Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft
File:                     ypfglEx3smswKXwtScO-ausnNxE.mft (raw, json)
Hash identifier:          YTz2TjjgVM6pUmrLwv7N5hBMb9ExaMM+BPanyFyKe68=
Subject key identifier:   E7:2A:6F:E8:46:38:0E:98:62:F3:00:C0:16:95:83:26:AD:2D:48:20
Authority key identifier: CA:97:E0:94:4C:77:B2:6B:30:29:7C:2D:49:C3:BE:6A:EB:27:37:11
Certificate issuer:       /CN=ca97e0944c77b26b30297c2d49c3be6aeb273711
Certificate serial:       01974A7B0BDC72F2836236696324DFEC2E03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ypfglEx3smswKXwtScO-ausnNxE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft
Manifest number:          0292
Signing time:             Sat 07 Jun 2025 13:01:07 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:07 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:07 +0000
Files and hashes:         1: ypfglEx3smswKXwtScO-ausnNxE.crl (hash: mCNVxhhKy7rSswyOS/ALt4fJtbmmCBATNC2dnuMf/4M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ypfglEx3smswKXwtScO-ausnNxE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 13:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:0b:dc:72:f2:83:62:36:69:63:24:df:ec:2e:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca97e0944c77b26b30297c2d49c3be6aeb273711
        Validity
            Not Before: Jun  7 13:01:07 2025 GMT
            Not After : Jun  8 13:01:07 2025 GMT
        Subject: CN=e72a6fe846380e9862f300c016958326ad2d4820
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:08:47:4b:68:47:c0:86:13:14:37:66:97:56:
                    83:1c:08:a9:06:3b:80:75:d3:36:dc:ff:ca:97:fc:
                    f4:4f:4a:39:84:e9:31:07:13:47:fa:5a:a4:b8:75:
                    78:21:d2:61:28:0f:c5:c6:ef:16:a4:3c:e2:12:b8:
                    dc:1a:31:2e:61:58:8a:63:76:dc:e3:58:b2:f9:4f:
                    5f:f4:bb:ea:d8:5e:f2:20:3d:8a:01:b6:2d:3b:2e:
                    c4:f4:bf:43:8c:c4:22:48:e7:88:56:56:0b:3d:f2:
                    7d:1d:72:76:b4:d9:e9:a2:46:c2:91:6e:19:e1:70:
                    c3:f2:a9:62:49:af:61:a0:ce:ce:d9:75:0f:80:b3:
                    15:c1:8d:bf:1e:7b:cc:e7:40:a3:3f:a2:b5:cd:0a:
                    c6:7e:8b:d2:9d:da:3c:f9:93:1e:cb:57:22:c2:2e:
                    3c:50:d9:e3:29:e2:d7:76:82:9c:f4:80:c9:a7:7e:
                    50:ce:d4:a0:3b:38:88:7d:e4:79:46:93:a8:9e:ee:
                    e4:76:14:f1:a7:01:b3:39:50:e2:6e:0b:8c:34:86:
                    96:3b:cb:3c:62:2f:8b:6b:7b:8e:05:83:59:6c:99:
                    a0:e4:03:2f:c7:f6:11:c4:6b:ae:97:03:b2:36:e8:
                    59:f4:12:59:2e:37:6c:63:33:11:a0:0d:4b:9e:ed:
                    c3:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:2A:6F:E8:46:38:0E:98:62:F3:00:C0:16:95:83:26:AD:2D:48:20
