Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft
File:                     y_sCefzSOo5YPzRauQRyjm0OTGI.mft (raw, json)
Hash identifier:          K0q7QVAEIN+AV5XVEeTWZbb0J+i3Nz628AZ7oPM/4Gw=
Subject key identifier:   95:2B:A1:D1:6A:3B:D5:BC:61:91:E8:9A:05:AA:DB:A3:61:3B:EE:9F
Authority key identifier: CB:FB:02:79:FC:D2:3A:8E:58:3F:34:5A:B9:04:72:8E:6D:0E:4C:62
Certificate issuer:       /CN=cbfb0279fcd23a8e583f345ab904728e6d0e4c62
Certificate serial:       019658016F6A5D2EA793A71061A9A8EE9B05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y_sCefzSOo5YPzRauQRyjm0OTGI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft
Manifest number:          0529
Signing time:             Mon 21 Apr 2025 11:00:11 +0000
Manifest this update:     Mon 21 Apr 2025 11:00:11 +0000
Manifest next update:     Tue 22 Apr 2025 11:00:11 +0000
Files and hashes:         1: y_sCefzSOo5YPzRauQRyjm0OTGI.crl (hash: M0P2AuYOenYf5sRsrQEm8bn96I5qcnneIu0R9vB/5jA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y_sCefzSOo5YPzRauQRyjm0OTGI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:58:01:6f:6a:5d:2e:a7:93:a7:10:61:a9:a8:ee:9b:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbfb0279fcd23a8e583f345ab904728e6d0e4c62
        Validity
            Not Before: Apr 21 11:00:11 2025 GMT
            Not After : Apr 22 11:00:11 2025 GMT
        Subject: CN=952ba1d16a3bd5bc6191e89a05aadba3613bee9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:a7:b2:84:a2:9e:50:13:4b:b5:45:55:d4:ba:
                    98:5e:a1:dd:0a:6b:9e:aa:2b:ac:1c:22:c2:62:2d:
                    17:3e:d2:8a:ca:4a:3f:a5:e9:c3:f3:ba:0d:ae:08:
                    fc:b2:49:13:f0:bc:fe:02:19:91:7d:7d:28:fd:ce:
                    07:68:62:78:b8:24:76:b6:45:45:e8:b6:97:c3:53:
                    03:ff:c3:d7:aa:03:66:d5:99:d1:ad:a4:ab:9f:c2:
                    7e:d2:5f:fa:90:a4:7e:5b:3b:8e:fd:24:a7:3f:78:
                    c2:19:87:64:f1:1e:71:f2:02:b7:2a:86:d5:83:5d:
                    7e:66:61:63:8e:ae:fa:7e:0e:78:eb:cc:27:89:48:
                    f4:00:dc:15:0c:08:93:86:ac:c8:32:13:d7:96:6a:
                    55:8f:ba:7b:62:4c:d8:53:18:f0:e2:2f:92:e9:5e:
                    4e:c4:59:d9:ea:04:9e:8f:69:0f:79:ef:b8:ff:45:
                    da:d1:da:c1:54:be:f2:26:8f:70:ba:ab:a1:dc:4c:
                    dd:c8:52:fd:36:02:e7:6f:14:a9:47:b8:97:bc:6a:
                    57:d1:59:ed:10:7e:04:f7:39:57:5d:9f:7e:7a:4b:
                    e2:aa:ca:2e:7a:92:7e:39:ca:41:7e:af:21:73:bd:
                    e8:63:07:d6:2b:ed:f6:4b:b5:60:0f:d2:7f:5a:90:
                    9f:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:2B:A1:D1:6A:3B:D5:BC:61:91:E8:9A:05:AA:DB:A3:61:3B:EE:9F
            X509v3 Authority Key Identifier:
