Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
File:                     YDRE4ZlioZHv0vIWoSji9M_io94.mft (raw, json)
Hash identifier:          XcUk8aWDldchQtAhQd0K3Xdd+9g78bBUWB4YwZm6eXc=
Subject key identifier:   BD:0E:AE:84:11:B0:37:7C:C2:CA:F0:5B:50:38:55:4E:D9:4A:30:D5
Authority key identifier: 60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE
Certificate issuer:       /CN=603444e19962a191efd2f216a128e2f4cfe2a3de
Certificate serial:       019643D64FBFC588055E2D69AEA3C9576C19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
Manifest number:          050F
Signing time:             Thu 17 Apr 2025 13:00:40 +0000
Manifest this update:     Thu 17 Apr 2025 13:00:40 +0000
Manifest next update:     Fri 18 Apr 2025 13:00:40 +0000
Files and hashes:         1: YDRE4ZlioZHv0vIWoSji9M_io94.crl (hash: 4Hx1wMcl9+FPTc0mBgo9Zad7wbYEIfQveJAfbufz+co=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 13:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:43:d6:4f:bf:c5:88:05:5e:2d:69:ae:a3:c9:57:6c:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=603444e19962a191efd2f216a128e2f4cfe2a3de
        Validity
            Not Before: Apr 17 13:00:40 2025 GMT
            Not After : Apr 18 13:00:40 2025 GMT
        Subject: CN=bd0eae8411b0377cc2caf05b5038554ed94a30d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:bb:79:dd:6e:b6:76:85:91:84:a3:0c:95:59:
                    d2:fa:16:15:23:37:21:fd:68:a9:76:99:d5:9d:1c:
                    de:c2:5f:35:c8:3b:da:6d:46:5f:56:e6:19:dc:57:
                    09:a4:06:07:92:aa:96:11:d1:db:e8:7c:c2:f5:08:
                    e1:f7:90:9b:0c:b0:94:db:f0:c8:e0:02:f4:94:e7:
                    52:be:6d:9a:fd:37:66:11:53:23:44:32:0f:db:c6:
                    11:c6:2c:1a:2f:dc:b2:00:45:7f:96:dc:6c:77:6f:
                    82:6c:a0:2a:94:3b:b5:17:df:20:20:2d:f7:1b:da:
                    a6:6b:f2:8c:64:73:c8:1b:66:c8:f0:e1:4c:41:a0:
                    2d:91:1f:a3:f3:d7:f9:a9:91:a3:32:fa:db:c8:fc:
                    ac:b0:c7:19:e3:d6:16:ee:4d:c1:38:ed:2d:c7:eb:
                    e4:ff:36:41:f0:77:cb:12:de:76:69:df:9e:7a:6c:
                    75:7d:03:f4:e0:0f:ca:bb:be:db:15:05:af:9a:11:
                    1e:f5:92:9a:b8:b0:68:08:df:5e:f6:c5:6c:a0:d6:
                    b9:d7:42:6f:93:9c:73:75:a8:0a:d2:42:f5:dc:e9:
                    ba:cb:90:da:79:90:80:0f:0b:94:f0:b9:61:a4:60:
                    04:06:b0:d8:9c:28:5d:a9:78:5d:98:4c:28:14:49:
                    25:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:0E:AE:84:11:B0:37:7C:C2:CA:F0:5B:50:38:55:4E:D9:4A:30:D5
            X509v3 Authority Key Identifier:
                keyid:60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:e4:b1:18:18:f2:fb:7c:90:27:64:93:0e:2c:4d:a1:68:8c:
         34:88:cc:b9:67:90:07:4b:b3:cc:cf:e0:c0:39:4c:2d:a7:a6:
         62:6e:6f:9f:b5:35:74:a6:4a:90:6e:ff:19:86:c2:29:74:23:
         a5:d6:d3:7a:c0:ea:11:08:9b:f3:a5:ea:a3:59:0d:15:6b:d0:
         aa:4e:3e:9c:31:9a:5a:e5:c6:9c:f4:d7:da:8b:11:b5:bd:88:
         8f:b4:f3:70:9b:d3:a2:04:44:1a:01:86:e0:11:a3:f7:c6:f2:
         df:06:5b:13:10:19:63:e1:5b:ce:be:79:6e:0a:ee:16:64:1a:
         c7:dd:91:5b:da:95:b1:8d:f9:f8:93:ed:7d:bc:b1:2b:cf:cb:
         6c:c4:0d:0a:61:99:50:d7:ae:46:75:2e:4d:98:5b:29:1b:fb:
         14:ce:95:fe:cd:be:ef:98:74:f3:68:70:5c:e1:51:1e:db:5d:
         41:cd:64:54:94:42:88:f2:bc:c2:62:9c:59:f1:e9:2e:2e:d5:
         4e:4a:d7:54:75:1e:2d:61:5d:87:f7:08:58:a9:cd:01:7c:8a:
         95:b6:fa:b4:8b:e8:b3:54:65:e8:69:01:32:2b:3b:81:68:a1:
         66:ba:bf:50:9f:48:80:ca:db:c2:c2:ca:2d:51:da:76:d7:00:
         bb:a9:d3:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZD1k+/xYgFXi1prqPJV2wZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzQ0NGUxOTk2MmExOTFlZmQyZjIxNmExMjhlMmY0Y2Zl
MmEzZGUwHhcNMjUwNDE3MTMwMDQwWhcNMjUwNDE4MTMwMDQwWjAzMTEwLwYDVQQD
EyhiZDBlYWU4NDExYjAzNzdjYzJjYWYwNWI1MDM4NTU0ZWQ5NGEzMGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA57t53W62doWRhKMMlVnS+hYVIzch
/WipdpnVnRzewl81yDvabUZfVuYZ3FcJpAYHkqqWEdHb6HzC9Qjh95CbDLCU2/DI
4AL0lOdSvm2a/TdmEVMjRDIP28YRxiwaL9yyAEV/ltxsd2+CbKAqlDu1F98gIC33
G9qma/KMZHPIG2bI8OFMQaAtkR+j89f5qZGjMvrbyPyssMcZ49YW7k3BOO0tx+vk
/zZB8HfLEt52ad+eemx1fQP04A/Ku77bFQWvmhEe9ZKauLBoCN9e9sVsoNa510Jv
k5xzdagK0kL13Om6y5DaeZCADwuU8LlhpGAEBrDYnChdqXhdmEwoFEklnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL0OroQRsDd8wsrwW1A4VU7ZSjDVMB8GA1UdIwQY
MBaAFGA0ROGZYqGR79LyFqEo4vTP4qPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzct
ODQ0N2UyOWMxNTI0LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzctODQ0N2UyOWMxNTI0
LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWuSxGBjy
+3yQJ2STDixNoWiMNIjMuWeQB0uzzM/gwDlMLaemYm5vn7U1dKZKkG7/GYbCKXQj
pdbTesDqEQib86Xqo1kNFWvQqk4+nDGaWuXGnPTX2osRtb2Ij7TzcJvTogREGgGG
4BGj98by3wZbExAZY+Fbzr55bgruFmQax92RW9qVsY35+JPtfbyxK8/LbMQNCmGZ
UNeuRnUuTZhbKRv7FM6V/s2+75h082hwXOFRHttdQc1kVJRCiPK8wmKcWfHpLi7V
TkrXVHUeLWFdh/cIWKnNAXyKlbb6tIvos1Rl6GkBMis7gWihZrq/UJ9IgMrbwsLK
LVHadtcAu6nTnQ==
-----END CERTIFICATE-----