            X509v3 Authority Key Identifier:
                keyid:CA:97:E0:94:4C:77:B2:6B:30:29:7C:2D:49:C3:BE:6A:EB:27:37:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypfglEx3smswKXwtScO-ausnNxE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:94:cb:8c:ae:fd:3f:5a:a9:2a:66:64:ff:d8:06:96:e8:4b:
         7b:10:08:36:b0:71:6a:9b:8e:ee:d6:53:21:2f:16:70:91:8e:
         3a:3b:cb:ab:4d:5a:bf:2f:c7:4c:71:e3:4b:ca:79:c0:72:af:
         5c:55:71:44:8b:98:9f:9e:49:af:ea:5b:b3:0e:a7:98:56:20:
         ab:e7:a5:11:bb:73:0f:b6:80:79:a6:31:6b:b1:85:5d:8f:81:
         13:07:36:85:22:b6:a2:c7:25:0f:fe:35:9e:77:e3:f1:47:c1:
         c8:4f:13:99:2d:08:47:90:a8:da:7e:97:1d:11:84:40:99:68:
         49:70:f2:12:c2:d7:58:28:10:3c:2b:04:ff:31:09:55:27:ca:
         e7:0a:78:d7:11:38:a7:4c:d9:b3:23:1d:4c:02:4b:8c:d3:cf:
         5e:3b:a7:ed:e5:c2:89:fd:3b:fe:80:b4:9f:2f:f4:1e:90:76:
         d0:06:23:de:70:d0:31:c1:8a:c1:3b:bc:ef:91:78:df:8e:f4:
         95:30:95:57:a5:96:d3:85:1f:97:cc:d0:1e:95:f7:29:27:c1:
         f9:d3:25:0f:11:09:71:54:b5:5d:bd:aa:1c:d5:bb:6a:49:c9:
         d1:b2:1b:13:a5:1a:d5:b2:3a:f4:61:10:22:07:03:17:9c:3f:
         35:ec:ad:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKewvccvKDYjZpYyTf7C4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTdlMDk0NGM3N2IyNmIzMDI5N2MyZDQ5YzNiZTZhZWIy
NzM3MTEwHhcNMjUwNjA3MTMwMTA3WhcNMjUwNjA4MTMwMTA3WjAzMTEwLwYDVQQD
EyhlNzJhNmZlODQ2MzgwZTk4NjJmMzAwYzAxNjk1ODMyNmFkMmQ0ODIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoghHS2hHwIYTFDdml1aDHAipBjuA
ddM23P/Kl/z0T0o5hOkxBxNH+lqkuHV4IdJhKA/Fxu8WpDziErjcGjEuYViKY3bc
41iy+U9f9Lvq2F7yID2KAbYtOy7E9L9DjMQiSOeIVlYLPfJ9HXJ2tNnpokbCkW4Z
4XDD8qliSa9hoM7O2XUPgLMVwY2/HnvM50CjP6K1zQrGfovSndo8+ZMey1ciwi48
UNnjKeLXdoKc9IDJp35QztSgOziIfeR5RpOonu7kdhTxpwGzOVDibguMNIaWO8s8
Yi+La3uOBYNZbJmg5AMvx/YRxGuulwOyNuhZ9BJZLjdsYzMRoA1Lnu3DUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOcqb+hGOA6YYvMAwBaVgyatLUggMB8GA1UdIwQY
MBaAFMqX4JRMd7JrMCl8LUnDvmrrJzcRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBmZ2xFeDNzbXN3S1h3dFNjTy1hdXNuTnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jMGUzODUtY2JlNS00N2YzLTgwOGQt
ZTY4NzY3YzE4ZjAyLzEveXBmZ2xFeDNzbXN3S1h3dFNjTy1hdXNuTnhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jMGUzODUtY2JlNS00N2YzLTgwOGQtZTY4NzY3YzE4ZjAy
LzEveXBmZ2xFeDNzbXN3S1h3dFNjTy1hdXNuTnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUZTLjK79
P1qpKmZk/9gGluhLexAINrBxapuO7tZTIS8WcJGOOjvLq01avy/HTHHjS8p5wHKv
XFVxRIuYn55Jr+pbsw6nmFYgq+elEbtzD7aAeaYxa7GFXY+BEwc2hSK2osclD/41
nnfj8UfByE8TmS0IR5Co2n6XHRGEQJloSXDyEsLXWCgQPCsE/zEJVSfK5wp41xE4
p0zZsyMdTAJLjNPPXjun7eXCif07/oC0ny/0HpB20AYj3nDQMcGKwTu875F43470
lTCVV6WW04Ufl8zQHpX3KSfB+dMlDxEJcVS1Xb2qHNW7aknJ0bIbE6Ua1bI69GEQ
IgcDF5w/Neyt8A==
-----END CERTIFICATE-----