: CN=28527db0a3fe4bb9312a62fb4ec5b1edcc9b6c06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:af:04:1c:c6:b3:a2:b3:9a:9e:54:70:d4:f6:
                    a1:7c:a0:3d:1c:76:75:3a:aa:80:e6:f0:72:0a:b5:
                    51:4d:da:55:37:2f:bd:6b:10:a7:03:4c:ca:25:58:
                    a4:8c:af:7b:0b:00:c1:9e:b6:eb:f5:fe:02:ec:e4:
                    85:59:6c:a7:e7:8d:9d:4d:2d:c8:c9:99:f4:36:2e:
                    46:45:94:50:09:5e:e2:60:d9:ee:62:fd:90:8b:fc:
                    41:ee:1a:95:30:13:68:f1:ce:b6:5d:bb:a5:58:d8:
                    4c:45:c6:4c:2b:7d:ed:36:49:af:63:dc:b7:86:af:
                    9c:79:72:1d:7f:fa:e7:39:40:a8:ec:a8:ae:6d:48:
                    d6:43:b4:cd:84:dd:94:df:23:c7:ff:6a:26:c1:27:
                    a2:26:9f:09:1a:93:04:bb:92:4d:6b:a0:32:78:fd:
                    bb:3b:9f:c8:c7:91:10:f2:32:92:e6:44:6b:8e:81:
                    29:bd:20:f9:03:bd:84:27:29:9d:31:9a:74:08:34:
                    3c:c2:2e:f1:ca:ed:6a:07:b0:6f:8d:a9:64:23:46:
                    1a:44:c6:72:81:e3:49:b4:0d:4c:21:bd:9b:5a:8c:
                    b7:a1:2c:d0:e5:03:a3:50:b4:c5:3e:61:56:ce:1f:
                    78:4d:ad:8e:3d:a4:06:e5:7a:a7:33:33:82:2e:e0:
                    8a:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:52:7D:B0:A3:FE:4B:B9:31:2A:62:FB:4E:C5:B1:ED:CC:9B:6C:06
            X509v3 Authority Key Identifier:
                keyid:59:9C:9B:E8:5F:82:8A:43:8F:08:D1:F5:0A:FA:C2:53:3D:2A:6E:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WZyb6F-CikOPCNH1CvrCUz0qbsI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/aa9d76-305d-4ad7-9cb6-4c068ee8897f/1/WZyb6F-CikOPCNH1CvrCUz0qbsI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/aa9d76-305d-4ad7-9cb6-4c068ee8897f/1/WZyb6F-CikOPCNH1CvrCUz0qbsI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:ff:2c:5e:25:52:84:4f:0f:18:6d:1a:ff:da:51:75:97:40:
         35:cb:aa:9c:b2:2c:83:84:48:37:12:c9:bc:57:aa:b4:14:fa:
         68:fc:c6:f5:e2:de:11:bc:ae:c1:e2:29:d1:d7:ae:43:00:ff:
         a1:2c:91:c4:9b:fc:06:00:97:20:da:c2:d7:2e:dd:cd:5f:47:
         33:37:cc:da:d2:d6:da:ad:9f:42:61:ef:67:a4:a2:60:dd:cb:
         21:1a:9b:ad:31:de:76:6f:bc:f3:ce:d4:4a:f1:23:10:b6:fb:
         90:2f:f1:04:e1:c9:7b:ee:a6:7d:73:aa:06:69:21:3a:f3:95:
         61:28:30:f6:59:ce:d8:a5:8d:ff:ef:0d:db:e7:18:44:ad:57:
         0b:1c:af:75:a1:e6:33:aa:11:da:fe:61:ed:80:8d:80:df:a2:
         63:03:38:91:a0:39:05:3f:80:2e:57:39:74:46:40:31:c4:7a:
         08:76:c9:61:1a:16:2f:ad:70:82:f8:54:06:fa:a2:3e:30:b2:
         f2:9c:13:a1:84:8f:cf:2c:3b:48:64:97:bb:ef:a3:2e:40:70:
         90:c3:b8:72:5a:87:9c:f0:95:48:ae:8f:42:a9:34:df:cd:ae:
         ec:e2:bf:d6:a7:93:90:7a:1e:7e:1c:93:74:e7:38:58:0f:e1:
         cb:97:8d:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVpTn1rz1nLZwOuH3mMtwRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5OWM5YmU4NWY4MjhhNDM4ZjA4ZDFmNTBhZmFjMjUzM2Qy
YTZlYzIwHhcNMjUwNDIxMDAwMDEzWhcNMjUwNDIyMDAwMDEzWjAzMTEwLwYDVQQD
EygyODUyN2RiMGEzZmU0YmI5MzEyYTYyZmI0ZWM1YjFlZGNjOWI2YzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsq8EHMazorOanlRw1PahfKA9HHZ1
OqqA5vByCrVRTdpVNy+9axCnA0zKJVikjK97CwDBnrbr9f4C7OSFWWyn542dTS3I
yZn0Ni5GRZRQCV7iYNnuYv2Qi/xB7hqVMBNo8c62XbulWNhMRcZMK33tNkmvY9y3
hq+ceXIdf/rnOUCo7KiubUjWQ7TNhN2U3yPH/2omwSeiJp8JGpMEu5JNa6AyeP27
O5/Ix5EQ8jKS5kRrjoEpvSD5A72EJymdMZp0CDQ8wi7xyu1qB7BvjalkI0YaRMZy
geNJtA1MIb2bWoy3oSzQ5QOjULTFPmFWzh94Ta2OPaQG5XqnMzOCLuCKxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChSfbCj/ku5MSpi+07Fse3Mm2wGMB8GA1UdIwQY
MBaAFFmcm+hfgopDjwjR9Qr6wlM9Km7CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1p5YjZGLUNpa09QQ05IMUN2ckNVejBxYnNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hYTlkNzYtMzA1ZC00YWQ3LTljYjYt
NGMwNjhlZTg4OTdmLzEvV1p5YjZGLUNpa09QQ05IMUN2ckNVejBxYnNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hYTlkNzYtMzA1ZC00YWQ3LTljYjYtNGMwNjhlZTg4OTdm
LzEvV1p5YjZGLUNpa09QQ05IMUN2ckNVejBxYnNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG/8sXiVS
hE8PGG0a/9pRdZdANcuqnLIsg4RINxLJvFeqtBT6aPzG9eLeEbyuweIp0deuQwD/
oSyRxJv8BgCXINrC1y7dzV9HMzfM2tLW2q2fQmHvZ6SiYN3LIRqbrTHedm+8887U
SvEjELb7kC/xBOHJe+6mfXOqBmkhOvOVYSgw9lnO2KWN/+8N2+cYRK1XCxyvdaHm
M6oR2v5h7YCNgN+iYwM4kaA5BT+ALlc5dEZAMcR6CHbJYRoWL61wgvhUBvqiPjCy
8pwToYSPzyw7SGSXu++jLkBwkMO4clqHnPCVSK6PQqk0382u7OK/1qeTkHoefhyT
dOc4WA/hy5eNQw==
-----END CERTIFICATE-----