Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
File:                     yFiMcrJRDxd7g18gHjNl7PnkWh0.mft (raw, json)
Hash identifier:          s4CUpyJvItVKD6YOwYDYdN/mEgsJnC6WzqPSOHanYg4=
Subject key identifier:   2B:A0:D0:7D:B5:FE:04:86:2F:B4:CE:38:B7:E2:81:BB:DC:DE:00:AF
Authority key identifier: C8:58:8C:72:B2:51:0F:17:7B:83:5F:20:1E:33:65:EC:F9:E4:5A:1D
Certificate issuer:       /CN=c8588c72b2510f177b835f201e3365ecf9e45a1d
Certificate serial:       01958B16CF5310D500D208BD4B6F0D55F50A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
Manifest number:          0E46
Signing time:             Wed 12 Mar 2025 16:01:22 +0000
Manifest this update:     Wed 12 Mar 2025 16:01:22 +0000
Manifest next update:     Thu 13 Mar 2025 16:01:22 +0000
Files and hashes:         1: yFiMcrJRDxd7g18gHjNl7PnkWh0.crl (hash: G5fEhVCE0ZUiVZzt07OYpihLQyzzABeD3NOqeSGA1gs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 16:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:16:cf:53:10:d5:00:d2:08:bd:4b:6f:0d:55:f5:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8588c72b2510f177b835f201e3365ecf9e45a1d
        Validity
            Not Before: Mar 12 16:01:22 2025 GMT
            Not After : Mar 13 16:01:22 2025 GMT
        Subject: CN=2ba0d07db5fe04862fb4ce38b7e281bbdcde00af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:bf:65:87:a6:10:f2:1f:c3:7a:a3:5b:26:c4:
                    27:ef:ca:52:68:3c:85:12:d3:be:92:75:e6:cc:7a:
                    0b:e9:29:96:c7:59:6a:cb:b1:03:69:4b:13:79:c0:
                    3e:be:4c:6b:7f:c5:f4:ae:6b:5c:08:3a:27:d0:7c:
                    1c:eb:9d:28:6e:2e:ad:3a:da:04:1a:1a:11:b6:78:
                    16:d9:e3:0b:3d:9b:83:47:a4:83:c8:d3:3e:86:5d:
                    43:ad:9a:90:62:87:9e:a5:3f:a0:dc:d4:78:03:3b:
                    5e:ff:e5:74:c3:8e:7a:74:27:ca:27:89:88:89:dd:
                    1c:4e:1d:3f:7e:26:dc:ef:48:63:f2:35:25:f3:c9:
                    e2:28:57:b4:eb:aa:91:1c:8a:09:bb:36:d1:b2:72:
                    f5:71:50:17:db:27:6a:61:2c:0f:e5:bb:68:ae:24:
                    46:39:ef:79:62:e5:a5:30:0e:36:3c:de:c6:8e:3e:
                    b9:43:8a:96:9e:13:bc:a0:da:23:26:7f:22:61:10:
                    09:58:10:88:59:5f:f9:c0:74:c4:43:4e:d2:b4:68:
                    42:42:15:50:c8:77:e2:6f:90:05:00:3c:31:31:6b:
                    b2:15:a1:96:5c:c4:59:45:7a:4c:5d:6b:6a:7a:41:
                    7f:e7:37:ea:0e:0f:66:a3:b3:f4:12:2b:db:55:10:
                    0e:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:A0:D0:7D:B5:FE:04:86:2F:B4:CE:38:B7:E2:81:BB:DC:DE:00:AF
