Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
File:                     YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft (raw, json)
Hash identifier:          AkyuKPciqJhUIX9AorYPW24M3TlzzVg5jXdtS+cM8Uc=
Subject key identifier:   04:00:47:62:C9:3E:2C:E1:35:33:DF:CA:BC:FD:9D:36:60:C1:58:08
Authority key identifier: 60:5A:BB:25:3B:76:6D:CD:7F:16:D9:F0:1B:C1:19:69:18:48:EB:0E
Certificate issuer:       /CN=605abb253b766dcd7f16d9f01bc119691848eb0e
Certificate serial:       0194C49A58C4D87CE85BDF3FB5B89E74D0B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
Manifest number:          8B
Signing time:             Sun 02 Feb 2025 03:00:37 +0000
Manifest this update:     Sun 02 Feb 2025 03:00:37 +0000
Manifest next update:     Mon 03 Feb 2025 03:00:37 +0000
Files and hashes:         1: YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl (hash: 3zY1M8SqIisjFEUbp1Q8KtzwiDNP7kNp2urL8C66sfM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:9a:58:c4:d8:7c:e8:5b:df:3f:b5:b8:9e:74:d0:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=605abb253b766dcd7f16d9f01bc119691848eb0e
        Validity
            Not Before: Feb  2 03:00:37 2025 GMT
            Not After : Feb  3 03:00:37 2025 GMT
        Subject: CN=04004762c93e2ce13533dfcabcfd9d3660c15808
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:40:20:24:e6:f5:3b:3a:5f:aa:26:4e:e4:7c:
                    f4:40:22:83:73:82:94:a4:90:4d:7c:f6:0d:a0:1e:
                    a3:95:4d:37:1c:c9:7c:ff:f2:22:d1:d0:97:b5:19:
                    af:1b:ad:8d:15:8d:55:d8:90:ea:1b:fa:01:dc:87:
                    98:3e:25:4c:f9:13:c1:71:47:9b:35:2b:57:39:57:
                    65:3a:9a:0f:8a:fb:37:d9:21:cf:1f:14:22:93:0e:
                    ef:9e:92:a2:3f:46:9a:e8:81:79:c4:c9:3d:be:07:
                    51:13:94:51:d8:e5:d8:cb:b3:e7:c9:8f:8a:7d:4c:
                    e3:9e:b2:e9:a1:e7:f3:8d:48:b2:a0:bc:d1:d6:fe:
                    60:08:cb:aa:07:8b:b3:91:7f:26:e4:45:ff:4f:63:
                    bc:2f:56:c3:03:89:07:8f:ad:bc:f4:d5:79:b7:5c:
                    e7:35:8c:ff:65:de:f1:ca:2b:39:0d:09:a9:87:2a:
                    63:17:8d:fc:73:01:b8:3a:33:d9:23:76:85:a0:f1:
                    b4:13:14:59:f0:97:af:e9:a0:74:ee:1e:7a:d3:2a:
                    f0:66:31:ba:6b:17:72:31:1d:51:93:2a:16:f6:d5:
                    16:e2:d6:60:72:4c:a0:eb:50:d7:3f:68:a9:52:e9:
                    86:0e:aa:92:e7:b0:19:25:88:84:af:f2:1f:82:22:
                    33:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:00:47:62:C9:3E:2C:E1:35:33:DF:CA:BC:FD:9D:36:60:C1:58:08
