Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
File:                     YTChAogFFzqiJUSk67mECskbyNA.mft (raw, json)
Hash identifier:          b13iW5WTxmYodUu5YNn6lcaz9MG1EFWboJmN4opW898=
Subject key identifier:   AD:CD:15:54:66:32:38:AB:DB:D7:52:DB:B1:B6:D6:78:87:1A:C4:D2
Authority key identifier: 61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0
Certificate issuer:       /CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
Certificate serial:       01975045D383041EB3D73F0BC3644AE6AAC3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
Manifest number:          0CE0
Signing time:             Sun 08 Jun 2025 16:00:42 +0000
Manifest this update:     Sun 08 Jun 2025 16:00:42 +0000
Manifest next update:     Mon 09 Jun 2025 16:00:42 +0000
Files and hashes:         1: YTChAogFFzqiJUSk67mECskbyNA.crl (hash: OcSv/Jk2UspebqgjXNb09f4gJDNQo7WbOLrkftCn7kE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:45:d3:83:04:1e:b3:d7:3f:0b:c3:64:4a:e6:aa:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
        Validity
            Not Before: Jun  8 16:00:42 2025 GMT
            Not After : Jun  9 16:00:42 2025 GMT
        Subject: CN=adcd1554663238abdbd752dbb1b6d678871ac4d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:9c:b1:f1:73:e6:e1:ad:72:85:4b:10:8d:8c:
                    df:34:f7:af:cc:90:82:07:a8:1b:c6:f1:6f:59:18:
                    5c:0b:9a:67:01:ae:9f:ea:46:5a:f6:55:d4:2c:76:
                    e9:db:0c:ff:e4:56:4c:1d:a4:79:73:96:9c:88:3b:
                    ff:1f:ac:34:a3:10:7d:13:e6:f1:ba:19:7c:35:fc:
                    80:06:fa:b9:eb:be:22:53:cc:69:e3:d7:3b:22:e1:
                    f6:1a:bf:cc:68:96:1d:01:bc:02:3e:32:b5:df:be:
                    e3:11:66:70:49:c6:ff:e8:d4:26:1d:ff:d9:04:a1:
                    14:ea:b1:cd:52:f7:ec:27:c5:f8:8d:f8:74:0c:b1:
                    0e:c5:c9:a2:ef:b1:29:db:38:a9:d5:41:b8:74:ee:
                    cd:c8:e9:b4:1b:6d:01:2d:de:1d:e9:22:20:28:88:
                    82:02:a2:5f:20:85:2f:78:08:2e:dc:89:c7:4e:d2:
                    e1:d2:63:76:75:eb:5e:20:d5:49:5e:1d:ca:66:80:
                    77:dc:c1:b7:18:d5:11:88:44:94:0d:37:77:ff:ef:
                    68:87:fc:aa:a7:fb:fa:c6:51:e7:61:59:43:b2:ca:
                    bd:8e:b0:85:ea:10:7c:06:1e:09:9e:20:10:22:15:
                    ee:5a:fd:f7:05:11:ff:81:17:ee:c1:2a:7d:85:31:
                    0f:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:CD:15:54:66:32:38:AB:DB:D7:52:DB:B1:B6:D6:78:87:1A:C4:D2
            X509v3 Authority Key Identifier:
                keyid:61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:08:d1:81:0f:8e:d1:d1:fc:f3:1a:f1:4d:12:21:4e:18:66:
         27:7d:e7:c8:ad:db:14:02:75:aa:01:1e:da:b1:b3:79:eb:a8:
         d5:f8:2f:63:20:2c:0e:af:f0:f3:15:e9:c5:e3:d9:a4:5f:b3:
         43:72:f4:3d:d5:cf:29:5e:8c:35:c7:34:0d:e8:d7:30:1a:c7:
         4b:00:d6:fc:b1:af:64:61:b8:d9:c1:92:4a:66:55:02:f0:1b:
         51:28:30:1e:b0:cd:44:57:1b:22:ac:1b:31:b3:22:c5:1e:7e:
         b3:26:9a:7b:29:f8:19:de:5a:bd:8d:63:07:75:c1:1d:44:70:
         b1:26:0a:bd:b7:d5:ed:fa:83:58:b5:97:0e:26:e6:4e:5b:31:
         8c:f8:23:c2:6b:7a:20:89:2d:b4:93:aa:4a:62:1c:0a:e3:88:
         83:cd:d2:35:3c:e7:ea:46:68:7b:68:d3:d1:8e:95:d6:e6:f0:
         aa:a1:c1:f0:1f:9e:f6:c3:e9:c1:a7:36:fa:df:76:bc:69:1e:
         8d:df:e7:ea:c4:ab:79:a4:8c:4b:09:f1:05:9b:7d:ea:3c:e4:
         9c:8d:2b:d2:e3:b4:1d:25:bc:59:b3:14:6f:59:48:d2:e0:39:
         a5:17:3f:08:8b:09:dc:02:40:b4:8d:c7:4e:1c:a5:d7:c1:0a:
         c6:f8:a2:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQRdODBB6z1z8Lw2RK5qrDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzBhMTAyODgwNTE3M2FhMjI1NDRhNGViYjk4NDBhYzkx
YmM4ZDAwHhcNMjUwNjA4MTYwMDQyWhcNMjUwNjA5MTYwMDQyWjAzMTEwLwYDVQQD
EyhhZGNkMTU1NDY2MzIzOGFiZGJkNzUyZGJiMWI2ZDY3ODg3MWFjNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZyx8XPm4a1yhUsQjYzfNPevzJCC
B6gbxvFvWRhcC5pnAa6f6kZa9lXULHbp2wz/5FZMHaR5c5aciDv/H6w0oxB9E+bx
uhl8NfyABvq5674iU8xp49c7IuH2Gr/MaJYdAbwCPjK1377jEWZwScb/6NQmHf/Z
BKEU6rHNUvfsJ8X4jfh0DLEOxcmi77Ep2zip1UG4dO7NyOm0G20BLd4d6SIgKIiC
AqJfIIUveAgu3InHTtLh0mN2deteINVJXh3KZoB33MG3GNURiESUDTd3/+9oh/yq
p/v6xlHnYVlDssq9jrCF6hB8Bh4JniAQIhXuWv33BRH/gRfuwSp9hTEPNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK3NFVRmMjir29dS27G21niHGsTSMB8GA1UdIwQY
MBaAFGEwoQKIBRc6oiVEpOu5hArJG8jQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAt
YTUzYjVlOTc5MTMxLzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAtYTUzYjVlOTc5MTMx
LzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVQjRgQ+O
0dH88xrxTRIhThhmJ33nyK3bFAJ1qgEe2rGzeeuo1fgvYyAsDq/w8xXpxePZpF+z
Q3L0PdXPKV6MNcc0DejXMBrHSwDW/LGvZGG42cGSSmZVAvAbUSgwHrDNRFcbIqwb
MbMixR5+syaaeyn4Gd5avY1jB3XBHURwsSYKvbfV7fqDWLWXDibmTlsxjPgjwmt6
IIkttJOqSmIcCuOIg83SNTzn6kZoe2jT0Y6V1ubwqqHB8B+e9sPpwac2+t92vGke
jd/n6sSreaSMSwnxBZt96jzknI0r0uO0HSW8WbMUb1lI0uA5pRc/CIsJ3AJAtI3H
Thyl18EKxvii8A==
-----END CERTIFICATE-----