            X509v3 Authority Key Identifier:
                keyid:C8:58:8C:72:B2:51:0F:17:7B:83:5F:20:1E:33:65:EC:F9:E4:5A:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:0b:9c:08:29:1e:aa:b5:e4:f2:c1:50:93:08:cc:e1:b8:3f:
         fb:3f:9b:7d:f2:db:a7:94:b1:22:17:a5:6f:ee:64:2e:98:a6:
         d1:a5:18:80:2c:ae:f8:5b:15:79:74:55:2e:aa:d7:93:42:c8:
         a4:b6:5d:b2:8f:ae:7f:06:63:cb:7c:57:82:11:e1:84:84:0c:
         31:62:61:62:af:22:be:63:c2:06:f0:50:c8:9d:70:02:f6:dd:
         11:51:0a:f2:ee:81:6b:f4:35:69:e6:88:fe:af:03:5a:85:f8:
         ad:42:76:e1:0b:a4:a1:96:1a:96:12:6b:57:a7:eb:cb:ba:9f:
         d0:7e:8d:4b:fa:d7:52:c3:90:45:ec:c1:eb:b0:47:52:dc:d4:
         eb:ad:8f:8c:5f:2d:d6:16:17:54:fd:6e:98:cb:d0:58:18:c9:
         21:a3:3c:f3:6b:6a:5d:40:9f:16:9f:1e:79:59:1e:c3:67:c0:
         6e:26:fb:7c:2c:10:47:f2:7d:a5:b4:cf:13:31:89:74:af:ff:
         e6:48:e2:1f:c7:1b:ff:64:6c:dd:35:f3:9b:0c:13:00:df:3e:
         24:76:88:fa:17:2e:1f:39:6f:24:f8:ac:3c:c8:60:8a:e5:71:
         82:20:60:89:19:e9:69:c0:b9:87:d0:ab:12:b6:1d:98:ed:92:
         4c:3e:af:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLFs9TENUA0gi9S28NVfUKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NTg4YzcyYjI1MTBmMTc3YjgzNWYyMDFlMzM2NWVjZjll
NDVhMWQwHhcNMjUwMzEyMTYwMTIyWhcNMjUwMzEzMTYwMTIyWjAzMTEwLwYDVQQD
EygyYmEwZDA3ZGI1ZmUwNDg2MmZiNGNlMzhiN2UyODFiYmRjZGUwMGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr9lh6YQ8h/DeqNbJsQn78pSaDyF
EtO+knXmzHoL6SmWx1lqy7EDaUsTecA+vkxrf8X0rmtcCDon0Hwc650obi6tOtoE
GhoRtngW2eMLPZuDR6SDyNM+hl1DrZqQYoeepT+g3NR4Azte/+V0w456dCfKJ4mI
id0cTh0/fibc70hj8jUl88niKFe066qRHIoJuzbRsnL1cVAX2ydqYSwP5btoriRG
Oe95YuWlMA42PN7Gjj65Q4qWnhO8oNojJn8iYRAJWBCIWV/5wHTEQ07StGhCQhVQ
yHfib5AFADwxMWuyFaGWXMRZRXpMXWtqekF/5zfqDg9mo7P0EivbVRAO9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCug0H21/gSGL7TOOLfigbvc3gCvMB8GA1UdIwQY
MBaAFMhYjHKyUQ8Xe4NfIB4zZez55FodMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi85M2IzOGUtNjQwMC00ZTZkLWEwZWIt
MDQ5Y2MxZmNlMzdlLzEveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi85M2IzOGUtNjQwMC00ZTZkLWEwZWItMDQ5Y2MxZmNlMzdl
LzEveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMwucCCke
qrXk8sFQkwjM4bg/+z+bffLbp5SxIhelb+5kLpim0aUYgCyu+FsVeXRVLqrXk0LI
pLZdso+ufwZjy3xXghHhhIQMMWJhYq8ivmPCBvBQyJ1wAvbdEVEK8u6Ba/Q1aeaI
/q8DWoX4rUJ24QukoZYalhJrV6fry7qf0H6NS/rXUsOQRezB67BHUtzU662PjF8t
1hYXVP1umMvQWBjJIaM882tqXUCfFp8eeVkew2fAbib7fCwQR/J9pbTPEzGJdK//
5kjiH8cb/2Rs3TXzmwwTAN8+JHaI+hcuHzlvJPisPMhgiuVxgiBgiRnpacC5h9Cr
ErYdmO2STD6vRQ==
-----END CERTIFICATE-----