Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
File:                     YTChAogFFzqiJUSk67mECskbyNA.mft (raw, json)
Hash identifier:          ZgRo+F9QYeAWK4BtPF+uE7bjTon+CAtc9m6zGZJDWgw=
Subject key identifier:   98:97:ED:A4:D5:36:A8:12:0A:39:50:DC:8A:E1:55:DD:9A:58:1A:94
Authority key identifier: 61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0
Certificate issuer:       /CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
Certificate serial:       019645C5746E11C15C3180EA60F295231F5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
Manifest number:          0C56
Signing time:             Thu 17 Apr 2025 22:01:30 +0000
Manifest this update:     Thu 17 Apr 2025 22:01:30 +0000
Manifest next update:     Fri 18 Apr 2025 22:01:30 +0000
Files and hashes:         1: YTChAogFFzqiJUSk67mECskbyNA.crl (hash: vCz49ESN6IJ86fwaqXSGVxxWmgYGSzyqFS1ak61B2Ro=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:45:c5:74:6e:11:c1:5c:31:80:ea:60:f2:95:23:1f:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
        Validity
            Not Before: Apr 17 22:01:30 2025 GMT
            Not After : Apr 18 22:01:30 2025 GMT
        Subject: CN=9897eda4d536a8120a3950dc8ae155dd9a581a94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:d9:f0:a3:5e:3d:a7:2f:19:f6:7f:50:a1:cb:
                    ee:f7:ad:cd:30:8e:e8:5e:d4:7d:2e:b1:a0:70:f1:
                    db:d3:ae:2d:04:50:54:0f:35:b5:ec:9b:13:e3:75:
                    69:9b:1a:60:39:f2:37:16:01:bc:13:31:1d:5b:79:
                    f4:dd:0d:52:56:30:21:be:aa:81:0d:c1:55:7d:fa:
                    c4:7e:5f:36:3e:06:c1:c2:b7:40:6d:ef:42:80:04:
                    ff:3e:f1:ba:59:9b:60:f6:54:6f:bc:63:52:90:45:
                    96:09:95:c3:1b:b4:58:57:4d:76:c9:68:55:8c:35:
                    85:46:80:c3:7a:45:7e:cb:c6:ab:17:9c:09:f9:4f:
                    2e:93:34:b3:56:cc:49:ec:6e:31:6a:0d:5d:4f:9e:
                    20:ff:b3:d4:98:bc:d2:df:f9:8d:c2:b1:b2:57:5d:
                    91:e3:12:f9:66:fa:fa:81:6e:a4:72:84:a7:b3:33:
                    21:68:6d:18:69:cf:67:58:ec:41:9e:5b:5c:ed:7b:
                    82:5a:15:2a:99:22:7d:0e:42:a0:2d:5d:64:6e:ca:
                    98:b3:d1:16:32:8c:bc:ff:ec:3c:34:93:e9:20:d2:
                    3a:8f:8e:14:97:aa:03:ae:8a:e8:e4:6e:ec:b7:13:
                    76:ff:0d:1c:90:1d:84:33:f6:d6:e2:0b:c1:d8:e2:
                    b0:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:97:ED:A4:D5:36:A8:12:0A:39:50:DC:8A:E1:55:DD:9A:58:1A:94
            X509v3 Authority Key Identifier:
                keyid:61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:29:d2:36:94:2b:6e:b1:d6:5d:b6:60:24:ad:05:e4:51:5a:
         b6:cc:f7:3a:8c:f4:08:ac:a6:7c:f6:a9:ca:80:ba:ff:65:f9:
         20:69:b1:7c:64:37:6a:9b:15:ee:fa:72:49:1a:61:aa:ab:88:
         80:7c:94:d0:69:8a:58:89:bf:f5:7b:0c:18:18:69:bc:ed:e4:
         58:8c:a0:40:90:91:3d:88:3a:59:0f:43:d9:d9:be:36:a6:b8:
         5e:eb:d3:20:8f:38:9e:ff:81:d0:82:53:8a:79:a2:d1:5b:40:
         63:05:2a:4f:d9:2c:8f:65:32:bd:60:27:93:46:3e:95:29:e2:
         c8:2b:34:d6:33:38:d3:b1:52:10:f4:f3:e7:b8:78:b2:91:7d:
         54:f7:23:ef:b9:97:ba:66:bf:e0:af:4b:59:9d:78:43:8c:41:
         f6:62:e4:95:ac:43:ab:25:a1:59:1e:1a:ff:94:69:4b:fb:ca:
         9e:6c:6b:8a:5d:5d:5d:df:18:47:f4:62:24:60:d0:83:a4:8c:
         8a:48:71:bb:8e:13:2b:85:bc:b2:0e:f2:00:d7:1f:d4:61:7a:
         5c:6b:b3:4f:72:80:a2:b9:44:55:d2:32:0d:e9:04:8a:d6:95:
         63:4f:91:67:95:4c:4a:bc:3f:57:2e:02:77:51:00:cd:7a:b8:
         a1:2c:61:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZFxXRuEcFcMYDqYPKVIx9bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzBhMTAyODgwNTE3M2FhMjI1NDRhNGViYjk4NDBhYzkx
YmM4ZDAwHhcNMjUwNDE3MjIwMTMwWhcNMjUwNDE4MjIwMTMwWjAzMTEwLwYDVQQD
Eyg5ODk3ZWRhNGQ1MzZhODEyMGEzOTUwZGM4YWUxNTVkZDlhNTgxYTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9nwo149py8Z9n9Qocvu963NMI7o
XtR9LrGgcPHb064tBFBUDzW17JsT43VpmxpgOfI3FgG8EzEdW3n03Q1SVjAhvqqB
DcFVffrEfl82PgbBwrdAbe9CgAT/PvG6WZtg9lRvvGNSkEWWCZXDG7RYV012yWhV
jDWFRoDDekV+y8arF5wJ+U8ukzSzVsxJ7G4xag1dT54g/7PUmLzS3/mNwrGyV12R
4xL5Zvr6gW6kcoSnszMhaG0Yac9nWOxBnltc7XuCWhUqmSJ9DkKgLV1kbsqYs9EW
Moy8/+w8NJPpINI6j44Ul6oDroro5G7stxN2/w0ckB2EM/bW4gvB2OKwgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJiX7aTVNqgSCjlQ3IrhVd2aWBqUMB8GA1UdIwQY
MBaAFGEwoQKIBRc6oiVEpOu5hArJG8jQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAt
YTUzYjVlOTc5MTMxLzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAtYTUzYjVlOTc5MTMx
LzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVSnSNpQr
brHWXbZgJK0F5FFatsz3Ooz0CKymfPapyoC6/2X5IGmxfGQ3apsV7vpySRphqquI
gHyU0GmKWIm/9XsMGBhpvO3kWIygQJCRPYg6WQ9D2dm+Nqa4XuvTII84nv+B0IJT
inmi0VtAYwUqT9ksj2UyvWAnk0Y+lSniyCs01jM407FSEPTz57h4spF9VPcj77mX
uma/4K9LWZ14Q4xB9mLklaxDqyWhWR4a/5RpS/vKnmxril1dXd8YR/RiJGDQg6SM
ikhxu44TK4W8sg7yANcf1GF6XGuzT3KAorlEVdIyDekEitaVY0+RZ5VMSrw/Vy4C
d1EAzXq4oSxhzg==
-----END CERTIFICATE-----