Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
File:                     YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft (raw, json)
Hash identifier:          hEfBLlvL4cIg1Zp3yWKkyD21Rh4/XvG9mp05KVYBakk=
Subject key identifier:   6E:36:90:7E:09:7C:C3:64:C0:40:7A:18:77:E1:29:59:08:7A:77:A7
Authority key identifier: 60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30
Certificate issuer:       /CN=6062b21fb6655b897923e29d6fcb644ab10ac530
Certificate serial:       019659F073D85206B42EFEC8EEC66417B840
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
Manifest number:          14FD
Signing time:             Mon 21 Apr 2025 20:00:52 +0000
Manifest this update:     Mon 21 Apr 2025 20:00:52 +0000
Manifest next update:     Tue 22 Apr 2025 20:00:52 +0000
Files and hashes:         1: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl (hash: kf82g15HiAHlefWXcRu4yBjXkW1Q3pIFcV1nRN0IpCs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:f0:73:d8:52:06:b4:2e:fe:c8:ee:c6:64:17:b8:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6062b21fb6655b897923e29d6fcb644ab10ac530
        Validity
            Not Before: Apr 21 20:00:52 2025 GMT
            Not After : Apr 22 20:00:52 2025 GMT
        Subject: CN=6e36907e097cc364c0407a1877e12959087a77a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:df:61:b9:d8:98:5a:7a:00:a4:3a:97:6d:f1:
                    41:0b:f1:6f:aa:9f:cc:f0:3f:6f:22:0f:e5:b3:09:
                    e6:4f:7c:f3:74:00:6f:6b:43:ca:ba:1b:15:bc:a7:
                    6c:fb:5a:9a:11:3d:d9:85:ff:58:c8:8e:89:15:86:
                    26:55:29:7b:50:b4:ee:49:0a:bd:0e:af:32:96:3f:
                    29:ae:c0:67:f1:80:31:fe:41:f0:19:39:66:65:42:
                    be:f8:7a:c5:26:48:52:7f:ab:d1:ee:39:f7:4d:c6:
                    e2:e9:7d:a5:b3:dd:02:b8:3e:47:e9:fb:5c:52:aa:
                    85:25:71:da:a7:76:33:94:86:a9:c8:41:23:80:d6:
                    2b:01:1d:21:96:97:19:38:71:eb:fa:24:70:91:f0:
                    d1:e3:32:74:ca:4c:f2:3f:22:7a:62:34:41:5e:8d:
                    3c:9b:ca:54:47:65:c2:4e:9d:a5:b9:c8:f3:e6:33:
                    cc:57:27:71:e2:7e:98:09:e8:71:11:b8:61:56:03:
                    9d:fa:21:6c:d6:97:58:50:28:26:3c:1a:3c:ba:bd:
                    e0:8a:f9:31:03:ce:ca:7f:ed:c5:27:e6:06:17:67:
                    63:bc:f9:0a:5a:7d:10:56:59:bd:47:03:0d:f6:30:
                    f7:6a:3f:87:25:0d:b3:dc:2b:61:e4:df:6a:2d:85:
                    f2:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:36:90:7E:09:7C:C3:64:C0:40:7A:18:77:E1:29:59:08:7A:77:A7
            X509v3 Authority Key Identifier:
                keyid:60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:37:4e:90:1b:51:57:11:e0:1b:ee:5f:41:3b:94:ea:95:13:
         1c:be:55:c9:b7:8f:d7:3f:dc:60:f6:02:08:d0:4a:52:9b:0a:
         89:52:36:d7:d9:ce:86:ba:57:c5:50:5e:6a:2e:fc:47:1f:d1:
         50:88:d1:24:c7:f4:5d:22:66:de:01:9a:c9:40:bb:75:ad:10:
         0b:7b:f0:a3:f7:25:65:f2:8f:25:aa:29:c7:69:f7:40:09:97:
         f3:8e:aa:aa:15:de:97:ca:83:02:0f:26:5a:38:76:70:26:71:
         b0:7a:ba:5b:e3:52:f3:2d:d4:89:32:17:f2:a7:1b:cb:57:c7:
         ec:f8:c2:65:35:99:12:f7:1d:68:19:ba:5c:5e:a0:41:44:66:
         70:67:4f:c6:c3:57:33:e4:d9:72:f2:54:72:14:1f:11:e2:f5:
         16:5e:7d:96:5f:e2:72:13:94:78:ea:fa:78:a4:db:09:e4:6a:
         9a:4a:8c:93:91:0b:ce:4b:0a:6b:28:92:7f:7a:67:5e:b2:bc:
         14:f7:19:d9:82:72:36:20:dc:62:9c:0d:96:bf:21:a7:62:3d:
         5f:c6:f3:50:9c:95:5a:e9:6e:9c:57:5e:9c:6a:46:2d:a0:24:
         f0:d1:97:31:8f:b3:8c:0f:ed:e8:5b:93:b4:90:36:8a:55:66:
         a5:cc:16:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZ8HPYUga0Lv7I7sZkF7hAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjJiMjFmYjY2NTViODk3OTIzZTI5ZDZmY2I2NDRhYjEw
YWM1MzAwHhcNMjUwNDIxMjAwMDUyWhcNMjUwNDIyMjAwMDUyWjAzMTEwLwYDVQQD
Eyg2ZTM2OTA3ZTA5N2NjMzY0YzA0MDdhMTg3N2UxMjk1OTA4N2E3N2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnN9hudiYWnoApDqXbfFBC/Fvqp/M
8D9vIg/lswnmT3zzdABva0PKuhsVvKds+1qaET3Zhf9YyI6JFYYmVSl7ULTuSQq9
Dq8ylj8prsBn8YAx/kHwGTlmZUK++HrFJkhSf6vR7jn3Tcbi6X2ls90CuD5H6ftc
UqqFJXHap3YzlIapyEEjgNYrAR0hlpcZOHHr+iRwkfDR4zJ0ykzyPyJ6YjRBXo08
m8pUR2XCTp2lucjz5jPMVydx4n6YCehxEbhhVgOd+iFs1pdYUCgmPBo8ur3givkx
A87Kf+3FJ+YGF2djvPkKWn0QVlm9RwMN9jD3aj+HJQ2z3Cth5N9qLYXyUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG42kH4JfMNkwEB6GHfhKVkIenenMB8GA1UdIwQY
MBaAFGBish+2ZVuJeSPinW/LZEqxCsUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYt
YjUyMGJlZGE2NjI2LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYtYjUyMGJlZGE2NjI2
LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmTdOkBtR
VxHgG+5fQTuU6pUTHL5VybeP1z/cYPYCCNBKUpsKiVI219nOhrpXxVBeai78Rx/R
UIjRJMf0XSJm3gGayUC7da0QC3vwo/clZfKPJaopx2n3QAmX846qqhXel8qDAg8m
Wjh2cCZxsHq6W+NS8y3UiTIX8qcby1fH7PjCZTWZEvcdaBm6XF6gQURmcGdPxsNX
M+TZcvJUchQfEeL1Fl59ll/ichOUeOr6eKTbCeRqmkqMk5ELzksKayiSf3pnXrK8
FPcZ2YJyNiDcYpwNlr8hp2I9X8bzUJyVWulunFdenGpGLaAk8NGXMY+zjA/t6FuT
tJA2ilVmpcwW2w==
-----END CERTIFICATE-----