Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft
File:                     rkyfGKFH6zVjDiNFxUAOFop8icE.mft (raw, json)
Hash identifier:          36Vbj9DfQrVRtuGyF8kwYqkpkvIrHWwIL2/gxBbGNy4=
Subject key identifier:   71:74:71:FB:3B:FC:93:01:13:F4:4B:1E:25:C5:87:DB:AB:0A:DD:80
Authority key identifier: AE:4C:9F:18:A1:47:EB:35:63:0E:23:45:C5:40:0E:16:8A:7C:89:C1
Certificate issuer:       /CN=ae4c9f18a147eb35630e2345c5400e168a7c89c1
Certificate serial:       019510C6CF38DAB9BE01FBBC38022B6C6D6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rkyfGKFH6zVjDiNFxUAOFop8icE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft
Manifest number:          099D
Signing time:             Sun 16 Feb 2025 22:00:19 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:19 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:19 +0000
Files and hashes:         1: rkyfGKFH6zVjDiNFxUAOFop8icE.crl (hash: cqQLFD0qxVcKj+v3APYaHaUlNLk6pz3fMwJo0gYiN58=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rkyfGKFH6zVjDiNFxUAOFop8icE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c6:cf:38:da:b9:be:01:fb:bc:38:02:2b:6c:6d:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae4c9f18a147eb35630e2345c5400e168a7c89c1
        Validity
            Not Before: Feb 16 22:00:19 2025 GMT
            Not After : Feb 17 22:00:19 2025 GMT
        Subject: CN=717471fb3bfc930113f44b1e25c587dbab0add80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:67:86:6a:d4:d1:a7:ae:de:dd:59:c6:e7:44:
                    64:9e:6f:53:00:f0:ef:7b:54:65:5c:04:2f:b4:04:
                    f6:27:c3:bf:c3:c8:2c:40:b4:9d:1f:1b:0d:94:64:
                    18:37:63:a9:e5:88:da:5d:63:f3:29:2d:50:e8:03:
                    19:da:2e:d8:35:b4:f2:b6:44:e5:e0:83:36:88:71:
                    40:5e:c8:fa:39:59:b0:4c:eb:61:b7:38:30:42:9a:
                    a7:bd:a8:ac:84:7f:01:8e:d8:c2:f0:5e:b0:a6:7e:
                    f8:11:77:cb:b4:b0:3b:86:66:f3:e6:48:80:4b:6f:
                    2c:5f:2a:ba:8f:66:ac:6e:ee:de:7f:6e:b6:3a:25:
                    89:f8:82:39:67:2a:72:67:2f:f0:e9:ec:8f:a9:29:
                    70:f0:27:97:29:11:57:f1:08:6b:c9:9d:76:d1:91:
                    07:2d:73:29:bc:c2:23:a5:29:4c:7e:69:85:a8:89:
                    38:32:de:e0:9e:ec:86:a7:87:a4:d4:1e:d3:0f:78:
                    50:44:c6:59:1c:00:22:bf:e9:07:4f:30:08:c9:0c:
                    e7:55:ed:80:e6:43:81:2b:67:38:f1:40:bc:72:17:
                    73:35:a1:d8:e0:e4:86:e9:27:16:17:67:43:5c:e9:
                    e2:54:fa:33:48:68:85:65:76:0e:9a:55:94:f2:1f:
                    5d:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:74:71:FB:3B:FC:93:01:13:F4:4B:1E:25:C5:87:DB:AB:0A:DD:80
            X509v3 Authority Key Identifier:
