Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
File:                     y_nNJDztaTe2vqVxAoFP-bpCZiE.mft (raw, json)
Hash identifier:          gFWHEgYI+BNMszWO0Pu0Z+WUTxcjIUosTM9xchV0+Ho=
Subject key identifier:   0D:38:34:9E:31:60:4A:B8:87:C4:68:6E:B5:91:06:9C:61:C9:B8:C4
Authority key identifier: CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21
Certificate issuer:       /CN=cbf9cd243ced6937b6bea57102814ff9ba426621
Certificate serial:       019655A64348A7D0C17920E2EA56DB3E60A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
Manifest number:          14FB
Signing time:             Mon 21 Apr 2025 00:01:21 +0000
Manifest this update:     Mon 21 Apr 2025 00:01:21 +0000
Manifest next update:     Tue 22 Apr 2025 00:01:21 +0000
Files and hashes:         1: y_nNJDztaTe2vqVxAoFP-bpCZiE.crl (hash: mYmD0raoRL1TsiRczbhI3XfM9mLkmnhSaTe08qWqXNg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 00:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:a6:43:48:a7:d0:c1:79:20:e2:ea:56:db:3e:60:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbf9cd243ced6937b6bea57102814ff9ba426621
        Validity
            Not Before: Apr 21 00:01:21 2025 GMT
            Not After : Apr 22 00:01:21 2025 GMT
        Subject: CN=0d38349e31604ab887c4686eb591069c61c9b8c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:9b:25:c9:7b:60:66:5d:e6:51:56:78:6f:d7:
                    fc:dc:1e:e1:4f:df:a1:a5:1a:d9:a7:8b:62:f2:df:
                    ed:db:b6:ba:8b:5f:96:81:1f:50:65:3b:35:97:55:
                    ec:04:00:fc:3c:9c:ff:6e:a5:4f:aa:1c:a7:5b:a6:
                    3c:0a:6e:e6:30:30:d9:b8:8c:1b:70:c1:a2:be:d1:
                    45:c6:e4:20:7d:74:c0:3c:f3:7e:68:9e:f0:d4:02:
                    49:df:57:ed:15:52:51:89:78:3f:96:c9:c5:76:d5:
                    f4:68:6d:57:40:eb:df:8c:db:2c:41:ad:f6:83:7d:
                    02:98:df:ad:2c:6c:7f:4f:2a:22:a7:61:b9:2d:11:
                    1a:da:bc:be:3d:09:46:10:74:25:0e:78:b8:4c:73:
                    9f:be:96:89:e9:e6:fd:26:3e:89:69:08:ba:6f:0d:
                    86:a2:d8:cc:39:2c:9c:6e:c2:27:ef:ed:19:25:40:
                    9f:1f:3f:f8:cc:c7:f5:3f:42:e1:b1:97:e0:65:34:
                    ea:24:09:9e:bf:c2:4a:0b:76:41:23:8f:b9:0b:92:
                    06:cf:f8:8a:fb:22:ee:d9:93:1c:3f:5c:7c:5b:40:
                    bd:de:f2:7d:fe:04:80:cf:6e:9f:23:b0:ee:1d:14:
                    34:07:ee:2e:d9:d2:7b:02:0d:c1:fc:d0:a2:9e:b3:
                    71:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:38:34:9E:31:60:4A:B8:87:C4:68:6E:B5:91:06:9C:61:C9:B8:C4
            X509v3 Authority Key Identifier:
                keyid:CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:d1:77:61:e7:ae:81:e1:bb:4c:ea:18:33:a9:3b:e0:80:1d:
         2a:4f:f3:d3:4b:9f:a8:d9:c2:20:4a:93:66:bb:e3:3a:79:bb:
         5a:5a:95:7c:93:10:ed:49:dd:8b:77:4f:59:38:3a:e2:02:01:
         c9:b3:3f:f6:6b:a0:cd:b6:ba:24:42:6a:39:50:3c:57:86:78:
         03:14:c2:7b:4d:5b:97:e1:8a:99:bc:1c:90:7e:ef:51:58:72:
         16:ab:0d:30:f7:82:46:aa:a0:22:df:b6:5b:40:f1:0b:03:19:
         9d:9a:1c:13:fa:0d:00:4b:84:2e:6d:2f:4a:93:2a:05:85:9e:
         cb:d7:1c:3b:cd:ae:8e:13:f1:01:a7:f6:a4:e5:da:51:f3:e1:
         b9:13:97:03:9a:74:88:16:0b:46:1f:76:ff:a5:ed:7f:01:2c:
         4e:05:69:c9:df:20:f1:19:f4:77:a0:96:1f:10:8f:28:e3:ae:
         4d:f0:4f:b6:66:13:ed:f9:b0:f4:53:62:d0:d3:49:eb:5e:56:
         b0:de:d5:ad:da:b4:1b:3f:52:a8:19:80:19:7e:35:98:93:b6:
         77:fd:ff:76:d0:f6:3c:89:7b:f7:31:68:3f:37:a4:41:39:1f:
         ea:b8:e9:a9:b2:df:e3:82:f8:3e:cf:00:a7:ad:cb:00:a2:8f:
         3d:9c:04:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVpkNIp9DBeSDi6lbbPmCnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjljZDI0M2NlZDY5MzdiNmJlYTU3MTAyODE0ZmY5YmE0
MjY2MjEwHhcNMjUwNDIxMDAwMTIxWhcNMjUwNDIyMDAwMTIxWjAzMTEwLwYDVQQD
EygwZDM4MzQ5ZTMxNjA0YWI4ODdjNDY4NmViNTkxMDY5YzYxYzliOGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5slyXtgZl3mUVZ4b9f83B7hT9+h
pRrZp4ti8t/t27a6i1+WgR9QZTs1l1XsBAD8PJz/bqVPqhynW6Y8Cm7mMDDZuIwb
cMGivtFFxuQgfXTAPPN+aJ7w1AJJ31ftFVJRiXg/lsnFdtX0aG1XQOvfjNssQa32
g30CmN+tLGx/Tyoip2G5LREa2ry+PQlGEHQlDni4THOfvpaJ6eb9Jj6JaQi6bw2G
otjMOSycbsIn7+0ZJUCfHz/4zMf1P0LhsZfgZTTqJAmev8JKC3ZBI4+5C5IGz/iK
+yLu2ZMcP1x8W0C93vJ9/gSAz26fI7DuHRQ0B+4u2dJ7Ag3B/NCinrNxswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA04NJ4xYEq4h8RobrWRBpxhybjEMB8GA1UdIwQY
MBaAFMv5zSQ87Wk3tr6lcQKBT/m6QmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQt
MWMxMzI1MGE2YTNjLzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQtMWMxMzI1MGE2YTNj
LzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMdF3Yeeu
geG7TOoYM6k74IAdKk/z00ufqNnCIEqTZrvjOnm7WlqVfJMQ7Undi3dPWTg64gIB
ybM/9mugzba6JEJqOVA8V4Z4AxTCe01bl+GKmbwckH7vUVhyFqsNMPeCRqqgIt+2
W0DxCwMZnZocE/oNAEuELm0vSpMqBYWey9ccO82ujhPxAaf2pOXaUfPhuROXA5p0
iBYLRh92/6XtfwEsTgVpyd8g8Rn0d6CWHxCPKOOuTfBPtmYT7fmw9FNi0NNJ615W
sN7Vrdq0Gz9SqBmAGX41mJO2d/3/dtD2PIl79zFoPzekQTkf6rjpqbLf44L4Ps8A
p63LAKKPPZwEsw==
-----END CERTIFICATE-----