Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
File:                     YDRE4ZlioZHv0vIWoSji9M_io94.mft (raw, json)
Hash identifier:          Y+itTxfheHQYo5LUNIM9qObFKXZkvVKsusQTB+2obZk=
Subject key identifier:   2C:9B:6E:10:7A:A4:BF:20:71:92:C1:52:13:24:5F:5E:12:A5:F3:8F
Authority key identifier: 60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE
Certificate issuer:       /CN=603444e19962a191efd2f216a128e2f4cfe2a3de
Certificate serial:       0197488CA19952CC5E92FF7DFA7C10A80C0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
Manifest number:          0596
Signing time:             Sat 07 Jun 2025 04:01:05 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:05 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:05 +0000
Files and hashes:         1: YDRE4ZlioZHv0vIWoSji9M_io94.crl (hash: RTPWvDsdZOT9XGEAx2/ngBnlVQAZhHP+24GUJl74g08=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:a1:99:52:cc:5e:92:ff:7d:fa:7c:10:a8:0c:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=603444e19962a191efd2f216a128e2f4cfe2a3de
        Validity
            Not Before: Jun  7 04:01:05 2025 GMT
            Not After : Jun  8 04:01:05 2025 GMT
        Subject: CN=2c9b6e107aa4bf207192c15213245f5e12a5f38f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:e4:cb:33:ed:df:21:06:dc:7a:ae:5b:01:68:
                    28:7e:4b:66:cf:99:5b:ef:84:8f:49:af:d6:6d:d9:
                    bb:ca:b0:f7:bb:62:17:9f:a2:c1:27:09:f3:85:37:
                    f8:89:8c:39:e2:88:e3:8c:21:7e:9c:62:b8:f9:77:
                    f4:13:f6:8d:71:ea:6c:cc:5e:71:da:a4:f9:d6:02:
                    67:b3:c0:85:22:28:8b:66:12:d7:5b:9e:69:e8:b7:
                    f9:d7:7a:bb:4d:90:a8:ed:ba:48:82:f9:02:f5:45:
                    74:62:ca:57:bd:07:7a:6d:93:43:75:ff:37:cc:32:
                    77:41:97:de:9c:07:32:fa:43:0f:44:0f:c4:ef:86:
                    e8:30:f9:cf:1a:7f:06:c8:51:ec:83:6c:b0:e2:50:
                    42:41:de:f9:9d:b7:d8:73:b5:40:05:93:b2:ef:ec:
                    20:35:e5:de:c5:03:4f:12:24:de:8b:45:16:c3:96:
                    08:07:83:49:1d:f1:43:24:a5:b4:ae:2a:8a:ee:42:
                    34:d2:f3:53:9b:d5:44:3d:d6:f6:39:6a:95:c2:0e:
                    b1:c1:b5:3c:3f:cb:7c:67:25:33:34:63:f0:63:4b:
                    fc:c4:78:5a:b2:75:a8:39:1a:c5:13:57:00:44:a7:
                    38:5c:10:54:9d:4a:46:4f:cd:68:5d:da:c4:08:07:
                    b5:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:9B:6E:10:7A:A4:BF:20:71:92:C1:52:13:24:5F:5E:12:A5:F3:8F
            X509v3 Authority Key Identifier:
                keyid:60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:13:0a:14:3c:5e:af:63:d3:89:9c:61:19:2d:50:4e:e7:bb:
         54:93:88:ff:54:8a:43:64:15:f0:32:f0:82:c5:b7:7b:17:ed:
         80:19:4b:df:ca:f8:f6:73:58:ee:95:2f:b8:67:7e:bf:02:9f:
         e8:40:42:90:45:c7:de:3f:2f:b9:23:63:53:ac:16:63:99:60:
         03:f6:17:9c:1d:a5:ff:df:ed:ca:c7:6c:d6:f4:95:28:35:a4:
         80:2f:de:9d:70:ae:06:7c:27:fc:21:2a:41:9d:3d:1f:83:df:
         d1:3c:85:5e:b5:f0:d6:94:17:df:1f:62:f2:2f:23:0f:1b:83:
         be:33:78:9b:06:73:b3:1f:79:8b:e1:0b:eb:2c:9f:fe:9b:fa:
         9f:e5:74:ed:3b:06:e7:34:c2:b7:d5:32:9f:a9:49:cc:78:a9:
         d5:ed:85:49:36:20:fb:fe:f9:5e:62:50:b0:bb:fa:a4:fe:c2:
         2f:d3:33:f5:1d:68:93:80:1c:84:50:63:bf:d0:b9:40:e2:0c:
         31:4f:ca:37:18:47:b2:40:39:89:6a:d1:38:21:32:e7:fd:f3:
         e3:22:4b:84:e9:3d:3d:8e:78:ea:6d:3d:8d:67:36:6a:57:7a:
         70:30:fd:5d:18:96:9c:bf:c4:99:55:44:72:11:37:62:c0:65:
         e7:43:38:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjKGZUsxekv99+nwQqAwLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzQ0NGUxOTk2MmExOTFlZmQyZjIxNmExMjhlMmY0Y2Zl
MmEzZGUwHhcNMjUwNjA3MDQwMTA1WhcNMjUwNjA4MDQwMTA1WjAzMTEwLwYDVQQD
EygyYzliNmUxMDdhYTRiZjIwNzE5MmMxNTIxMzI0NWY1ZTEyYTVmMzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOTLM+3fIQbceq5bAWgofktmz5lb
74SPSa/Wbdm7yrD3u2IXn6LBJwnzhTf4iYw54ojjjCF+nGK4+Xf0E/aNcepszF5x
2qT51gJns8CFIiiLZhLXW55p6Lf513q7TZCo7bpIgvkC9UV0YspXvQd6bZNDdf83
zDJ3QZfenAcy+kMPRA/E74boMPnPGn8GyFHsg2yw4lBCQd75nbfYc7VABZOy7+wg
NeXexQNPEiTei0UWw5YIB4NJHfFDJKW0riqK7kI00vNTm9VEPdb2OWqVwg6xwbU8
P8t8ZyUzNGPwY0v8xHhasnWoORrFE1cARKc4XBBUnUpGT81oXdrECAe10wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCybbhB6pL8gcZLBUhMkX14SpfOPMB8GA1UdIwQY
MBaAFGA0ROGZYqGR79LyFqEo4vTP4qPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzct
ODQ0N2UyOWMxNTI0LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzctODQ0N2UyOWMxNTI0
LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlRMKFDxe
r2PTiZxhGS1QTue7VJOI/1SKQ2QV8DLwgsW3exftgBlL38r49nNY7pUvuGd+vwKf
6EBCkEXH3j8vuSNjU6wWY5lgA/YXnB2l/9/tysds1vSVKDWkgC/enXCuBnwn/CEq
QZ09H4Pf0TyFXrXw1pQX3x9i8i8jDxuDvjN4mwZzsx95i+EL6yyf/pv6n+V07TsG
5zTCt9Uyn6lJzHip1e2FSTYg+/75XmJQsLv6pP7CL9Mz9R1ok4AchFBjv9C5QOIM
MU/KNxhHskA5iWrROCEy5/3z4yJLhOk9PY546m09jWc2ald6cDD9XRiWnL/EmVVE
chE3YsBl50M46w==
-----END CERTIFICATE-----