Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft
File:                     ypfglEx3smswKXwtScO-ausnNxE.mft (raw, json)
Hash identifier:          xhlPDhPrvrVik6P+QWkMhItts1Dqi0PSsdyJyLAfwck=
Subject key identifier:   B2:AD:6D:58:A9:34:02:A9:65:65:42:A5:FC:B3:04:AC:C5:DD:48:91
Authority key identifier: CA:97:E0:94:4C:77:B2:6B:30:29:7C:2D:49:C3:BE:6A:EB:27:37:11
Certificate issuer:       /CN=ca97e0944c77b26b30297c2d49c3be6aeb273711
Certificate serial:       0194C38765B2B83F3D8641018E2D6A266833
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ypfglEx3smswKXwtScO-ausnNxE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft
Manifest number:          0143
Signing time:             Sat 01 Feb 2025 22:00:17 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:17 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:17 +0000
Files and hashes:         1: ypfglEx3smswKXwtScO-ausnNxE.crl (hash: m22z1fF/P6fpiI/IwtLOKN+PG1EMg/m/U05piC5R77o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ypfglEx3smswKXwtScO-ausnNxE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:65:b2:b8:3f:3d:86:41:01:8e:2d:6a:26:68:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca97e0944c77b26b30297c2d49c3be6aeb273711
        Validity
            Not Before: Feb  1 22:00:17 2025 GMT
            Not After : Feb  2 22:00:17 2025 GMT
        Subject: CN=b2ad6d58a93402a9656542a5fcb304acc5dd4891
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:6e:b5:cb:06:b6:b2:4e:18:0a:19:44:85:03:
                    7b:f7:a5:7c:98:6a:12:fd:25:0e:17:96:52:00:f6:
                    71:f2:9b:41:11:b3:07:8d:2c:5e:02:4c:78:9f:5f:
                    5c:d3:75:b6:79:05:5a:fb:83:31:58:29:5b:07:7e:
                    96:94:b9:cc:51:49:4b:f3:76:6b:f0:06:ed:31:51:
                    f8:5b:8d:29:02:63:4d:36:f1:70:5b:7e:db:0a:11:
                    65:ee:3b:53:05:44:0e:5c:e6:0a:a9:66:ac:61:5a:
                    ac:ab:47:8c:88:9b:a8:5d:28:7f:9b:07:dd:c4:5d:
                    d6:25:64:35:eb:24:b9:a2:29:16:42:4c:d3:a6:df:
                    c8:da:62:bb:1a:a9:3e:6f:1d:a9:af:f1:1d:b7:ee:
                    8c:c3:b4:51:d1:e5:91:e5:d9:38:39:c6:bf:f9:37:
                    29:d4:ad:92:d3:82:c5:20:26:40:54:82:0a:c4:1e:
                    32:0a:60:d2:3c:be:49:f4:4a:92:ef:de:9b:a4:1a:
                    c3:6a:a4:b9:4f:c8:3c:79:46:44:89:e3:a7:54:75:
                    87:7b:c4:55:ac:d0:d1:5f:e2:f4:31:18:ff:5a:dc:
                    d1:c4:43:42:ba:f0:b0:ac:6e:30:ec:8d:89:86:4d:
                    d8:56:b6:ba:1a:f6:54:4e:d6:bc:01:2f:c5:d1:b0:
                    dd:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:AD:6D:58:A9:34:02:A9:65:65:42:A5:FC:B3:04:AC:C5:DD:48:91
            X509v3 Authority Key Identifier:
