Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
File:                     yuDyZX221YxEden7gXNW4u3SzA8.mft (raw, json)
Hash identifier:          KTvxANKHOqMjFI/9AkQRpkVP6VrDXmXRkrMBz9kb0+s=
Subject key identifier:   84:58:6E:2A:94:7E:FA:72:3A:05:36:73:1F:74:78:D6:07:39:40:C1
Authority key identifier: CA:E0:F2:65:7D:B6:D5:8C:44:75:E9:FB:81:73:56:E2:ED:D2:CC:0F
Certificate issuer:       /CN=cae0f2657db6d58c4475e9fb817356e2edd2cc0f
Certificate serial:       01974AE860FE2C4DA8EDDC3D96D547602FBC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
Manifest number:          1159
Signing time:             Sat 07 Jun 2025 15:00:32 +0000
Manifest this update:     Sat 07 Jun 2025 15:00:32 +0000
Manifest next update:     Sun 08 Jun 2025 15:00:32 +0000
Files and hashes:         1: yuDyZX221YxEden7gXNW4u3SzA8.crl (hash: IP+I038+VE6KBazqSfWm1TQw0vI5xVvEhBIIX8C+7l4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:e8:60:fe:2c:4d:a8:ed:dc:3d:96:d5:47:60:2f:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cae0f2657db6d58c4475e9fb817356e2edd2cc0f
        Validity
            Not Before: Jun  7 15:00:32 2025 GMT
            Not After : Jun  8 15:00:32 2025 GMT
        Subject: CN=84586e2a947efa723a0536731f7478d6073940c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:b1:21:57:a4:f5:88:14:f9:47:ab:71:90:10:
                    d3:ec:36:db:25:5d:af:3e:df:6c:47:96:1a:3a:7c:
                    10:95:81:71:44:43:b6:63:ef:28:1f:12:7d:94:6b:
                    b7:33:e7:a7:b2:ac:31:e9:b0:b0:7c:42:7f:34:8f:
                    06:5d:5f:26:ad:ba:6f:7a:5e:b9:c8:07:31:2f:7a:
                    cc:cd:65:e2:d7:d6:f2:45:5a:54:7d:e4:4e:41:32:
                    a3:a7:41:06:d2:3f:1b:26:a3:76:1c:5e:3a:7e:67:
                    24:9a:e5:0c:c9:ae:a9:98:ee:25:87:10:00:cd:96:
                    0d:33:09:c2:22:d5:cd:1e:cd:7c:67:b9:6c:f4:79:
                    30:29:61:b2:71:58:c4:2e:99:11:6d:2a:c8:6a:3c:
                    b8:d2:f4:c1:6e:fa:f0:9a:08:05:14:d3:52:d3:70:
                    a5:2e:95:83:7a:ee:98:e2:71:34:5e:be:2b:56:db:
                    c9:74:53:af:a1:3c:04:c6:c5:22:af:33:81:87:dc:
                    78:08:f9:52:9f:99:b8:1a:6f:e5:e4:27:34:bd:67:
                    c5:54:fb:f9:37:7c:6d:4f:82:48:98:0b:19:ad:33:
                    37:75:39:57:85:6a:30:3b:c7:6b:71:92:b4:c0:76:
                    f1:4b:65:d0:c7:40:4f:19:20:c9:d9:66:f1:60:be:
                    f1:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:58:6E:2A:94:7E:FA:72:3A:05:36:73:1F:74:78:D6:07:39:40:C1
