Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
File:                     YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft (raw, json)
Hash identifier:          g9BNNVNfi0N/Co6C+rLteCl8vIkjuQ073mfmOlDH4yo=
Subject key identifier:   8C:CC:49:F4:42:74:14:A7:3E:CE:59:67:D2:E0:D5:1B:88:59:D0:3D
Authority key identifier: 60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F
Certificate issuer:       /CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
Certificate serial:       01965A5E4599FAAB7DABCB1F5913E032A080
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
Manifest number:          069A
Signing time:             Mon 21 Apr 2025 22:00:49 +0000
Manifest this update:     Mon 21 Apr 2025 22:00:49 +0000
Manifest next update:     Tue 22 Apr 2025 22:00:49 +0000
Files and hashes:         1: YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl (hash: fDOIroNMYYMqJ1kB+WmkxWbIimzk5vWSDPIyabo7F98=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5a:5e:45:99:fa:ab:7d:ab:cb:1f:59:13:e0:32:a0:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
        Validity
            Not Before: Apr 21 22:00:49 2025 GMT
            Not After : Apr 22 22:00:49 2025 GMT
        Subject: CN=8ccc49f4427414a73ece5967d2e0d51b8859d03d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:98:51:f9:75:dd:6c:59:9b:db:8c:5a:a1:ff:
                    b1:4c:98:8f:7b:3e:8f:4c:c6:62:dd:b5:1f:3f:04:
                    83:ab:9a:48:f0:51:ce:4a:16:22:ef:60:2b:11:0d:
                    e5:71:8d:a0:05:7c:ca:77:ac:88:12:f0:a5:3c:1e:
                    8e:b9:b2:63:1c:72:01:52:6a:f4:a7:a1:54:2e:cf:
                    41:b2:9d:41:84:08:d9:64:84:b9:d2:45:d4:5e:71:
                    8e:ff:0f:d0:dd:17:0c:0c:bd:fb:81:43:33:18:95:
                    4f:7f:1b:b9:1b:2d:a3:d4:f0:74:32:f2:fe:2c:5c:
                    72:60:d3:4d:85:e3:88:4a:9f:f8:0b:44:4c:d5:07:
                    02:f2:e9:fa:34:54:f0:82:8b:b3:82:dc:5c:84:4d:
                    13:93:9f:2a:78:32:c8:95:42:64:df:0b:e0:38:fe:
                    8d:4d:5f:78:a9:ea:e0:e4:25:39:de:20:54:42:1b:
                    0b:5b:f5:16:1d:33:ef:1b:ab:87:89:21:c4:5f:90:
                    9f:15:92:8d:56:8c:80:53:4b:d5:84:fb:63:50:bf:
                    6f:93:0b:ed:bc:f3:a8:04:c7:a0:1a:26:ac:a0:96:
                    95:76:e6:b4:a8:b8:2b:78:c0:58:8e:fe:f3:8f:aa:
                    ee:12:9f:4f:73:00:ac:c0:23:8d:3e:fd:91:35:47:
                    24:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:CC:49:F4:42:74:14:A7:3E:CE:59:67:D2:E0:D5:1B:88:59:D0:3D
            X509v3 Authority Key Identifier:
                keyid:60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:ab:8f:3f:68:94:3d:82:eb:c2:ee:a7:38:04:7d:9c:90:87:
         fd:9c:12:9c:2c:0b:cf:be:c2:55:80:ba:c4:c9:07:55:a1:db:
         48:94:c9:a6:b7:52:a8:23:a9:dc:9b:aa:05:cd:46:91:e5:c5:
         f8:4f:72:07:e5:b5:00:3e:cf:97:19:fa:a6:05:44:c9:09:87:
         05:55:48:c3:bf:5d:41:38:bf:f2:88:2f:d4:b2:25:4a:6a:5b:
         c0:9b:9d:04:6f:70:80:69:3c:89:54:fb:63:2f:8c:9b:77:d4:
         1d:40:1f:ce:3a:62:89:d8:db:f9:3b:f9:f5:e9:ab:11:89:16:
         83:d1:24:6d:29:bb:83:e5:9c:44:18:43:e5:60:16:1b:e7:c5:
         91:9a:51:ce:d9:83:78:25:78:b7:ce:a2:12:06:21:69:da:99:
         d0:c5:46:54:8c:9e:f0:cd:06:b7:e4:4d:b4:17:5a:f5:f5:b8:
         cb:51:0e:47:0d:e2:df:9c:27:d6:9f:5b:58:1e:3b:d3:31:d5:
         28:8e:b1:72:60:b9:dd:d7:ef:fc:46:a4:fb:b4:43:f1:59:aa:
         c7:1b:94:91:e7:77:06:cb:98:f9:cb:6b:ba:3f:f9:70:c0:ea:
         d1:01:dd:98:67:d4:b3:df:33:e2:2c:d8:12:54:ec:03:3f:40:
         d1:7f:5e:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZaXkWZ+qt9q8sfWRPgMqCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYTQzNGZkNmJmZjhiNmZiYjBkNTJmOGRhNDJlOTFmOGE1
YTI5MmYwHhcNMjUwNDIxMjIwMDQ5WhcNMjUwNDIyMjIwMDQ5WjAzMTEwLwYDVQQD
Eyg4Y2NjNDlmNDQyNzQxNGE3M2VjZTU5NjdkMmUwZDUxYjg4NTlkMDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmphR+XXdbFmb24xaof+xTJiPez6P
TMZi3bUfPwSDq5pI8FHOShYi72ArEQ3lcY2gBXzKd6yIEvClPB6OubJjHHIBUmr0
p6FULs9Bsp1BhAjZZIS50kXUXnGO/w/Q3RcMDL37gUMzGJVPfxu5Gy2j1PB0MvL+
LFxyYNNNheOISp/4C0RM1QcC8un6NFTwgouzgtxchE0Tk58qeDLIlUJk3wvgOP6N
TV94qerg5CU53iBUQhsLW/UWHTPvG6uHiSHEX5CfFZKNVoyAU0vVhPtjUL9vkwvt
vPOoBMegGiasoJaVdua0qLgreMBYjv7zj6ruEp9PcwCswCONPv2RNUckjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIzMSfRCdBSnPs5ZZ9Lg1RuIWdA9MB8GA1UdIwQY
MBaAFGCkNP1r/4tvuw1S+NpC6R+KWikvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAt
NmEzZjAxZDljYjUwLzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAtNmEzZjAxZDljYjUw
LzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANquPP2iU
PYLrwu6nOAR9nJCH/ZwSnCwLz77CVYC6xMkHVaHbSJTJprdSqCOp3JuqBc1GkeXF
+E9yB+W1AD7Plxn6pgVEyQmHBVVIw79dQTi/8ogv1LIlSmpbwJudBG9wgGk8iVT7
Yy+Mm3fUHUAfzjpiidjb+Tv59emrEYkWg9EkbSm7g+WcRBhD5WAWG+fFkZpRztmD
eCV4t86iEgYhadqZ0MVGVIye8M0Gt+RNtBda9fW4y1EORw3i35wn1p9bWB470zHV
KI6xcmC53dfv/Eak+7RD8VmqxxuUked3BsuY+ctruj/5cMDq0QHdmGfUs98z4izY
ElTsAz9A0X9eKw==
-----END CERTIFICATE-----