Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
File:                     Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft (raw, json)
Hash identifier:          BBO6kyvj10D9+kLdfHdOe1acWIwUrE52nwv+9Way7xo=
Subject key identifier:   31:10:74:E3:3C:01:10:B9:77:72:07:21:AB:9B:CB:B6:6B:62:3B:CD
Authority key identifier: 63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0
Certificate issuer:       /CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
Certificate serial:       01974D0E05B347C501666032DC607CC45C9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
Manifest number:          0709
Signing time:             Sun 08 Jun 2025 01:00:53 +0000
Manifest this update:     Sun 08 Jun 2025 01:00:53 +0000
Manifest next update:     Mon 09 Jun 2025 01:00:53 +0000
Files and hashes:         1: Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl (hash: O1U27qmurk4SoHypQFZAiiYphwyFs5i9ZmtyyONTZ9M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 01:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:0e:05:b3:47:c5:01:66:60:32:dc:60:7c:c4:5c:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
        Validity
            Not Before: Jun  8 01:00:53 2025 GMT
            Not After : Jun  9 01:00:53 2025 GMT
        Subject: CN=311074e33c0110b977720721ab9bcbb66b623bcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:82:a5:3d:59:82:09:d2:ad:ba:4f:74:d2:7f:
                    12:a3:ec:60:33:2e:65:1f:49:67:89:b9:f7:85:ee:
                    be:8e:9c:db:30:8a:18:24:28:7f:15:f0:cf:7b:72:
                    41:f8:80:13:b1:db:ab:42:ae:e6:8f:39:50:34:6b:
                    a0:29:a5:cf:1a:dc:12:89:20:dd:e9:41:6a:1d:5f:
                    5e:f2:93:00:f8:a2:59:c7:8f:da:ab:dc:81:c2:71:
                    a7:5e:a4:fa:94:08:b8:40:85:54:bd:54:a3:f8:22:
                    52:d8:0d:01:ca:1c:d4:db:a4:78:82:09:6c:91:ff:
                    96:87:de:33:50:00:93:08:c2:76:b4:5a:c5:72:a2:
                    08:cb:a5:e4:df:76:59:25:41:7a:c1:4c:76:e3:fa:
                    19:4a:9e:b7:74:88:41:23:a7:3f:a1:83:0d:83:ca:
                    c3:fd:fd:38:8f:eb:a5:c4:6f:d2:f5:52:8a:d1:90:
                    24:dc:a4:54:d4:b9:9c:c1:da:bb:eb:68:c2:75:42:
                    20:af:00:e3:02:b5:fb:c6:e9:ce:b8:ab:b5:aa:df:
                    e5:45:c4:1c:9f:09:fe:10:1e:18:6b:83:35:c9:47:
                    57:92:30:2d:b1:c0:6f:d3:80:d0:79:e4:90:e5:20:
                    de:42:32:fe:87:e8:2f:9f:b0:a3:4f:ab:ab:e9:d0:
                    d2:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:10:74:E3:3C:01:10:B9:77:72:07:21:AB:9B:CB:B6:6B:62:3B:CD
            X509v3 Authority Key Identifier:
                keyid:63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:56:16:d1:89:ed:48:65:79:45:ba:5d:4a:96:3c:89:62:d1:
         81:ab:cd:20:2d:30:36:79:7d:de:38:13:b1:75:12:d5:9b:db:
         e2:b1:a0:24:27:66:88:0a:90:fa:49:f5:68:64:c9:a0:45:c8:
         c2:52:e5:67:4d:83:f1:98:29:1e:92:79:cf:a1:ef:97:57:5f:
         36:2d:e0:83:19:c8:25:e7:c9:02:2e:37:49:43:ed:04:63:9c:
         f5:cd:49:27:3a:d9:3d:03:44:50:16:c5:48:81:fe:cd:d7:7f:
         da:3f:f6:de:60:a3:53:88:da:27:cc:e6:e3:25:7f:ce:bf:15:
         ea:2f:86:56:1e:b7:6a:8d:0d:45:25:4c:28:ba:6f:6e:a5:74:
         05:a8:d3:1d:96:a9:bf:11:c2:67:01:12:77:ce:42:cf:fb:0e:
         16:f8:8b:e4:74:97:b0:ca:f5:00:85:7a:54:33:ff:19:cb:69:
         13:f8:75:74:76:e8:5b:ec:0f:56:41:2c:4a:ae:c3:7a:0f:51:
         e0:b1:57:21:9f:a8:6c:58:fb:39:69:ff:46:2c:c3:f1:6d:30:
         1e:1b:12:22:ef:e5:09:7a:be:b4:ad:29:5e:e3:fb:6b:84:57:
         ac:e3:df:ee:da:de:54:85:2d:1d:44:37:6f:a7:cc:1d:7d:3e:
         9e:c2:a4:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNDgWzR8UBZmAy3GB8xFyaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYThjYTE2NjYyMDZkMmNmMTJiNTA3ODcyZWFkMGY1YTc5
M2QwZTAwHhcNMjUwNjA4MDEwMDUzWhcNMjUwNjA5MDEwMDUzWjAzMTEwLwYDVQQD
EygzMTEwNzRlMzNjMDExMGI5Nzc3MjA3MjFhYjliY2JiNjZiNjIzYmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoKlPVmCCdKtuk900n8So+xgMy5l
H0lnibn3he6+jpzbMIoYJCh/FfDPe3JB+IATsdurQq7mjzlQNGugKaXPGtwSiSDd
6UFqHV9e8pMA+KJZx4/aq9yBwnGnXqT6lAi4QIVUvVSj+CJS2A0ByhzU26R4ggls
kf+Wh94zUACTCMJ2tFrFcqIIy6Xk33ZZJUF6wUx24/oZSp63dIhBI6c/oYMNg8rD
/f04j+ulxG/S9VKK0ZAk3KRU1Lmcwdq762jCdUIgrwDjArX7xunOuKu1qt/lRcQc
nwn+EB4Ya4M1yUdXkjAtscBv04DQeeSQ5SDeQjL+h+gvn7CjT6ur6dDScwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDEQdOM8ARC5d3IHIauby7ZrYjvNMB8GA1UdIwQY
MBaAFGOoyhZmIG0s8StQeHLq0PWnk9DgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEt
NzVhYjIxZjNiM2QwLzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEtNzVhYjIxZjNiM2Qw
LzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMVYW0Ynt
SGV5RbpdSpY8iWLRgavNIC0wNnl93jgTsXUS1Zvb4rGgJCdmiAqQ+kn1aGTJoEXI
wlLlZ02D8ZgpHpJ5z6Hvl1dfNi3ggxnIJefJAi43SUPtBGOc9c1JJzrZPQNEUBbF
SIH+zdd/2j/23mCjU4jaJ8zm4yV/zr8V6i+GVh63ao0NRSVMKLpvbqV0BajTHZap
vxHCZwESd85Cz/sOFviL5HSXsMr1AIV6VDP/GctpE/h1dHboW+wPVkEsSq7Deg9R
4LFXIZ+obFj7OWn/RizD8W0wHhsSIu/lCXq+tK0pXuP7a4RXrOPf7treVIUtHUQ3
b6fMHX0+nsKkfw==
-----END CERTIFICATE-----