Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
File:                     orLY2dCvlBb6vW8gNfpyiO-XyME.mft (raw, json)
Hash identifier:          yfaAvAOJPpNmZhO/y6/NeAN86FdDLp0djQ3Y9CHbt5g=
Subject key identifier:   6C:5D:1C:94:AF:E0:3E:27:10:30:80:95:B5:46:F5:9D:58:99:07:C8
Authority key identifier: A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1
Certificate issuer:       /CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
Certificate serial:       0196463239BE096918ECEB10CC587DE2D14F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
Manifest number:          053C
Signing time:             Fri 18 Apr 2025 00:00:18 +0000
Manifest this update:     Fri 18 Apr 2025 00:00:18 +0000
Manifest next update:     Sat 19 Apr 2025 00:00:18 +0000
Files and hashes:         1: orLY2dCvlBb6vW8gNfpyiO-XyME.crl (hash: aKGwmlvnnBlBLqe1r4HMz6iKNEAbjCe1BG7Qq8CTVI8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 00:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:46:32:39:be:09:69:18:ec:eb:10:cc:58:7d:e2:d1:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
        Validity
            Not Before: Apr 18 00:00:18 2025 GMT
            Not After : Apr 19 00:00:18 2025 GMT
        Subject: CN=6c5d1c94afe03e2710308095b546f59d589907c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:1d:62:57:38:72:15:ac:bc:5b:73:57:cb:a4:
                    4d:2a:5a:b7:65:3a:2c:bf:0a:78:fa:7a:6d:ab:fb:
                    0a:d9:9a:65:25:90:25:4a:b4:ae:a1:47:59:3e:8e:
                    84:2b:6e:e4:ff:b7:a2:63:cc:1d:88:fb:87:25:04:
                    c0:81:9f:08:23:6f:00:1e:5c:ed:b5:5d:b6:80:9c:
                    9f:16:b0:30:f4:cd:69:fa:33:7b:cb:05:1a:cf:cc:
                    4b:b0:c8:fb:15:a3:61:61:e2:c9:88:e8:55:56:20:
                    71:c9:64:fc:2a:d5:8c:eb:24:fe:c5:e4:12:07:b8:
                    e5:f1:06:1b:45:b1:68:20:90:00:43:59:fe:53:15:
                    64:d0:c5:51:92:c6:e2:da:6e:87:27:a9:90:8b:60:
                    be:b3:0e:24:99:cc:42:a5:05:a0:3f:72:10:d6:f7:
                    7d:25:31:65:6f:af:ad:87:c3:7a:8d:f2:ac:71:10:
                    3b:5f:4b:4a:6a:f3:d3:ff:f0:37:94:89:32:f5:93:
                    f1:3c:0e:9f:67:2c:b1:72:86:09:2f:26:77:4d:30:
                    40:f2:24:c3:55:b4:b8:4a:e6:cd:e3:40:ef:fc:2a:
                    01:d9:14:47:ac:98:e3:eb:ee:64:f7:89:d8:6f:22:
                    8a:f1:46:d7:57:e7:a2:cc:f0:b1:af:7c:d0:8b:36:
                    8b:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:5D:1C:94:AF:E0:3E:27:10:30:80:95:B5:46:F5:9D:58:99:07:C8
            X509v3 Authority Key Identifier:
                keyid:A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:8b:22:83:11:6a:d6:23:23:1b:20:ec:df:26:76:ab:8f:bd:
         6f:fd:b2:89:75:75:82:89:3e:fb:e8:a5:92:85:bf:6e:ed:57:
         e9:08:31:49:88:b6:fb:b1:b5:a7:1d:ab:28:23:51:6f:6c:f1:
         59:af:53:d7:e8:80:cd:f4:0a:ba:df:62:96:92:13:6b:a8:2d:
         c5:cd:a4:7c:7e:30:df:21:ae:2e:8d:f7:7b:af:65:ec:29:bf:
         98:40:56:09:13:35:88:2a:2f:6d:1c:3c:16:dc:55:b4:7f:6d:
         8b:5f:27:e9:5b:e9:97:7d:e3:6f:cf:fd:c6:89:f8:a4:04:20:
         b3:1d:3f:71:c8:f0:27:2b:dc:f5:e8:f6:02:5d:97:63:27:27:
         c3:f6:1f:24:e7:84:fb:d2:90:83:ed:e9:41:9a:37:e6:1c:68:
         28:33:5b:a1:06:b7:48:ea:92:3e:71:8f:8c:9e:85:74:18:16:
         a8:b9:a7:5d:c7:79:73:d9:29:28:bc:a5:0f:c8:59:48:b1:74:
         95:4f:b3:80:37:ad:0e:ca:4c:5c:54:ff:30:43:c0:35:b6:7b:
         3e:2b:04:26:91:4f:a3:c0:8a:16:01:da:c0:57:8b:8a:d5:23:
         ff:c8:df:6b:70:4c:ec:1b:46:1e:ba:82:e5:6a:90:50:8d:ac:
         5c:94:36:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZGMjm+CWkY7OsQzFh94tFPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjJkOGQ5ZDBhZjk0MTZmYWJkNmYyMDM1ZmE3Mjg4ZWY5
N2M4YzEwHhcNMjUwNDE4MDAwMDE4WhcNMjUwNDE5MDAwMDE4WjAzMTEwLwYDVQQD
Eyg2YzVkMWM5NGFmZTAzZTI3MTAzMDgwOTViNTQ2ZjU5ZDU4OTkwN2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx1iVzhyFay8W3NXy6RNKlq3ZTos
vwp4+nptq/sK2ZplJZAlSrSuoUdZPo6EK27k/7eiY8wdiPuHJQTAgZ8II28AHlzt
tV22gJyfFrAw9M1p+jN7ywUaz8xLsMj7FaNhYeLJiOhVViBxyWT8KtWM6yT+xeQS
B7jl8QYbRbFoIJAAQ1n+UxVk0MVRksbi2m6HJ6mQi2C+sw4kmcxCpQWgP3IQ1vd9
JTFlb6+th8N6jfKscRA7X0tKavPT//A3lIky9ZPxPA6fZyyxcoYJLyZ3TTBA8iTD
VbS4SubN40Dv/CoB2RRHrJjj6+5k94nYbyKK8UbXV+eizPCxr3zQizaL2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGxdHJSv4D4nEDCAlbVG9Z1YmQfIMB8GA1UdIwQY
MBaAFKKy2NnQr5QW+r1vIDX6cojvl8jBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUt
YmFmN2JhMGM0MTc3LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUtYmFmN2JhMGM0MTc3
LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkIsigxFq
1iMjGyDs3yZ2q4+9b/2yiXV1gok+++ilkoW/bu1X6QgxSYi2+7G1px2rKCNRb2zx
Wa9T1+iAzfQKut9ilpITa6gtxc2kfH4w3yGuLo33e69l7Cm/mEBWCRM1iCovbRw8
FtxVtH9ti18n6Vvpl33jb8/9xon4pAQgsx0/ccjwJyvc9ej2Al2XYycnw/YfJOeE
+9KQg+3pQZo35hxoKDNboQa3SOqSPnGPjJ6FdBgWqLmnXcd5c9kpKLylD8hZSLF0
lU+zgDetDspMXFT/MEPANbZ7PisEJpFPo8CKFgHawFeLitUj/8jfa3BM7BtGHrqC
5WqQUI2sXJQ2aA==
-----END CERTIFICATE-----