Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
File:                     YzMz1xUm9TOxwc8L6fwyG2IzltM.mft (raw, json)
Hash identifier:          j/Vfwfv60gYo7MGjR2DhxYzYNAjj51LH7/WEWWSLcWQ=
Subject key identifier:   6D:54:C3:A5:86:DB:AC:89:70:14:A3:1A:26:DB:A2:D5:29:05:8B:4D
Authority key identifier: 63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3
Certificate issuer:       /CN=633333d71526f533b1c1cf0be9fc321b623396d3
Certificate serial:       0195116C0BAA0728F3DA496918F0175678EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
Manifest number:          04EB
Signing time:             Mon 17 Feb 2025 01:00:48 +0000
Manifest this update:     Mon 17 Feb 2025 01:00:48 +0000
Manifest next update:     Tue 18 Feb 2025 01:00:48 +0000
Files and hashes:         1: YzMz1xUm9TOxwc8L6fwyG2IzltM.crl (hash: 81WgKWvWP3Ta0NPa5E8pizPGCGAzoV4VjgF2HwsYsGc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:6c:0b:aa:07:28:f3:da:49:69:18:f0:17:56:78:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=633333d71526f533b1c1cf0be9fc321b623396d3
        Validity
            Not Before: Feb 17 01:00:48 2025 GMT
            Not After : Feb 18 01:00:48 2025 GMT
        Subject: CN=6d54c3a586dbac897014a31a26dba2d529058b4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:42:91:9d:76:f8:3c:db:98:f7:e4:fd:ea:9c:
                    a8:ab:9b:ea:ae:fb:54:16:f4:b4:50:bd:e5:d8:df:
                    04:0e:f0:b8:91:aa:e6:b4:c1:b6:a9:04:00:4f:9e:
                    53:73:5b:61:1a:09:b9:98:f8:b4:30:b9:94:3c:21:
                    cb:49:99:e5:ba:f5:bd:a4:2e:12:b4:bc:85:ac:9b:
                    ea:7f:37:2f:61:f5:9f:8e:d8:60:c0:bc:6e:02:1d:
                    e7:77:a1:fd:d2:71:0e:8b:9b:5e:05:fb:b1:24:cd:
                    02:f0:57:1b:75:8a:33:33:a8:8c:06:1c:63:e0:26:
                    fa:88:b3:bb:f6:15:07:83:e0:8e:e2:27:5e:1c:d8:
                    7f:84:3c:36:b9:65:9e:64:ac:96:6a:b1:62:02:99:
                    fc:ed:d6:d7:87:c7:60:e4:1f:42:dd:19:46:cd:21:
                    f9:80:5c:95:05:f7:d4:6d:4f:30:09:46:7c:a4:64:
                    17:39:17:27:4b:05:13:1a:3b:df:b4:3d:00:56:2f:
                    a0:63:b5:98:45:b5:78:2e:2b:78:af:70:2e:43:c0:
                    21:65:9a:29:31:4e:0b:62:ed:ec:3e:7d:0d:37:00:
                    45:06:e0:13:82:04:d6:fe:17:c7:19:7e:05:3f:9b:
                    28:39:dd:a3:e4:c4:05:5a:4c:cd:60:51:94:ce:84:
                    b2:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:54:C3:A5:86:DB:AC:89:70:14:A3:1A:26:DB:A2:D5:29:05:8B:4D
            X509v3 Authority Key Identifier:
                keyid:63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:b3:9b:a7:69:aa:98:43:ca:20:1b:da:2b:ec:5f:6b:09:7f:
         b2:82:33:81:36:44:ee:61:88:03:42:8d:c9:a0:bd:a0:a0:2b:
         e5:80:6b:31:78:4f:5a:e2:30:a8:d7:b5:39:20:92:d7:49:06:
         ec:7d:11:7c:24:10:0b:c5:48:50:10:8a:e1:e9:6d:81:ed:7a:
         b7:6c:7c:47:60:b1:e6:02:76:bf:9b:2c:77:b1:66:9d:68:27:
         f6:89:93:8f:00:c3:89:ee:2f:9b:0d:b5:5b:25:f5:8e:77:51:
         4d:97:26:1b:27:c7:fc:6b:04:a8:13:81:1f:ad:7c:39:8d:ba:
         04:ea:2f:55:b9:fa:d5:20:ac:21:d5:44:ef:d4:c2:47:ea:01:
         e6:c3:c0:3e:d1:19:1b:ea:2e:24:a2:62:e6:ce:1d:26:de:78:
         a1:75:ea:11:ef:72:27:e6:ca:5e:60:95:56:23:c3:57:e2:6d:
         f1:7c:f8:d3:d5:83:04:1a:41:09:a1:f4:a3:1f:eb:77:40:54:
         8c:8a:bb:51:8f:b5:0c:a5:fd:62:4d:80:3a:81:69:72:bd:41:
         f2:a1:06:f5:49:41:49:25:88:b2:3a:2f:13:3c:bf:ee:45:82:
         5c:c1:9d:9f:07:2b:07:46:b2:56:c6:b7:60:3f:88:d7:fe:fe:
         2a:15:25:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURbAuqByjz2klpGPAXVnjsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMzMzM2Q3MTUyNmY1MzNiMWMxY2YwYmU5ZmMzMjFiNjIz
Mzk2ZDMwHhcNMjUwMjE3MDEwMDQ4WhcNMjUwMjE4MDEwMDQ4WjAzMTEwLwYDVQQD
Eyg2ZDU0YzNhNTg2ZGJhYzg5NzAxNGEzMWEyNmRiYTJkNTI5MDU4YjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0KRnXb4PNuY9+T96pyoq5vqrvtU
FvS0UL3l2N8EDvC4karmtMG2qQQAT55Tc1thGgm5mPi0MLmUPCHLSZnluvW9pC4S
tLyFrJvqfzcvYfWfjthgwLxuAh3nd6H90nEOi5teBfuxJM0C8FcbdYozM6iMBhxj
4Cb6iLO79hUHg+CO4ideHNh/hDw2uWWeZKyWarFiApn87dbXh8dg5B9C3RlGzSH5
gFyVBffUbU8wCUZ8pGQXORcnSwUTGjvftD0AVi+gY7WYRbV4Lit4r3AuQ8AhZZop
MU4LYu3sPn0NNwBFBuATggTW/hfHGX4FP5soOd2j5MQFWkzNYFGUzoSyOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG1Uw6WG26yJcBSjGibbotUpBYtNMB8GA1UdIwQY
MBaAFGMzM9cVJvUzscHPC+n8MhtiM5bTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEt
OWNmYzQ4MzhkM2VjLzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEtOWNmYzQ4MzhkM2Vj
LzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHLObp2mq
mEPKIBvaK+xfawl/soIzgTZE7mGIA0KNyaC9oKAr5YBrMXhPWuIwqNe1OSCS10kG
7H0RfCQQC8VIUBCK4eltge16t2x8R2Cx5gJ2v5ssd7FmnWgn9omTjwDDie4vmw21
WyX1jndRTZcmGyfH/GsEqBOBH618OY26BOovVbn61SCsIdVE79TCR+oB5sPAPtEZ
G+ouJKJi5s4dJt54oXXqEe9yJ+bKXmCVViPDV+Jt8Xz409WDBBpBCaH0ox/rd0BU
jIq7UY+1DKX9Yk2AOoFpcr1B8qEG9UlBSSWIsjovEzy/7kWCXMGdnwcrB0ayVsa3
YD+I1/7+KhUlRA==
-----END CERTIFICATE-----