Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
File:                     yyDpqru2GRVGEQI1z3bEg4S0UdA.mft (raw, json)
Hash identifier:          kQNr5MtrpYSAqFHAgsXVGeIDuwz2it5Xq5pBfwZaXFQ=
Subject key identifier:   7F:D5:DC:F9:59:53:FC:DA:DC:87:48:4C:35:76:6A:77:B9:43:FD:5C
Authority key identifier: CB:20:E9:AA:BB:B6:19:15:46:11:02:35:CF:76:C4:83:84:B4:51:D0
Certificate issuer:       /CN=cb20e9aabbb6191546110235cf76c48384b451d0
Certificate serial:       0194C5080F531D499BC816332FFC8A10661C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
Manifest number:          037B
Signing time:             Sun 02 Feb 2025 05:00:27 +0000
Manifest this update:     Sun 02 Feb 2025 05:00:27 +0000
Manifest next update:     Mon 03 Feb 2025 05:00:27 +0000
Files and hashes:         1: yyDpqru2GRVGEQI1z3bEg4S0UdA.crl (hash: NqANNUssUhBNxVpWEvANhBRbsOEhFDei71cAP65qtyE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c5:08:0f:53:1d:49:9b:c8:16:33:2f:fc:8a:10:66:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb20e9aabbb6191546110235cf76c48384b451d0
        Validity
            Not Before: Feb  2 05:00:27 2025 GMT
            Not After : Feb  3 05:00:27 2025 GMT
        Subject: CN=7fd5dcf95953fcdadc87484c35766a77b943fd5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:c3:73:cf:99:33:8e:1f:d6:5a:ca:1e:46:60:
                    c0:9b:f6:1f:92:c9:84:4a:02:1a:66:73:7a:ad:9a:
                    30:29:6d:e8:f5:95:dc:72:91:08:a7:a6:9a:f8:07:
                    9a:33:81:75:db:43:bc:f0:86:3b:f9:96:52:9a:b8:
                    35:79:d8:76:24:5b:ed:21:d1:8e:7c:52:69:b0:2f:
                    d2:46:97:1c:87:0a:ec:45:66:5a:a4:81:9d:e7:e5:
                    5a:26:2f:26:a4:83:da:2f:ab:a9:f6:15:34:8b:bb:
                    58:ac:42:52:b4:45:c3:03:28:70:5a:e3:c1:1b:5d:
                    16:06:97:1f:6d:ac:dd:00:df:23:99:fd:47:ef:b6:
                    36:e5:a2:71:d8:82:63:21:6a:51:34:05:14:65:d3:
                    af:4b:3e:56:e6:93:74:6d:cf:97:3a:d2:95:12:26:
                    11:f0:8c:3d:c9:2e:81:c9:5e:a3:2f:e0:fa:5c:d3:
                    09:4b:13:c7:82:ec:87:f8:ed:60:a0:79:50:b1:44:
                    4a:00:bd:01:df:20:4a:f9:7c:97:2b:92:38:95:69:
                    d3:93:ad:75:93:7e:85:f4:ae:b2:64:3e:d8:fe:58:
                    36:3e:c1:2c:5d:64:2a:5c:7c:30:c8:85:c2:85:d1:
                    dd:f4:57:b6:c7:71:0b:2a:94:a2:ec:69:03:e4:33:
                    c1:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:D5:DC:F9:59:53:FC:DA:DC:87:48:4C:35:76:6A:77:B9:43:FD:5C
