Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
File:                     PYyo-vPO4aXlGlxc2_lIKgACe2U.mft (raw, json)
Hash identifier:          kwk0NtHrj7p81xnir+vUfRmXH5sYO26Wb9XO8ohmkZo=
Subject key identifier:   94:55:36:AD:E7:9E:AF:92:7A:FC:CA:BC:2C:CB:0C:AB:DD:F9:E4:79
Authority key identifier: 3D:8C:A8:FA:F3:CE:E1:A5:E5:1A:5C:5C:DB:F9:48:2A:00:02:7B:65
Certificate issuer:       /CN=3d8ca8faf3cee1a5e51a5c5cdbf9482a00027b65
Certificate serial:       01964B90C1D314D9AE8C902BA80F3AEE5DE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
Manifest number:          0A66
Signing time:             Sat 19 Apr 2025 01:01:39 +0000
Manifest this update:     Sat 19 Apr 2025 01:01:39 +0000
Manifest next update:     Sun 20 Apr 2025 01:01:39 +0000
Files and hashes:         1: PYyo-vPO4aXlGlxc2_lIKgACe2U.crl (hash: 8EKhZ1+K80IWzT3w+3WdrlSDL8p03M/rn5q3I6wlIbA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 01:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4b:90:c1:d3:14:d9:ae:8c:90:2b:a8:0f:3a:ee:5d:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d8ca8faf3cee1a5e51a5c5cdbf9482a00027b65
        Validity
            Not Before: Apr 19 01:01:39 2025 GMT
            Not After : Apr 20 01:01:39 2025 GMT
        Subject: CN=945536ade79eaf927afccabc2ccb0cabddf9e479
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:7f:6f:16:d2:0f:c8:36:37:c2:5b:31:86:34:
                    ed:07:91:35:08:57:c9:3f:ab:e3:4e:91:03:d8:d9:
                    10:1d:59:d2:a9:79:26:6f:29:1f:d1:48:a9:69:6a:
                    4b:f6:05:30:e7:27:63:f7:90:04:37:24:92:0e:fe:
                    0b:d0:62:19:c4:e9:6b:17:58:d7:eb:29:17:62:85:
                    e5:40:c1:0b:dc:74:88:7b:4b:6f:bb:4e:22:6b:bf:
                    57:d3:82:1a:18:11:26:ca:c1:3e:3c:88:7a:bf:39:
                    c8:1e:03:63:83:6e:2e:d3:b0:92:c3:d0:a0:b5:52:
                    54:df:be:36:45:0f:e4:9c:99:68:5d:4e:68:70:75:
                    e7:2f:d1:c7:42:0f:3f:08:1f:f7:37:bf:5e:ae:0a:
                    56:ac:60:6b:cf:2c:e2:18:30:86:a8:04:e3:fb:3b:
                    fc:95:b1:5d:ef:f3:16:a7:c8:55:a2:c3:6e:f6:66:
                    b0:b6:7f:a4:ee:21:2f:7d:e8:8e:a4:04:d3:ab:62:
                    d8:2f:5d:56:4e:58:af:bc:d7:ce:39:a6:d4:20:6a:
                    fd:0c:99:cc:9c:ed:46:88:68:a0:48:a6:cf:70:38:
                    70:08:86:ef:3c:97:d1:63:5e:b7:55:17:2b:fb:7f:
                    43:a5:b8:56:c7:84:51:82:7c:3c:0d:d2:a3:21:29:
                    dc:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:55:36:AD:E7:9E:AF:92:7A:FC:CA:BC:2C:CB:0C:AB:DD:F9:E4:79
