Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
File:                     ydD7lgitlbS_5q4unxPgAv2raA0.mft (raw, json)
Hash identifier:          ACLhZK//potLqC8ucQh0IVVTuUM+wlqXZeMCLtDvdwE=
Subject key identifier:   02:A8:43:F1:86:CC:52:DB:FE:26:B2:05:62:B8:03:1C:D0:CD:21:DB
Authority key identifier: C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D
Certificate issuer:       /CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
Certificate serial:       019654C9BF67B5D4D0445F2062620D7636DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
Manifest number:          0397
Signing time:             Sun 20 Apr 2025 20:00:29 +0000
Manifest this update:     Sun 20 Apr 2025 20:00:29 +0000
Manifest next update:     Mon 21 Apr 2025 20:00:29 +0000
Files and hashes:         1: ydD7lgitlbS_5q4unxPgAv2raA0.crl (hash: 00FaOn/KepZqSZcVh5rGnueQx82rMwy2Q1vKq++f/Hc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:c9:bf:67:b5:d4:d0:44:5f:20:62:62:0d:76:36:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
        Validity
            Not Before: Apr 20 20:00:29 2025 GMT
            Not After : Apr 21 20:00:29 2025 GMT
        Subject: CN=02a843f186cc52dbfe26b20562b8031cd0cd21db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:e9:ad:b4:e5:2c:cc:5b:fe:f4:d5:f8:4a:b7:
                    1a:15:13:6a:c6:0e:5e:98:1e:28:4b:ca:36:68:82:
                    21:68:ca:08:b0:5e:ac:ae:7e:0b:93:32:50:45:9c:
                    f1:5e:2e:c8:c2:92:e8:1d:54:44:7a:fd:d2:b1:94:
                    0d:77:73:df:41:c8:20:81:4b:c5:94:d1:dc:a2:62:
                    71:ae:a0:64:99:44:9c:86:ec:a5:97:2d:10:d5:fb:
                    be:2f:51:32:3a:be:42:19:7d:d0:68:05:12:d1:bf:
                    49:70:4e:86:1b:d9:72:48:ef:17:8f:01:12:15:cf:
                    12:3d:7b:27:ff:07:ae:b9:d0:d0:1d:c9:dc:b1:ae:
                    54:21:95:49:73:2f:2c:01:e1:90:c8:46:32:a2:74:
                    d9:62:4a:40:71:d7:dd:80:eb:8f:00:ab:32:62:cb:
                    43:62:cd:04:4f:30:0b:b4:ae:a6:13:d2:f3:92:3b:
                    a8:a3:72:83:a5:b5:21:c7:3d:8f:17:81:17:7f:1c:
                    2f:8a:65:06:df:c7:5e:8c:1e:a1:16:8f:3c:61:93:
                    87:f5:13:f4:e9:d1:6b:26:13:57:71:64:22:3b:27:
                    1b:e9:46:3f:f1:cf:59:34:e8:d3:f6:a0:28:0b:0f:
                    be:38:50:02:2f:3a:45:e8:05:56:e3:35:41:40:4d:
                    fc:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:A8:43:F1:86:CC:52:DB:FE:26:B2:05:62:B8:03:1C:D0:CD:21:DB
            X509v3 Authority Key Identifier:
                keyid:C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:9b:ae:bd:26:31:08:8e:26:31:3b:c2:c1:a4:4a:fe:35:88:
         20:3f:b3:b4:cf:ca:5e:ec:49:da:ee:92:b8:9a:12:aa:1b:7a:
         b0:43:7c:9a:fe:e5:11:17:93:e4:98:84:dd:dd:e8:eb:f5:4a:
         ba:28:b7:82:0e:01:23:9f:13:95:af:8a:da:b5:bf:f0:6e:15:
         ab:3e:77:10:fb:87:67:4f:ae:d6:6f:4d:5c:6e:02:48:30:88:
         07:da:8d:b3:a9:58:74:0b:b0:a7:97:e8:bb:f8:7f:b0:79:b7:
         b9:de:d3:2d:a9:30:94:af:ab:09:67:05:f0:65:f3:b5:87:95:
         2b:99:6e:52:ad:ed:90:73:33:06:d8:9a:88:dc:22:c8:a9:85:
         b8:d9:e1:97:37:a9:92:6e:59:3b:ea:69:a2:5a:d7:86:6e:3c:
         19:ba:79:ba:3b:bf:99:d5:51:a6:2d:12:3e:72:4f:8d:e1:71:
         71:24:42:3e:b3:bd:8e:67:34:89:29:a5:73:a8:c1:b8:50:bb:
         05:c0:67:e7:73:cc:3b:c2:11:68:f8:07:6c:b6:ba:f2:3c:69:
         04:45:da:bf:4a:15:15:cb:82:63:10:07:23:3a:96:12:85:9b:
         5a:c1:cc:a2:68:e7:98:a9:e3:ea:fe:bd:9d:77:fb:2e:5f:10:
         ff:b7:79:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUyb9ntdTQRF8gYmINdjbcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDBmYjk2MDhhZDk1YjRiZmU2YWUyZTlmMTNlMDAyZmRh
YjY4MGQwHhcNMjUwNDIwMjAwMDI5WhcNMjUwNDIxMjAwMDI5WjAzMTEwLwYDVQQD
EygwMmE4NDNmMTg2Y2M1MmRiZmUyNmIyMDU2MmI4MDMxY2QwY2QyMWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+mttOUszFv+9NX4SrcaFRNqxg5e
mB4oS8o2aIIhaMoIsF6srn4LkzJQRZzxXi7IwpLoHVREev3SsZQNd3PfQcgggUvF
lNHcomJxrqBkmUSchuylly0Q1fu+L1EyOr5CGX3QaAUS0b9JcE6GG9lySO8XjwES
Fc8SPXsn/weuudDQHcncsa5UIZVJcy8sAeGQyEYyonTZYkpAcdfdgOuPAKsyYstD
Ys0ETzALtK6mE9Lzkjuoo3KDpbUhxz2PF4EXfxwvimUG38dejB6hFo88YZOH9RP0
6dFrJhNXcWQiOycb6UY/8c9ZNOjT9qAoCw++OFACLzpF6AVW4zVBQE38oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAKoQ/GGzFLb/iayBWK4AxzQzSHbMB8GA1UdIwQY
MBaAFMnQ+5YIrZW0v+auLp8T4AL9q2gNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjkt
MDUzNDk1ODc1OWFjLzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjktMDUzNDk1ODc1OWFj
LzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdZuuvSYx
CI4mMTvCwaRK/jWIID+ztM/KXuxJ2u6SuJoSqht6sEN8mv7lEReT5JiE3d3o6/VK
uii3gg4BI58Tla+K2rW/8G4Vqz53EPuHZ0+u1m9NXG4CSDCIB9qNs6lYdAuwp5fo
u/h/sHm3ud7TLakwlK+rCWcF8GXztYeVK5luUq3tkHMzBtiaiNwiyKmFuNnhlzep
km5ZO+ppolrXhm48Gbp5uju/mdVRpi0SPnJPjeFxcSRCPrO9jmc0iSmlc6jBuFC7
BcBn53PMO8IRaPgHbLa68jxpBEXav0oVFcuCYxAHIzqWEoWbWsHMomjnmKnj6v69
nXf7Ll8Q/7d56Q==
-----END CERTIFICATE-----