Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
File:                     iYDaJ6VQ15vmUa15rnGcz8vFo28.mft (raw, json)
Hash identifier:          oH2CnMawmgm0uIwf54gTC+dsvVuH9qMj01pCj4N+Neo=
Subject key identifier:   68:09:3D:A5:C2:04:AC:14:04:61:3F:A3:25:EB:39:A5:C9:E4:15:8A
Authority key identifier: 89:80:DA:27:A5:50:D7:9B:E6:51:AD:79:AE:71:9C:CF:CB:C5:A3:6F
Certificate issuer:       /CN=8980da27a550d79be651ad79ae719ccfcbc5a36f
Certificate serial:       01964820EBF7909E2BD314C12622FBD060F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
Manifest number:          0261
Signing time:             Fri 18 Apr 2025 09:00:39 +0000
Manifest this update:     Fri 18 Apr 2025 09:00:39 +0000
Manifest next update:     Sat 19 Apr 2025 09:00:39 +0000
Files and hashes:         1: iYDaJ6VQ15vmUa15rnGcz8vFo28.crl (hash: osA9i5zM291irGM78onFM6rvtnt7RdrUDdT36gjADuI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 09:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:48:20:eb:f7:90:9e:2b:d3:14:c1:26:22:fb:d0:60:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8980da27a550d79be651ad79ae719ccfcbc5a36f
        Validity
            Not Before: Apr 18 09:00:39 2025 GMT
            Not After : Apr 19 09:00:39 2025 GMT
        Subject: CN=68093da5c204ac1404613fa325eb39a5c9e4158a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:11:3a:5b:2b:29:02:f8:97:c1:43:20:a6:d7:
                    2b:d2:0a:7a:5f:4d:34:53:30:5b:c7:f2:a7:b3:98:
                    a7:45:22:c7:59:e5:89:29:bc:be:37:12:75:cf:dd:
                    ee:49:e0:0a:e0:8c:a4:f4:09:a5:94:df:0f:b1:b3:
                    1b:92:3e:a6:75:90:e0:58:82:a0:cb:93:42:73:8a:
                    14:c9:0d:58:3e:be:ce:64:94:80:1f:2f:f1:b7:9c:
                    de:51:6b:f3:9e:55:27:06:12:0a:4c:4f:78:c3:d0:
                    7d:3d:ee:52:9c:6b:8e:87:34:a1:8c:a4:08:b2:74:
                    50:15:36:b6:8c:39:cd:53:ad:79:b9:eb:b9:c1:87:
                    6a:fd:02:8c:6a:79:21:b0:b6:b3:a2:8f:42:44:9a:
                    75:0f:47:d4:0a:a9:09:ae:0d:86:4b:a9:16:5b:09:
                    8d:f6:05:c9:45:4c:74:b6:c1:60:1b:be:e3:bd:4b:
                    1f:35:00:cc:3d:8f:8c:ee:80:d0:dc:25:22:79:6f:
                    0c:66:ba:18:6c:7f:4f:ba:25:b6:f8:d1:d4:18:e0:
                    2a:a6:62:85:46:5e:91:26:b1:5d:18:c3:e4:5a:40:
                    d7:3a:c8:2e:b8:83:4a:dc:6f:7a:3c:d5:1f:f7:1b:
                    ed:aa:ec:af:8a:36:18:99:c8:ba:54:c9:1d:22:0a:
                    87:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:09:3D:A5:C2:04:AC:14:04:61:3F:A3:25:EB:39:A5:C9:E4:15:8A
