Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
File:                     PYyo-vPO4aXlGlxc2_lIKgACe2U.mft (raw, json)
Hash identifier:          5f0p0ArVm5raDgiB2Au0eVTe60KqTWEbByuQLOo6+rc=
Subject key identifier:   49:24:A7:F5:77:8D:85:F0:17:F1:AD:49:51:5C:72:D5:DF:25:35:DC
Authority key identifier: 3D:8C:A8:FA:F3:CE:E1:A5:E5:1A:5C:5C:DB:F9:48:2A:00:02:7B:65
Certificate issuer:       /CN=3d8ca8faf3cee1a5e51a5c5cdbf9482a00027b65
Certificate serial:       0197488C673A10D0707F7A255386D7EA15FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
Manifest number:          0AE9
Signing time:             Sat 07 Jun 2025 04:00:50 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:50 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:50 +0000
Files and hashes:         1: PYyo-vPO4aXlGlxc2_lIKgACe2U.crl (hash: DzZxSVfDLRGLb1VhyefYQf0SL8a5j3k+vhO4uLMsDWI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:67:3a:10:d0:70:7f:7a:25:53:86:d7:ea:15:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d8ca8faf3cee1a5e51a5c5cdbf9482a00027b65
        Validity
            Not Before: Jun  7 04:00:50 2025 GMT
            Not After : Jun  8 04:00:50 2025 GMT
        Subject: CN=4924a7f5778d85f017f1ad49515c72d5df2535dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:dd:3e:bb:93:8f:06:f5:e7:e3:dd:5a:a6:7a:
                    63:f4:ba:ad:07:78:b9:db:b2:b2:c9:a7:03:57:c5:
                    c2:d8:46:d3:80:fd:d5:eb:9a:df:5f:89:90:e4:de:
                    15:67:38:dd:25:fa:de:2c:d1:15:84:89:7c:bf:fb:
                    54:02:fb:0c:0b:2d:7f:04:e5:21:b0:97:37:dc:5e:
                    69:4d:f5:30:a7:cf:b2:73:f4:ad:75:0c:c2:fb:cb:
                    37:fe:74:b2:e4:35:dd:95:6e:3b:3a:69:17:3e:d2:
                    c0:ca:d7:4d:12:eb:5d:39:3b:d7:34:06:03:fc:15:
                    57:18:35:27:b1:93:5b:01:30:65:04:41:ee:b0:91:
                    41:31:63:1d:51:2a:70:ca:78:89:02:b9:8c:27:9f:
                    b9:78:22:70:c5:3f:c0:56:d3:29:40:44:1f:17:b6:
                    6c:35:a6:24:e2:e8:90:53:19:ae:3a:80:98:e5:59:
                    32:59:68:d0:7a:e7:72:1a:79:a1:4c:47:f2:b0:d1:
                    28:c9:29:f3:b8:ba:8c:b8:36:d6:ef:f7:32:c1:04:
                    70:46:39:35:7f:62:aa:f0:5f:e1:08:4a:a3:19:d6:
                    5b:6d:c8:65:07:6f:46:25:08:4f:da:c9:21:f9:09:
                    69:8d:c0:88:3e:df:c9:85:3a:5f:9d:89:b4:5d:3f:
                    d4:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:24:A7:F5:77:8D:85:F0:17:F1:AD:49:51:5C:72:D5:DF:25:35:DC
