Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft
File:                     Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft (raw, json)
Hash identifier:          vP/wAq2gcbdp/fAARSES2iNQx+uU08dR/H0aKlDmboQ=
Subject key identifier:   28:47:E1:93:3B:D2:70:AE:F8:D8:44:BF:2E:B1:B4:E8:39:A3:25:7E
Authority key identifier: 62:D6:E4:BF:FA:2B:4D:1B:C4:0E:92:B3:0A:F0:D2:1A:74:B0:BB:D0
Certificate issuer:       /CN=62d6e4bffa2b4d1bc40e92b30af0d21a74b0bbd0
Certificate serial:       0194C3879CA49FF7924B3BC6AD468BA62A5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ytbkv_orTRvEDpKzCvDSGnSwu9A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft
Manifest number:          142A
Signing time:             Sat 01 Feb 2025 22:00:32 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:32 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:32 +0000
Files and hashes:         1: Ytbkv_orTRvEDpKzCvDSGnSwu9A.crl (hash: f6VRGLIINrLVUcM7r+0VvEO78TzdJOaC0FBdL+EBdnA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ytbkv_orTRvEDpKzCvDSGnSwu9A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:9c:a4:9f:f7:92:4b:3b:c6:ad:46:8b:a6:2a:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62d6e4bffa2b4d1bc40e92b30af0d21a74b0bbd0
        Validity
            Not Before: Feb  1 22:00:32 2025 GMT
            Not After : Feb  2 22:00:32 2025 GMT
        Subject: CN=2847e1933bd270aef8d844bf2eb1b4e839a3257e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:b5:96:57:b0:54:81:44:31:32:21:12:57:09:
                    4d:92:bf:c8:0c:9a:72:89:35:bf:9d:fd:ca:60:c5:
                    cb:2a:78:b6:69:1c:7f:96:b8:16:ff:5d:e8:49:9e:
                    7d:56:6b:51:28:7a:f1:4e:8c:03:17:7a:ec:a9:57:
                    29:5c:07:43:39:d2:5c:0a:5e:b9:54:ca:ff:ab:2f:
                    d7:45:0a:e5:ad:5e:10:82:80:13:28:ac:9f:68:c4:
                    ad:ef:3d:2b:11:85:3c:56:9f:16:a7:ee:c9:cd:80:
                    4f:34:34:86:ae:38:7d:9d:7e:58:f4:a6:6a:90:ec:
                    7e:69:a3:42:67:00:24:48:9d:b3:4e:77:c8:ac:58:
                    91:4b:39:d9:ef:19:c5:04:49:cb:a6:2d:6b:28:71:
                    81:28:62:66:c6:d5:2d:59:c6:ac:36:bc:34:3b:4d:
                    76:b6:c4:7f:df:86:70:b3:6a:48:10:81:43:3a:db:
                    21:15:14:ef:bb:69:67:57:dc:dd:55:6f:6c:ea:0d:
                    79:d2:7d:f1:b9:a2:e2:91:49:52:98:f2:e4:d4:00:
                    04:da:b9:8e:11:47:da:17:f1:95:f0:52:6e:9c:4d:
                    5c:9e:b6:2a:14:dd:2d:19:68:63:2a:d3:a5:1e:94:
                    df:5f:3c:34:44:d2:b3:08:5a:c3:68:34:e0:cc:b7:
                    fc:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:47:E1:93:3B:D2:70:AE:F8:D8:44:BF:2E:B1:B4:E8:39:A3:25:7E
            X509v3 Authority Key Identifier:
