Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
File:                     yQDj7qi7474R-IxoK9E4wmUH99w.mft (raw, json)
Hash identifier:          CZ0jLw0J/fFpoxbq1PDUyg3nb2mGbyPa8SxarDoAHB4=
Subject key identifier:   1A:FF:40:32:AB:3D:CE:9A:86:46:CC:4D:EA:62:6C:36:44:18:0F:91
Authority key identifier: C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC
Certificate issuer:       /CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
Certificate serial:       019510C6B172F5E033F3473C8CC02899B30C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
Manifest number:          0B3B
Signing time:             Sun 16 Feb 2025 22:00:11 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:11 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:11 +0000
Files and hashes:         1: yQDj7qi7474R-IxoK9E4wmUH99w.crl (hash: e6rEbkBROsXRd//ggB7TjBrk1s4hxtYVlBjRHRDNY1k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c6:b1:72:f5:e0:33:f3:47:3c:8c:c0:28:99:b3:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
        Validity
            Not Before: Feb 16 22:00:11 2025 GMT
            Not After : Feb 17 22:00:11 2025 GMT
        Subject: CN=1aff4032ab3dce9a8646cc4dea626c3644180f91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:59:f9:41:62:24:b0:04:f2:70:c8:b3:4d:4b:
                    7a:62:59:13:de:82:bd:6a:53:38:5b:a9:06:29:4b:
                    a0:66:11:8c:b6:d3:89:6f:cd:bd:06:13:18:14:2d:
                    ca:92:a2:3d:eb:ff:fe:e9:85:cc:16:5b:2e:ec:63:
                    11:77:59:b2:c9:90:af:ae:fb:40:f3:b3:8e:f0:fa:
                    c2:ca:b5:8d:44:32:15:d9:7f:91:ed:b6:33:4a:49:
                    7f:3c:ab:de:a4:64:f6:7c:25:a6:74:c8:b6:e4:84:
                    1e:9f:09:f0:f3:8f:8a:09:76:2b:c1:64:e7:3f:f0:
                    12:5b:a8:9b:7e:0a:38:ee:12:04:6a:35:12:a8:8c:
                    a7:25:8e:54:2b:3a:f0:24:2f:aa:eb:e4:ba:6a:06:
                    76:d3:5e:05:ca:0f:d8:3e:94:bc:9d:13:f2:81:c9:
                    45:d5:54:fc:e5:db:63:ba:3b:0a:c9:e4:7c:a2:52:
                    a6:b3:ba:41:02:c0:d5:4e:e6:e2:aa:14:7e:44:98:
                    6f:c6:eb:37:4d:06:1e:25:0f:d9:30:7d:26:f7:33:
                    34:dc:e6:1d:41:9e:f2:c5:85:57:37:4f:ef:65:a1:
                    a8:02:ed:41:69:45:92:0b:0d:e1:74:e2:39:29:ac:
                    0c:7a:61:6b:4d:a8:d1:df:cb:58:8a:80:f4:64:b0:
                    dd:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:FF:40:32:AB:3D:CE:9A:86:46:CC:4D:EA:62:6C:36:44:18:0F:91
            X509v3 Authority Key Identifier:
                keyid:C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:14:39:36:a0:2d:c8:61:99:d6:2b:ef:3a:57:fc:82:a5:af:
         90:a2:1d:68:7c:23:b1:da:c1:74:c9:de:84:3e:ee:d4:75:bc:
         b6:34:bc:59:c8:5d:21:3f:3c:2f:1a:65:49:66:af:e7:0d:71:
         b6:6f:05:2b:d0:08:0a:a9:71:b9:f8:4d:95:9e:b2:7e:7c:c1:
         e3:7f:f2:75:78:bf:ec:a7:07:3f:36:32:86:1a:3d:64:1e:4a:
         f7:9c:2a:b9:99:bd:a9:21:e3:a9:03:fa:8b:90:40:f2:b9:b0:
         c5:20:9f:5a:79:af:36:7b:2a:b6:51:f5:6b:97:d0:94:4c:2f:
         b3:a9:65:91:b5:ce:7c:8c:a2:29:44:fc:b6:09:21:03:55:e7:
         f3:85:9e:c2:85:15:6f:91:c0:b9:5e:0e:0f:1d:8d:84:3c:0c:
         2d:0f:8a:93:18:ce:ff:ed:69:a4:d8:86:49:f2:3f:cf:4f:1c:
         11:4e:88:71:c9:be:ae:66:bc:f7:9b:5a:ce:fd:10:31:d9:68:
         95:2f:c2:ef:ac:9f:70:9f:49:3a:28:71:01:aa:9c:fe:88:48:
         fb:72:46:1c:d0:52:cc:a5:5b:85:fe:92:e0:9c:98:f1:f1:93:
         11:63:f3:fe:3f:67:30:26:e6:fa:e2:27:81:44:68:18:63:3c:
         90:7c:42:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxrFy9eAz80c8jMAombMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MDBlM2VlYThiYmUzYmUxMWY4OGM2ODJiZDEzOGMyNjUw
N2Y3ZGMwHhcNMjUwMjE2MjIwMDExWhcNMjUwMjE3MjIwMDExWjAzMTEwLwYDVQQD
EygxYWZmNDAzMmFiM2RjZTlhODY0NmNjNGRlYTYyNmMzNjQ0MTgwZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFn5QWIksATycMizTUt6YlkT3oK9
alM4W6kGKUugZhGMttOJb829BhMYFC3KkqI96//+6YXMFlsu7GMRd1myyZCvrvtA
87OO8PrCyrWNRDIV2X+R7bYzSkl/PKvepGT2fCWmdMi25IQenwnw84+KCXYrwWTn
P/ASW6ibfgo47hIEajUSqIynJY5UKzrwJC+q6+S6agZ2014Fyg/YPpS8nRPygclF
1VT85dtjujsKyeR8olKms7pBAsDVTubiqhR+RJhvxus3TQYeJQ/ZMH0m9zM03OYd
QZ7yxYVXN0/vZaGoAu1BaUWSCw3hdOI5KawMemFrTajR38tYioD0ZLDdPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBr/QDKrPc6ahkbMTepibDZEGA+RMB8GA1UdIwQY
MBaAFMkA4+6ou+O+EfiMaCvROMJlB/fcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMt
NDE2MjA0YTAyNzM3LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMtNDE2MjA0YTAyNzM3
LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfRQ5NqAt
yGGZ1ivvOlf8gqWvkKIdaHwjsdrBdMnehD7u1HW8tjS8WchdIT88LxplSWav5w1x
tm8FK9AICqlxufhNlZ6yfnzB43/ydXi/7KcHPzYyhho9ZB5K95wquZm9qSHjqQP6
i5BA8rmwxSCfWnmvNnsqtlH1a5fQlEwvs6llkbXOfIyiKUT8tgkhA1Xn84WewoUV
b5HAuV4ODx2NhDwMLQ+KkxjO/+1ppNiGSfI/z08cEU6Iccm+rma895tazv0QMdlo
lS/C76yfcJ9JOihxAaqc/ohI+3JGHNBSzKVbhf6S4JyY8fGTEWPz/j9nMCbm+uIn
gURoGGM8kHxCxg==
-----END CERTIFICATE-----