            X509v3 Authority Key Identifier:
                keyid:3D:8C:A8:FA:F3:CE:E1:A5:E5:1A:5C:5C:DB:F9:48:2A:00:02:7B:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:11:50:60:0b:f5:55:02:69:61:5c:a5:02:b9:00:75:e4:ac:
         2d:05:15:2b:a0:04:81:98:c1:ab:bc:fc:0b:b9:52:a0:25:2f:
         39:05:d7:8e:45:7b:a2:a0:4d:20:18:8e:ea:7f:b9:ff:c3:f5:
         63:d1:6d:b6:e5:72:fa:6b:aa:63:59:5c:13:a3:75:0b:74:2c:
         32:3a:71:b1:fc:1e:de:2e:38:de:ae:ad:01:1e:72:b7:e6:be:
         40:0d:08:b4:69:57:3a:9f:09:8f:53:b9:28:15:1e:f4:9d:45:
         10:c9:5e:65:a5:99:45:66:5e:3e:ba:09:8d:f7:3e:12:f0:8f:
         5d:56:65:57:ac:a6:2f:55:21:ea:12:71:b7:0a:4f:cf:9d:06:
         b8:94:88:db:4c:8e:f1:89:95:78:98:aa:48:91:5a:48:ed:6c:
         7e:36:e1:c1:0b:cf:5c:1f:08:bc:62:c8:42:8b:ea:13:50:cf:
         64:b0:e8:9f:78:9b:0d:ec:5a:f7:c9:21:26:f1:01:bf:9d:e9:
         50:24:ff:13:ee:a1:4c:ba:fb:fd:f5:66:69:92:43:e1:cc:a7:
         8b:01:04:a1:05:d4:4c:1d:2f:4e:dd:fe:bf:b4:2a:ab:a1:f4:
         d9:20:3b:18:31:6b:58:27:9e:08:0d:88:d5:d7:0e:c5:dc:2b:
         b7:ec:82:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjGc6ENBwf3olU4bX6hX9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGNhOGZhZjNjZWUxYTVlNTFhNWM1Y2RiZjk0ODJhMDAw
MjdiNjUwHhcNMjUwNjA3MDQwMDUwWhcNMjUwNjA4MDQwMDUwWjAzMTEwLwYDVQQD
Eyg0OTI0YTdmNTc3OGQ4NWYwMTdmMWFkNDk1MTVjNzJkNWRmMjUzNWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyt0+u5OPBvXn491apnpj9LqtB3i5
27KyyacDV8XC2EbTgP3V65rfX4mQ5N4VZzjdJfreLNEVhIl8v/tUAvsMCy1/BOUh
sJc33F5pTfUwp8+yc/StdQzC+8s3/nSy5DXdlW47OmkXPtLAytdNEutdOTvXNAYD
/BVXGDUnsZNbATBlBEHusJFBMWMdUSpwyniJArmMJ5+5eCJwxT/AVtMpQEQfF7Zs
NaYk4uiQUxmuOoCY5VkyWWjQeudyGnmhTEfysNEoySnzuLqMuDbW7/cywQRwRjk1
f2Kq8F/hCEqjGdZbbchlB29GJQhP2skh+QlpjcCIPt/JhTpfnYm0XT/UCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEkkp/V3jYXwF/GtSVFcctXfJTXcMB8GA1UdIwQY
MBaAFD2MqPrzzuGl5RpcXNv5SCoAAntlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8xMTIzN2QtYzY5ZC00MGQ0LWI0ZDct
NGUxNWI4NGVlNzA2LzEvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8xMTIzN2QtYzY5ZC00MGQ0LWI0ZDctNGUxNWI4NGVlNzA2
LzEvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALxFQYAv1
VQJpYVylArkAdeSsLQUVK6AEgZjBq7z8C7lSoCUvOQXXjkV7oqBNIBiO6n+5/8P1
Y9FttuVy+muqY1lcE6N1C3QsMjpxsfwe3i443q6tAR5yt+a+QA0ItGlXOp8Jj1O5
KBUe9J1FEMleZaWZRWZeProJjfc+EvCPXVZlV6ymL1Uh6hJxtwpPz50GuJSI20yO
8YmVeJiqSJFaSO1sfjbhwQvPXB8IvGLIQovqE1DPZLDon3ibDexa98khJvEBv53p
UCT/E+6hTLr7/fVmaZJD4cyniwEEoQXUTB0vTt3+v7Qqq6H02SA7GDFrWCeeCA2I
1dcOxdwrt+yCYQ==
-----END CERTIFICATE-----