Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.mft
File:                     Y-ftmpXgsiN2kMdL_njP7eLETnw.mft (raw, json)
Hash identifier:          uw/Gdr5prDTJdm1RrFwo0aXtM4aqAS4Sj7bVaEUTVEM=
Subject key identifier:   53:3D:F0:F1:BE:E0:E6:9A:0A:7C:0D:4E:3C:6D:44:5E:1A:B1:8C:5E
Authority key identifier: 63:E7:ED:9A:95:E0:B2:23:76:90:C7:4B:FE:78:CF:ED:E2:C4:4E:7C
Certificate issuer:       /CN=63e7ed9a95e0b2237690c74bfe78cfede2c44e7c
Certificate serial:       0196515B29EDDCD87D182AADAE3C4FF102F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-ftmpXgsiN2kMdL_njP7eLETnw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.mft
Manifest number:          0852
Signing time:             Sun 20 Apr 2025 04:00:50 +0000
Manifest this update:     Sun 20 Apr 2025 04:00:50 +0000
Manifest next update:     Mon 21 Apr 2025 04:00:50 +0000
Files and hashes:         1: Y-ftmpXgsiN2kMdL_njP7eLETnw.crl (hash: PgD+Ge1Gy7Ikk89+8s04VpQEbQrkA2laMt6NBJq+P2U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y-ftmpXgsiN2kMdL_njP7eLETnw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 04:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:5b:29:ed:dc:d8:7d:18:2a:ad:ae:3c:4f:f1:02:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e7ed9a95e0b2237690c74bfe78cfede2c44e7c
        Validity
            Not Before: Apr 20 04:00:50 2025 GMT
            Not After : Apr 21 04:00:50 2025 GMT
        Subject: CN=533df0f1bee0e69a0a7c0d4e3c6d445e1ab18c5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:fb:4d:4e:dd:05:f2:08:d0:04:3f:b2:4f:78:
                    81:a0:c2:f9:fa:3f:2e:7f:11:d9:58:30:46:a0:02:
                    81:bb:18:c8:88:20:a7:a9:b9:d2:3a:ac:43:3e:2e:
                    7d:18:e8:f4:9e:a3:32:be:f2:fb:a4:da:e5:38:17:
                    8a:85:05:dc:15:4b:f7:3f:55:3f:5d:be:4d:cd:df:
                    91:a1:64:2c:77:2a:3c:af:5b:8e:22:e5:fa:ee:c1:
                    60:7a:63:1c:6f:78:19:be:4a:64:fd:1e:0c:6b:98:
                    68:90:c8:af:78:34:80:51:82:57:75:47:25:76:ab:
                    0b:7b:14:de:1b:f8:d7:f5:be:f6:c1:fb:a4:57:40:
                    9a:d9:eb:13:e2:9f:94:2e:1c:2b:15:e0:cb:70:47:
                    be:11:ff:ca:84:44:a0:f2:36:8b:12:40:84:14:8b:
                    b7:7d:39:2c:9c:21:b8:8f:e2:97:46:a4:1d:00:7b:
                    19:6e:bd:0a:c5:3e:e0:b3:7d:1b:f0:cd:d9:6a:1b:
                    86:df:3f:38:ee:04:9b:85:a5:c2:e5:5c:94:69:95:
                    20:28:dd:bf:ff:2a:e5:15:09:34:1b:0e:45:3a:e9:
                    ae:5c:26:a6:58:93:a2:ed:5e:5c:21:64:79:6f:f8:
                    ed:fd:49:ad:13:c8:96:0f:f7:ce:58:ae:ba:49:9d:
                    1c:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:3D:F0:F1:BE:E0:E6:9A:0A:7C:0D:4E:3C:6D:44:5E:1A:B1:8C:5E
