Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft
File:                     JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft (raw, json)
Hash identifier:          gcX7SmfcfqFEbtqomBpWMk0Vz0fNqqr8LE03geG3Ozo=
Subject key identifier:   0A:D1:A2:91:E3:63:4E:62:46:C1:BD:67:CE:7B:BF:A4:FF:42:66:62
Authority key identifier: 25:89:06:55:4D:8C:8B:42:8E:DE:8C:B3:50:26:86:0D:3D:77:71:DF
Certificate issuer:       /CN=258906554d8c8b428ede8cb35026860d3d7771df
Certificate serial:       019657942A37C06D208AB05D36C7694A9F95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JYkGVU2Mi0KO3oyzUCaGDT13cd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft
Manifest number:          0BDF
Signing time:             Mon 21 Apr 2025 09:00:49 +0000
Manifest this update:     Mon 21 Apr 2025 09:00:49 +0000
Manifest next update:     Tue 22 Apr 2025 09:00:49 +0000
Files and hashes:         1: JYkGVU2Mi0KO3oyzUCaGDT13cd8.crl (hash: wcBBYsXCIJhMo10nbUWxhH4inLNbcH7GnnizasY8UUY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JYkGVU2Mi0KO3oyzUCaGDT13cd8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 09:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:94:2a:37:c0:6d:20:8a:b0:5d:36:c7:69:4a:9f:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=258906554d8c8b428ede8cb35026860d3d7771df
        Validity
            Not Before: Apr 21 09:00:49 2025 GMT
            Not After : Apr 22 09:00:49 2025 GMT
        Subject: CN=0ad1a291e3634e6246c1bd67ce7bbfa4ff426662
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:0d:51:22:56:51:0e:66:cc:b1:d4:b7:53:b2:
                    d6:c0:5b:9d:33:77:c5:ce:52:69:af:b3:79:d4:aa:
                    34:7b:e7:0a:c7:05:a9:52:c2:cf:08:f1:f6:83:ae:
                    81:23:60:f1:2f:63:58:ff:0a:e2:80:0e:a5:3f:40:
                    04:0a:ed:04:1c:a7:4d:82:05:75:82:c0:19:44:2a:
                    d8:33:dc:75:44:8d:c5:7f:59:d9:7b:6c:74:13:61:
                    e2:02:a8:3d:32:ac:ca:69:03:d5:30:e0:b0:69:0d:
                    2a:68:99:0c:04:88:cb:64:1e:03:15:25:27:4e:72:
                    02:58:d0:08:ab:0c:4c:25:8d:64:3c:5f:93:ca:50:
                    e4:06:32:c8:8c:48:f2:7d:20:fd:ed:bc:27:57:67:
                    7b:e4:59:d5:61:bf:78:3f:e3:42:01:3a:af:fc:27:
                    89:8b:80:56:ac:52:60:98:73:2b:57:d6:23:3d:b0:
                    b9:b1:d7:1e:3f:7f:97:36:a6:59:3a:0d:40:db:ac:
                    ed:6f:f7:48:3c:f6:e6:f4:f3:24:38:93:8b:b0:c8:
                    aa:00:11:4e:5d:54:48:cc:81:a8:5e:bf:52:b2:44:
                    76:6a:7a:cf:2f:f4:c7:a2:8c:d3:ad:02:82:32:ea:
                    11:2e:a8:06:10:5f:2c:fe:05:06:67:f1:6a:b2:56:
                    2f:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:D1:A2:91:E3:63:4E:62:46:C1:BD:67:CE:7B:BF:A4:FF:42:66:62
