Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
File:                     Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft (raw, json)
Hash identifier:          Q0iz6ldcEgO9wwyu0pKHaZrvrETFPFjarMk5ErO8gfk=
Subject key identifier:   F4:40:2D:51:22:8A:54:5D:B5:28:81:5F:6F:95:09:BC:73:E5:8F:B9
Authority key identifier: 63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF
Certificate issuer:       /CN=63ef6bdbc42ad06defdad72679414346d8d048df
Certificate serial:       0195127E4A214FC2CA0C25FE109260F7142A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
Manifest number:          1452
Signing time:             Mon 17 Feb 2025 06:00:21 +0000
Manifest this update:     Mon 17 Feb 2025 06:00:21 +0000
Manifest next update:     Tue 18 Feb 2025 06:00:21 +0000
Files and hashes:         1: Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl (hash: WEK2KX9k1qJ98S0blyaAVGUO4tiQpn7nOeVa2Ai8JtM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:7e:4a:21:4f:c2:ca:0c:25:fe:10:92:60:f7:14:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63ef6bdbc42ad06defdad72679414346d8d048df
        Validity
            Not Before: Feb 17 06:00:21 2025 GMT
            Not After : Feb 18 06:00:21 2025 GMT
        Subject: CN=f4402d51228a545db528815f6f9509bc73e58fb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:b7:96:12:53:b8:f1:1c:d9:06:39:bd:44:0a:
                    33:3e:e2:20:b0:66:a6:c2:65:1f:45:a9:61:2b:c4:
                    72:f5:8d:3a:93:1f:ff:3b:37:6e:a6:22:f2:50:c0:
                    69:86:58:56:97:2f:1e:a2:78:85:2e:73:fd:91:11:
                    1a:29:d5:6b:81:35:b9:db:e0:ee:d2:68:fc:8d:60:
                    47:a7:da:50:ea:9b:1a:9f:67:d2:aa:69:d9:3b:e3:
                    ef:f7:f0:70:e0:b9:f9:ee:07:4f:38:c9:8a:1c:81:
                    04:cd:9c:8b:20:b4:ae:14:7d:26:06:92:e8:4d:73:
                    60:39:d7:85:68:62:27:b0:0a:d2:57:6b:5f:20:33:
                    24:1d:b1:a2:15:0c:75:46:9a:92:20:d0:37:a7:e3:
                    2a:b7:81:53:ac:05:e8:82:24:52:a8:4c:b3:60:13:
                    cf:f9:b2:44:93:91:cb:60:12:aa:18:33:cc:ca:ab:
                    fa:27:87:8d:b6:fe:2a:b7:eb:3a:1a:0d:ff:a1:db:
                    bc:a8:59:67:d4:f1:1d:0a:0a:00:ef:25:2a:fd:4e:
                    e8:9c:42:75:e9:25:e4:bc:23:02:d5:ec:4c:c1:73:
                    ac:f5:c8:23:19:80:87:8c:f4:8f:d5:12:46:9f:fc:
                    74:70:a6:fe:6d:47:d0:22:48:8f:50:1c:87:57:f8:
                    aa:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:40:2D:51:22:8A:54:5D:B5:28:81:5F:6F:95:09:BC:73:E5:8F:B9
            X509v3 Authority Key Identifier:
                keyid:63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:2a:62:00:3c:26:ad:2d:cb:1d:c5:57:22:67:fd:40:04:fa:
         dd:fc:8a:a3:8e:cf:87:83:c9:ef:fc:cd:85:33:ef:44:30:39:
         16:06:86:54:26:5c:b6:df:a8:d1:6c:ee:28:24:6a:5e:d5:50:
         27:00:54:94:ad:5b:ea:86:7b:91:37:7f:9e:8c:7d:e4:d7:8a:
         b6:9d:7b:03:15:37:4f:ba:9c:28:c0:6f:c9:0f:e4:da:25:48:
         aa:c3:83:d0:ec:24:c6:d7:7e:e5:bf:79:3b:8e:6e:96:47:aa:
         95:1a:c4:ee:8a:a2:55:08:2b:0e:e6:a7:ee:16:68:e6:f4:e1:
         2f:f5:66:e6:6b:cd:b1:97:ff:bc:61:1f:31:a2:70:fa:97:ce:
         81:d5:1b:46:3f:7a:55:22:09:24:ac:f4:26:1d:dd:9d:00:86:
         d3:17:16:60:dc:81:ba:bc:87:44:ad:c5:0b:9b:c3:eb:23:79:
         08:5f:ce:43:99:aa:e3:2f:d6:71:39:95:b2:19:4e:31:8c:a5:
         b1:b6:0b:1a:08:2a:14:8c:7f:d2:01:e7:60:69:f4:a9:a8:f4:
         b2:a7:68:42:a7:9a:46:36:83:b5:c0:fa:cf:f9:0b:84:b3:57:
         ff:62:18:cb:0f:76:61:05:de:c6:14:03:a0:93:10:cf:a1:41:
         c7:ac:dd:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSfkohT8LKDCX+EJJg9xQqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZWY2YmRiYzQyYWQwNmRlZmRhZDcyNjc5NDE0MzQ2ZDhk
MDQ4ZGYwHhcNMjUwMjE3MDYwMDIxWhcNMjUwMjE4MDYwMDIxWjAzMTEwLwYDVQQD
EyhmNDQwMmQ1MTIyOGE1NDVkYjUyODgxNWY2Zjk1MDliYzczZTU4ZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApreWElO48RzZBjm9RAozPuIgsGam
wmUfRalhK8Ry9Y06kx//OzdupiLyUMBphlhWly8eoniFLnP9kREaKdVrgTW52+Du
0mj8jWBHp9pQ6psan2fSqmnZO+Pv9/Bw4Ln57gdPOMmKHIEEzZyLILSuFH0mBpLo
TXNgOdeFaGInsArSV2tfIDMkHbGiFQx1RpqSINA3p+Mqt4FTrAXogiRSqEyzYBPP
+bJEk5HLYBKqGDPMyqv6J4eNtv4qt+s6Gg3/odu8qFln1PEdCgoA7yUq/U7onEJ1
6SXkvCMC1exMwXOs9cgjGYCHjPSP1RJGn/x0cKb+bUfQIkiPUByHV/iqXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPRALVEiilRdtSiBX2+VCbxz5Y+5MB8GA1UdIwQY
MBaAFGPva9vEKtBt79rXJnlBQ0bY0EjfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUt
MGM4MzY4ZGI5NTYzLzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUtMGM4MzY4ZGI5NTYz
LzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoSpiADwm
rS3LHcVXImf9QAT63fyKo47Ph4PJ7/zNhTPvRDA5FgaGVCZctt+o0WzuKCRqXtVQ
JwBUlK1b6oZ7kTd/nox95NeKtp17AxU3T7qcKMBvyQ/k2iVIqsOD0Owkxtd+5b95
O45ulkeqlRrE7oqiVQgrDuan7hZo5vThL/Vm5mvNsZf/vGEfMaJw+pfOgdUbRj96
VSIJJKz0Jh3dnQCG0xcWYNyBuryHRK3FC5vD6yN5CF/OQ5mq4y/WcTmVshlOMYyl
sbYLGggqFIx/0gHnYGn0qaj0sqdoQqeaRjaDtcD6z/kLhLNX/2IYyw92YQXexhQD
oJMQz6FBx6zd+w==
-----END CERTIFICATE-----