Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
File:                     ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft (raw, json)
Hash identifier:          vqdhqxsZlw4ktkewrFezRqQX4HxaujP4jC0lPZWuW/0=
Subject key identifier:   D6:A5:9C:8B:AA:3C:CB:DC:C9:B0:DC:48:19:BE:AD:71:C9:43:21:E8
Authority key identifier: CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9
Certificate issuer:       /CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9
Certificate serial:       01974D45118A11867EB51042C183CFB39A83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
Manifest number:          157B
Signing time:             Sun 08 Jun 2025 02:01:01 +0000
Manifest this update:     Sun 08 Jun 2025 02:01:01 +0000
Manifest next update:     Mon 09 Jun 2025 02:01:01 +0000
Files and hashes:         1: ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl (hash: 6Ove9Yb+p/W0gZNEwdMl/DC+qMvoPZxQ3ARW6H5Ur9o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:45:11:8a:11:86:7e:b5:10:42:c1:83:cf:b3:9a:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9
        Validity
            Not Before: Jun  8 02:01:01 2025 GMT
            Not After : Jun  9 02:01:01 2025 GMT
        Subject: CN=d6a59c8baa3ccbdcc9b0dc4819bead71c94321e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:10:44:2e:ca:f9:a2:cc:ab:b2:c9:7c:53:f0:
                    fe:cf:35:d9:95:93:aa:9c:b5:76:a6:5a:f5:c2:15:
                    11:1b:8d:01:99:de:69:8d:9a:5f:fa:24:a5:4c:57:
                    82:86:84:9e:68:20:2c:ee:6e:82:90:8f:86:a9:03:
                    7f:d3:94:68:e2:ce:71:c1:b9:87:6a:82:2d:0b:30:
                    7a:fd:af:58:03:a3:7e:34:80:5f:8f:4c:18:a3:26:
                    3c:b2:12:6d:85:d4:b0:5e:f0:99:a5:7b:a7:1d:9c:
                    65:97:07:ce:c6:41:a0:82:cc:07:ac:53:c2:f9:dc:
                    bb:35:5f:78:45:d9:5b:f1:59:80:ec:6a:7a:93:b9:
                    42:fb:3b:41:00:0a:eb:82:74:79:bb:21:a4:83:32:
                    1b:0a:96:e3:96:ef:81:da:12:57:70:88:64:76:ea:
                    16:52:87:25:e8:7c:48:b2:a0:d1:a4:c8:9c:4f:63:
                    f9:d3:55:2b:08:88:c2:9e:ae:71:53:79:e6:74:b1:
                    d6:d3:97:ed:d5:14:0a:ee:0c:d7:78:1e:da:65:60:
                    1e:29:46:16:4c:35:69:5f:b3:de:ec:25:05:5b:cf:
                    c7:de:43:35:00:68:0f:c6:12:f6:1e:bb:7f:6d:fe:
                    9a:74:62:9d:f3:d3:fd:89:fa:2b:4e:36:c4:00:c3:
                    2b:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:A5:9C:8B:AA:3C:CB:DC:C9:B0:DC:48:19:BE:AD:71:C9:43:21:E8
            X509v3 Authority Key Identifier:
                keyid:CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:09:c6:76:9b:49:80:1f:fd:f0:19:af:3a:0a:14:6a:3f:94:
         40:fd:8b:0f:53:e2:69:92:e6:a1:2f:73:b0:50:7f:33:76:c4:
         9e:b7:95:86:33:af:51:89:12:33:44:98:9a:1d:f8:d6:ac:5f:
         54:83:e9:7f:0e:62:07:6c:b0:d7:91:51:8a:64:27:1a:9d:d6:
         32:31:ab:6e:ae:78:da:8b:c2:21:2c:2d:f8:d5:e5:ee:d4:0f:
         1d:56:bc:48:16:60:24:6a:24:10:4e:c1:6a:af:32:22:4b:ed:
         07:86:0d:95:95:c5:3b:00:b8:b6:71:da:3f:0f:fd:3f:39:e9:
         88:02:7a:e0:e6:9f:6c:97:36:a8:a1:c2:bb:cc:9d:fa:e7:f8:
         4d:26:44:34:14:9e:6b:bf:3c:94:ca:82:75:a7:27:14:87:ed:
         6d:2e:3c:2a:21:9b:a1:29:b9:de:36:22:1f:9a:a7:c8:ae:d5:
         00:e5:c6:c5:79:cb:e9:be:6c:d3:b7:aa:d1:c0:0e:38:6d:72:
         37:ba:da:57:f4:ff:41:65:11:69:61:26:b3:73:86:c7:e9:a8:
         a5:ba:3b:c4:98:c6:86:be:76:51:73:6c:09:c3:5c:4f:7c:e1:
         04:f6:00:f2:b5:5c:d7:5e:ac:fd:27:f2:f5:b8:b7:df:38:b9:
         bd:3d:89:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNRRGKEYZ+tRBCwYPPs5qDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNDU3ZTExNzNjNGU4NTFiOTJkM2M4ZWU5OTY3MTUxOTQ4
YTlhZTkwHhcNMjUwNjA4MDIwMTAxWhcNMjUwNjA5MDIwMTAxWjAzMTEwLwYDVQQD
EyhkNmE1OWM4YmFhM2NjYmRjYzliMGRjNDgxOWJlYWQ3MWM5NDMyMWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxBELsr5osyrssl8U/D+zzXZlZOq
nLV2plr1whURG40Bmd5pjZpf+iSlTFeChoSeaCAs7m6CkI+GqQN/05Ro4s5xwbmH
aoItCzB6/a9YA6N+NIBfj0wYoyY8shJthdSwXvCZpXunHZxllwfOxkGggswHrFPC
+dy7NV94Rdlb8VmA7Gp6k7lC+ztBAArrgnR5uyGkgzIbCpbjlu+B2hJXcIhkduoW
Uocl6HxIsqDRpMicT2P501UrCIjCnq5xU3nmdLHW05ft1RQK7gzXeB7aZWAeKUYW
TDVpX7Pe7CUFW8/H3kM1AGgPxhL2Hrt/bf6adGKd89P9iforTjbEAMMrbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNalnIuqPMvcybDcSBm+rXHJQyHoMB8GA1UdIwQY
MBaAFMpFfhFzxOhRuS08jumWcVGUiprpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQt
MTlkZTJjMTgzYzA1LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQtMTlkZTJjMTgzYzA1
LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVwnGdptJ
gB/98BmvOgoUaj+UQP2LD1PiaZLmoS9zsFB/M3bEnreVhjOvUYkSM0SYmh341qxf
VIPpfw5iB2yw15FRimQnGp3WMjGrbq542ovCISwt+NXl7tQPHVa8SBZgJGokEE7B
aq8yIkvtB4YNlZXFOwC4tnHaPw/9PznpiAJ64OafbJc2qKHCu8yd+uf4TSZENBSe
a788lMqCdacnFIftbS48KiGboSm53jYiH5qnyK7VAOXGxXnL6b5s07eq0cAOOG1y
N7raV/T/QWURaWEms3OGx+mopbo7xJjGhr52UXNsCcNcT3zhBPYA8rVc116s/Sfy
9bi33zi5vT2JGQ==
-----END CERTIFICATE-----