Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft
File:                     ya3PjO-lllmLJLm2q2UHDdkcp5w.mft (raw, json)
Hash identifier:          sPbHw3vFH9PQbwr9Gn3uqjixaFkzkl1tb5mR7jghKjc=
Subject key identifier:   70:AB:AE:CE:D5:2D:E9:D7:F1:E8:6A:C2:BF:C7:F9:07:67:EF:BC:7D
Authority key identifier: C9:AD:CF:8C:EF:A5:96:59:8B:24:B9:B6:AB:65:07:0D:D9:1C:A7:9C
Certificate issuer:       /CN=c9adcf8cefa596598b24b9b6ab65070dd91ca79c
Certificate serial:       019510C73C9E2582C96830B330BAB971D045
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ya3PjO-lllmLJLm2q2UHDdkcp5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft
Manifest number:          04FD
Signing time:             Sun 16 Feb 2025 22:00:47 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:47 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:47 +0000
Files and hashes:         1: ya3PjO-lllmLJLm2q2UHDdkcp5w.crl (hash: jITc0sAa/lV+bNxTRbiyuIT+LdJ8Yi/yo4KCR4OkB9w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ya3PjO-lllmLJLm2q2UHDdkcp5w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:3c:9e:25:82:c9:68:30:b3:30:ba:b9:71:d0:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9adcf8cefa596598b24b9b6ab65070dd91ca79c
        Validity
            Not Before: Feb 16 22:00:47 2025 GMT
            Not After : Feb 17 22:00:47 2025 GMT
        Subject: CN=70abaeced52de9d7f1e86ac2bfc7f90767efbc7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:7a:68:42:0e:45:12:1b:52:2e:87:2c:a9:f4:
                    20:7e:26:6c:b4:2e:00:9a:18:ba:2e:ba:cc:31:52:
                    7d:d0:c0:9a:27:e2:0d:28:c5:f7:51:d3:5d:cd:22:
                    d7:c0:75:41:1c:f2:6c:d0:40:12:bd:d9:de:32:11:
                    8e:1e:70:88:91:30:c4:a5:d1:52:dc:90:24:7c:01:
                    02:30:27:d8:db:f4:ac:5b:dd:06:ec:ce:b7:92:78:
                    04:d5:8b:74:d9:fa:c1:fe:47:4f:21:94:82:a7:3c:
                    19:e7:fd:f3:c7:fb:a0:47:5c:70:5c:7f:7f:bb:96:
                    2b:85:f6:a0:93:c5:a9:05:03:f1:e8:bf:74:8c:68:
                    a8:a7:d5:d7:b5:51:e2:51:c6:f1:50:e1:53:c6:72:
                    86:bb:c2:59:75:3e:af:8f:46:d6:0c:02:fd:97:47:
                    27:25:3d:4f:80:0d:ae:dc:97:69:f0:9b:5e:55:c5:
                    40:d8:90:bf:2f:61:cd:ab:56:7c:49:cc:36:72:9c:
                    24:f9:0a:89:45:0c:23:ff:f0:78:24:97:64:63:e3:
                    32:9a:5e:a9:56:7e:c9:e1:be:ac:2a:8d:64:f6:6b:
                    6f:8f:a9:34:b0:23:2f:c0:db:06:b3:31:4b:61:f5:
                    0e:5b:6f:0d:bf:db:97:82:bf:16:79:7f:d6:02:a3:
                    e6:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:AB:AE:CE:D5:2D:E9:D7:F1:E8:6A:C2:BF:C7:F9:07:67:EF:BC:7D
            X509v3 Authority Key Identifier:
