Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft
File:                     hyyq6fD7ed7GhEvqzowiHO9NMsk.mft (raw, json)
Hash identifier:          OMcQmF+Z9vvjyAy7lhWDddMXqLaLRVoSYKo4SAWbD0o=
Subject key identifier:   76:A9:C2:D9:B3:59:D3:8E:7A:AC:27:DA:88:ED:46:34:41:6D:F2:7E
Authority key identifier: 87:2C:AA:E9:F0:FB:79:DE:C6:84:4B:EA:CE:8C:22:1C:EF:4D:32:C9
Certificate issuer:       /CN=872caae9f0fb79dec6844beace8c221cef4d32c9
Certificate serial:       01964B9000668D398BA7022A30A85588586D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft
Manifest number:          0F81
Signing time:             Sat 19 Apr 2025 01:00:50 +0000
Manifest this update:     Sat 19 Apr 2025 01:00:50 +0000
Manifest next update:     Sun 20 Apr 2025 01:00:50 +0000
Files and hashes:         1: hyyq6fD7ed7GhEvqzowiHO9NMsk.crl (hash: vY5UiQKOZZ8nqGfS9cgVKzF5FYMTUtREBhT1Vl/UhP8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 01:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4b:90:00:66:8d:39:8b:a7:02:2a:30:a8:55:88:58:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=872caae9f0fb79dec6844beace8c221cef4d32c9
        Validity
            Not Before: Apr 19 01:00:50 2025 GMT
            Not After : Apr 20 01:00:50 2025 GMT
        Subject: CN=76a9c2d9b359d38e7aac27da88ed4634416df27e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:2d:03:5b:92:20:50:8c:eb:66:15:8b:7d:32:
                    9f:63:4c:5a:bf:58:4a:1b:68:08:60:50:54:d1:6d:
                    69:3d:ad:78:31:3a:c4:cc:c5:6b:ec:82:d5:96:fb:
                    1d:72:83:cc:a2:f7:2f:36:07:f8:06:b7:3a:8e:13:
                    e2:f6:30:0e:56:b6:d3:e6:4f:bd:6a:c1:1f:85:65:
                    ab:e7:26:ab:48:e4:8b:66:b2:53:52:f9:ec:1f:ae:
                    8b:2a:48:4b:75:fa:6f:a3:1c:71:92:8e:79:d9:88:
                    46:9f:e0:b7:89:a9:2e:54:db:f9:89:9d:b5:c3:6c:
                    99:95:c5:51:e8:34:a1:6d:dd:df:14:45:b4:53:1a:
                    5d:e2:a5:8e:23:e7:02:39:05:44:da:bd:68:7d:44:
                    c4:cf:7b:7d:32:4b:f0:f7:0e:4a:26:05:00:c7:45:
                    b8:05:a4:4d:bc:00:dc:11:19:96:4d:19:c0:5e:2a:
                    37:e1:cb:bf:5e:57:dc:f9:ab:92:2f:4e:20:e4:7b:
                    06:d8:51:f0:82:e7:b6:ef:62:3b:22:fb:7a:f3:b3:
                    33:25:a1:e9:2d:87:9c:af:8c:8a:22:41:27:07:a5:
                    94:13:0c:c2:19:b4:2b:37:db:0b:db:b9:2b:51:f8:
                    13:6e:8e:2d:b0:0c:70:65:d5:8b:49:88:af:1c:e7:
                    1c:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:A9:C2:D9:B3:59:D3:8E:7A:AC:27:DA:88:ED:46:34:41:6D:F2:7E
