Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft
File:                     Iycd4-AQWavm0aWTxKJP9uGI1k8.mft (raw, json)
Hash identifier:          8YvCHiwxLMEd8uk6k8jFALYdQYH3yATwhfDWoRv/isw=
Subject key identifier:   F9:09:FE:D2:14:12:89:55:BA:4D:AF:8A:9D:E4:B8:BD:D6:85:31:10
Authority key identifier: 23:27:1D:E3:E0:10:59:AB:E6:D1:A5:93:C4:A2:4F:F6:E1:88:D6:4F
Certificate issuer:       /CN=23271de3e01059abe6d1a593c4a24ff6e188d64f
Certificate serial:       01963808ED244DD9216EEF30C96767BE06B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft
Manifest number:          0CEF
Signing time:             Tue 15 Apr 2025 06:00:31 +0000
Manifest this update:     Tue 15 Apr 2025 06:00:31 +0000
Manifest next update:     Wed 16 Apr 2025 06:00:31 +0000
Files and hashes:         1: Iycd4-AQWavm0aWTxKJP9uGI1k8.crl (hash: I7u0BS3ao5xQCX8+oPaZEF+Ci9QB0g+8Lmw+ldkTHrg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 16 Apr 2025 06:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:38:08:ed:24:4d:d9:21:6e:ef:30:c9:67:67:be:06:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23271de3e01059abe6d1a593c4a24ff6e188d64f
        Validity
            Not Before: Apr 15 06:00:31 2025 GMT
            Not After : Apr 16 06:00:31 2025 GMT
        Subject: CN=f909fed214128955ba4daf8a9de4b8bdd6853110
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:99:73:58:92:07:22:29:70:fd:21:8f:13:0f:
                    7b:9b:2a:47:5b:74:8e:29:16:9a:78:50:24:f5:d4:
                    57:3d:b0:01:41:86:66:2e:47:15:3f:71:d5:ee:80:
                    c3:3b:6c:44:e6:4a:bf:f5:21:ef:21:31:9b:86:87:
                    09:c9:e3:5a:7a:33:b4:4e:a1:64:b7:37:47:b4:9a:
                    15:8e:1b:89:66:c2:f3:96:22:06:b9:ad:7e:53:ef:
                    cd:d5:9c:84:55:50:0c:cb:c0:b4:51:e3:89:ca:fd:
                    58:7a:62:ca:ad:fd:f6:43:d6:55:ae:52:f0:7b:15:
                    4c:53:5f:03:61:9e:cc:9e:58:90:28:48:85:b8:c1:
                    29:7c:d7:1d:6c:d1:fc:a4:4c:bf:a6:84:ca:62:50:
                    52:3a:df:2e:b6:54:9e:5c:75:c1:30:d9:5c:1d:0b:
                    cb:a8:7f:1a:d9:cb:11:db:46:65:95:fd:9d:7c:35:
                    e0:a9:2a:04:7c:68:f5:35:20:d8:1e:8a:6f:9c:98:
                    55:0b:b6:76:1e:62:4e:46:52:a7:2b:62:6c:40:46:
                    74:27:bb:10:a0:ca:66:71:37:3d:f8:85:c1:59:0a:
                    db:2c:e7:d1:5e:83:82:6e:fc:07:40:34:a7:e8:b5:
                    ea:4f:ca:4a:88:b1:f8:57:57:c1:da:7e:30:c4:70:
                    c4:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:09:FE:D2:14:12:89:55:BA:4D:AF:8A:9D:E4:B8:BD:D6:85:31:10
