Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/cd0169-ffc1-401a-abbd-ba033f907d91/1/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.mft
File:                     BYfISQs3IEVmn0Xxgxk-7Ub5kfU.mft (raw, json)
Hash identifier:          IIYQZtkoEIHC0RfVh5EA5MUG9TJT2hVz3z+mshLVENA=
Subject key identifier:   27:08:D7:2D:E5:29:69:02:4F:5A:67:29:EA:E9:A5:9E:01:4F:08:16
Authority key identifier: 05:87:C8:49:0B:37:20:45:66:9F:45:F1:83:19:3E:ED:46:F9:91:F5
Certificate issuer:       /CN=0587c8490b372045669f45f183193eed46f991f5
Certificate serial:       019510C7FED57F2F8EF7AD946BD3DB850E94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/cd0169-ffc1-401a-abbd-ba033f907d91/1/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.mft
Manifest number:          07B5
Signing time:             Sun 16 Feb 2025 22:01:37 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:37 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:37 +0000
Files and hashes:         1: BYfISQs3IEVmn0Xxgxk-7Ub5kfU.crl (hash: FggtiVi1I5cWBfIWG/gnHUK3I0dnSvhWyymFLtGZm3w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/cd0169-ffc1-401a-abbd-ba033f907d91/1/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/cd0169-ffc1-401a-abbd-ba033f907d91/1/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:fe:d5:7f:2f:8e:f7:ad:94:6b:d3:db:85:0e:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0587c8490b372045669f45f183193eed46f991f5
        Validity
            Not Before: Feb 16 22:01:37 2025 GMT
            Not After : Feb 17 22:01:37 2025 GMT
        Subject: CN=2708d72de52969024f5a6729eae9a59e014f0816
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:2f:45:81:e5:2d:e8:ab:c6:67:61:3b:4a:65:
                    41:3b:df:34:37:03:5d:f5:0d:f6:89:d8:7b:78:1b:
                    54:7f:ee:72:e7:c0:06:67:5c:e2:32:13:ed:76:79:
                    67:d8:ed:bb:36:08:78:7d:99:90:12:2d:c9:4c:c2:
                    59:bf:8e:b2:b7:bf:44:84:89:cd:e0:52:af:50:b5:
                    1d:b5:b7:c4:c0:ec:f0:ae:1a:72:10:a3:cd:1a:6b:
                    39:8c:c5:84:43:0a:d7:9b:59:6a:87:79:12:bd:33:
                    20:7a:88:89:4b:ea:9d:fd:88:0f:9d:6d:15:b1:20:
                    3b:e8:cb:e8:64:3e:fe:fb:dc:5f:9f:ca:cb:a7:ef:
                    61:c0:07:6c:02:7c:96:d0:41:12:0f:dd:65:5c:14:
                    b7:86:17:9b:96:3b:f4:19:7e:25:f3:23:90:78:14:
                    15:91:8e:c1:5e:66:a3:55:67:2c:c3:c0:2e:b4:11:
                    80:ec:68:aa:fa:f5:9a:0e:8f:18:1e:5d:30:eb:30:
                    d0:56:12:d4:a8:9c:a4:b9:d5:6a:49:8b:91:d9:4b:
                    9a:8a:03:41:0d:9d:14:dd:24:7b:8c:0a:e7:84:23:
                    53:be:b0:33:86:e0:5d:aa:87:84:64:f9:2b:aa:19:
                    5c:d1:bb:ef:72:36:d8:ec:45:33:7f:20:cb:c6:0e:
                    3c:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:08:D7:2D:E5:29:69:02:4F:5A:67:29:EA:E9:A5:9E:01:4F:08:16
