Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
File:                     pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft (raw, json)
Hash identifier:          qqKDoyLL2rDL65MxCfsC69wf7SmKCBg1enwx0uIgUmg=
Subject key identifier:   47:7C:E3:32:F6:9A:8C:54:B7:64:C5:D3:07:D4:74:F1:DA:DC:F9:84
Authority key identifier: A5:8D:49:83:C9:C6:3B:D8:A1:58:00:3C:58:5F:43:D9:94:C1:2D:C2
Certificate issuer:       /CN=a58d4983c9c63bd8a158003c585f43d994c12dc2
Certificate serial:       0196602963B18F30A62B5338F175C7F57C2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
Manifest number:          0962
Signing time:             Wed 23 Apr 2025 01:00:47 +0000
Manifest this update:     Wed 23 Apr 2025 01:00:47 +0000
Manifest next update:     Thu 24 Apr 2025 01:00:47 +0000
Files and hashes:         1: pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl (hash: oanvoCCsCfpYwaNG0yRe0B7jESpEfELkR5cQnhoN+m8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:60:29:63:b1:8f:30:a6:2b:53:38:f1:75:c7:f5:7c:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a58d4983c9c63bd8a158003c585f43d994c12dc2
        Validity
            Not Before: Apr 23 01:00:47 2025 GMT
            Not After : Apr 24 01:00:47 2025 GMT
        Subject: CN=477ce332f69a8c54b764c5d307d474f1dadcf984
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:b1:74:15:8a:34:e9:6b:be:37:a4:e2:8a:b5:
                    ac:8d:de:4a:f6:ed:bb:80:46:d7:83:fe:14:d3:12:
                    9f:57:38:56:65:f7:cc:90:43:5d:08:f7:d5:59:2a:
                    dc:03:2b:dd:89:f1:32:ec:ab:c5:9d:53:8b:7e:91:
                    55:3e:27:68:22:9f:cf:6f:5d:a2:35:8b:86:4e:5c:
                    3a:cb:2c:eb:50:d1:f6:9f:bc:af:94:8b:5b:b1:64:
                    dc:51:a2:90:72:4c:d0:7d:cd:f1:12:0c:56:3a:17:
                    03:98:bb:e7:b1:7e:a2:0e:ad:0c:61:f3:aa:dc:70:
                    23:3a:a2:d2:e5:3e:98:4c:27:c4:23:b1:bc:1a:4b:
                    b2:ce:c6:a4:9c:7d:81:ee:20:b1:17:2d:d0:1e:0c:
                    e0:2f:a0:6f:ef:96:57:49:0d:aa:4d:2b:f7:bc:0e:
                    79:32:34:9c:30:60:b3:26:3e:4b:a6:75:01:72:1c:
                    e6:c0:7d:92:fb:84:1c:ea:ec:c7:38:e8:cd:17:49:
                    4a:a7:d4:71:0b:9e:9c:32:ca:56:27:3a:aa:6a:4b:
                    66:71:e6:8c:53:00:22:d9:d5:0f:93:9a:74:74:14:
                    3f:22:68:70:b0:e8:38:28:d6:88:22:55:ac:ba:20:
                    91:fe:ef:50:ab:fb:7a:95:2e:67:c3:ea:38:45:2d:
                    8c:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:7C:E3:32:F6:9A:8C:54:B7:64:C5:D3:07:D4:74:F1:DA:DC:F9:84