            X509v3 Authority Key Identifier:
                keyid:23:27:1D:E3:E0:10:59:AB:E6:D1:A5:93:C4:A2:4F:F6:E1:88:D6:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:a8:84:f6:40:13:ae:a4:89:35:f1:0b:27:db:1c:3e:f9:c9:
         a8:6c:b8:37:2c:12:59:64:41:64:c3:66:8e:64:3b:5f:e8:b9:
         99:92:be:d9:d1:f8:e6:cf:17:db:19:90:20:a8:e8:45:05:73:
         95:87:35:1f:21:59:eb:c6:f7:f3:f3:74:57:7b:32:d7:4f:70:
         9a:46:55:fd:12:0e:5b:34:bf:80:f0:b8:d8:97:98:8c:fe:58:
         fc:46:1b:0c:f1:38:75:8e:88:fb:d1:f5:18:ad:65:3b:b2:6f:
         e6:de:9b:b3:7a:82:f1:99:35:0f:b0:a5:37:96:da:97:3b:9c:
         19:0c:b9:6b:1e:00:b3:11:c0:cf:3b:0f:3a:71:2f:e5:89:7c:
         b7:99:48:ff:ad:e4:9c:c3:b8:64:80:ae:b0:12:52:16:07:df:
         d6:24:4e:ea:22:34:e0:0f:8d:4a:24:e1:0e:30:f1:76:8d:68:
         ba:95:d0:e9:8a:f7:26:47:3b:a9:c7:4e:80:a6:ff:6e:92:e8:
         2a:29:36:fe:16:40:dc:63:1d:eb:cf:2d:6d:da:75:74:e0:0e:
         b5:86:e4:2a:5f:a8:2e:f5:72:89:ae:1e:bd:09:93:00:bb:d8:
         5f:31:36:89:33:69:15:83:4d:aa:e5:06:63:98:af:6b:f4:a3:
         8e:0a:6c:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY4CO0kTdkhbu8wyWdnvgazMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjcxZGUzZTAxMDU5YWJlNmQxYTU5M2M0YTI0ZmY2ZTE4
OGQ2NGYwHhcNMjUwNDE1MDYwMDMxWhcNMjUwNDE2MDYwMDMxWjAzMTEwLwYDVQQD
EyhmOTA5ZmVkMjE0MTI4OTU1YmE0ZGFmOGE5ZGU0YjhiZGQ2ODUzMTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5lzWJIHIilw/SGPEw97mypHW3SO
KRaaeFAk9dRXPbABQYZmLkcVP3HV7oDDO2xE5kq/9SHvITGbhocJyeNaejO0TqFk
tzdHtJoVjhuJZsLzliIGua1+U+/N1ZyEVVAMy8C0UeOJyv1YemLKrf32Q9ZVrlLw
exVMU18DYZ7MnliQKEiFuMEpfNcdbNH8pEy/poTKYlBSOt8utlSeXHXBMNlcHQvL
qH8a2csR20Zllf2dfDXgqSoEfGj1NSDYHopvnJhVC7Z2HmJORlKnK2JsQEZ0J7sQ
oMpmcTc9+IXBWQrbLOfRXoOCbvwHQDSn6LXqT8pKiLH4V1fB2n4wxHDExwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPkJ/tIUEolVuk2vip3kuL3WhTEQMB8GA1UdIwQY
MBaAFCMnHePgEFmr5tGlk8SiT/bhiNZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zZjdhMDYtMmI0NS00YTBiLWJhNmMt
OTU4YzM3NjUwNmVkLzEvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zZjdhMDYtMmI0NS00YTBiLWJhNmMtOTU4YzM3NjUwNmVk
LzEvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQqiE9kAT
rqSJNfELJ9scPvnJqGy4NywSWWRBZMNmjmQ7X+i5mZK+2dH45s8X2xmQIKjoRQVz
lYc1HyFZ68b38/N0V3sy109wmkZV/RIOWzS/gPC42JeYjP5Y/EYbDPE4dY6I+9H1
GK1lO7Jv5t6bs3qC8Zk1D7ClN5balzucGQy5ax4AsxHAzzsPOnEv5Yl8t5lI/63k
nMO4ZICusBJSFgff1iRO6iI04A+NSiThDjDxdo1oupXQ6Yr3Jkc7qcdOgKb/bpLo
Kik2/hZA3GMd688tbdp1dOAOtYbkKl+oLvVyia4evQmTALvYXzE2iTNpFYNNquUG
Y5iva/Sjjgps0A==
-----END CERTIFICATE-----