            X509v3 Authority Key Identifier:
                keyid:3D:8C:A8:FA:F3:CE:E1:A5:E5:1A:5C:5C:DB:F9:48:2A:00:02:7B:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:4a:c6:c8:1b:ee:2c:ea:91:9d:b9:30:6b:5b:52:96:ac:32:
         cc:ab:f3:85:fd:bf:16:ab:24:34:fc:c5:f7:48:a2:b2:f9:86:
         f1:6d:36:ff:58:16:23:9b:a7:30:3c:1d:85:ec:a4:59:28:4b:
         d6:f8:72:6e:a6:58:87:cc:62:e2:db:60:f3:f5:23:f6:a7:91:
         a3:7b:ce:ae:a2:6a:f7:ff:71:6a:0b:20:88:7d:6e:36:53:44:
         58:fe:04:1c:69:c2:e0:30:86:dc:c8:bd:93:38:5e:09:6e:4f:
         26:5e:ed:db:33:6a:70:7f:d6:65:19:a1:d6:98:db:2a:27:66:
         f8:fe:af:60:c1:4a:20:09:51:c4:78:c4:cc:73:e6:1b:db:58:
         3e:b6:e2:76:1b:1b:bf:0d:d7:3a:04:fb:d6:b2:fb:b0:cd:33:
         3c:c5:a0:b3:3f:cd:de:88:b5:86:54:ca:f1:11:be:7b:ff:a5:
         6d:67:43:22:5b:75:80:f3:13:76:5f:30:41:ea:d6:54:7c:4e:
         2c:14:50:17:53:51:6d:eb:ec:e9:ff:a9:89:28:97:51:f5:92:
         ef:dd:74:21:f5:c2:75:64:d7:3c:8d:98:35:9d:3e:d3:27:32:
         05:77:9e:0a:9a:93:c6:db:3c:37:fd:5c:02:21:56:6d:3d:43:
         41:42:da:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZLkMHTFNmujJArqA867l3jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGNhOGZhZjNjZWUxYTVlNTFhNWM1Y2RiZjk0ODJhMDAw
MjdiNjUwHhcNMjUwNDE5MDEwMTM5WhcNMjUwNDIwMDEwMTM5WjAzMTEwLwYDVQQD
Eyg5NDU1MzZhZGU3OWVhZjkyN2FmY2NhYmMyY2NiMGNhYmRkZjllNDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi39vFtIPyDY3wlsxhjTtB5E1CFfJ
P6vjTpED2NkQHVnSqXkmbykf0UipaWpL9gUw5ydj95AENySSDv4L0GIZxOlrF1jX
6ykXYoXlQMEL3HSIe0tvu04ia79X04IaGBEmysE+PIh6vznIHgNjg24u07CSw9Cg
tVJU3742RQ/knJloXU5ocHXnL9HHQg8/CB/3N79ergpWrGBrzyziGDCGqATj+zv8
lbFd7/MWp8hVosNu9mawtn+k7iEvfeiOpATTq2LYL11WTlivvNfOOabUIGr9DJnM
nO1GiGigSKbPcDhwCIbvPJfRY163VRcr+39DpbhWx4RRgnw8DdKjISnctQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJRVNq3nnq+SevzKvCzLDKvd+eR5MB8GA1UdIwQY
MBaAFD2MqPrzzuGl5RpcXNv5SCoAAntlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8xMTIzN2QtYzY5ZC00MGQ0LWI0ZDct
NGUxNWI4NGVlNzA2LzEvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8xMTIzN2QtYzY5ZC00MGQ0LWI0ZDctNGUxNWI4NGVlNzA2
LzEvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH0rGyBvu
LOqRnbkwa1tSlqwyzKvzhf2/FqskNPzF90iisvmG8W02/1gWI5unMDwdheykWShL
1vhybqZYh8xi4ttg8/Uj9qeRo3vOrqJq9/9xagsgiH1uNlNEWP4EHGnC4DCG3Mi9
kzheCW5PJl7t2zNqcH/WZRmh1pjbKidm+P6vYMFKIAlRxHjEzHPmG9tYPrbidhsb
vw3XOgT71rL7sM0zPMWgsz/N3oi1hlTK8RG+e/+lbWdDIlt1gPMTdl8wQerWVHxO
LBRQF1NRbevs6f+piSiXUfWS7910IfXCdWTXPI2YNZ0+0ycyBXeeCpqTxts8N/1c
AiFWbT1DQULaVg==
-----END CERTIFICATE-----