            X509v3 Authority Key Identifier:
                keyid:63:E7:ED:9A:95:E0:B2:23:76:90:C7:4B:FE:78:CF:ED:E2:C4:4E:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-ftmpXgsiN2kMdL_njP7eLETnw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:e5:e7:b7:aa:3a:99:cf:da:67:cd:c7:7d:23:05:43:9b:ef:
         77:34:e5:05:14:20:08:06:d5:c9:80:5c:a3:a0:99:d9:7d:21:
         ad:6e:6d:4e:ef:c7:05:1b:5b:8a:20:36:b9:13:3a:61:3a:f3:
         0d:a8:64:d1:20:c7:2b:59:e1:48:99:2d:4f:97:d3:65:a6:6e:
         d7:58:20:5a:e1:4b:e5:9f:83:12:7e:28:30:b6:87:1f:6b:fb:
         e4:03:c2:7f:51:56:49:dc:23:c9:ca:27:6e:55:8e:39:bf:3b:
         e0:33:f8:25:49:76:9b:95:e1:7c:7e:a5:0c:cd:b0:ec:4a:e7:
         65:cc:c5:88:5e:15:b3:aa:0c:a6:d6:56:10:24:26:e2:63:e1:
         31:7f:cd:6c:34:d3:45:56:cb:31:2e:b8:90:a2:ab:2e:33:d9:
         0e:fc:af:c3:4f:f0:0c:9c:01:69:11:65:ad:af:b1:47:96:69:
         47:3c:ab:f0:7a:18:e2:a9:8c:fa:11:e5:b5:fa:bc:c6:04:c2:
         27:87:b5:09:a9:0f:62:b8:48:1c:41:0a:8b:ed:d5:33:0a:c9:
         5b:dd:14:5b:23:a5:f1:c6:59:47:61:d4:97:c9:74:ad:54:48:
         8d:fb:4a:86:12:a6:ed:d3:e6:b4:1e:91:61:a9:3e:b8:1d:ff:
         ee:cd:a7:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRWynt3Nh9GCqtrjxP8QL5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTdlZDlhOTVlMGIyMjM3NjkwYzc0YmZlNzhjZmVkZTJj
NDRlN2MwHhcNMjUwNDIwMDQwMDUwWhcNMjUwNDIxMDQwMDUwWjAzMTEwLwYDVQQD
Eyg1MzNkZjBmMWJlZTBlNjlhMGE3YzBkNGUzYzZkNDQ1ZTFhYjE4YzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/tNTt0F8gjQBD+yT3iBoML5+j8u
fxHZWDBGoAKBuxjIiCCnqbnSOqxDPi59GOj0nqMyvvL7pNrlOBeKhQXcFUv3P1U/
Xb5Nzd+RoWQsdyo8r1uOIuX67sFgemMcb3gZvkpk/R4Ma5hokMiveDSAUYJXdUcl
dqsLexTeG/jX9b72wfukV0Ca2esT4p+ULhwrFeDLcEe+Ef/KhESg8jaLEkCEFIu3
fTksnCG4j+KXRqQdAHsZbr0KxT7gs30b8M3ZahuG3z847gSbhaXC5VyUaZUgKN2/
/yrlFQk0Gw5FOumuXCamWJOi7V5cIWR5b/jt/UmtE8iWD/fOWK66SZ0cbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFM98PG+4OaaCnwNTjxtRF4asYxeMB8GA1UdIwQY
MBaAFGPn7ZqV4LIjdpDHS/54z+3ixE58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1mdG1wWGdzaU4ya01kTF9ualA3ZUxFVG53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mMGM5MTQtZTgzZi00OTNhLThiMDct
MTliMmQ0MWJlYTc5LzEvWS1mdG1wWGdzaU4ya01kTF9ualA3ZUxFVG53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mMGM5MTQtZTgzZi00OTNhLThiMDctMTliMmQ0MWJlYTc5
LzEvWS1mdG1wWGdzaU4ya01kTF9ualA3ZUxFVG53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU+Xnt6o6
mc/aZ83HfSMFQ5vvdzTlBRQgCAbVyYBco6CZ2X0hrW5tTu/HBRtbiiA2uRM6YTrz
Dahk0SDHK1nhSJktT5fTZaZu11ggWuFL5Z+DEn4oMLaHH2v75APCf1FWSdwjycon
blWOOb874DP4JUl2m5XhfH6lDM2w7ErnZczFiF4Vs6oMptZWECQm4mPhMX/NbDTT
RVbLMS64kKKrLjPZDvyvw0/wDJwBaRFlra+xR5ZpRzyr8HoY4qmM+hHltfq8xgTC
J4e1CakPYrhIHEEKi+3VMwrJW90UWyOl8cZZR2HUl8l0rVRIjftKhhKm7dPmtB6R
Yak+uB3/7s2n6Q==
-----END CERTIFICATE-----