            X509v3 Authority Key Identifier:
                keyid:CB:20:E9:AA:BB:B6:19:15:46:11:02:35:CF:76:C4:83:84:B4:51:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:92:e7:b2:20:db:01:cb:35:a6:50:14:b6:9a:89:67:ee:87:
         39:28:00:d4:9b:14:e8:f7:de:71:d1:0a:a6:93:81:76:31:52:
         b1:67:71:fe:57:6e:5e:18:e5:e5:81:66:a9:36:b9:a7:e0:88:
         5a:18:8e:96:ad:0a:d9:6e:4a:4a:3b:0a:0d:8d:8a:13:2c:98:
         5a:31:b0:e2:8e:64:9d:7b:c2:e6:51:f5:55:db:15:13:94:79:
         e2:06:d7:44:26:67:f7:6c:73:9f:48:0e:ec:5f:ab:a6:d0:bf:
         dc:16:87:6f:1f:d5:02:8b:6b:b0:56:3c:0b:c4:ec:a6:0c:c3:
         b9:21:12:88:fc:56:53:63:be:32:6c:5c:8c:35:fd:77:c1:e9:
         41:be:2c:b7:90:f6:fb:15:51:23:61:d7:61:27:2a:c9:0c:b8:
         02:e3:f0:94:f4:50:a1:5a:5b:44:20:92:12:e2:24:d9:76:7d:
         87:48:e9:69:b5:64:3a:53:6c:ea:35:a5:45:75:8d:8c:e6:14:
         7b:8a:61:a4:27:21:d5:95:45:52:fc:6d:46:1f:69:f3:2b:b1:
         26:51:00:8d:64:61:7f:ea:89:39:f2:f7:1c:09:a4:00:94:87:
         82:80:95:60:a2:ea:7d:54:5c:b2:eb:4e:d1:2b:8e:e4:b8:ac:
         be:36:f5:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTFCA9THUmbyBYzL/yKEGYcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMjBlOWFhYmJiNjE5MTU0NjExMDIzNWNmNzZjNDgzODRi
NDUxZDAwHhcNMjUwMjAyMDUwMDI3WhcNMjUwMjAzMDUwMDI3WjAzMTEwLwYDVQQD
Eyg3ZmQ1ZGNmOTU5NTNmY2RhZGM4NzQ4NGMzNTc2NmE3N2I5NDNmZDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcNzz5kzjh/WWsoeRmDAm/YfksmE
SgIaZnN6rZowKW3o9ZXccpEIp6aa+AeaM4F120O88IY7+ZZSmrg1edh2JFvtIdGO
fFJpsC/SRpcchwrsRWZapIGd5+VaJi8mpIPaL6up9hU0i7tYrEJStEXDAyhwWuPB
G10WBpcfbazdAN8jmf1H77Y25aJx2IJjIWpRNAUUZdOvSz5W5pN0bc+XOtKVEiYR
8Iw9yS6ByV6jL+D6XNMJSxPHguyH+O1goHlQsURKAL0B3yBK+XyXK5I4lWnTk611
k36F9K6yZD7Y/lg2PsEsXWQqXHwwyIXChdHd9Fe2x3ELKpSi7GkD5DPBKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH/V3PlZU/za3IdITDV2ane5Q/1cMB8GA1UdIwQY
MBaAFMsg6aq7thkVRhECNc92xIOEtFHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84ZDliYjUtYjRlNS00MzQ0LTg5MWIt
MDgwN2Y5NmNhNGEyLzEveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84ZDliYjUtYjRlNS00MzQ0LTg5MWItMDgwN2Y5NmNhNGEy
LzEveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASpLnsiDb
Acs1plAUtpqJZ+6HOSgA1JsU6PfecdEKppOBdjFSsWdx/lduXhjl5YFmqTa5p+CI
WhiOlq0K2W5KSjsKDY2KEyyYWjGw4o5knXvC5lH1VdsVE5R54gbXRCZn92xzn0gO
7F+rptC/3BaHbx/VAotrsFY8C8TspgzDuSESiPxWU2O+MmxcjDX9d8HpQb4st5D2
+xVRI2HXYScqyQy4AuPwlPRQoVpbRCCSEuIk2XZ9h0jpabVkOlNs6jWlRXWNjOYU
e4phpCch1ZVFUvxtRh9p8yuxJlEAjWRhf+qJOfL3HAmkAJSHgoCVYKLqfVRcsutO
0SuO5Lisvjb1UQ==
-----END CERTIFICATE-----