Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
File:                     ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft (raw, json)
Hash identifier:          yRyI0r0BXYDf6qIrSBP80FbX/r3dBBHzl325FFI/v8w=
Subject key identifier:   87:87:79:04:43:30:55:D2:5F:F9:3D:CC:6D:0F:61:B9:36:0D:C9:D1
Authority key identifier: CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9
Certificate issuer:       /CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9
Certificate serial:       018F882453B5DDC56D8DD703F87E714DCA3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
Manifest number:          1175
Signing time:             Fri 17 May 2024 20:00:32 +0000
Manifest this update:     Fri 17 May 2024 20:00:32 +0000
Manifest next update:     Sat 18 May 2024 20:00:32 +0000
Files and hashes:         1: ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl (hash: QzBnvHdZpqrX5/gj3Xzzf50ZS3Ao0qibMRQHaYIAOYU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:24:53:b5:dd:c5:6d:8d:d7:03:f8:7e:71:4d:ca:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9
        Validity
            Not Before: May 17 20:00:32 2024 GMT
            Not After : May 18 20:00:32 2024 GMT
        Subject: CN=87877904433055d25ff93dcc6d0f61b9360dc9d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:36:b5:9b:23:1a:8f:b0:e0:e2:78:b5:91:c8:
                    ec:47:7f:0c:7c:b1:bb:c1:33:7b:dc:33:51:25:f9:
                    4e:f4:48:ee:f1:c2:7f:49:0a:2c:49:19:33:b5:3f:
                    ed:b8:06:d0:17:80:f4:09:ac:50:2f:f7:0d:32:32:
                    6e:0a:80:f9:32:8e:27:e8:ba:f7:6f:39:47:9c:a0:
                    72:c5:e7:53:ef:57:5a:44:97:e4:80:f4:fd:e6:7a:
                    3a:9e:e2:92:12:b2:db:5b:43:b9:65:51:8f:63:f0:
                    a6:58:f8:74:ce:67:57:98:ee:23:30:40:0e:f3:10:
                    c5:c8:17:52:c0:79:d9:ea:2b:03:47:f5:e6:fb:21:
                    8b:39:3d:7f:28:d1:a3:b0:ac:20:63:dd:58:27:f6:
                    e6:e3:3f:ac:81:5e:9b:5b:ad:da:1d:41:b3:44:a0:
                    42:c6:4b:98:ad:c5:aa:0c:4f:32:16:3b:fa:5b:7d:
                    e0:18:11:80:c7:3f:7a:0b:c9:a5:6e:7a:80:90:7b:
                    cb:c0:a6:c8:76:0f:86:9c:28:c6:8e:5d:ce:54:3a:
                    df:be:7e:f1:b3:f3:57:bf:ee:98:bc:8d:53:c0:ed:
                    e7:dd:88:57:3b:74:ef:13:3e:42:ba:52:c2:bd:0a:
                    25:e3:18:8f:d0:ad:67:08:a9:74:85:3b:f3:cf:a5:
                    c4:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:87:79:04:43:30:55:D2:5F:F9:3D:CC:6D:0F:61:B9:36:0D:C9:D1
            X509v3 Authority Key Identifier:
                keyid:CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:6b:2e:19:4b:c7:bf:4f:e1:b3:75:3b:ee:be:07:06:2f:1f:
         f9:5f:65:93:f1:af:6f:2c:31:4d:b4:86:20:cf:fd:02:86:cc:
         78:7b:f3:1b:8c:a5:8b:6d:e6:25:b1:9c:ac:8d:40:d9:12:82:
         35:c7:26:b8:18:24:54:4c:93:12:c1:61:f3:73:38:ef:52:c3:
         ca:6c:ad:49:e9:75:d5:57:c5:dc:f3:9a:82:9e:12:dc:01:a5:
         a4:c9:7a:8b:d4:b5:8f:91:60:15:79:35:95:8b:55:0e:4e:70:
         da:21:86:db:3a:7b:4e:08:b8:28:e3:7e:0b:8d:d3:39:72:10:
         58:62:1d:7e:c1:fb:69:be:5d:a2:6c:c4:46:3f:c6:54:ff:5d:
         18:51:50:c8:6a:a8:3f:c8:a9:44:53:f3:55:99:7d:30:ae:36:
         ba:67:b3:4d:f2:fe:09:45:75:ad:b7:16:fe:96:bf:4a:65:f0:
         1a:d5:e6:8c:0f:eb:ed:5b:c9:c8:1f:fc:43:70:0d:75:ca:b1:
         24:03:91:b6:ab:60:66:b5:13:7d:f9:ff:ca:b0:a3:71:64:83:
         32:bb:79:e0:50:6c:29:89:13:ff:a3:aa:67:09:70:0d:07:2d:
         41:f2:9c:c5:4e:12:54:ec:78:ec:bc:c4:dd:e2:6f:3b:bc:85:
         fa:17:f8:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IJFO13cVtjdcD+H5xTco8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNDU3ZTExNzNjNGU4NTFiOTJkM2M4ZWU5OTY3MTUxOTQ4
YTlhZTkwHhcNMjQwNTE3MjAwMDMyWhcNMjQwNTE4MjAwMDMyWjAzMTEwLwYDVQQD
Eyg4Nzg3NzkwNDQzMzA1NWQyNWZmOTNkY2M2ZDBmNjFiOTM2MGRjOWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ja1myMaj7Dg4ni1kcjsR38MfLG7
wTN73DNRJflO9Eju8cJ/SQosSRkztT/tuAbQF4D0CaxQL/cNMjJuCoD5Mo4n6Lr3
bzlHnKByxedT71daRJfkgPT95no6nuKSErLbW0O5ZVGPY/CmWPh0zmdXmO4jMEAO
8xDFyBdSwHnZ6isDR/Xm+yGLOT1/KNGjsKwgY91YJ/bm4z+sgV6bW63aHUGzRKBC
xkuYrcWqDE8yFjv6W33gGBGAxz96C8mlbnqAkHvLwKbIdg+GnCjGjl3OVDrfvn7x
s/NXv+6YvI1TwO3n3YhXO3TvEz5CulLCvQol4xiP0K1nCKl0hTvzz6XEvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIeHeQRDMFXSX/k9zG0PYbk2DcnRMB8GA1UdIwQY
MBaAFMpFfhFzxOhRuS08jumWcVGUiprpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQt
MTlkZTJjMTgzYzA1LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQtMTlkZTJjMTgzYzA1
LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYWsuGUvH
v0/hs3U77r4HBi8f+V9lk/GvbywxTbSGIM/9AobMeHvzG4yli23mJbGcrI1A2RKC
NccmuBgkVEyTEsFh83M471LDymytSel11VfF3POagp4S3AGlpMl6i9S1j5FgFXk1
lYtVDk5w2iGG2zp7Tgi4KON+C43TOXIQWGIdfsH7ab5domzERj/GVP9dGFFQyGqo
P8ipRFPzVZl9MK42umezTfL+CUV1rbcW/pa/SmXwGtXmjA/r7VvJyB/8Q3ANdcqx
JAORtqtgZrUTffn/yrCjcWSDMrt54FBsKYkT/6OqZwlwDQctQfKcxU4SVOx47LzE
3eJvO7yF+hf4fA==
-----END CERTIFICATE-----