Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft
File:                     ya3PjO-lllmLJLm2q2UHDdkcp5w.mft (raw, json)
Hash identifier:          aekTLV9+n+QF8XmlzKwpg9ocfWwPi6FzN9EcCmaUTMM=
Subject key identifier:   12:7E:8E:5A:D2:FB:60:A4:FD:D1:6F:B8:B9:01:82:10:40:35:58:84
Authority key identifier: C9:AD:CF:8C:EF:A5:96:59:8B:24:B9:B6:AB:65:07:0D:D9:1C:A7:9C
Certificate issuer:       /CN=c9adcf8cefa596598b24b9b6ab65070dd91ca79c
Certificate serial:       01964D7EC946FA8A50A173718FCB4B2739F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ya3PjO-lllmLJLm2q2UHDdkcp5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft
Manifest number:          05A1
Signing time:             Sat 19 Apr 2025 10:01:16 +0000
Manifest this update:     Sat 19 Apr 2025 10:01:16 +0000
Manifest next update:     Sun 20 Apr 2025 10:01:16 +0000
Files and hashes:         1: ya3PjO-lllmLJLm2q2UHDdkcp5w.crl (hash: aXodGbdyiaK7v8PnCJGONBHuB5grRW4lJwRhqbiBb14=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ya3PjO-lllmLJLm2q2UHDdkcp5w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 10:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7e:c9:46:fa:8a:50:a1:73:71:8f:cb:4b:27:39:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9adcf8cefa596598b24b9b6ab65070dd91ca79c
        Validity
            Not Before: Apr 19 10:01:16 2025 GMT
            Not After : Apr 20 10:01:16 2025 GMT
        Subject: CN=127e8e5ad2fb60a4fdd16fb8b901821040355884
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:d5:c7:21:10:ee:95:5d:34:28:74:8d:77:9e:
                    ca:bf:a1:c0:0e:f4:04:41:84:d7:5d:09:b8:47:82:
                    60:1f:64:a6:2b:71:fe:34:8a:8f:80:dd:f6:7d:3c:
                    b6:0f:d1:ef:77:30:21:57:32:b0:9a:88:4e:c8:3d:
                    c1:a2:da:0f:77:2f:9d:77:ed:73:25:a3:4c:e4:d9:
                    cb:9b:94:51:b6:12:07:1d:71:3f:33:df:0b:c8:1d:
                    c1:57:23:a7:b7:11:97:c8:fc:1a:25:64:ff:7a:bd:
                    7e:06:78:35:12:ef:74:2a:fc:3f:87:1a:4e:6b:d6:
                    75:c9:cf:03:81:29:ad:43:ee:85:55:e0:0a:6a:d4:
                    62:f2:14:a4:ca:93:89:46:a9:a3:69:68:8d:c2:4b:
                    9a:f0:73:b9:b8:21:c7:97:f0:2a:78:d4:89:66:47:
                    67:d8:25:52:fe:1f:6f:43:70:ac:f7:d8:ba:5e:e2:
                    4b:aa:57:e6:1d:f5:b5:c5:ce:04:f7:34:ef:83:61:
                    46:b7:92:b4:06:68:f0:f9:4b:9f:c5:41:1a:4c:93:
                    d8:5e:e8:2f:d2:9a:d6:64:14:32:d2:67:b4:f2:da:
                    1f:d4:0b:56:25:01:49:bc:18:1d:df:cc:30:d1:f0:
                    b6:1b:27:43:fe:09:bc:d5:4c:b9:01:b2:b0:67:69:
                    e9:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:7E:8E:5A:D2:FB:60:A4:FD:D1:6F:B8:B9:01:82:10:40:35:58:84