            X509v3 Authority Key Identifier:
                keyid:CA:E0:F2:65:7D:B6:D5:8C:44:75:E9:FB:81:73:56:E2:ED:D2:CC:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:50:47:ef:f4:46:30:6d:a3:39:43:37:ef:18:bd:48:ae:99:
         b9:16:61:9e:31:1c:ae:86:96:e4:33:b3:da:4e:7b:5a:90:71:
         8f:09:db:90:e9:01:ed:0d:40:88:a9:4a:9a:1d:5f:41:10:5b:
         c1:fc:d7:f8:3c:5f:de:85:15:43:aa:78:b0:17:c1:7e:f2:02:
         7a:ce:a9:7f:1e:68:c4:7f:4b:63:07:9b:6a:e8:79:10:71:20:
         53:c5:ac:33:89:91:21:3a:77:67:00:8f:d7:61:56:85:86:4d:
         44:76:42:fe:76:35:a4:d8:f4:b0:34:f6:fa:32:20:d4:57:53:
         bf:c0:b2:6b:41:38:dd:c2:42:73:2f:cf:1d:84:ef:c0:7b:75:
         ae:4f:df:e6:1e:1b:5a:16:3e:c8:7a:5b:51:09:ae:7c:af:f9:
         2a:6a:d3:d9:12:59:6d:fe:ea:bd:b3:13:6c:bf:33:d9:e1:25:
         9f:17:80:18:f0:13:5b:df:69:99:b1:c8:8f:27:4f:0d:ff:5c:
         93:e3:aa:94:3f:18:f9:89:58:d4:c8:19:07:33:5f:50:00:81:
         d1:9e:a7:22:2d:5b:93:0e:3d:57:6a:29:de:34:d0:f3:7c:24:
         21:1d:f7:ef:62:ed:3b:d9:a9:d3:08:05:81:3f:f7:a2:91:a6:
         4b:b7:72:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdK6GD+LE2o7dw9ltVHYC+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZTBmMjY1N2RiNmQ1OGM0NDc1ZTlmYjgxNzM1NmUyZWRk
MmNjMGYwHhcNMjUwNjA3MTUwMDMyWhcNMjUwNjA4MTUwMDMyWjAzMTEwLwYDVQQD
Eyg4NDU4NmUyYTk0N2VmYTcyM2EwNTM2NzMxZjc0NzhkNjA3Mzk0MGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbEhV6T1iBT5R6txkBDT7DbbJV2v
Pt9sR5YaOnwQlYFxREO2Y+8oHxJ9lGu3M+ensqwx6bCwfEJ/NI8GXV8mrbpvel65
yAcxL3rMzWXi19byRVpUfeROQTKjp0EG0j8bJqN2HF46fmckmuUMya6pmO4lhxAA
zZYNMwnCItXNHs18Z7ls9HkwKWGycVjELpkRbSrIajy40vTBbvrwmggFFNNS03Cl
LpWDeu6Y4nE0Xr4rVtvJdFOvoTwExsUirzOBh9x4CPlSn5m4Gm/l5Cc0vWfFVPv5
N3xtT4JImAsZrTM3dTlXhWowO8drcZK0wHbxS2XQx0BPGSDJ2WbxYL7xVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRYbiqUfvpyOgU2cx90eNYHOUDBMB8GA1UdIwQY
MBaAFMrg8mV9ttWMRHXp+4FzVuLt0swPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8wMzdmZjEtNjliOS00NGI0LThjMGUt
YTE5YTNiZWIxNWIyLzEveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8wMzdmZjEtNjliOS00NGI0LThjMGUtYTE5YTNiZWIxNWIy
LzEveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJlBH7/RG
MG2jOUM37xi9SK6ZuRZhnjEcroaW5DOz2k57WpBxjwnbkOkB7Q1AiKlKmh1fQRBb
wfzX+Dxf3oUVQ6p4sBfBfvICes6pfx5oxH9LYwebauh5EHEgU8WsM4mRITp3ZwCP
12FWhYZNRHZC/nY1pNj0sDT2+jIg1FdTv8Cya0E43cJCcy/PHYTvwHt1rk/f5h4b
WhY+yHpbUQmufK/5KmrT2RJZbf7qvbMTbL8z2eElnxeAGPATW99pmbHIjydPDf9c
k+OqlD8Y+YlY1MgZBzNfUACB0Z6nIi1bkw49V2op3jTQ83wkIR3372LtO9mp0wgF
gT/3opGmS7dyQg==
-----END CERTIFICATE-----