Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
File:                     YzMz1xUm9TOxwc8L6fwyG2IzltM.mft (raw, json)
Hash identifier:          gFvsSHGupEOTheMK31T+g7npkMsLmWux1xTWCzEGyxo=
Subject key identifier:   9F:0B:68:35:1A:22:41:F5:1B:4D:84:70:93:A7:B3:07:C6:2B:E7:29
Authority key identifier: 63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3
Certificate issuer:       /CN=633333d71526f533b1c1cf0be9fc321b623396d3
Certificate serial:       01958EF35BCD1B2840F0AFF8B2A5E44A90C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
Manifest number:          052C
Signing time:             Thu 13 Mar 2025 10:01:08 +0000
Manifest this update:     Thu 13 Mar 2025 10:01:08 +0000
Manifest next update:     Fri 14 Mar 2025 10:01:08 +0000
Files and hashes:         1: YzMz1xUm9TOxwc8L6fwyG2IzltM.crl (hash: z09DgKtZYUIBzH5xnY/bQJ+sEEuLCnhuB4W6jmyPa48=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 09:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8e:f3:5b:cd:1b:28:40:f0:af:f8:b2:a5:e4:4a:90:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=633333d71526f533b1c1cf0be9fc321b623396d3
        Validity
            Not Before: Mar 13 10:01:08 2025 GMT
            Not After : Mar 14 10:01:08 2025 GMT
        Subject: CN=9f0b68351a2241f51b4d847093a7b307c62be729
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:c3:93:f4:11:23:b9:fb:87:c2:55:2a:01:08:
                    dc:bd:38:09:bd:13:16:c8:70:ea:81:7d:f2:34:e1:
                    48:27:6d:02:0a:1c:f1:c2:36:35:b8:cf:a9:43:47:
                    12:16:b8:9e:2b:79:87:38:e7:6e:78:fd:02:9c:9a:
                    b9:5f:35:09:6b:51:eb:25:80:a5:3c:3f:df:f1:f2:
                    25:ca:7c:5e:f6:2e:4e:74:a6:2f:20:b5:fc:6d:8e:
                    7a:aa:49:dd:e9:27:06:0a:6c:f5:46:f7:76:fa:63:
                    30:fd:d1:d5:e7:27:49:c8:11:15:e2:97:94:7b:3b:
                    17:45:be:8f:0a:f9:86:8f:53:3f:0f:b3:c1:8e:da:
                    c9:cf:c2:52:60:2e:82:5e:9e:99:9e:45:62:5b:c1:
                    0b:18:24:c1:5e:5e:b2:a5:99:4b:7a:cd:c6:0f:e2:
                    d3:89:b3:24:27:42:7d:4d:bb:f2:9d:02:1b:14:81:
                    bd:50:01:4f:90:b9:ce:0f:d1:cc:d9:5f:4a:b9:82:
                    c5:9d:90:60:55:c6:04:ff:08:f1:8b:e6:34:71:2e:
                    6e:da:31:5f:a5:1e:e6:91:26:df:15:e8:82:44:a2:
                    41:7e:8f:3c:3c:89:ad:82:5a:4e:b0:5f:6b:74:47:
                    e6:93:98:77:4f:57:8f:52:e8:3c:01:28:fa:8d:f7:
                    c6:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:0B:68:35:1A:22:41:F5:1B:4D:84:70:93:A7:B3:07:C6:2B:E7:29
            X509v3 Authority Key Identifier:
                keyid:63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:e9:d8:d3:6c:b6:72:b6:52:ce:4c:86:27:3b:2c:16:5b:aa:
         5e:a3:e1:55:c7:d8:da:2e:b5:de:7d:ba:d9:f7:9a:6c:c9:d0:
         fc:04:11:27:e4:00:d2:aa:68:3d:62:bd:d2:1e:e2:65:99:04:
         a5:02:79:f4:4c:d2:fc:99:49:a7:79:45:28:49:70:ef:29:75:
         33:58:e5:da:3d:46:f7:38:86:60:6d:8c:f6:cb:3f:93:db:84:
         7d:1d:e8:71:e0:ed:93:33:eb:33:21:5a:d6:45:ed:54:1b:7d:
         0f:50:34:5e:26:22:4e:f4:b0:60:a0:9b:d1:cf:f7:77:6c:64:
         64:98:6b:33:40:92:1e:d6:b6:d7:00:c4:ad:d0:67:6c:4a:a2:
         46:fb:dc:b6:c8:11:e9:ab:2d:88:ff:05:ca:8b:52:97:24:e4:
         8a:02:a3:5d:61:98:88:64:8a:dd:74:9b:ee:38:19:58:52:b5:
         70:f1:cb:51:86:0e:a8:5b:9c:64:64:0f:7d:21:d9:b7:5a:cb:
         53:8f:67:4f:cf:73:bc:2a:17:ab:c3:45:34:f4:f4:d5:51:40:
         d9:d5:6f:01:e0:26:15:74:ae:e3:30:37:79:0b:1f:cf:41:f3:
         95:ff:e9:56:38:f8:1c:ee:f6:0f:43:3a:3a:95:a1:ab:58:16:
         ef:8d:b2:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWO81vNGyhA8K/4sqXkSpDIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMzMzM2Q3MTUyNmY1MzNiMWMxY2YwYmU5ZmMzMjFiNjIz
Mzk2ZDMwHhcNMjUwMzEzMTAwMTA4WhcNMjUwMzE0MTAwMTA4WjAzMTEwLwYDVQQD
Eyg5ZjBiNjgzNTFhMjI0MWY1MWI0ZDg0NzA5M2E3YjMwN2M2MmJlNzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MOT9BEjufuHwlUqAQjcvTgJvRMW
yHDqgX3yNOFIJ20CChzxwjY1uM+pQ0cSFrieK3mHOOdueP0CnJq5XzUJa1HrJYCl
PD/f8fIlynxe9i5OdKYvILX8bY56qknd6ScGCmz1Rvd2+mMw/dHV5ydJyBEV4peU
ezsXRb6PCvmGj1M/D7PBjtrJz8JSYC6CXp6ZnkViW8ELGCTBXl6ypZlLes3GD+LT
ibMkJ0J9TbvynQIbFIG9UAFPkLnOD9HM2V9KuYLFnZBgVcYE/wjxi+Y0cS5u2jFf
pR7mkSbfFeiCRKJBfo88PImtglpOsF9rdEfmk5h3T1ePUug8ASj6jffGFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8LaDUaIkH1G02EcJOnswfGK+cpMB8GA1UdIwQY
MBaAFGMzM9cVJvUzscHPC+n8MhtiM5bTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEt
OWNmYzQ4MzhkM2VjLzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEtOWNmYzQ4MzhkM2Vj
LzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ+nY02y2
crZSzkyGJzssFluqXqPhVcfY2i613n262feabMnQ/AQRJ+QA0qpoPWK90h7iZZkE
pQJ59EzS/JlJp3lFKElw7yl1M1jl2j1G9ziGYG2M9ss/k9uEfR3oceDtkzPrMyFa
1kXtVBt9D1A0XiYiTvSwYKCb0c/3d2xkZJhrM0CSHta21wDErdBnbEqiRvvctsgR
6astiP8FyotSlyTkigKjXWGYiGSK3XSb7jgZWFK1cPHLUYYOqFucZGQPfSHZt1rL
U49nT89zvCoXq8NFNPT01VFA2dVvAeAmFXSu4zA3eQsfz0Hzlf/pVjj4HO72D0M6
OpWhq1gW742ygw==
-----END CERTIFICATE-----