Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/7d9c11-e1ad-47b6-af09-1713fd3ef7a7/1/YXe1tkvknoGZlf7n8-NiG9ymrow.mft
File:                     YXe1tkvknoGZlf7n8-NiG9ymrow.mft (raw, json)
Hash identifier:          yQ/ZEbN7W3xqkLHhtU1WuFh2yv7Re6DUoyFknTs14Xo=
Subject key identifier:   AC:2F:27:90:83:BA:D9:18:EC:A4:FC:EA:EC:F6:E7:BA:E2:30:D6:39
Authority key identifier: 61:77:B5:B6:4B:E4:9E:81:99:95:FE:E7:F3:E3:62:1B:DC:A6:AE:8C
Certificate issuer:       /CN=6177b5b64be49e819995fee7f3e3621bdca6ae8c
Certificate serial:       019654CA03630E193F0CD055DE9DCA537A13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YXe1tkvknoGZlf7n8-NiG9ymrow.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/7d9c11-e1ad-47b6-af09-1713fd3ef7a7/1/YXe1tkvknoGZlf7n8-NiG9ymrow.mft
Manifest number:          14FE
Signing time:             Sun 20 Apr 2025 20:00:47 +0000
Manifest this update:     Sun 20 Apr 2025 20:00:47 +0000
Manifest next update:     Mon 21 Apr 2025 20:00:47 +0000
Files and hashes:         1: YXe1tkvknoGZlf7n8-NiG9ymrow.crl (hash: aGOEpfmLd2r/YRFO3BnX4z+fHE1Qe/9euYk0PKyJjpU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/7d9c11-e1ad-47b6-af09-1713fd3ef7a7/1/YXe1tkvknoGZlf7n8-NiG9ymrow.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/7d9c11-e1ad-47b6-af09-1713fd3ef7a7/1/YXe1tkvknoGZlf7n8-NiG9ymrow.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YXe1tkvknoGZlf7n8-NiG9ymrow.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 20:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:ca:03:63:0e:19:3f:0c:d0:55:de:9d:ca:53:7a:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6177b5b64be49e819995fee7f3e3621bdca6ae8c
        Validity
            Not Before: Apr 20 20:00:47 2025 GMT
            Not After : Apr 21 20:00:47 2025 GMT
        Subject: CN=ac2f279083bad918eca4fceaecf6e7bae230d639
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:62:05:24:58:f8:bd:65:12:65:34:ab:ec:38:
                    d1:7a:45:02:c4:ff:28:52:7a:58:60:a3:38:ee:c7:
                    59:9b:05:33:d7:11:ee:bb:06:01:db:56:6c:d5:cd:
                    78:56:04:28:22:d2:d0:3c:c5:ce:d4:ed:62:e0:9a:
                    97:2f:16:63:e3:7f:1d:86:c6:11:9c:08:6b:88:c4:
                    73:1f:00:e3:39:a5:68:ea:3d:6e:9e:6e:1e:f5:e3:
                    48:6b:2f:d3:89:4a:e8:87:e2:b4:9d:d8:fd:11:8b:
                    05:e6:a3:70:93:41:60:91:c4:ff:3d:33:f7:b9:8a:
                    aa:dd:f5:8c:fb:4c:c1:3c:00:75:f8:b3:f9:b5:76:
                    81:54:e1:bb:09:88:b8:9d:62:f6:65:5b:bc:7f:39:
                    6e:9b:4b:4b:a6:48:07:36:47:e2:f3:f7:4f:9f:7b:
                    19:be:78:d4:79:56:4f:b4:b3:bd:b0:a1:fb:b1:dc:
                    f9:42:6e:da:79:77:41:93:21:63:71:50:ce:ed:9e:
                    43:72:41:5d:19:bb:bb:a6:e5:a0:dc:c1:f5:8d:71:
                    c0:ac:47:16:7f:33:05:cd:d7:18:e2:f9:cd:fa:c9:
                    44:89:f3:f0:46:9f:8b:b6:58:59:9c:dc:18:30:26:
                    64:b6:5d:27:74:13:1b:c5:90:82:27:06:8d:80:3d:
                    87:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:2F:27:90:83:BA:D9:18:EC:A4:FC:EA:EC:F6:E7:BA:E2:30:D6:39