                keyid:C9:AD:CF:8C:EF:A5:96:59:8B:24:B9:B6:AB:65:07:0D:D9:1C:A7:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ya3PjO-lllmLJLm2q2UHDdkcp5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c9:fd:1e:a8:64:00:2b:90:3c:a9:7b:4c:92:77:80:7a:1b:20:
         f8:cd:77:24:da:17:e5:4e:8a:6a:cb:d4:7d:9b:56:90:19:86:
         44:46:6f:dc:5e:ea:a1:80:6f:5b:8e:22:8d:ca:95:ad:01:d6:
         96:62:8b:ed:2f:22:34:66:1c:8e:29:ec:5e:78:ff:f1:8f:2b:
         b4:02:18:72:ae:aa:1a:fc:5a:6f:9b:94:b6:8b:e0:12:c5:bd:
         f0:60:00:44:20:cd:99:1d:b8:38:0f:69:98:3d:8d:9f:07:98:
         b1:cd:11:d3:74:d5:78:5a:e5:6c:bb:07:29:8e:75:1b:cd:06:
         f3:60:a1:82:10:28:4b:e7:46:a9:9c:ac:bc:75:a6:17:89:b1:
         b4:f4:5e:96:df:0b:61:5f:74:1f:fe:9f:81:24:9e:fc:dd:77:
         b1:f4:ac:1d:51:94:02:60:8c:3a:1f:74:b0:3e:b0:6d:19:94:
         4a:18:67:a3:13:c3:57:5a:aa:ef:bf:5f:05:be:c2:b4:81:d5:
         8c:d8:aa:0f:4f:35:fd:4c:53:17:5c:78:e5:31:ef:0a:71:2e:
         97:6b:7a:69:07:8d:e1:08:91:5f:b6:fa:66:e6:8a:f2:71:27:
         70:82:6e:19:57:5b:97:3d:a8:f5:f7:da:08:50:5b:2e:7b:57:
         fa:db:58:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxzyeJYLJaDCzMLq5cdBFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YWRjZjhjZWZhNTk2NTk4YjI0YjliNmFiNjUwNzBkZDkx
Y2E3OWMwHhcNMjUwMjE2MjIwMDQ3WhcNMjUwMjE3MjIwMDQ3WjAzMTEwLwYDVQQD
Eyg3MGFiYWVjZWQ1MmRlOWQ3ZjFlODZhYzJiZmM3ZjkwNzY3ZWZiYzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnpoQg5FEhtSLocsqfQgfiZstC4A
mhi6LrrMMVJ90MCaJ+INKMX3UdNdzSLXwHVBHPJs0EASvdneMhGOHnCIkTDEpdFS
3JAkfAECMCfY2/SsW90G7M63kngE1Yt02frB/kdPIZSCpzwZ5/3zx/ugR1xwXH9/
u5Yrhfagk8WpBQPx6L90jGiop9XXtVHiUcbxUOFTxnKGu8JZdT6vj0bWDAL9l0cn
JT1PgA2u3Jdp8JteVcVA2JC/L2HNq1Z8Scw2cpwk+QqJRQwj//B4JJdkY+Myml6p
Vn7J4b6sKo1k9mtvj6k0sCMvwNsGszFLYfUOW28Nv9uXgr8WeX/WAqPmMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHCrrs7VLenX8ehqwr/H+Qdn77x9MB8GA1UdIwQY
MBaAFMmtz4zvpZZZiyS5tqtlBw3ZHKecMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWEzUGpPLWxsbG1MSkxtMnEyVUhEZGtjcDV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iMDA1N2MtNTQ3Mi00OGQ1LWIxMDct
YzU1MzcyZmFiMzM1LzEveWEzUGpPLWxsbG1MSkxtMnEyVUhEZGtjcDV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iMDA1N2MtNTQ3Mi00OGQ1LWIxMDctYzU1MzcyZmFiMzM1
LzEveWEzUGpPLWxsbG1MSkxtMnEyVUhEZGtjcDV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyf0eqGQA
K5A8qXtMkneAehsg+M13JNoX5U6KasvUfZtWkBmGREZv3F7qoYBvW44ijcqVrQHW
lmKL7S8iNGYcjinsXnj/8Y8rtAIYcq6qGvxab5uUtovgEsW98GAARCDNmR24OA9p
mD2NnweYsc0R03TVeFrlbLsHKY51G80G82ChghAoS+dGqZysvHWmF4mxtPRelt8L
YV90H/6fgSSe/N13sfSsHVGUAmCMOh90sD6wbRmUShhnoxPDV1qq779fBb7CtIHV
jNiqD081/UxTF1x45THvCnEul2t6aQeN4QiRX7b6ZuaK8nEncIJuGVdblz2o9ffa
CFBbLntX+ttYmQ==
-----END CERTIFICATE-----