            X509v3 Authority Key Identifier:
                keyid:05:87:C8:49:0B:37:20:45:66:9F:45:F1:83:19:3E:ED:46:F9:91:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cd0169-ffc1-401a-abbd-ba033f907d91/1/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cd0169-ffc1-401a-abbd-ba033f907d91/1/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:b0:85:6f:61:47:1d:e3:0e:1e:af:b9:9a:04:28:9a:e3:02:
         43:39:bf:ff:06:b1:3b:1b:f2:2d:e5:1f:44:6c:cb:8f:cb:29:
         de:f8:ba:77:fb:03:9f:a6:c3:f8:24:de:f5:20:7f:25:45:9f:
         ed:b4:6d:7b:ed:2a:b1:ab:04:22:aa:11:9a:9e:4f:fd:b8:6e:
         9f:7a:69:2e:97:79:62:34:d8:14:a3:7f:9d:2e:5f:ac:e9:88:
         a9:d3:44:de:d8:d5:9a:39:b9:f7:d8:57:e9:3e:ea:cf:58:d0:
         aa:51:ba:ca:c9:91:1c:f7:6d:d2:c6:27:7b:57:44:40:4d:22:
         aa:81:b5:66:4c:48:45:5b:95:c0:bd:d9:a5:9f:e6:1c:f0:18:
         41:66:df:fd:71:e0:24:4b:55:d9:7d:a1:31:dd:bd:2d:3e:f2:
         af:cf:13:ce:9a:f8:eb:17:91:46:e0:f0:df:e7:15:6a:b5:8b:
         f1:48:c9:b5:63:13:ac:2a:da:bc:ba:13:e4:41:63:17:ea:ca:
         e9:e4:fa:b2:a5:6e:1e:cd:41:fd:87:3e:a8:85:2b:39:68:7e:
         7a:b3:ff:9d:a1:d2:07:71:11:a5:5e:93:69:99:b8:40:d8:bf:
         92:09:04:99:48:88:f5:41:94:1a:00:4a:95:c0:74:fc:29:35:
         78:37:8b:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx/7Vfy+O962Ua9PbhQ6UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ODdjODQ5MGIzNzIwNDU2NjlmNDVmMTgzMTkzZWVkNDZm
OTkxZjUwHhcNMjUwMjE2MjIwMTM3WhcNMjUwMjE3MjIwMTM3WjAzMTEwLwYDVQQD
EygyNzA4ZDcyZGU1Mjk2OTAyNGY1YTY3MjllYWU5YTU5ZTAxNGYwODE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0i9FgeUt6KvGZ2E7SmVBO980NwNd
9Q32idh7eBtUf+5y58AGZ1ziMhPtdnln2O27Ngh4fZmQEi3JTMJZv46yt79EhInN
4FKvULUdtbfEwOzwrhpyEKPNGms5jMWEQwrXm1lqh3kSvTMgeoiJS+qd/YgPnW0V
sSA76MvoZD7++9xfn8rLp+9hwAdsAnyW0EESD91lXBS3hhebljv0GX4l8yOQeBQV
kY7BXmajVWcsw8AutBGA7Giq+vWaDo8YHl0w6zDQVhLUqJykudVqSYuR2UuaigNB
DZ0U3SR7jArnhCNTvrAzhuBdqoeEZPkrqhlc0bvvcjbY7EUzfyDLxg48RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCcI1y3lKWkCT1pnKerppZ4BTwgWMB8GA1UdIwQY
MBaAFAWHyEkLNyBFZp9F8YMZPu1G+ZH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQllmSVNRczNJRVZtbjBYeGd4ay03VWI1a2ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9jZDAxNjktZmZjMS00MDFhLWFiYmQt
YmEwMzNmOTA3ZDkxLzEvQllmSVNRczNJRVZtbjBYeGd4ay03VWI1a2ZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9jZDAxNjktZmZjMS00MDFhLWFiYmQtYmEwMzNmOTA3ZDkx
LzEvQllmSVNRczNJRVZtbjBYeGd4ay03VWI1a2ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHbCFb2FH
HeMOHq+5mgQomuMCQzm//waxOxvyLeUfRGzLj8sp3vi6d/sDn6bD+CTe9SB/JUWf
7bRte+0qsasEIqoRmp5P/bhun3ppLpd5YjTYFKN/nS5frOmIqdNE3tjVmjm599hX
6T7qz1jQqlG6ysmRHPdt0sYne1dEQE0iqoG1ZkxIRVuVwL3ZpZ/mHPAYQWbf/XHg
JEtV2X2hMd29LT7yr88Tzpr46xeRRuDw3+cVarWL8UjJtWMTrCravLoT5EFjF+rK
6eT6sqVuHs1B/Yc+qIUrOWh+erP/naHSB3ERpV6TaZm4QNi/kgkEmUiI9UGUGgBK
lcB0/Ck1eDeLOQ==
-----END CERTIFICATE-----