Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
File:                     yj7NoA-sC_tjsoVD6itdXx5N9ss.mft (raw, json)
Hash identifier:          DFn3vcnDo7DrQGdF4XIjSZeBbCiJ2bZtxGUDcMawsfc=
Subject key identifier:   29:BB:DC:AD:51:C1:F7:CC:52:E1:B1:F5:36:A2:F3:CD:73:16:45:54
Authority key identifier: CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB
Certificate issuer:       /CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
Certificate serial:       01957833F1EDCC9F3BA61FD3869AE421391E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
Manifest number:          88
Signing time:             Sun 09 Mar 2025 00:00:24 +0000
Manifest this update:     Sun 09 Mar 2025 00:00:24 +0000
Manifest next update:     Mon 10 Mar 2025 00:00:24 +0000
Files and hashes:         1: yj7NoA-sC_tjsoVD6itdXx5N9ss.crl (hash: qQV3k+vc2BXUZM6C3c/FyQ7sXV79NPgElKkidohRDCk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 10 Mar 2025 00:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:78:33:f1:ed:cc:9f:3b:a6:1f:d3:86:9a:e4:21:39:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
        Validity
            Not Before: Mar  9 00:00:24 2025 GMT
            Not After : Mar 10 00:00:24 2025 GMT
        Subject: CN=29bbdcad51c1f7cc52e1b1f536a2f3cd73164554
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:d3:c9:6b:b9:69:85:fc:42:ad:30:d8:bf:ae:
                    43:0d:e6:62:ff:37:f5:a6:c2:25:74:e5:0b:ca:61:
                    31:9e:a9:15:ff:43:9c:70:b1:a2:a2:0f:e0:67:54:
                    04:fb:38:27:dc:26:ef:a6:7f:1f:9a:06:fa:b0:67:
                    19:0c:09:23:d5:69:d4:e9:75:0c:ba:db:c0:4f:89:
                    31:df:d0:87:d1:a8:b2:59:7a:71:97:13:76:3a:d2:
                    b4:8f:16:ca:2d:9f:e9:62:a0:8f:fe:4e:44:6f:46:
                    55:f4:df:8d:7f:75:ec:d0:f6:4b:e9:06:24:b0:3f:
                    69:5a:b3:3d:ad:04:6c:b6:9e:cc:ed:30:2f:ee:31:
                    a3:12:c6:a8:84:29:ec:a1:ee:e4:7e:8a:0c:da:54:
                    02:f9:9a:b1:0e:6c:15:95:b5:3e:f4:6d:e8:49:a8:
                    1f:ce:d5:28:ca:6e:48:d5:d0:41:d7:11:fe:c4:20:
                    32:ce:c8:4f:90:40:77:81:8e:fe:1a:de:58:71:84:
                    95:4e:ab:4e:cf:47:57:be:9f:42:9b:fb:7f:3c:fc:
                    a3:f2:44:33:a3:47:6f:f5:70:0c:f5:57:02:5c:2e:
                    79:63:d7:e6:60:84:89:43:35:e2:65:5d:9a:66:e0:
                    2f:95:cb:42:da:23:5f:85:34:59:62:f4:e1:a7:37:
                    4a:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:BB:DC:AD:51:C1:F7:CC:52:E1:B1:F5:36:A2:F3:CD:73:16:45:54
            X509v3 Authority Key Identifier:
                keyid:CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:f1:b6:77:be:90:05:10:b2:cd:16:88:50:a6:eb:29:d9:d1:
         48:6f:86:eb:7d:5d:78:72:e1:50:1d:a1:eb:68:52:d5:c5:cc:
         ba:d5:e3:7d:28:31:0f:31:fc:8a:47:97:64:04:3e:bd:1b:a7:
         cf:b0:75:4d:f6:eb:6f:8e:29:b3:4e:da:c4:a1:cb:ef:0b:3a:
         76:cf:50:70:0f:2e:cf:b5:a3:3e:0e:d9:f6:e8:00:34:ea:2e:
         b1:4d:91:81:ee:24:5a:b3:b2:76:21:8e:88:ad:29:33:82:ab:
         50:a1:b5:b3:1c:64:2d:d1:a0:31:5c:d5:27:be:11:91:03:0e:
         fd:b3:72:91:e2:41:e7:3c:e5:df:ef:c8:b1:ca:f4:64:65:02:
         ff:48:76:16:41:a4:d3:0c:c4:6e:a8:bb:a1:3d:eb:cb:d2:1e:
         bd:cd:60:7e:1a:dc:e3:48:99:ff:17:80:63:01:0c:b4:9e:c5:
         9b:d3:1a:d2:0a:bc:30:d0:ff:fb:ae:81:51:27:ae:95:08:54:
         2b:34:f9:57:ed:96:32:00:38:5d:17:11:42:20:83:7d:85:18:
         77:c4:4d:f3:6a:9c:95:9a:b9:43:6b:da:20:c8:04:cc:e6:e2:
         b4:8e:0e:6c:6b:c7:ca:c8:74:2c:66:a5:ee:0b:47:30:84:3a:
         de:fa:eb:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV4M/HtzJ87ph/ThprkITkeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhM2VjZGEwMGZhYzBiZmI2M2IyODU0M2VhMmI1ZDVmMWU0
ZGY2Y2IwHhcNMjUwMzA5MDAwMDI0WhcNMjUwMzEwMDAwMDI0WjAzMTEwLwYDVQQD
EygyOWJiZGNhZDUxYzFmN2NjNTJlMWIxZjUzNmEyZjNjZDczMTY0NTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9PJa7lphfxCrTDYv65DDeZi/zf1
psIldOULymExnqkV/0OccLGiog/gZ1QE+zgn3Cbvpn8fmgb6sGcZDAkj1WnU6XUM
utvAT4kx39CH0aiyWXpxlxN2OtK0jxbKLZ/pYqCP/k5Eb0ZV9N+Nf3Xs0PZL6QYk
sD9pWrM9rQRstp7M7TAv7jGjEsaohCnsoe7kfooM2lQC+ZqxDmwVlbU+9G3oSagf
ztUoym5I1dBB1xH+xCAyzshPkEB3gY7+Gt5YcYSVTqtOz0dXvp9Cm/t/PPyj8kQz
o0dv9XAM9VcCXC55Y9fmYISJQzXiZV2aZuAvlctC2iNfhTRZYvThpzdK0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCm73K1RwffMUuGx9Tai881zFkVUMB8GA1UdIwQY
MBaAFMo+zaAPrAv7Y7KFQ+orXV8eTfbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgt
M2Y5OTYwODY1ZDBmLzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgtM2Y5OTYwODY1ZDBm
LzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcPG2d76Q
BRCyzRaIUKbrKdnRSG+G631deHLhUB2h62hS1cXMutXjfSgxDzH8ikeXZAQ+vRun
z7B1Tfbrb44ps07axKHL7ws6ds9QcA8uz7WjPg7Z9ugANOousU2Rge4kWrOydiGO
iK0pM4KrUKG1sxxkLdGgMVzVJ74RkQMO/bNykeJB5zzl3+/Iscr0ZGUC/0h2FkGk
0wzEbqi7oT3ry9Ievc1gfhrc40iZ/xeAYwEMtJ7Fm9Ma0gq8MND/+66BUSeulQhU
KzT5V+2WMgA4XRcRQiCDfYUYd8RN82qclZq5Q2vaIMgEzObitI4ObGvHysh0LGal
7gtHMIQ63vrrZw==
-----END CERTIFICATE-----