            X509v3 Authority Key Identifier:
                keyid:25:89:06:55:4D:8C:8B:42:8E:DE:8C:B3:50:26:86:0D:3D:77:71:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYkGVU2Mi0KO3oyzUCaGDT13cd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:8c:34:56:ed:a9:a4:6b:65:1f:1c:0f:d9:13:bf:a1:0e:a8:
         1f:39:9a:9f:e7:fe:0a:26:79:b4:7a:87:20:ff:5a:76:9f:a9:
         52:33:af:66:b3:1f:f7:40:87:a8:64:f8:a6:31:bf:9a:59:cc:
         a4:82:b0:71:fc:af:36:89:3c:4e:f4:c5:ea:c8:b5:6b:36:b8:
         a6:e1:80:37:05:3f:a4:20:c8:c1:21:10:89:84:32:af:60:df:
         27:18:b9:4a:2f:64:19:44:9d:55:77:e0:5a:67:82:9f:a4:30:
         77:49:0d:02:31:dc:6f:bb:b4:c2:0e:03:d0:81:a1:e1:fd:d7:
         39:48:6d:41:9e:5a:31:52:a7:67:51:c1:66:8b:3b:ea:d8:35:
         54:0e:d1:46:56:cc:71:10:7f:78:88:bb:e5:78:98:03:4d:2c:
         14:ed:4b:48:ab:53:76:d9:af:41:10:37:83:ac:65:4c:22:64:
         97:95:73:44:66:ab:38:fd:e1:e4:96:6e:43:e9:61:c1:20:e2:
         07:a7:f8:b1:3b:ea:86:a4:2b:07:10:95:e8:3e:cc:08:6f:b2:
         f5:5c:8d:64:f2:9e:5f:01:37:2d:dc:15:3b:2b:27:08:b9:33:
         32:74:f4:8e:63:80:81:c1:f3:67:ec:90:ed:19:20:29:be:5c:
         a9:77:d9:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXlCo3wG0girBdNsdpSp+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ODkwNjU1NGQ4YzhiNDI4ZWRlOGNiMzUwMjY4NjBkM2Q3
NzcxZGYwHhcNMjUwNDIxMDkwMDQ5WhcNMjUwNDIyMDkwMDQ5WjAzMTEwLwYDVQQD
EygwYWQxYTI5MWUzNjM0ZTYyNDZjMWJkNjdjZTdiYmZhNGZmNDI2NjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtw1RIlZRDmbMsdS3U7LWwFudM3fF
zlJpr7N51Ko0e+cKxwWpUsLPCPH2g66BI2DxL2NY/wrigA6lP0AECu0EHKdNggV1
gsAZRCrYM9x1RI3Ff1nZe2x0E2HiAqg9MqzKaQPVMOCwaQ0qaJkMBIjLZB4DFSUn
TnICWNAIqwxMJY1kPF+TylDkBjLIjEjyfSD97bwnV2d75FnVYb94P+NCATqv/CeJ
i4BWrFJgmHMrV9YjPbC5sdceP3+XNqZZOg1A26ztb/dIPPbm9PMkOJOLsMiqABFO
XVRIzIGoXr9SskR2anrPL/THoozTrQKCMuoRLqgGEF8s/gUGZ/FqslYv0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFArRopHjY05iRsG9Z857v6T/QmZiMB8GA1UdIwQY
MBaAFCWJBlVNjItCjt6Ms1Amhg09d3HfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSllrR1ZVMk1pMEtPM295elVDYUdEVDEzY2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85YjU3YWItNmNhMi00YWE4LTgzODct
YWZkZDUzODI3ZTkzLzEvSllrR1ZVMk1pMEtPM295elVDYUdEVDEzY2Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85YjU3YWItNmNhMi00YWE4LTgzODctYWZkZDUzODI3ZTkz
LzEvSllrR1ZVMk1pMEtPM295elVDYUdEVDEzY2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMow0Vu2p
pGtlHxwP2RO/oQ6oHzman+f+CiZ5tHqHIP9adp+pUjOvZrMf90CHqGT4pjG/mlnM
pIKwcfyvNok8TvTF6si1aza4puGANwU/pCDIwSEQiYQyr2DfJxi5Si9kGUSdVXfg
WmeCn6Qwd0kNAjHcb7u0wg4D0IGh4f3XOUhtQZ5aMVKnZ1HBZos76tg1VA7RRlbM
cRB/eIi75XiYA00sFO1LSKtTdtmvQRA3g6xlTCJkl5VzRGarOP3h5JZuQ+lhwSDi
B6f4sTvqhqQrBxCV6D7MCG+y9VyNZPKeXwE3LdwVOysnCLkzMnT0jmOAgcHzZ+yQ
7RkgKb5cqXfZDA==
-----END CERTIFICATE-----