            X509v3 Authority Key Identifier:
                keyid:C9:AD:CF:8C:EF:A5:96:59:8B:24:B9:B6:AB:65:07:0D:D9:1C:A7:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ya3PjO-lllmLJLm2q2UHDdkcp5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:c6:cc:75:1a:ed:60:ed:46:03:6b:f9:f8:e7:87:d1:92:9d:
         8a:90:d8:a5:fe:35:c3:84:e0:81:64:be:a1:22:e3:7b:bc:1e:
         19:13:7f:de:a6:5f:b7:f7:1c:49:a1:65:1f:13:59:1d:12:68:
         aa:ba:26:e2:ee:0f:58:21:16:6c:e4:f3:d2:34:1a:71:34:67:
         73:4e:0c:28:7b:d2:bf:af:fb:55:6a:a4:11:6d:8f:30:a1:20:
         1f:97:4f:d2:e5:18:d6:8d:30:16:d4:f2:c0:86:be:9a:53:d6:
         43:1a:2d:b5:66:77:e1:d9:13:93:99:1a:fc:83:a8:1f:bb:be:
         23:06:b3:6c:ca:7b:ef:18:bb:47:25:cb:85:3f:0b:68:0b:1c:
         d9:01:36:e4:0a:15:56:11:f8:fb:56:28:9a:77:88:6f:20:a0:
         3a:e3:cd:bb:c9:82:58:1f:ce:38:19:4c:5d:b7:e4:ec:f5:d3:
         74:78:7a:83:70:ec:91:39:b2:16:45:52:4f:79:c6:76:3a:10:
         f6:a7:fc:17:1d:98:4f:d3:b2:6e:a8:15:55:49:74:e4:e3:72:
         22:86:98:25:01:c0:ba:00:b5:13:50:4f:a9:df:96:aa:49:2c:
         32:fb:52:fe:dd:c4:65:3b:bc:59:a4:ff:ad:d2:ee:df:02:ef:
         a4:a3:12:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfslG+opQoXNxj8tLJzn2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YWRjZjhjZWZhNTk2NTk4YjI0YjliNmFiNjUwNzBkZDkx
Y2E3OWMwHhcNMjUwNDE5MTAwMTE2WhcNMjUwNDIwMTAwMTE2WjAzMTEwLwYDVQQD
EygxMjdlOGU1YWQyZmI2MGE0ZmRkMTZmYjhiOTAxODIxMDQwMzU1ODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdXHIRDulV00KHSNd57Kv6HADvQE
QYTXXQm4R4JgH2SmK3H+NIqPgN32fTy2D9HvdzAhVzKwmohOyD3BotoPdy+dd+1z
JaNM5NnLm5RRthIHHXE/M98LyB3BVyOntxGXyPwaJWT/er1+Bng1Eu90Kvw/hxpO
a9Z1yc8DgSmtQ+6FVeAKatRi8hSkypOJRqmjaWiNwkua8HO5uCHHl/AqeNSJZkdn
2CVS/h9vQ3Cs99i6XuJLqlfmHfW1xc4E9zTvg2FGt5K0Bmjw+UufxUEaTJPYXugv
0prWZBQy0me08tof1AtWJQFJvBgd38ww0fC2GydD/gm81Uy5AbKwZ2npgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBJ+jlrS+2Ck/dFvuLkBghBANViEMB8GA1UdIwQY
MBaAFMmtz4zvpZZZiyS5tqtlBw3ZHKecMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWEzUGpPLWxsbG1MSkxtMnEyVUhEZGtjcDV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iMDA1N2MtNTQ3Mi00OGQ1LWIxMDct
YzU1MzcyZmFiMzM1LzEveWEzUGpPLWxsbG1MSkxtMnEyVUhEZGtjcDV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iMDA1N2MtNTQ3Mi00OGQ1LWIxMDctYzU1MzcyZmFiMzM1
LzEveWEzUGpPLWxsbG1MSkxtMnEyVUhEZGtjcDV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlMbMdRrt
YO1GA2v5+OeH0ZKdipDYpf41w4TggWS+oSLje7weGRN/3qZft/ccSaFlHxNZHRJo
qrom4u4PWCEWbOTz0jQacTRnc04MKHvSv6/7VWqkEW2PMKEgH5dP0uUY1o0wFtTy
wIa+mlPWQxottWZ34dkTk5ka/IOoH7u+IwazbMp77xi7RyXLhT8LaAsc2QE25AoV
VhH4+1YomneIbyCgOuPNu8mCWB/OOBlMXbfk7PXTdHh6g3DskTmyFkVST3nGdjoQ
9qf8Fx2YT9OybqgVVUl05ONyIoaYJQHAugC1E1BPqd+WqkksMvtS/t3EZTu8WaT/
rdLu3wLvpKMSmQ==
-----END CERTIFICATE-----