                keyid:CB:FB:02:79:FC:D2:3A:8E:58:3F:34:5A:B9:04:72:8E:6D:0E:4C:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_sCefzSOo5YPzRauQRyjm0OTGI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:f0:dc:a2:d0:1a:01:08:51:54:7f:4f:b7:71:52:0a:71:94:
         b7:32:ef:6c:2d:b7:32:75:98:10:82:f1:a4:25:1b:a9:79:de:
         7a:2a:47:9e:20:5e:27:cb:d9:5f:e8:1f:51:ab:1c:9d:fa:7b:
         ff:24:47:04:1a:15:3c:0c:e5:39:e7:37:a8:26:67:86:f4:d5:
         61:93:db:bb:61:95:e0:5b:27:81:3b:a6:d5:48:7a:10:81:20:
         37:f1:b2:e8:eb:56:1e:65:d2:8a:ed:2a:d0:13:0c:8d:0a:da:
         52:da:23:b9:05:ed:c5:41:8f:b9:ab:de:9a:db:98:e5:d6:38:
         11:61:2d:68:a6:a2:c0:63:f9:c6:ce:bb:37:25:ac:41:70:2f:
         c2:ff:d0:b8:8a:29:6e:fb:bd:01:14:42:7c:7a:91:ae:10:a2:
         40:bf:86:bc:f8:f5:72:7c:f4:e6:5f:f6:e3:09:c4:24:98:6d:
         74:55:e8:c3:37:19:5d:c5:4c:c6:fe:06:54:14:4c:c4:68:61:
         fc:b8:24:a3:2a:33:b8:c8:6c:52:9d:37:de:c5:72:e5:db:c8:
         c6:44:57:d0:c8:92:8b:a8:3a:20:cd:8c:d9:90:8e:f1:31:7c:
         cc:b7:0a:17:9b:64:75:d8:91:54:f8:6a:ae:60:1e:86:3f:c4:
         7c:ad:6c:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZYAW9qXS6nk6cQYamo7psFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZmIwMjc5ZmNkMjNhOGU1ODNmMzQ1YWI5MDQ3MjhlNmQw
ZTRjNjIwHhcNMjUwNDIxMTEwMDExWhcNMjUwNDIyMTEwMDExWjAzMTEwLwYDVQQD
Eyg5NTJiYTFkMTZhM2JkNWJjNjE5MWU4OWEwNWFhZGJhMzYxM2JlZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2KeyhKKeUBNLtUVV1LqYXqHdCmue
qiusHCLCYi0XPtKKyko/penD87oNrgj8skkT8Lz+AhmRfX0o/c4HaGJ4uCR2tkVF
6LaXw1MD/8PXqgNm1ZnRraSrn8J+0l/6kKR+WzuO/SSnP3jCGYdk8R5x8gK3KobV
g11+ZmFjjq76fg5468wniUj0ANwVDAiThqzIMhPXlmpVj7p7YkzYUxjw4i+S6V5O
xFnZ6gSej2kPee+4/0Xa0drBVL7yJo9wuquh3EzdyFL9NgLnbxSpR7iXvGpX0Vnt
EH4E9zlXXZ9+ekviqsouepJ+OcpBfq8hc73oYwfWK+32S7VgD9J/WpCfUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJUrodFqO9W8YZHomgWq26NhO+6fMB8GA1UdIwQY
MBaAFMv7Ann80jqOWD80WrkEco5tDkxiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9zQ2VmelNPbzVZUHpSYXVRUnlqbTBPVEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi85Njc3YjEtZDQzZS00NjZlLTliZjgt
ODBmODIwMjcxNGRhLzEveV9zQ2VmelNPbzVZUHpSYXVRUnlqbTBPVEdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi85Njc3YjEtZDQzZS00NjZlLTliZjgtODBmODIwMjcxNGRh
LzEveV9zQ2VmelNPbzVZUHpSYXVRUnlqbTBPVEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsPDcotAa
AQhRVH9Pt3FSCnGUtzLvbC23MnWYEILxpCUbqXneeipHniBeJ8vZX+gfUascnfp7
/yRHBBoVPAzlOec3qCZnhvTVYZPbu2GV4FsngTum1Uh6EIEgN/Gy6OtWHmXSiu0q
0BMMjQraUtojuQXtxUGPuavemtuY5dY4EWEtaKaiwGP5xs67NyWsQXAvwv/QuIop
bvu9ARRCfHqRrhCiQL+GvPj1cnz05l/24wnEJJhtdFXowzcZXcVMxv4GVBRMxGhh
/LgkoyozuMhsUp033sVy5dvIxkRX0MiSi6g6IM2M2ZCO8TF8zLcKF5tkddiRVPhq
rmAehj/EfK1s1Q==
-----END CERTIFICATE-----