Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
File:                     y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft (raw, json)
Hash identifier:          qMXfcYZOyVYz5VWw4u4etCxYm3W2Xmtgm93LNR7F04U=
Subject key identifier:   1E:28:44:0D:E1:96:81:ED:0E:31:99:80:78:2E:4B:FD:D1:14:3D:75
Authority key identifier: CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42
Certificate issuer:       /CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
Certificate serial:       019659142630E606AFEE70AD06D66153409B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
Manifest number:          14FC
Signing time:             Mon 21 Apr 2025 16:00:14 +0000
Manifest this update:     Mon 21 Apr 2025 16:00:14 +0000
Manifest next update:     Tue 22 Apr 2025 16:00:14 +0000
Files and hashes:         1: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl (hash: a8b1RcT8JyCl4XBZNie0/GqOb4uovKHDpbSLQ+4Bwqs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 13:46:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:14:26:30:e6:06:af:ee:70:ad:06:d6:61:53:40:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
        Validity
            Not Before: Apr 21 16:00:14 2025 GMT
            Not After : Apr 22 16:00:14 2025 GMT
        Subject: CN=1e28440de19681ed0e319980782e4bfdd1143d75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:2f:8e:f0:90:dc:64:f7:ed:42:6d:ee:26:c6:
                    97:aa:4a:0e:7c:74:c0:b0:c9:b0:78:1b:0d:ae:ab:
                    77:6a:32:aa:0a:46:03:3e:32:70:c2:80:38:ba:4e:
                    1f:66:e1:4c:8f:37:92:93:bc:26:ce:a3:4d:fb:e8:
                    09:37:f2:46:cf:b7:94:3f:77:f9:67:a9:53:90:db:
                    b6:1f:9f:fe:b9:7e:10:ad:4b:3e:41:8f:3b:4f:07:
                    3f:a3:44:8b:2e:19:84:aa:4d:a6:c4:2c:8f:51:4d:
                    52:70:ab:d6:8a:53:bd:3a:3c:fd:bf:85:04:72:ac:
                    67:06:22:03:dd:b2:68:63:ab:5b:de:24:13:83:83:
                    19:7d:a9:26:29:89:f2:11:da:4e:7b:aa:3e:45:ff:
                    5e:dc:cb:05:c7:47:3f:e9:df:5b:26:fe:cf:1c:ec:
                    4a:f6:d7:b1:e2:27:df:91:a2:64:f2:44:21:58:92:
                    7c:c1:c3:dd:dd:cf:3b:3b:72:78:08:c6:cc:9f:a6:
                    27:2a:de:16:91:c5:2f:cc:63:8d:da:ed:03:74:7f:
                    84:15:60:0f:df:90:0b:24:9b:51:0f:06:cd:ad:f0:
                    b8:92:39:d2:64:58:df:12:5d:0e:ef:d3:cb:e8:70:
                    b2:22:9f:fc:a7:95:fb:5c:07:0b:54:ea:c3:11:a5:
                    99:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:28:44:0D:E1:96:81:ED:0E:31:99:80:78:2E:4B:FD:D1:14:3D:75
            X509v3 Authority Key Identifier:
                keyid:CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:4e:fa:0c:98:43:e5:45:2a:13:c2:21:c5:de:d7:e5:94:a5:
         f5:fc:f8:af:72:35:8a:05:ae:b8:3e:de:0e:54:75:9f:8d:40:
         e3:18:c4:34:83:4b:3c:fa:cc:4c:7f:d2:e4:82:79:15:4b:a1:
         fd:5d:f6:74:66:68:0c:d2:96:2c:d4:22:50:b4:25:95:fe:e0:
         71:60:3e:94:30:15:7a:19:e9:76:43:65:27:a8:56:e4:66:0a:
         33:31:6e:79:85:02:a2:2b:38:ee:d1:78:b5:81:5c:9f:11:56:
         7b:58:02:09:76:28:7f:a6:4e:81:ee:b8:1d:e1:23:76:d5:ca:
         15:7e:9b:5b:95:fc:f8:03:1d:fa:22:a7:d0:80:c3:b3:73:a5:
         c0:d4:de:a9:35:7a:ab:25:2b:ec:5b:85:f9:81:17:b8:f7:04:
         d3:38:97:17:f8:d2:33:36:3a:2c:bf:f7:f7:56:ea:27:08:9f:
         10:00:45:6b:b2:c2:c2:12:93:0d:ec:aa:19:04:c8:0c:74:06:
         3e:be:36:45:2a:8d:ad:58:23:22:21:be:19:9e:52:26:7b:5d:
         6f:8e:98:45:6e:ab:7d:c6:95:47:ed:a0:bb:16:6c:18:56:94:
         f3:b5:e1:08:76:d9:4f:39:9d:d4:92:b1:b6:0f:af:1b:5e:9a:
         69:ea:66:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZFCYw5gav7nCtBtZhU0CbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYzJlYmRhM2FiMDg1MTBlYmU5YTEwZTYwYmUyMzE2MDIy
OGE5NDIwHhcNMjUwNDIxMTYwMDE0WhcNMjUwNDIyMTYwMDE0WjAzMTEwLwYDVQQD
EygxZTI4NDQwZGUxOTY4MWVkMGUzMTk5ODA3ODJlNGJmZGQxMTQzZDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtC+O8JDcZPftQm3uJsaXqkoOfHTA
sMmweBsNrqt3ajKqCkYDPjJwwoA4uk4fZuFMjzeSk7wmzqNN++gJN/JGz7eUP3f5
Z6lTkNu2H5/+uX4QrUs+QY87Twc/o0SLLhmEqk2mxCyPUU1ScKvWilO9Ojz9v4UE
cqxnBiID3bJoY6tb3iQTg4MZfakmKYnyEdpOe6o+Rf9e3MsFx0c/6d9bJv7PHOxK
9tex4iffkaJk8kQhWJJ8wcPd3c87O3J4CMbMn6YnKt4WkcUvzGON2u0DdH+EFWAP
35ALJJtRDwbNrfC4kjnSZFjfEl0O79PL6HCyIp/8p5X7XAcLVOrDEaWZRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB4oRA3hloHtDjGZgHguS/3RFD11MB8GA1UdIwQY
MBaAFMvC69o6sIUQ6+mhDmC+IxYCKKlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2Et
NzQ2MzgxNWEzZjRlLzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2EtNzQ2MzgxNWEzZjRl
LzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY076DJhD
5UUqE8Ihxd7X5ZSl9fz4r3I1igWuuD7eDlR1n41A4xjENINLPPrMTH/S5IJ5FUuh
/V32dGZoDNKWLNQiULQllf7gcWA+lDAVehnpdkNlJ6hW5GYKMzFueYUCois47tF4
tYFcnxFWe1gCCXYof6ZOge64HeEjdtXKFX6bW5X8+AMd+iKn0IDDs3OlwNTeqTV6
qyUr7FuF+YEXuPcE0ziXF/jSMzY6LL/391bqJwifEABFa7LCwhKTDeyqGQTIDHQG
Pr42RSqNrVgjIiG+GZ5SJntdb46YRW6rfcaVR+2guxZsGFaU87XhCHbZTzmd1JKx
tg+vG16aaepmsA==
-----END CERTIFICATE-----