                keyid:62:D6:E4:BF:FA:2B:4D:1B:C4:0E:92:B3:0A:F0:D2:1A:74:B0:BB:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ytbkv_orTRvEDpKzCvDSGnSwu9A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:b9:27:32:a0:0b:b2:ff:29:d4:31:0d:8a:35:9c:ed:4d:f0:
         2c:ce:41:6a:ab:f3:55:a2:89:95:e9:c8:6c:57:2b:61:1c:22:
         d2:b2:d5:a9:a0:ba:f6:98:85:1e:67:76:32:71:a0:a9:ef:92:
         71:b1:03:72:ed:95:43:de:9b:37:5b:d5:28:76:7d:c0:d7:4e:
         16:e8:7b:b9:86:7d:7e:cb:9a:b2:06:d8:74:6c:60:14:f2:40:
         8a:ff:d4:41:2e:f8:17:d5:0b:db:90:73:4b:af:ad:3d:2d:8e:
         90:98:69:be:71:c4:77:e1:82:af:2a:f8:70:91:00:77:bd:66:
         fc:03:02:5d:c1:68:92:c1:0c:66:2b:54:71:02:3e:af:fb:4a:
         b8:5e:68:13:a2:72:1f:f4:5c:bd:20:5a:0c:3e:64:97:d3:bc:
         25:81:5e:c9:d0:9b:47:f8:d0:ca:e6:ba:06:56:80:a9:0b:f9:
         3a:5c:d2:34:89:ea:5c:f5:1f:8e:12:14:82:37:58:8e:62:b2:
         2e:b7:7b:a2:71:6f:02:35:da:fa:8c:39:7d:10:d4:e1:37:dd:
         54:3e:bc:e3:d9:7c:a5:4a:78:ca:91:a8:d3:5c:0b:b4:6e:01:
         62:53:1a:14:64:f9:82:fb:81:97:81:8e:be:21:9f:65:a7:da:
         a0:77:ea:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh5ykn/eSSzvGrUaLpipcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZDZlNGJmZmEyYjRkMWJjNDBlOTJiMzBhZjBkMjFhNzRi
MGJiZDAwHhcNMjUwMjAxMjIwMDMyWhcNMjUwMjAyMjIwMDMyWjAzMTEwLwYDVQQD
EygyODQ3ZTE5MzNiZDI3MGFlZjhkODQ0YmYyZWIxYjRlODM5YTMyNTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrWWV7BUgUQxMiESVwlNkr/IDJpy
iTW/nf3KYMXLKni2aRx/lrgW/13oSZ59VmtRKHrxTowDF3rsqVcpXAdDOdJcCl65
VMr/qy/XRQrlrV4QgoATKKyfaMSt7z0rEYU8Vp8Wp+7JzYBPNDSGrjh9nX5Y9KZq
kOx+aaNCZwAkSJ2zTnfIrFiRSznZ7xnFBEnLpi1rKHGBKGJmxtUtWcasNrw0O012
tsR/34Zws2pIEIFDOtshFRTvu2lnV9zdVW9s6g150n3xuaLikUlSmPLk1AAE2rmO
EUfaF/GV8FJunE1cnrYqFN0tGWhjKtOlHpTfXzw0RNKzCFrDaDTgzLf8zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChH4ZM70nCu+NhEvy6xtOg5oyV+MB8GA1UdIwQY
MBaAFGLW5L/6K00bxA6Sswrw0hp0sLvQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXRia3Zfb3JUUnZFRHBLekN2RFNHblN3dTlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi84NzY3NTAtYTIzMC00ZjI2LWI0NDIt
ZjE1NTU0ZmE0YjBiLzEvWXRia3Zfb3JUUnZFRHBLekN2RFNHblN3dTlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi84NzY3NTAtYTIzMC00ZjI2LWI0NDItZjE1NTU0ZmE0YjBi
LzEvWXRia3Zfb3JUUnZFRHBLekN2RFNHblN3dTlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHbknMqAL
sv8p1DENijWc7U3wLM5BaqvzVaKJlenIbFcrYRwi0rLVqaC69piFHmd2MnGgqe+S
cbEDcu2VQ96bN1vVKHZ9wNdOFuh7uYZ9fsuasgbYdGxgFPJAiv/UQS74F9UL25Bz
S6+tPS2OkJhpvnHEd+GCryr4cJEAd71m/AMCXcFoksEMZitUcQI+r/tKuF5oE6Jy
H/RcvSBaDD5kl9O8JYFeydCbR/jQyua6BlaAqQv5OlzSNInqXPUfjhIUgjdYjmKy
Lrd7onFvAjXa+ow5fRDU4TfdVD6849l8pUp4ypGo01wLtG4BYlMaFGT5gvuBl4GO
viGfZafaoHfq0w==
-----END CERTIFICATE-----