            X509v3 Authority Key Identifier:
                keyid:A5:8D:49:83:C9:C6:3B:D8:A1:58:00:3C:58:5F:43:D9:94:C1:2D:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:0a:80:55:21:98:04:eb:6b:9c:81:6e:73:aa:37:c3:90:2c:
         10:b2:a2:2d:99:b8:33:a7:c5:90:7f:73:2c:c4:9b:09:67:d3:
         78:b3:38:9f:37:c1:4f:2a:c8:17:45:39:e4:7f:3d:4a:2f:e5:
         8d:6c:38:13:95:90:41:82:48:51:6a:01:a5:f2:72:36:f5:43:
         13:a2:4f:0a:cc:26:e3:57:a2:89:00:3f:e4:bd:1d:bb:5c:06:
         e5:90:41:a1:ef:63:97:72:45:17:ea:c0:d2:c6:f5:31:4b:45:
         10:0e:b8:c1:76:12:d3:4c:9a:67:79:f2:17:9c:73:b3:d0:a6:
         e8:86:4f:f2:e3:4c:63:0e:6a:04:3e:52:71:3f:53:a9:f8:fd:
         5b:5d:4c:0a:cb:42:cc:67:10:b8:bf:eb:d3:75:e4:25:71:11:
         e9:0d:42:26:3b:be:96:b0:d8:1d:de:e4:67:d0:6f:2a:ac:c7:
         95:61:d7:0d:38:6e:f0:6e:7f:b6:8b:10:70:da:5d:77:5e:39:
         01:47:dc:af:3b:ef:b5:f6:1d:36:40:b7:0b:40:c6:21:ba:fd:
         fc:db:0b:cd:31:24:e4:3e:d5:ad:db:ca:12:7c:fb:e4:7b:10:
         a4:40:84:48:a6:3e:7f:51:7f:a4:a7:f6:c1:0f:5a:f4:72:98:
         b4:ba:56:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZgKWOxjzCmK1M48XXH9XwtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OGQ0OTgzYzljNjNiZDhhMTU4MDAzYzU4NWY0M2Q5OTRj
MTJkYzIwHhcNMjUwNDIzMDEwMDQ3WhcNMjUwNDI0MDEwMDQ3WjAzMTEwLwYDVQQD
Eyg0NzdjZTMzMmY2OWE4YzU0Yjc2NGM1ZDMwN2Q0NzRmMWRhZGNmOTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rF0FYo06Wu+N6TiirWsjd5K9u27
gEbXg/4U0xKfVzhWZffMkENdCPfVWSrcAyvdifEy7KvFnVOLfpFVPidoIp/Pb12i
NYuGTlw6yyzrUNH2n7yvlItbsWTcUaKQckzQfc3xEgxWOhcDmLvnsX6iDq0MYfOq
3HAjOqLS5T6YTCfEI7G8GkuyzsaknH2B7iCxFy3QHgzgL6Bv75ZXSQ2qTSv3vA55
MjScMGCzJj5LpnUBchzmwH2S+4Qc6uzHOOjNF0lKp9RxC56cMspWJzqqaktmceaM
UwAi2dUPk5p0dBQ/ImhwsOg4KNaIIlWsuiCR/u9Qq/t6lS5nw+o4RS2MNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEd84zL2moxUt2TF0wfUdPHa3PmEMB8GA1UdIwQY
MBaAFKWNSYPJxjvYoVgAPFhfQ9mUwS3CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jM2EzNDMtZGE4Mi00MjdhLTk4YzYt
Y2UzMGQ0YTM5OGUwLzEvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jM2EzNDMtZGE4Mi00MjdhLTk4YzYtY2UzMGQ0YTM5OGUw
LzEvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADAqAVSGY
BOtrnIFuc6o3w5AsELKiLZm4M6fFkH9zLMSbCWfTeLM4nzfBTyrIF0U55H89Si/l
jWw4E5WQQYJIUWoBpfJyNvVDE6JPCswm41eiiQA/5L0du1wG5ZBBoe9jl3JFF+rA
0sb1MUtFEA64wXYS00yaZ3nyF5xzs9Cm6IZP8uNMYw5qBD5ScT9Tqfj9W11MCstC
zGcQuL/r03XkJXER6Q1CJju+lrDYHd7kZ9BvKqzHlWHXDThu8G5/tosQcNpdd145
AUfcrzvvtfYdNkC3C0DGIbr9/NsLzTEk5D7VrdvKEnz75HsQpECESKY+f1F/pKf2
wQ9a9HKYtLpWDw==
-----END CERTIFICATE-----