            X509v3 Authority Key Identifier:
                keyid:61:77:B5:B6:4B:E4:9E:81:99:95:FE:E7:F3:E3:62:1B:DC:A6:AE:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YXe1tkvknoGZlf7n8-NiG9ymrow.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/7d9c11-e1ad-47b6-af09-1713fd3ef7a7/1/YXe1tkvknoGZlf7n8-NiG9ymrow.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/7d9c11-e1ad-47b6-af09-1713fd3ef7a7/1/YXe1tkvknoGZlf7n8-NiG9ymrow.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:61:62:57:cf:6d:d5:92:29:b8:8a:67:dc:51:8c:8a:a7:6e:
         ee:5d:a3:7c:41:13:85:86:09:8a:aa:8c:d9:18:b7:4d:cb:c7:
         9e:30:72:c1:e2:ce:82:cd:98:cd:ae:f4:33:4b:08:bd:be:44:
         25:53:64:32:43:38:e5:6d:a6:b0:f5:8f:51:c6:94:5b:9c:9d:
         75:00:83:bd:bb:1a:3d:17:38:35:cb:41:16:65:dd:09:11:41:
         b3:1e:5e:e7:a4:b2:fc:7c:ff:fd:ff:04:7b:01:f4:97:9a:ad:
         71:da:76:ef:27:08:95:35:e7:8c:ec:53:ff:1c:c6:26:4d:17:
         fa:ae:b2:f8:f7:28:86:8b:7e:20:3f:06:a6:57:08:55:72:f0:
         3b:1d:ad:32:18:de:a5:18:04:2d:f6:ba:93:b0:57:61:38:51:
         50:ab:3d:36:22:32:8e:2a:8d:44:fb:1b:32:88:d4:c2:b9:73:
         ae:f6:66:ce:a6:53:72:fe:f7:5b:70:cb:dd:03:0b:73:09:45:
         40:77:02:d4:ab:19:2a:be:50:e2:ae:40:10:7c:bf:a0:19:23:
         0d:87:6d:80:85:81:41:8d:28:4c:73:ae:52:b5:73:d5:17:b2:
         a4:3e:ae:15:b8:6b:3c:16:bb:48:a4:64:b5:9f:e7:84:7d:fe:
         f9:14:da:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUygNjDhk/DNBV3p3KU3oTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNzdiNWI2NGJlNDllODE5OTk1ZmVlN2YzZTM2MjFiZGNh
NmFlOGMwHhcNMjUwNDIwMjAwMDQ3WhcNMjUwNDIxMjAwMDQ3WjAzMTEwLwYDVQQD
EyhhYzJmMjc5MDgzYmFkOTE4ZWNhNGZjZWFlY2Y2ZTdiYWUyMzBkNjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmIFJFj4vWUSZTSr7DjRekUCxP8o
UnpYYKM47sdZmwUz1xHuuwYB21Zs1c14VgQoItLQPMXO1O1i4JqXLxZj438dhsYR
nAhriMRzHwDjOaVo6j1unm4e9eNIay/TiUroh+K0ndj9EYsF5qNwk0FgkcT/PTP3
uYqq3fWM+0zBPAB1+LP5tXaBVOG7CYi4nWL2ZVu8fzlum0tLpkgHNkfi8/dPn3sZ
vnjUeVZPtLO9sKH7sdz5Qm7aeXdBkyFjcVDO7Z5DckFdGbu7puWg3MH1jXHArEcW
fzMFzdcY4vnN+slEifPwRp+LtlhZnNwYMCZktl0ndBMbxZCCJwaNgD2HYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKwvJ5CDutkY7KT86uz257riMNY5MB8GA1UdIwQY
MBaAFGF3tbZL5J6BmZX+5/PjYhvcpq6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVhlMXRrdmtub0dabGY3bjgtTmlHOXltcm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC83ZDljMTEtZTFhZC00N2I2LWFmMDkt
MTcxM2ZkM2VmN2E3LzEvWVhlMXRrdmtub0dabGY3bjgtTmlHOXltcm93Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC83ZDljMTEtZTFhZC00N2I2LWFmMDktMTcxM2ZkM2VmN2E3
LzEvWVhlMXRrdmtub0dabGY3bjgtTmlHOXltcm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtWFiV89t
1ZIpuIpn3FGMiqdu7l2jfEEThYYJiqqM2Ri3TcvHnjByweLOgs2Yza70M0sIvb5E
JVNkMkM45W2msPWPUcaUW5yddQCDvbsaPRc4NctBFmXdCRFBsx5e56Sy/Hz//f8E
ewH0l5qtcdp27ycIlTXnjOxT/xzGJk0X+q6y+Pcohot+ID8GplcIVXLwOx2tMhje
pRgELfa6k7BXYThRUKs9NiIyjiqNRPsbMojUwrlzrvZmzqZTcv73W3DL3QMLcwlF
QHcC1KsZKr5Q4q5AEHy/oBkjDYdtgIWBQY0oTHOuUrVz1ReypD6uFbhrPBa7SKRk
tZ/nhH3++RTa0w==
-----END CERTIFICATE-----