            X509v3 Authority Key Identifier:
                keyid:60:5A:BB:25:3B:76:6D:CD:7F:16:D9:F0:1B:C1:19:69:18:48:EB:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:70:b0:ce:ac:0d:36:86:d9:4f:68:59:27:09:33:b9:12:ae:
         af:e8:a9:c6:d0:ba:86:81:4f:5b:5e:80:5d:ec:e2:32:fb:3b:
         bd:cf:99:f6:55:54:75:1f:84:b2:98:bb:b8:83:2a:5f:af:0b:
         81:8f:0d:c5:a6:87:23:e9:e0:8b:1e:43:ff:32:07:a3:bb:8b:
         fb:dc:9f:ee:6f:c4:bb:0c:fb:4d:f6:2e:a2:7d:83:f8:a8:e0:
         3d:1a:e1:0b:16:7f:97:b5:75:86:a9:88:4f:b7:fd:0f:78:5f:
         77:0a:c9:89:ea:e5:44:2a:75:99:e1:14:26:b5:ac:ab:26:a4:
         e8:ba:d1:14:aa:17:b0:4a:7d:35:d7:3e:7c:5d:50:30:17:b1:
         14:de:4a:c0:b5:98:73:69:98:53:8f:13:26:d9:2e:a5:ae:02:
         5f:64:ed:57:f5:4f:80:79:94:9e:e5:f6:d0:c9:1f:5d:1c:5e:
         c7:ae:5a:31:ba:c0:9b:ca:58:aa:ce:a0:51:b5:05:c2:b2:89:
         17:06:58:70:e5:c0:bf:ce:9f:2a:f2:47:c7:29:c3:56:ac:e8:
         93:fb:17:ed:66:09:37:45:8b:1f:f3:cd:08:9c:1d:c9:ef:ff:
         34:0c:fd:7a:70:d0:23:11:9a:ef:52:2a:94:dc:89:53:8e:4a:
         47:45:65:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEmljE2HzoW98/tbiedNCyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNWFiYjI1M2I3NjZkY2Q3ZjE2ZDlmMDFiYzExOTY5MTg0
OGViMGUwHhcNMjUwMjAyMDMwMDM3WhcNMjUwMjAzMDMwMDM3WjAzMTEwLwYDVQQD
EygwNDAwNDc2MmM5M2UyY2UxMzUzM2RmY2FiY2ZkOWQzNjYwYzE1ODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0AgJOb1OzpfqiZO5Hz0QCKDc4KU
pJBNfPYNoB6jlU03HMl8//Ii0dCXtRmvG62NFY1V2JDqG/oB3IeYPiVM+RPBcUeb
NStXOVdlOpoPivs32SHPHxQikw7vnpKiP0aa6IF5xMk9vgdRE5RR2OXYy7PnyY+K
fUzjnrLpoefzjUiyoLzR1v5gCMuqB4uzkX8m5EX/T2O8L1bDA4kHj6289NV5t1zn
NYz/Zd7xyis5DQmphypjF438cwG4OjPZI3aFoPG0ExRZ8Jev6aB07h560yrwZjG6
axdyMR1RkyoW9tUW4tZgckyg61DXP2ipUumGDqqS57AZJYiEr/IfgiIz4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQAR2LJPizhNTPfyrz9nTZgwVgIMB8GA1UdIwQY
MBaAFGBauyU7dm3NfxbZ8BvBGWkYSOsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82NjY2NzAtZDBmMS00NGEzLWI5M2Et
NTAxMTFjNDI5MmQwLzEvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82NjY2NzAtZDBmMS00NGEzLWI5M2EtNTAxMTFjNDI5MmQw
LzEvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ3CwzqwN
NobZT2hZJwkzuRKur+ipxtC6hoFPW16AXeziMvs7vc+Z9lVUdR+Espi7uIMqX68L
gY8NxaaHI+ngix5D/zIHo7uL+9yf7m/Euwz7TfYuon2D+KjgPRrhCxZ/l7V1hqmI
T7f9D3hfdwrJierlRCp1meEUJrWsqyak6LrRFKoXsEp9Ndc+fF1QMBexFN5KwLWY
c2mYU48TJtkupa4CX2TtV/VPgHmUnuX20MkfXRxex65aMbrAm8pYqs6gUbUFwrKJ
FwZYcOXAv86fKvJHxynDVqzok/sX7WYJN0WLH/PNCJwdye//NAz9enDQIxGa71Iq
lNyJU45KR0VlYQ==
-----END CERTIFICATE-----