            X509v3 Authority Key Identifier:
                keyid:89:80:DA:27:A5:50:D7:9B:E6:51:AD:79:AE:71:9C:CF:CB:C5:A3:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:f3:10:ef:8d:2e:77:7e:c3:cb:5d:d0:f3:7c:14:d4:00:60:
         d8:e7:3b:9b:9d:f8:17:07:6a:fd:d4:ef:7e:c2:d8:26:8d:4f:
         cc:d0:8b:25:1d:1e:68:e6:6a:cb:9d:d6:29:8d:a8:1f:e0:29:
         69:25:f8:59:c1:c0:c0:0b:b0:b4:15:bd:31:0c:25:54:4d:8a:
         cf:51:42:ba:f9:b5:90:db:52:3d:b8:1c:24:7d:fc:21:4e:f9:
         17:ed:72:4f:cc:0e:c1:c0:42:bf:95:7a:ed:1c:e9:7e:48:a4:
         3e:ac:c3:5b:a9:f3:9a:2a:cb:a7:ee:80:a8:f9:6b:1c:d4:47:
         f6:b2:a0:05:e7:53:90:d9:98:52:e2:94:e5:f4:2b:4d:94:ab:
         39:22:9d:1e:23:15:65:10:92:21:78:cb:ed:1f:e2:82:55:f9:
         26:9d:ca:a3:bd:70:b6:48:6d:3f:e6:1c:cb:1c:ef:b1:f4:b0:
         73:04:37:72:52:9b:36:5c:17:7f:70:24:3a:e9:f1:a9:82:b4:
         36:63:23:ac:ba:38:ab:a7:89:ce:67:b4:2b:81:2f:77:3c:f5:
         67:f2:95:b0:63:f6:4a:47:56:b5:3f:f1:17:bc:78:df:a2:d4:
         48:fc:d7:96:ea:79:05:dc:7f:0c:d7:d0:61:b7:25:f9:00:ee:
         3a:c2:3f:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZIIOv3kJ4r0xTBJiL70GD0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ODBkYTI3YTU1MGQ3OWJlNjUxYWQ3OWFlNzE5Y2NmY2Jj
NWEzNmYwHhcNMjUwNDE4MDkwMDM5WhcNMjUwNDE5MDkwMDM5WjAzMTEwLwYDVQQD
Eyg2ODA5M2RhNWMyMDRhYzE0MDQ2MTNmYTMyNWViMzlhNWM5ZTQxNThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBE6WyspAviXwUMgptcr0gp6X000
UzBbx/Kns5inRSLHWeWJKby+NxJ1z93uSeAK4Iyk9AmllN8PsbMbkj6mdZDgWIKg
y5NCc4oUyQ1YPr7OZJSAHy/xt5zeUWvznlUnBhIKTE94w9B9Pe5SnGuOhzShjKQI
snRQFTa2jDnNU615ueu5wYdq/QKMankhsLazoo9CRJp1D0fUCqkJrg2GS6kWWwmN
9gXJRUx0tsFgG77jvUsfNQDMPY+M7oDQ3CUieW8MZroYbH9PuiW2+NHUGOAqpmKF
Rl6RJrFdGMPkWkDXOsguuINK3G96PNUf9xvtquyvijYYmci6VMkdIgqHSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGgJPaXCBKwUBGE/oyXrOaXJ5BWKMB8GA1UdIwQY
MBaAFImA2ielUNeb5lGtea5xnM/LxaNvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iZjRmNDEtMjc5Ny00MWI5LWJhZjYt
Mjk3NjJjMWFhZjY1LzEvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iZjRmNDEtMjc5Ny00MWI5LWJhZjYtMjk3NjJjMWFhZjY1
LzEvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU/MQ740u
d37Dy13Q83wU1ABg2Oc7m534Fwdq/dTvfsLYJo1PzNCLJR0eaOZqy53WKY2oH+Ap
aSX4WcHAwAuwtBW9MQwlVE2Kz1FCuvm1kNtSPbgcJH38IU75F+1yT8wOwcBCv5V6
7RzpfkikPqzDW6nzmirLp+6AqPlrHNRH9rKgBedTkNmYUuKU5fQrTZSrOSKdHiMV
ZRCSIXjL7R/iglX5Jp3Ko71wtkhtP+YcyxzvsfSwcwQ3clKbNlwXf3AkOunxqYK0
NmMjrLo4q6eJzme0K4Evdzz1Z/KVsGP2SkdWtT/xF7x436LUSPzXlup5Bdx/DNfQ
Ybcl+QDuOsI/+A==
-----END CERTIFICATE-----