                keyid:CA:97:E0:94:4C:77:B2:6B:30:29:7C:2D:49:C3:BE:6A:EB:27:37:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypfglEx3smswKXwtScO-ausnNxE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:c6:3c:62:64:cf:e8:a3:32:a0:0c:60:1a:6b:9e:7a:dc:16:
         fc:24:a7:d9:d4:4b:09:2f:4d:85:d5:1a:e0:26:68:16:0b:f0:
         dc:d5:88:35:ab:24:f7:d4:3e:1b:da:58:e2:b1:26:ba:cc:55:
         6d:78:13:4e:0c:66:c8:63:60:3e:8f:f3:6a:45:c6:9f:e2:ed:
         86:80:77:8a:33:53:76:2f:9f:14:a1:65:ef:ef:af:ff:f0:20:
         ce:31:3d:0c:35:64:97:d7:fd:64:96:a5:45:3d:17:0a:83:9d:
         8a:20:9a:a2:f5:6a:32:74:40:8f:cc:b7:27:23:88:6b:95:a8:
         b9:ad:e1:20:00:b2:54:2a:66:bc:63:a4:e3:08:8a:42:3d:ce:
         51:4a:e7:f3:5e:75:52:b8:d2:7c:62:95:dc:80:31:3a:49:a6:
         82:3a:19:98:f7:58:34:a6:5b:92:3c:0e:44:cc:f7:cd:e9:b8:
         12:74:61:af:37:28:d0:10:a0:04:ee:56:c7:71:b0:6f:ac:31:
         84:cf:08:09:f8:23:39:fb:4b:00:da:72:a9:5d:00:ff:d6:a1:
         dd:a2:dd:4f:17:1f:0e:52:6b:c5:25:55:2c:ef:dc:56:57:d9:
         8a:57:66:27:79:4d:2b:8f:bd:66:61:e9:c4:97:96:f6:00:0f:
         dc:b3:0a:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh2WyuD89hkEBji1qJmgzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTdlMDk0NGM3N2IyNmIzMDI5N2MyZDQ5YzNiZTZhZWIy
NzM3MTEwHhcNMjUwMjAxMjIwMDE3WhcNMjUwMjAyMjIwMDE3WjAzMTEwLwYDVQQD
EyhiMmFkNmQ1OGE5MzQwMmE5NjU2NTQyYTVmY2IzMDRhY2M1ZGQ0ODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl261ywa2sk4YChlEhQN796V8mGoS
/SUOF5ZSAPZx8ptBEbMHjSxeAkx4n19c03W2eQVa+4MxWClbB36WlLnMUUlL83Zr
8AbtMVH4W40pAmNNNvFwW37bChFl7jtTBUQOXOYKqWasYVqsq0eMiJuoXSh/mwfd
xF3WJWQ16yS5oikWQkzTpt/I2mK7Gqk+bx2pr/Edt+6Mw7RR0eWR5dk4Oca/+Tcp
1K2S04LFICZAVIIKxB4yCmDSPL5J9EqS796bpBrDaqS5T8g8eUZEieOnVHWHe8RV
rNDRX+L0MRj/WtzRxENCuvCwrG4w7I2Jhk3YVra6GvZUTta8AS/F0bDdMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLKtbVipNAKpZWVCpfyzBKzF3UiRMB8GA1UdIwQY
MBaAFMqX4JRMd7JrMCl8LUnDvmrrJzcRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBmZ2xFeDNzbXN3S1h3dFNjTy1hdXNuTnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jMGUzODUtY2JlNS00N2YzLTgwOGQt
ZTY4NzY3YzE4ZjAyLzEveXBmZ2xFeDNzbXN3S1h3dFNjTy1hdXNuTnhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jMGUzODUtY2JlNS00N2YzLTgwOGQtZTY4NzY3YzE4ZjAy
LzEveXBmZ2xFeDNzbXN3S1h3dFNjTy1hdXNuTnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlMY8YmTP
6KMyoAxgGmueetwW/CSn2dRLCS9NhdUa4CZoFgvw3NWINask99Q+G9pY4rEmusxV
bXgTTgxmyGNgPo/zakXGn+LthoB3ijNTdi+fFKFl7++v//AgzjE9DDVkl9f9ZJal
RT0XCoOdiiCaovVqMnRAj8y3JyOIa5Woua3hIACyVCpmvGOk4wiKQj3OUUrn8151
UrjSfGKV3IAxOkmmgjoZmPdYNKZbkjwORMz3zem4EnRhrzco0BCgBO5Wx3Gwb6wx
hM8ICfgjOftLANpyqV0A/9ah3aLdTxcfDlJrxSVVLO/cVlfZildmJ3lNK4+9ZmHp
xJeW9gAP3LMKiQ==
-----END CERTIFICATE-----