Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
File:                     Yonrndlo7aSnlWTC4GpoOEIpegQ.mft (raw, json)
Hash identifier:          taUcP0ho0sGxvKy0vUuWYquZ0WSawSfsuTnwBWze75E=
Subject key identifier:   A8:B7:0E:26:9A:86:CF:56:35:1E:5B:DE:CE:18:FF:0C:A9:B9:4D:19
Authority key identifier: 62:89:EB:9D:D9:68:ED:A4:A7:95:64:C2:E0:6A:68:38:42:29:7A:04
Certificate issuer:       /CN=6289eb9dd968eda4a79564c2e06a683842297a04
Certificate serial:       0196556EA98B4F1AB0C6438D1485E1737B55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
Manifest number:          021D
Signing time:             Sun 20 Apr 2025 23:00:37 +0000
Manifest this update:     Sun 20 Apr 2025 23:00:37 +0000
Manifest next update:     Mon 21 Apr 2025 23:00:37 +0000
Files and hashes:         1: Yonrndlo7aSnlWTC4GpoOEIpegQ.crl (hash: A7bVcxZKw0hCKBOjoTL/wRGQ0Xs077V8IJKdtcugkUU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 23:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:6e:a9:8b:4f:1a:b0:c6:43:8d:14:85:e1:73:7b:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6289eb9dd968eda4a79564c2e06a683842297a04
        Validity
            Not Before: Apr 20 23:00:37 2025 GMT
            Not After : Apr 21 23:00:37 2025 GMT
        Subject: CN=a8b70e269a86cf56351e5bdece18ff0ca9b94d19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:4e:be:73:b1:e2:df:5e:c4:5e:c0:29:e5:28:
                    cd:d1:b0:49:69:a0:db:bf:b2:a4:07:e3:33:d1:80:
                    9b:08:01:0f:c1:6e:5a:3d:ec:5a:72:7a:75:61:30:
                    e1:9a:c9:f5:41:df:10:f7:89:f0:c4:32:28:ea:ee:
                    4c:a9:84:10:43:13:68:dc:15:23:25:93:c5:7a:7f:
                    74:21:67:69:85:3d:a5:9e:69:b8:ac:7b:4a:fc:87:
                    34:dc:f5:c0:31:16:62:a7:56:bf:9f:25:dd:a0:2f:
                    44:43:16:01:f2:25:59:c1:63:6c:2a:87:a1:6d:8c:
                    92:59:67:70:49:28:80:e9:5f:cd:e2:29:8f:92:1f:
                    4d:38:89:64:33:49:b7:14:f2:d6:11:4c:74:81:71:
                    9a:48:4d:65:c9:21:15:93:1a:b1:90:bf:34:e0:1e:
                    48:6d:97:17:b7:78:5e:34:29:cf:8d:d6:15:32:1e:
                    00:22:e8:33:55:65:77:7b:c4:e0:8f:48:57:57:5a:
                    ab:7d:42:6b:24:e8:c3:de:f1:88:8a:0b:9c:f4:08:
                    10:db:64:5f:82:5d:78:e1:c9:aa:b4:f7:11:6b:7d:
                    bc:da:b8:52:a5:ed:05:19:bc:36:40:56:dc:5e:d4:
                    25:ea:de:48:50:16:57:2b:4e:e3:98:85:d2:e0:ee:
                    7f:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:B7:0E:26:9A:86:CF:56:35:1E:5B:DE:CE:18:FF:0C:A9:B9:4D:19