                keyid:AE:4C:9F:18:A1:47:EB:35:63:0E:23:45:C5:40:0E:16:8A:7C:89:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rkyfGKFH6zVjDiNFxUAOFop8icE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:83:ae:d6:52:bd:08:9c:48:7d:38:22:e9:fc:1c:26:38:99:
         c7:dd:c4:ba:91:d5:cd:ff:53:34:06:e0:c4:d2:97:69:bf:82:
         fe:01:8f:57:6d:5d:d6:60:4b:4f:e7:44:c0:9f:cc:0a:13:9c:
         d9:cd:a4:e1:0b:48:ca:8b:30:b8:ef:d3:7b:2c:af:de:91:92:
         e2:0b:4e:0c:47:e4:0f:a9:da:4c:c2:c4:63:7a:9a:58:eb:c7:
         c2:e5:08:03:ac:90:08:69:85:97:b3:08:b0:c5:44:03:bf:30:
         49:e9:60:56:73:9a:50:b7:77:f2:88:83:65:48:78:24:b4:96:
         5c:ae:93:05:1c:8e:6d:11:08:17:a9:a8:6f:d5:a8:c2:af:05:
         29:89:9f:ca:c1:86:d6:fb:8c:9c:4f:96:5e:8e:98:3c:2b:a8:
         0e:d3:01:14:ea:37:cb:3b:41:fd:d1:3d:97:db:58:1e:f2:0d:
         b9:26:16:f4:7e:a6:ce:a5:33:99:e3:6e:d0:19:09:92:24:f0:
         c1:e7:fe:e1:33:bc:3b:59:21:44:91:58:00:02:f3:6a:89:c4:
         fd:d9:49:b1:d4:c6:58:d9:0c:00:42:ea:33:27:9d:5b:c5:47:
         c3:f9:ae:86:4d:d5:cb:38:ff:dc:de:c6:cf:57:cc:0e:f4:e4:
         5b:8a:da:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxs842rm+Afu8OAIrbG1vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNGM5ZjE4YTE0N2ViMzU2MzBlMjM0NWM1NDAwZTE2OGE3
Yzg5YzEwHhcNMjUwMjE2MjIwMDE5WhcNMjUwMjE3MjIwMDE5WjAzMTEwLwYDVQQD
Eyg3MTc0NzFmYjNiZmM5MzAxMTNmNDRiMWUyNWM1ODdkYmFiMGFkZDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWeGatTRp67e3VnG50Rknm9TAPDv
e1RlXAQvtAT2J8O/w8gsQLSdHxsNlGQYN2Op5YjaXWPzKS1Q6AMZ2i7YNbTytkTl
4IM2iHFAXsj6OVmwTOthtzgwQpqnvaishH8BjtjC8F6wpn74EXfLtLA7hmbz5kiA
S28sXyq6j2asbu7ef262OiWJ+II5ZypyZy/w6eyPqSlw8CeXKRFX8QhryZ120ZEH
LXMpvMIjpSlMfmmFqIk4Mt7gnuyGp4ek1B7TD3hQRMZZHAAiv+kHTzAIyQznVe2A
5kOBK2c48UC8chdzNaHY4OSG6ScWF2dDXOniVPozSGiFZXYOmlWU8h9dswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHF0cfs7/JMBE/RLHiXFh9urCt2AMB8GA1UdIwQY
MBaAFK5MnxihR+s1Yw4jRcVADhaKfInBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmt5ZkdLRkg2elZqRGlORnhVQU9Gb3A4aWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kOTZiODItNThkZC00ZGRhLWJmZDMt
ZGEwNWIzN2M4ZTI0LzEvcmt5ZkdLRkg2elZqRGlORnhVQU9Gb3A4aWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kOTZiODItNThkZC00ZGRhLWJmZDMtZGEwNWIzN2M4ZTI0
LzEvcmt5ZkdLRkg2elZqRGlORnhVQU9Gb3A4aWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANoOu1lK9
CJxIfTgi6fwcJjiZx93EupHVzf9TNAbgxNKXab+C/gGPV21d1mBLT+dEwJ/MChOc
2c2k4QtIyoswuO/Teyyv3pGS4gtODEfkD6naTMLEY3qaWOvHwuUIA6yQCGmFl7MI
sMVEA78wSelgVnOaULd38oiDZUh4JLSWXK6TBRyObREIF6mob9Wowq8FKYmfysGG
1vuMnE+WXo6YPCuoDtMBFOo3yztB/dE9l9tYHvINuSYW9H6mzqUzmeNu0BkJkiTw
wef+4TO8O1khRJFYAALzaonE/dlJsdTGWNkMAELqMyedW8VHw/muhk3Vyzj/3N7G
z1fMDvTkW4raJA==
-----END CERTIFICATE-----