Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
File:                     Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft (raw, json)
Hash identifier:          fQXnYthZXWAg7lSAAA+RiRQ7NkR40o4+hwDHHP9IHPM=
Subject key identifier:   31:EB:49:4B:03:1F:6C:9D:C7:50:08:89:49:D1:A7:DE:EA:72:19:9C
Authority key identifier: 63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0
Certificate issuer:       /CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
Certificate serial:       01965D96829A42B6D4634D41EB2B879E71E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
Manifest number:          068D
Signing time:             Tue 22 Apr 2025 13:01:06 +0000
Manifest this update:     Tue 22 Apr 2025 13:01:06 +0000
Manifest next update:     Wed 23 Apr 2025 13:01:06 +0000
Files and hashes:         1: Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl (hash: KainXfXPnNmUAzdfMogYSXS+T4EmNmvyjTymGRtVHsM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 13:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5d:96:82:9a:42:b6:d4:63:4d:41:eb:2b:87:9e:71:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
        Validity
            Not Before: Apr 22 13:01:06 2025 GMT
            Not After : Apr 23 13:01:06 2025 GMT
        Subject: CN=31eb494b031f6c9dc750088949d1a7deea72199c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:2f:d8:5a:08:00:3c:83:6f:3a:a1:e6:8c:c9:
                    81:48:5b:4b:17:75:72:4e:ab:18:a9:fb:f8:91:50:
                    7f:74:b6:5c:70:f3:d7:2e:7c:97:e0:e7:4d:6e:ab:
                    f7:e6:2d:63:c6:4c:25:62:cb:81:38:9a:fc:5e:12:
                    e9:48:40:7f:43:1b:9b:98:a6:2e:5f:37:21:e9:5e:
                    c2:90:4e:6d:ac:ed:aa:aa:85:b4:53:5e:83:52:88:
                    a5:33:67:89:54:98:66:3e:3b:10:74:a0:1b:34:77:
                    88:73:b4:8a:61:e3:73:8b:96:e3:00:20:54:e2:03:
                    18:3c:a8:c6:b8:2a:da:dc:95:46:e3:10:d6:cf:f6:
                    cf:ac:fc:b2:0a:b8:41:9a:68:62:49:02:7c:26:f4:
                    59:6d:84:c2:07:36:5c:aa:72:ad:d5:d8:2b:21:5d:
                    fe:91:4b:1f:48:50:fc:0d:26:ac:cc:67:d3:f3:0a:
                    ff:1f:5b:b2:62:6c:86:42:e9:68:82:cd:a9:67:25:
                    94:ac:da:5e:bf:27:1d:e5:92:47:aa:cf:c7:24:99:
                    c5:81:2a:8f:45:05:44:ea:ae:26:56:66:3a:d2:da:
                    47:ad:6f:c6:9f:69:4a:cd:01:02:75:fa:f4:88:86:
                    e5:cc:fc:be:2a:8d:a6:ae:4a:a3:c0:c5:00:84:3d:
                    0d:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:EB:49:4B:03:1F:6C:9D:C7:50:08:89:49:D1:A7:DE:EA:72:19:9C
            X509v3 Authority Key Identifier:
                keyid:63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:d1:a2:65:c6:37:98:80:51:90:6d:4b:c4:3f:b0:b3:24:42:
         a3:ce:ce:68:f5:44:75:92:5c:05:b1:12:ce:8c:fe:57:99:ac:
         9f:80:cb:ac:07:c4:73:8d:d8:5b:75:54:ee:6d:5b:24:0d:23:
         2e:00:96:c2:6b:2e:eb:97:a7:55:73:0d:dd:13:3d:01:ef:c5:
         41:5d:fc:29:7e:15:47:74:69:39:c7:cc:15:0d:bf:64:bf:a3:
         e2:22:98:05:02:7d:f6:ee:37:24:0e:45:ba:9b:30:6d:9b:42:
         f6:25:d4:eb:c6:95:67:9b:7e:ad:5a:e2:74:c1:d3:6b:2d:f6:
         aa:c8:b4:2a:54:65:96:3c:52:76:a9:16:1d:3d:9f:a4:b8:10:
         27:2e:d7:1a:4e:6f:37:93:34:ef:8e:52:8a:28:30:71:af:cf:
         3f:64:79:cb:14:79:74:24:b0:36:2b:9a:86:aa:8b:83:51:26:
         5d:34:91:0e:39:24:6f:35:3f:66:3c:12:c3:43:04:4d:37:48:
         33:5d:28:6b:26:8e:4d:dd:18:dd:d1:a2:67:c5:a9:2e:03:d4:
         1b:89:93:12:ea:27:0b:0b:88:ac:e7:ce:6d:fb:e3:a4:1b:c8:
         6b:fa:ed:09:1c:eb:87:6c:4f:ba:76:89:53:d7:6b:42:5d:91:
         a1:57:84:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZdloKaQrbUY01B6yuHnnHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYThjYTE2NjYyMDZkMmNmMTJiNTA3ODcyZWFkMGY1YTc5
M2QwZTAwHhcNMjUwNDIyMTMwMTA2WhcNMjUwNDIzMTMwMTA2WjAzMTEwLwYDVQQD
EygzMWViNDk0YjAzMWY2YzlkYzc1MDA4ODk0OWQxYTdkZWVhNzIxOTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwC/YWggAPINvOqHmjMmBSFtLF3Vy
TqsYqfv4kVB/dLZccPPXLnyX4OdNbqv35i1jxkwlYsuBOJr8XhLpSEB/QxubmKYu
Xzch6V7CkE5trO2qqoW0U16DUoilM2eJVJhmPjsQdKAbNHeIc7SKYeNzi5bjACBU
4gMYPKjGuCra3JVG4xDWz/bPrPyyCrhBmmhiSQJ8JvRZbYTCBzZcqnKt1dgrIV3+
kUsfSFD8DSaszGfT8wr/H1uyYmyGQulogs2pZyWUrNpevycd5ZJHqs/HJJnFgSqP
RQVE6q4mVmY60tpHrW/Gn2lKzQECdfr0iIblzPy+Ko2mrkqjwMUAhD0N0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDHrSUsDH2ydx1AIiUnRp97qchmcMB8GA1UdIwQY
MBaAFGOoyhZmIG0s8StQeHLq0PWnk9DgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEt
NzVhYjIxZjNiM2QwLzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEtNzVhYjIxZjNiM2Qw
LzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARNGiZcY3
mIBRkG1LxD+wsyRCo87OaPVEdZJcBbESzoz+V5msn4DLrAfEc43YW3VU7m1bJA0j
LgCWwmsu65enVXMN3RM9Ae/FQV38KX4VR3RpOcfMFQ2/ZL+j4iKYBQJ99u43JA5F
upswbZtC9iXU68aVZ5t+rVridMHTay32qsi0KlRlljxSdqkWHT2fpLgQJy7XGk5v
N5M0745Siigwca/PP2R5yxR5dCSwNiuahqqLg1EmXTSRDjkkbzU/ZjwSw0METTdI
M10oayaOTd0Y3dGiZ8WpLgPUG4mTEuonCwuIrOfObfvjpBvIa/rtCRzrh2xPunaJ
U9drQl2RoVeE+g==
-----END CERTIFICATE-----