            X509v3 Authority Key Identifier:
                keyid:62:89:EB:9D:D9:68:ED:A4:A7:95:64:C2:E0:6A:68:38:42:29:7A:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:f0:0e:ff:e5:da:90:72:ec:3d:71:82:1c:9d:42:c6:71:82:
         8d:71:98:97:38:fc:33:3d:40:95:ee:f2:92:a0:6c:8c:47:38:
         be:ee:fa:92:43:50:65:24:bc:51:7d:6f:8b:a0:b4:87:3a:01:
         0a:7b:29:f1:0b:7c:29:db:ae:de:e3:fb:72:a2:d7:ed:e4:09:
         84:79:58:4d:14:33:c5:04:eb:ff:7f:f3:2e:f4:17:21:c8:4b:
         77:24:34:99:7a:9e:55:05:1b:71:95:13:05:35:a9:3c:16:35:
         c1:f5:6a:f0:ce:8a:c6:b3:c2:2d:df:32:6f:78:74:24:4c:d0:
         7e:cf:b7:6d:fe:71:59:86:e4:35:f6:2d:95:e2:72:ea:59:c1:
         f6:a1:af:d8:f1:74:bd:10:f9:4e:2b:0f:44:ae:11:3a:46:d4:
         c2:12:64:ab:60:ee:eb:e5:8b:3b:df:cd:f3:4e:55:2f:ab:d5:
         12:3c:b8:24:ae:e9:1b:9c:c5:f0:12:23:34:19:b4:01:73:47:
         76:96:43:51:02:14:e7:f4:cc:25:3e:06:02:a7:72:80:3d:13:
         7d:97:21:50:9a:e9:ce:f3:6d:b9:e6:54:6b:ba:62:5c:3a:35:
         40:81:04:d0:43:83:c2:70:aa:18:46:17:7f:27:69:92:3f:24:
         bf:af:e5:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVbqmLTxqwxkONFIXhc3tVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyODllYjlkZDk2OGVkYTRhNzk1NjRjMmUwNmE2ODM4NDIy
OTdhMDQwHhcNMjUwNDIwMjMwMDM3WhcNMjUwNDIxMjMwMDM3WjAzMTEwLwYDVQQD
EyhhOGI3MGUyNjlhODZjZjU2MzUxZTViZGVjZTE4ZmYwY2E5Yjk0ZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoU6+c7Hi317EXsAp5SjN0bBJaaDb
v7KkB+Mz0YCbCAEPwW5aPexacnp1YTDhmsn1Qd8Q94nwxDIo6u5MqYQQQxNo3BUj
JZPFen90IWdphT2lnmm4rHtK/Ic03PXAMRZip1a/nyXdoC9EQxYB8iVZwWNsKoeh
bYySWWdwSSiA6V/N4imPkh9NOIlkM0m3FPLWEUx0gXGaSE1lySEVkxqxkL804B5I
bZcXt3heNCnPjdYVMh4AIugzVWV3e8Tgj0hXV1qrfUJrJOjD3vGIiguc9AgQ22Rf
gl144cmqtPcRa3282rhSpe0FGbw2QFbcXtQl6t5IUBZXK07jmIXS4O5/fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKi3Diaahs9WNR5b3s4Y/wypuU0ZMB8GA1UdIwQY
MBaAFGKJ653ZaO2kp5VkwuBqaDhCKXoEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81ZTdkYzgtN2JmNS00MDMzLTkwOTIt
ZmM3ZWI5OTFkYjQwLzEvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81ZTdkYzgtN2JmNS00MDMzLTkwOTItZmM3ZWI5OTFkYjQw
LzEvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR/AO/+Xa
kHLsPXGCHJ1CxnGCjXGYlzj8Mz1Ale7ykqBsjEc4vu76kkNQZSS8UX1vi6C0hzoB
Cnsp8Qt8Kduu3uP7cqLX7eQJhHlYTRQzxQTr/3/zLvQXIchLdyQ0mXqeVQUbcZUT
BTWpPBY1wfVq8M6KxrPCLd8yb3h0JEzQfs+3bf5xWYbkNfYtleJy6lnB9qGv2PF0
vRD5TisPRK4ROkbUwhJkq2Du6+WLO9/N805VL6vVEjy4JK7pG5zF8BIjNBm0AXNH
dpZDUQIU5/TMJT4GAqdygD0TfZchUJrpzvNtueZUa7piXDo1QIEE0EODwnCqGEYX
fydpkj8kv6/lWQ==
-----END CERTIFICATE-----