            X509v3 Authority Key Identifier:
                keyid:87:2C:AA:E9:F0:FB:79:DE:C6:84:4B:EA:CE:8C:22:1C:EF:4D:32:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:6b:ac:29:a1:57:83:15:3e:3a:38:71:be:ca:aa:fb:ad:94:
         60:72:b4:19:5e:06:f0:67:df:8c:24:9e:c0:d0:ae:d8:7f:43:
         e8:b8:14:bb:38:bb:77:23:63:06:42:21:78:15:33:2b:11:5b:
         2f:36:45:0f:95:cd:23:c1:e3:97:b4:f0:0e:1a:52:1f:21:7b:
         b4:66:12:16:53:48:0a:25:e5:5c:ec:1b:2c:4e:59:c6:10:72:
         aa:61:ec:f5:78:5b:66:ef:5d:92:39:68:4c:2b:60:80:6b:79:
         0e:fb:4f:31:47:dd:b8:55:3c:0f:40:76:dc:25:b9:1b:a8:2f:
         59:12:30:06:12:90:27:f6:4b:b1:3c:10:6d:f9:c4:da:2b:45:
         2e:fb:25:8e:67:00:13:94:65:e1:fc:8e:56:18:54:26:dc:a9:
         e3:0e:09:94:bb:0d:fc:c7:4d:a5:e8:22:a0:4b:aa:f9:30:b2:
         e0:32:b5:f8:93:c9:34:a6:ac:40:25:53:52:f3:06:0a:c2:92:
         10:89:68:65:cf:0f:54:ff:c0:4a:00:b9:3f:1f:c8:d8:32:84:
         3d:f2:3f:4e:f4:cc:16:53:57:5c:0b:8d:ae:af:ae:61:96:14:
         7a:51:94:ce:88:0a:be:0a:26:f0:1c:a0:a2:ae:d8:81:39:13:
         cf:b1:9c:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZLkABmjTmLpwIqMKhViFhtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MmNhYWU5ZjBmYjc5ZGVjNjg0NGJlYWNlOGMyMjFjZWY0
ZDMyYzkwHhcNMjUwNDE5MDEwMDUwWhcNMjUwNDIwMDEwMDUwWjAzMTEwLwYDVQQD
Eyg3NmE5YzJkOWIzNTlkMzhlN2FhYzI3ZGE4OGVkNDYzNDQxNmRmMjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApS0DW5IgUIzrZhWLfTKfY0xav1hK
G2gIYFBU0W1pPa14MTrEzMVr7ILVlvsdcoPMovcvNgf4Brc6jhPi9jAOVrbT5k+9
asEfhWWr5yarSOSLZrJTUvnsH66LKkhLdfpvoxxxko552YhGn+C3iakuVNv5iZ21
w2yZlcVR6DShbd3fFEW0Uxpd4qWOI+cCOQVE2r1ofUTEz3t9Mkvw9w5KJgUAx0W4
BaRNvADcERmWTRnAXio34cu/Xlfc+auSL04g5HsG2FHwgue272I7Ivt687MzJaHp
LYecr4yKIkEnB6WUEwzCGbQrN9sL27krUfgTbo4tsAxwZdWLSYivHOccHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHapwtmzWdOOeqwn2ojtRjRBbfJ+MB8GA1UdIwQY
MBaAFIcsqunw+3nexoRL6s6MIhzvTTLJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82Yzc5MWYtYmE4NS00YzAzLWI3OTEt
ZTViMTY3MmQ0YjE3LzEvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC82Yzc5MWYtYmE4NS00YzAzLWI3OTEtZTViMTY3MmQ0YjE3
LzEvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhmusKaFX
gxU+Ojhxvsqq+62UYHK0GV4G8GffjCSewNCu2H9D6LgUuzi7dyNjBkIheBUzKxFb
LzZFD5XNI8Hjl7TwDhpSHyF7tGYSFlNICiXlXOwbLE5ZxhByqmHs9XhbZu9dkjlo
TCtggGt5DvtPMUfduFU8D0B23CW5G6gvWRIwBhKQJ/ZLsTwQbfnE2itFLvsljmcA
E5Rl4fyOVhhUJtyp4w4JlLsN/MdNpegioEuq+TCy4DK1+JPJNKasQCVTUvMGCsKS
EIloZc8PVP/ASgC5Px/I2DKEPfI/TvTMFlNXXAuNrq+uYZYUelGUzogKvgom8Byg
oq7YgTkTz7Gc9A==
-----END CERTIFICATE-----