Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft
File:                     rkyfGKFH6zVjDiNFxUAOFop8icE.mft (raw, json)
Hash identifier:          o45FrTZCaYjSblpV0Ve90cKwB7oLVUh8hLu3Gil3XNg=
Subject key identifier:   0B:9F:FF:87:32:81:6E:80:55:23:55:B0:60:33:E6:67:68:EC:90:CF
Authority key identifier: AE:4C:9F:18:A1:47:EB:35:63:0E:23:45:C5:40:0E:16:8A:7C:89:C1
Certificate issuer:       /CN=ae4c9f18a147eb35630e2345c5400e168a7c89c1
Certificate serial:       01964D7E6EB6D99E806EE6E041156A59B134
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rkyfGKFH6zVjDiNFxUAOFop8icE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft
Manifest number:          0A41
Signing time:             Sat 19 Apr 2025 10:00:53 +0000
Manifest this update:     Sat 19 Apr 2025 10:00:53 +0000
Manifest next update:     Sun 20 Apr 2025 10:00:53 +0000
Files and hashes:         1: rkyfGKFH6zVjDiNFxUAOFop8icE.crl (hash: tWBlXGOAyIGFaC/MBARn+xcbYJDjo6nYSJ5hERX0OPU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rkyfGKFH6zVjDiNFxUAOFop8icE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7e:6e:b6:d9:9e:80:6e:e6:e0:41:15:6a:59:b1:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae4c9f18a147eb35630e2345c5400e168a7c89c1
        Validity
            Not Before: Apr 19 10:00:53 2025 GMT
            Not After : Apr 20 10:00:53 2025 GMT
        Subject: CN=0b9fff8732816e80552355b06033e66768ec90cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:f6:77:ce:10:28:3f:2d:10:22:cb:9a:60:44:
                    15:4c:e8:2b:41:a7:25:e9:45:1e:b3:25:d3:06:c5:
                    31:93:10:d7:da:48:f8:80:96:7d:92:b2:ce:7c:75:
                    f8:38:36:8a:c2:89:ef:43:35:da:02:74:d4:ed:fa:
                    c9:d0:c1:29:ee:a1:e8:aa:b3:17:02:de:1e:94:41:
                    18:a2:cb:28:c0:ea:79:15:f2:df:4a:0b:c8:1f:38:
                    ba:96:13:63:30:74:d8:64:f0:81:2e:54:b0:eb:b4:
                    e1:0e:1c:a9:5b:29:30:bd:a2:17:1e:06:62:0e:47:
                    05:fd:04:b6:1e:71:f3:00:21:07:e5:43:7a:73:bc:
                    5a:9c:01:51:40:13:6f:84:2a:c7:95:d1:77:9a:16:
                    1a:8b:76:7f:f1:d6:28:47:08:39:60:0d:3c:4f:86:
                    80:82:02:16:5b:ed:5a:75:32:ce:54:1c:47:ea:ed:
                    47:d8:cc:fd:05:a0:0b:61:ef:29:f3:4c:f6:63:e6:
                    47:43:ea:c5:74:fa:52:ad:53:bb:d2:01:14:b2:de:
                    de:c6:ae:7e:9a:63:90:4d:a3:96:58:7f:09:e5:36:
                    e1:85:33:77:94:dd:47:77:4a:8f:e4:60:cc:97:f5:
                    8b:4a:ae:95:38:da:a8:b2:2f:f2:7e:1f:fb:5c:0e:
                    20:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:9F:FF:87:32:81:6E:80:55:23:55:B0:60:33:E6:67:68:EC:90:CF
            X509v3 Authority Key Identifier:
