Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
File:                     YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft (raw, json)
Hash identifier:          nisEH9WWEdJCNUIV3xEBl+Ro3z3rWedOUEII6Z8i6WM=
Subject key identifier:   39:D2:E0:89:7A:2D:64:40:32:B3:7B:D9:7D:15:59:B4:C4:31:95:AD
Authority key identifier: 60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30
Certificate issuer:       /CN=6062b21fb6655b897923e29d6fcb644ab10ac530
Certificate serial:       019511A2EBC7D8706C53DE02D26661C70701
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
Manifest number:          1453
Signing time:             Mon 17 Feb 2025 02:00:44 +0000
Manifest this update:     Mon 17 Feb 2025 02:00:44 +0000
Manifest next update:     Tue 18 Feb 2025 02:00:44 +0000
Files and hashes:         1: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl (hash: 5FI0P/dqeiCpPaFljfii94WUq9NNsy0uuifZ+KAI8Vk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:a2:eb:c7:d8:70:6c:53:de:02:d2:66:61:c7:07:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6062b21fb6655b897923e29d6fcb644ab10ac530
        Validity
            Not Before: Feb 17 02:00:44 2025 GMT
            Not After : Feb 18 02:00:44 2025 GMT
        Subject: CN=39d2e0897a2d644032b37bd97d1559b4c43195ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:97:27:06:f4:84:bd:99:6b:6e:b8:61:17:40:
                    c9:19:c8:5d:47:42:64:95:34:2a:dc:c8:5c:e1:6c:
                    54:96:41:8e:c9:3d:26:80:67:91:f0:2a:f4:50:92:
                    3e:1c:8b:ed:6b:5e:e2:9b:0b:b0:79:0f:24:80:90:
                    27:24:03:5a:cf:d7:6f:19:70:01:a8:fc:43:44:d2:
                    62:19:35:90:fa:ca:d2:6b:23:10:7e:35:fe:d4:86:
                    1b:91:0a:14:bd:96:f2:51:62:51:60:0f:e7:0b:a3:
                    c6:63:aa:a0:65:4b:bf:e9:c1:83:99:d3:80:0c:a6:
                    fb:f2:b9:67:77:ba:57:10:c2:8a:06:9f:32:57:07:
                    4f:34:43:4f:4a:58:2e:03:47:a0:a8:f1:61:46:4f:
                    a1:56:2a:5f:85:2b:16:e1:f1:de:97:5f:13:2a:3a:
                    c8:4f:89:41:32:88:75:cf:88:97:6f:84:fd:75:f7:
                    b4:58:54:20:3f:60:84:99:96:82:cd:d8:55:d7:8f:
                    27:16:50:2d:60:ea:38:e4:79:ab:9f:5d:6f:29:e9:
                    12:10:3f:32:83:68:18:00:cd:5b:1e:71:f5:58:c8:
                    15:e6:f4:f0:3c:74:48:46:1a:84:0d:87:9b:d7:ad:
                    4d:ab:7e:1e:83:fe:72:a6:24:9f:95:bc:44:03:bf:
                    01:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:D2:E0:89:7A:2D:64:40:32:B3:7B:D9:7D:15:59:B4:C4:31:95:AD
            X509v3 Authority Key Identifier:
                keyid:60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:15:55:6a:13:ed:7c:20:f5:cb:27:0f:76:f2:9a:32:8e:d6:
         fa:1f:3e:3b:43:10:e7:f1:93:92:80:7e:82:e7:fd:3c:6b:64:
         f3:b5:d3:e4:13:d8:21:88:a7:9f:c2:b6:2b:fe:60:17:0c:e4:
         c6:3d:c9:30:a0:d4:af:7c:91:33:3d:df:de:98:c3:80:50:8b:
         3c:7a:40:f4:2d:22:45:2d:39:18:34:79:50:e7:aa:5e:2d:09:
         1b:01:b8:22:97:fa:db:97:3b:32:ae:c8:a1:ea:3a:1c:df:1e:
         42:10:57:2c:51:78:8d:7a:6f:d7:56:ce:46:a1:bf:40:7a:1d:
         ec:c2:4b:5e:62:14:3b:5c:c1:7d:12:d1:3b:59:d4:62:17:a1:
         c5:df:16:0c:91:25:7a:0b:a8:d6:00:cc:0e:69:1f:41:76:fc:
         6e:7c:85:48:27:d7:1b:79:19:e0:18:44:2c:d1:bd:c5:95:fd:
         d4:61:13:0e:cc:3c:f4:09:d1:e0:6e:5f:0b:c4:49:3a:6b:2a:
         49:26:76:da:15:86:15:35:1c:25:52:a4:31:f5:8a:4f:54:b0:
         3f:fb:4c:5b:6f:7d:35:f6:6b:2a:ce:d1:49:87:a8:3a:19:cd:
         58:2a:5f:95:99:e3:79:ad:74:a1:a4:26:37:9d:32:65:8c:7a:
         c2:ba:48:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURouvH2HBsU94C0mZhxwcBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjJiMjFmYjY2NTViODk3OTIzZTI5ZDZmY2I2NDRhYjEw
YWM1MzAwHhcNMjUwMjE3MDIwMDQ0WhcNMjUwMjE4MDIwMDQ0WjAzMTEwLwYDVQQD
EygzOWQyZTA4OTdhMmQ2NDQwMzJiMzdiZDk3ZDE1NTliNGM0MzE5NWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+JcnBvSEvZlrbrhhF0DJGchdR0Jk
lTQq3Mhc4WxUlkGOyT0mgGeR8Cr0UJI+HIvta17imwuweQ8kgJAnJANaz9dvGXAB
qPxDRNJiGTWQ+srSayMQfjX+1IYbkQoUvZbyUWJRYA/nC6PGY6qgZUu/6cGDmdOA
DKb78rlnd7pXEMKKBp8yVwdPNENPSlguA0egqPFhRk+hVipfhSsW4fHel18TKjrI
T4lBMoh1z4iXb4T9dfe0WFQgP2CEmZaCzdhV148nFlAtYOo45Hmrn11vKekSED8y
g2gYAM1bHnH1WMgV5vTwPHRIRhqEDYeb161Nq34eg/5ypiSflbxEA78BjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDnS4Il6LWRAMrN72X0VWbTEMZWtMB8GA1UdIwQY
MBaAFGBish+2ZVuJeSPinW/LZEqxCsUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYt
YjUyMGJlZGE2NjI2LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYtYjUyMGJlZGE2NjI2
LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfxVVahPt
fCD1yycPdvKaMo7W+h8+O0MQ5/GTkoB+guf9PGtk87XT5BPYIYinn8K2K/5gFwzk
xj3JMKDUr3yRMz3f3pjDgFCLPHpA9C0iRS05GDR5UOeqXi0JGwG4Ipf625c7Mq7I
oeo6HN8eQhBXLFF4jXpv11bORqG/QHod7MJLXmIUO1zBfRLRO1nUYhehxd8WDJEl
eguo1gDMDmkfQXb8bnyFSCfXG3kZ4BhELNG9xZX91GETDsw89AnR4G5fC8RJOmsq
SSZ22hWGFTUcJVKkMfWKT1SwP/tMW299NfZrKs7RSYeoOhnNWCpflZnjea10oaQm
N50yZYx6wrpIEQ==
-----END CERTIFICATE-----