Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
File:                     YcGgEMsk-ZbneJixJHJbVbY0OOA.mft (raw, json)
Hash identifier:          eu36IG5ZJDeeqerRgDXYgxTUsW+YtlT4KaT7x0x7n6I=
Subject key identifier:   DB:5F:5D:CB:D6:B2:61:DC:AF:5B:12:28:E6:E1:0B:04:AD:20:9A:95
Authority key identifier: 61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0
Certificate issuer:       /CN=61c1a010cb24f996e77898b124725b55b63438e0
Certificate serial:       01964D7E96BDEC9A5DECC714ECF072DCEF94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
Manifest number:          14F6
Signing time:             Sat 19 Apr 2025 10:01:03 +0000
Manifest this update:     Sat 19 Apr 2025 10:01:03 +0000
Manifest next update:     Sun 20 Apr 2025 10:01:03 +0000
Files and hashes:         1: YcGgEMsk-ZbneJixJHJbVbY0OOA.crl (hash: nKYyEhlDMdJYrxVKxjPBZdWnNyAWG8p+mgmhvdM9368=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7e:96:bd:ec:9a:5d:ec:c7:14:ec:f0:72:dc:ef:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61c1a010cb24f996e77898b124725b55b63438e0
        Validity
            Not Before: Apr 19 10:01:03 2025 GMT
            Not After : Apr 20 10:01:03 2025 GMT
        Subject: CN=db5f5dcbd6b261dcaf5b1228e6e10b04ad209a95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:ce:4f:4a:d3:e1:67:65:75:e9:49:5b:db:d0:
                    64:e7:26:b4:3a:95:7b:ff:60:d7:70:8e:27:5d:4e:
                    0c:ab:e1:21:e7:97:99:01:c1:82:9d:30:e8:92:26:
                    b2:1f:66:d1:a1:57:bf:cd:d8:fd:fb:c3:df:10:4d:
                    85:ef:31:37:64:4f:54:3f:15:12:9b:bf:9d:1e:bf:
                    0a:66:36:2d:a9:38:14:ed:bf:cd:e8:8d:8f:36:a0:
                    27:0d:39:99:df:f8:f8:9f:96:75:22:7a:11:4a:58:
                    fe:25:59:25:b5:38:ff:e6:f6:ac:64:1d:3a:be:a1:
                    35:9c:9e:2c:ba:16:23:90:be:60:05:d7:17:c1:95:
                    b2:9c:e9:dd:07:98:ae:21:51:a5:71:eb:b6:5c:c5:
                    26:7d:e7:41:1b:61:8c:f9:29:86:15:d2:cf:c0:d3:
                    cc:5c:30:1e:cf:65:f0:7e:c3:43:aa:7e:72:2d:35:
                    a9:d3:26:c3:64:8c:02:04:86:83:f1:39:d8:3c:88:
                    f2:9f:d9:32:bf:89:a7:55:26:89:1a:f6:2f:45:ed:
                    ea:00:5b:6b:be:81:85:11:e0:e6:72:51:70:89:37:
                    36:44:eb:54:bf:0a:6e:b5:07:fb:2d:9c:90:b6:4a:
                    42:fb:da:ae:51:6b:f6:bd:43:fc:cc:42:78:92:e7:
                    91:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:5F:5D:CB:D6:B2:61:DC:AF:5B:12:28:E6:E1:0B:04:AD:20:9A:95
            X509v3 Authority Key Identifier:
                keyid:61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:7a:f1:61:d7:d3:1b:e6:78:d1:b4:ab:d1:4f:fd:8c:4f:bc:
         d3:8d:bf:d9:29:41:b1:96:aa:f2:c4:65:dc:39:d9:b8:96:0c:
         6c:f7:61:64:23:45:58:e2:a9:7a:98:9d:46:d4:14:d9:d4:71:
         e1:db:eb:06:dd:42:51:ee:50:89:5d:c1:d4:af:c8:de:b6:ae:
         88:e9:e7:30:cc:87:07:ce:47:62:71:95:99:a4:d0:91:5a:d1:
         7b:3a:93:dc:9c:03:fe:81:4c:7b:22:49:fb:3e:39:47:5f:d7:
         4e:89:f6:ea:49:80:76:fd:43:c6:85:d9:62:0a:7f:17:91:a4:
         3d:f4:23:e9:be:52:40:0f:2e:50:fa:bf:40:50:f1:a3:59:0f:
         d9:17:51:3d:29:8d:b6:b9:e2:b6:7c:94:97:20:e7:06:20:c0:
         e2:f8:7e:87:9a:9c:72:ff:c3:7b:af:a6:d9:76:97:80:1c:0e:
         cb:2f:09:a7:21:e0:7e:7b:f2:9e:34:3a:7e:1e:76:c1:01:35:
         67:d9:62:40:14:d5:93:dd:80:66:5e:d1:49:b7:bb:9e:a1:55:
         0b:9d:36:9d:1f:94:e2:b4:25:0a:dc:da:09:1b:cc:69:d9:7e:
         ff:34:d7:15:69:95:fe:32:5e:70:54:9d:3c:73:58:48:8e:bb:
         15:26:f5:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfpa97Jpd7McU7PBy3O+UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzFhMDEwY2IyNGY5OTZlNzc4OThiMTI0NzI1YjU1YjYz
NDM4ZTAwHhcNMjUwNDE5MTAwMTAzWhcNMjUwNDIwMTAwMTAzWjAzMTEwLwYDVQQD
EyhkYjVmNWRjYmQ2YjI2MWRjYWY1YjEyMjhlNmUxMGIwNGFkMjA5YTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2M5PStPhZ2V16Ulb29Bk5ya0OpV7
/2DXcI4nXU4Mq+Eh55eZAcGCnTDokiayH2bRoVe/zdj9+8PfEE2F7zE3ZE9UPxUS
m7+dHr8KZjYtqTgU7b/N6I2PNqAnDTmZ3/j4n5Z1InoRSlj+JVkltTj/5vasZB06
vqE1nJ4suhYjkL5gBdcXwZWynOndB5iuIVGlceu2XMUmfedBG2GM+SmGFdLPwNPM
XDAez2XwfsNDqn5yLTWp0ybDZIwCBIaD8TnYPIjyn9kyv4mnVSaJGvYvRe3qAFtr
voGFEeDmclFwiTc2ROtUvwputQf7LZyQtkpC+9quUWv2vUP8zEJ4kueREQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNtfXcvWsmHcr1sSKObhCwStIJqVMB8GA1UdIwQY
MBaAFGHBoBDLJPmW53iYsSRyW1W2NDjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTkt
ZTllOTkzN2I4ZGNlLzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTktZTllOTkzN2I4ZGNl
LzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUXrxYdfT
G+Z40bSr0U/9jE+8042/2SlBsZaq8sRl3DnZuJYMbPdhZCNFWOKpepidRtQU2dRx
4dvrBt1CUe5QiV3B1K/I3rauiOnnMMyHB85HYnGVmaTQkVrRezqT3JwD/oFMeyJJ
+z45R1/XTon26kmAdv1DxoXZYgp/F5GkPfQj6b5SQA8uUPq/QFDxo1kP2RdRPSmN
trnitnyUlyDnBiDA4vh+h5qccv/De6+m2XaXgBwOyy8JpyHgfnvynjQ6fh52wQE1
Z9liQBTVk92AZl7RSbe7nqFVC502nR+U4rQlCtzaCRvMadl+/zTXFWmV/jJecFSd
PHNYSI67FSb12w==
-----END CERTIFICATE-----