Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
File:                     Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft (raw, json)
Hash identifier:          wwgaDwsUgz46MSa/7fxm+ziZzDs7V12c5PV4IlSA8Pw=
Subject key identifier:   E0:BD:F4:E9:72:BB:4F:15:7E:CD:A6:05:F7:7C:2E:67:28:6C:A4:40
Authority key identifier: 63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7
Certificate issuer:       /CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7
Certificate serial:       0196534A0AB43334C171E9C9AFF55EDC5CA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
Manifest number:          09DD
Signing time:             Sun 20 Apr 2025 13:01:23 +0000
Manifest this update:     Sun 20 Apr 2025 13:01:23 +0000
Manifest next update:     Mon 21 Apr 2025 13:01:23 +0000
Files and hashes:         1: Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl (hash: Uj5Q0ZndRBDYh3XhruyBfSE+0xHNxI8MFTpMHKqmipw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:4a:0a:b4:33:34:c1:71:e9:c9:af:f5:5e:dc:5c:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7
        Validity
            Not Before: Apr 20 13:01:23 2025 GMT
            Not After : Apr 21 13:01:23 2025 GMT
        Subject: CN=e0bdf4e972bb4f157ecda605f77c2e67286ca440
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:70:7c:da:14:e0:6e:f1:a8:32:be:33:a7:56:
                    24:7b:47:36:bc:7d:9c:09:a3:0f:bd:74:80:c2:b5:
                    08:25:a6:59:2e:c9:e0:dc:4b:43:c5:0e:2d:5f:c3:
                    53:5a:51:a1:79:e3:2f:0d:c1:28:82:5c:b5:de:27:
                    b6:fe:a8:2c:db:33:7f:7e:94:c6:af:16:b9:27:5a:
                    d6:f8:7c:df:2d:56:99:18:95:bf:2e:3f:94:f6:52:
                    2d:a3:e8:af:2d:09:90:47:09:5c:19:81:00:11:8f:
                    3e:f9:96:58:9e:7b:14:b4:df:2a:00:b4:3a:26:d7:
                    93:32:be:70:65:58:be:74:b8:51:b1:9b:58:85:39:
                    c1:3a:e2:b5:04:49:ca:86:1a:4f:2c:33:ed:b0:61:
                    ec:fe:29:70:71:cb:dc:8a:ef:89:35:4f:12:48:6b:
                    d4:2c:12:84:aa:27:28:5a:b5:fb:ae:27:31:8f:32:
                    c2:8b:fa:56:4f:95:56:1d:67:7f:04:6c:82:fc:b8:
                    2b:df:2c:19:83:dc:5c:fc:f1:14:fa:e7:5e:94:10:
                    12:46:5a:e8:0a:85:5c:7b:9e:b8:cb:58:ea:08:bd:
                    9c:0b:65:fe:57:b3:0d:05:75:29:1a:de:02:ab:7d:
                    93:5f:dc:d3:39:aa:93:08:33:b2:c2:98:3f:9c:59:
                    de:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:BD:F4:E9:72:BB:4F:15:7E:CD:A6:05:F7:7C:2E:67:28:6C:A4:40
            X509v3 Authority Key Identifier:
                keyid:63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:25:39:71:d3:48:f4:27:bd:dc:92:b8:43:79:00:6d:1d:46:
         93:94:69:88:07:2c:a7:69:dd:e4:89:ac:4a:01:ba:dc:7b:81:
         da:07:0e:9a:02:49:7b:6a:58:ba:e0:af:25:a2:69:9f:2f:d4:
         70:90:94:36:c6:22:ff:b5:42:96:52:b3:03:a0:81:fe:7f:49:
         56:63:ff:98:17:ba:33:10:1b:0d:ee:54:34:90:26:59:3b:19:
         09:c8:60:93:4f:bb:1f:ad:9c:05:76:d7:88:d5:14:aa:3e:1a:
         3c:79:42:4e:7c:01:e7:90:b5:36:d4:b0:34:38:3f:90:cd:ae:
         a4:59:49:1d:79:be:d2:f6:ef:70:58:ab:75:9e:f5:01:49:de:
         b4:18:2c:8c:9a:11:58:25:3a:d3:55:27:bb:6f:3f:dd:98:00:
         49:9a:e0:ca:a3:5b:ec:5b:d3:82:65:32:81:b5:6b:ae:a7:ee:
         aa:4c:bc:bc:72:a7:14:7b:2a:b0:ad:a0:62:c1:f0:51:36:13:
         b2:1b:7d:11:1c:f9:77:05:37:79:e1:0c:47:64:3a:e4:c8:e1:
         78:a0:d7:47:5d:81:c3:2a:2b:95:ad:26:42:87:97:15:bd:e4:
         c5:f4:87:ed:6c:4b:a8:c1:75:c7:2a:db:dd:d0:0d:36:4d:7b:
         cc:50:fa:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTSgq0MzTBcenJr/Ve3FyiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNzFkMmZiZWNmMmY5MGRjN2Y0OTUxN2E0NDBkYTUzMzlm
NGE2YzcwHhcNMjUwNDIwMTMwMTIzWhcNMjUwNDIxMTMwMTIzWjAzMTEwLwYDVQQD
EyhlMGJkZjRlOTcyYmI0ZjE1N2VjZGE2MDVmNzdjMmU2NzI4NmNhNDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnB82hTgbvGoMr4zp1Yke0c2vH2c
CaMPvXSAwrUIJaZZLsng3EtDxQ4tX8NTWlGheeMvDcEogly13ie2/qgs2zN/fpTG
rxa5J1rW+HzfLVaZGJW/Lj+U9lIto+ivLQmQRwlcGYEAEY8++ZZYnnsUtN8qALQ6
JteTMr5wZVi+dLhRsZtYhTnBOuK1BEnKhhpPLDPtsGHs/ilwccvciu+JNU8SSGvU
LBKEqicoWrX7ricxjzLCi/pWT5VWHWd/BGyC/Lgr3ywZg9xc/PEU+udelBASRlro
CoVce564y1jqCL2cC2X+V7MNBXUpGt4Cq32TX9zTOaqTCDOywpg/nFneSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOC99Olyu08Vfs2mBfd8LmcobKRAMB8GA1UdIwQY
MBaAFGNx0vvs8vkNx/SVF6RA2lM59KbHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAt
N2UxNGQzNTk4ZjA5LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAtN2UxNGQzNTk4ZjA5
LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgiU5cdNI
9Ce93JK4Q3kAbR1Gk5RpiAcsp2nd5ImsSgG63HuB2gcOmgJJe2pYuuCvJaJpny/U
cJCUNsYi/7VCllKzA6CB/n9JVmP/mBe6MxAbDe5UNJAmWTsZCchgk0+7H62cBXbX
iNUUqj4aPHlCTnwB55C1NtSwNDg/kM2upFlJHXm+0vbvcFirdZ71AUnetBgsjJoR
WCU601Unu28/3ZgASZrgyqNb7FvTgmUygbVrrqfuqky8vHKnFHsqsK2gYsHwUTYT
sht9ERz5dwU3eeEMR2Q65MjheKDXR12Bwyorla0mQoeXFb3kxfSH7WxLqMF1xyrb
3dANNk17zFD6hw==
-----END CERTIFICATE-----