                keyid:AE:4C:9F:18:A1:47:EB:35:63:0E:23:45:C5:40:0E:16:8A:7C:89:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rkyfGKFH6zVjDiNFxUAOFop8icE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:1b:45:10:08:22:f9:21:bb:8f:13:9e:31:b7:f0:dc:bf:d9:
         31:b3:66:95:bb:c1:9d:b2:3d:10:2f:c5:b5:03:c7:ed:1f:22:
         b7:18:c7:4c:18:32:9c:63:56:09:31:72:f0:58:04:67:c6:bb:
         c6:5e:3d:8e:05:30:e0:08:03:20:7c:80:1b:53:84:c5:12:cd:
         22:82:1b:96:57:3b:8a:2c:3a:b5:89:5a:73:72:86:25:4d:4c:
         f7:34:41:c6:0e:65:89:25:64:71:05:dc:8c:6c:ef:e5:44:20:
         a5:40:e6:ca:96:70:83:fd:f7:cd:b4:5a:7a:24:53:58:b9:ec:
         3b:02:e7:bd:e5:95:37:ab:96:45:50:4b:6f:d8:76:4e:eb:bd:
         8d:e7:b1:8b:da:6e:62:86:16:d8:8d:01:3c:f3:f1:71:61:00:
         5a:d0:a5:ea:a8:a9:85:15:9d:fd:08:03:ea:75:90:31:a7:11:
         6c:b9:d7:04:58:da:67:db:09:4b:dd:a8:f1:97:3d:24:c2:53:
         8d:56:14:6d:a7:ea:ca:e5:d3:49:09:9f:68:8b:68:e5:91:c0:
         40:9c:9f:5e:71:44:05:0a:bb:99:c9:e2:0c:14:ec:89:1c:36:
         a2:dc:b1:54:c0:8e:87:7d:bf:bd:ee:ad:a8:4b:54:34:cc:e5:
         70:83:7b:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfm622Z6AbubgQRVqWbE0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNGM5ZjE4YTE0N2ViMzU2MzBlMjM0NWM1NDAwZTE2OGE3
Yzg5YzEwHhcNMjUwNDE5MTAwMDUzWhcNMjUwNDIwMTAwMDUzWjAzMTEwLwYDVQQD
EygwYjlmZmY4NzMyODE2ZTgwNTUyMzU1YjA2MDMzZTY2NzY4ZWM5MGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfZ3zhAoPy0QIsuaYEQVTOgrQacl
6UUesyXTBsUxkxDX2kj4gJZ9krLOfHX4ODaKwonvQzXaAnTU7frJ0MEp7qHoqrMX
At4elEEYossowOp5FfLfSgvIHzi6lhNjMHTYZPCBLlSw67ThDhypWykwvaIXHgZi
DkcF/QS2HnHzACEH5UN6c7xanAFRQBNvhCrHldF3mhYai3Z/8dYoRwg5YA08T4aA
ggIWW+1adTLOVBxH6u1H2Mz9BaALYe8p80z2Y+ZHQ+rFdPpSrVO70gEUst7exq5+
mmOQTaOWWH8J5TbhhTN3lN1Hd0qP5GDMl/WLSq6VONqosi/yfh/7XA4gawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAuf/4cygW6AVSNVsGAz5mdo7JDPMB8GA1UdIwQY
MBaAFK5MnxihR+s1Yw4jRcVADhaKfInBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmt5ZkdLRkg2elZqRGlORnhVQU9Gb3A4aWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kOTZiODItNThkZC00ZGRhLWJmZDMt
ZGEwNWIzN2M4ZTI0LzEvcmt5ZkdLRkg2elZqRGlORnhVQU9Gb3A4aWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kOTZiODItNThkZC00ZGRhLWJmZDMtZGEwNWIzN2M4ZTI0
LzEvcmt5ZkdLRkg2elZqRGlORnhVQU9Gb3A4aWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADxtFEAgi
+SG7jxOeMbfw3L/ZMbNmlbvBnbI9EC/FtQPH7R8itxjHTBgynGNWCTFy8FgEZ8a7
xl49jgUw4AgDIHyAG1OExRLNIoIbllc7iiw6tYlac3KGJU1M9zRBxg5liSVkcQXc
jGzv5UQgpUDmypZwg/33zbRaeiRTWLnsOwLnveWVN6uWRVBLb9h2Tuu9jeexi9pu
YoYW2I0BPPPxcWEAWtCl6qiphRWd/QgD6nWQMacRbLnXBFjaZ9sJS92o8Zc9JMJT
jVYUbafqyuXTSQmfaIto5ZHAQJyfXnFEBQq7mcniDBTsiRw2otyxVMCOh32/ve6t
qEtUNMzlcIN7mQ==
-----END CERTIFICATE-----