Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
File:                     iDyv-AezKVLWjHGq8BuRmErR6gg.mft (raw, json)
Hash identifier:          4FisMGPXJ1iCOBaj9fHvTX5c3DdECXEmEQEEOIlVFvA=
Subject key identifier:   C5:E6:0F:EA:C7:30:00:3E:97:DC:8E:1F:74:A9:3E:FC:F8:92:22:85
Authority key identifier: 88:3C:AF:F8:07:B3:29:52:D6:8C:71:AA:F0:1B:91:98:4A:D1:EA:08
Certificate issuer:       /CN=883caff807b32952d68c71aaf01b91984ad1ea08
Certificate serial:       01962AF2C00DF4A2FD97C862F2F431BDCD65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
Manifest number:          02D1
Signing time:             Sat 12 Apr 2025 17:01:13 +0000
Manifest this update:     Sat 12 Apr 2025 17:01:13 +0000
Manifest next update:     Sun 13 Apr 2025 17:01:13 +0000
Files and hashes:         1: iDyv-AezKVLWjHGq8BuRmErR6gg.crl (hash: jie5LX3Jwa/r8AsF/fl50HIDjMHN3misX9pmdWuiVwU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 13 Apr 2025 17:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:2a:f2:c0:0d:f4:a2:fd:97:c8:62:f2:f4:31:bd:cd:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=883caff807b32952d68c71aaf01b91984ad1ea08
        Validity
            Not Before: Apr 12 17:01:13 2025 GMT
            Not After : Apr 13 17:01:13 2025 GMT
        Subject: CN=c5e60feac730003e97dc8e1f74a93efcf8922285
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:74:3e:0a:6b:a6:a7:21:a1:e4:ba:3b:2b:aa:
                    c7:a3:12:08:b2:5f:dc:0c:fd:a2:db:06:5e:18:9a:
                    65:1c:4a:f1:c9:01:95:95:6b:54:bf:56:51:a7:a7:
                    10:6e:45:da:a1:5d:d6:a2:29:a3:c5:3f:cf:6e:6f:
                    f2:ff:fb:35:23:89:9b:8a:95:26:d3:a8:f9:3e:13:
                    48:4e:c8:4f:bc:37:c2:19:02:49:67:99:ea:43:9c:
                    f4:25:55:57:c1:bb:c8:45:cb:a7:93:43:24:aa:1c:
                    b2:ee:82:97:29:65:89:ed:5a:fd:93:0a:cd:e9:57:
                    53:4e:84:f3:5c:e2:27:de:55:a1:20:1a:60:2e:78:
                    9f:d9:5f:42:d8:3f:df:5c:4d:e8:6d:97:21:97:76:
                    b4:a2:66:32:be:81:1e:7b:1a:a4:8b:f2:09:9b:9e:
                    af:a8:03:96:31:7f:08:39:4e:3e:4c:38:45:8c:0f:
                    70:4f:6e:df:b7:1c:af:fa:0b:a5:22:d6:25:79:ae:
                    0c:ea:6f:16:b3:c3:bc:ca:21:b7:e7:f3:c8:54:b6:
                    8f:3c:61:d8:c1:28:00:fb:0c:ef:ee:b5:6e:3d:55:
                    76:9a:16:a7:f5:68:f3:f1:ef:b8:16:04:de:c4:be:
                    9e:fe:7b:13:0b:ac:f6:3c:20:51:c4:75:c2:74:49:
                    b0:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:E6:0F:EA:C7:30:00:3E:97:DC:8E:1F:74:A9:3E:FC:F8:92:22:85
            X509v3 Authority Key Identifier:
                keyid:88:3C:AF:F8:07:B3:29:52:D6:8C:71:AA:F0:1B:91:98:4A:D1:EA:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:96:21:03:6a:8c:c0:8c:0f:ec:e3:eb:08:17:1c:d3:9c:d0:
         39:65:f3:8a:9f:02:a6:5a:34:e1:ee:c5:e0:8b:f2:eb:a3:04:
         ab:90:8b:0b:50:a3:2e:80:e4:15:98:1a:8d:89:20:e1:ec:cd:
         82:4b:44:95:ee:8c:fa:92:a7:9d:3f:f1:fd:11:6a:d4:e6:f5:
         8d:24:cd:40:22:28:7f:1b:f9:e7:9e:9f:23:fa:00:93:20:88:
         2c:8c:af:e3:70:83:7b:b3:b0:bb:85:45:77:65:74:c9:fc:c2:
         61:d5:06:c4:91:ae:03:55:db:d6:1d:8b:6e:ba:17:78:8f:8a:
         d4:51:76:8d:80:3d:84:3e:9d:ff:b9:7a:20:30:e4:41:10:fd:
         85:f8:bf:99:37:d9:81:28:98:1e:03:61:e4:51:9f:e0:72:d9:
         73:8f:ef:9e:6c:00:45:97:cc:f0:10:2d:c8:72:c9:56:39:ea:
         2f:70:8c:0a:d7:66:b7:02:46:30:39:5a:d5:45:72:8e:7a:d1:
         14:ac:b6:47:c7:dc:94:fd:65:09:d1:db:70:a7:a4:70:dd:69:
         51:39:e8:c5:7b:ab:ba:2f:e8:6c:f3:46:27:29:e2:13:4b:73:
         2b:f3:7b:69:4c:00:93:5b:94:81:91:94:83:75:e9:0f:ce:a3:
         3f:4d:4e:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYq8sAN9KL9l8hi8vQxvc1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4M2NhZmY4MDdiMzI5NTJkNjhjNzFhYWYwMWI5MTk4NGFk
MWVhMDgwHhcNMjUwNDEyMTcwMTEzWhcNMjUwNDEzMTcwMTEzWjAzMTEwLwYDVQQD
EyhjNWU2MGZlYWM3MzAwMDNlOTdkYzhlMWY3NGE5M2VmY2Y4OTIyMjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynQ+CmumpyGh5Lo7K6rHoxIIsl/c
DP2i2wZeGJplHErxyQGVlWtUv1ZRp6cQbkXaoV3WoimjxT/Pbm/y//s1I4mbipUm
06j5PhNITshPvDfCGQJJZ5nqQ5z0JVVXwbvIRcunk0Mkqhyy7oKXKWWJ7Vr9kwrN
6VdTToTzXOIn3lWhIBpgLnif2V9C2D/fXE3obZchl3a0omYyvoEeexqki/IJm56v
qAOWMX8IOU4+TDhFjA9wT27ftxyv+gulItYlea4M6m8Ws8O8yiG35/PIVLaPPGHY
wSgA+wzv7rVuPVV2mhan9Wjz8e+4FgTexL6e/nsTC6z2PCBRxHXCdEmwUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMXmD+rHMAA+l9yOH3SpPvz4kiKFMB8GA1UdIwQY
MBaAFIg8r/gHsylS1oxxqvAbkZhK0eoIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9hOGIzYzItY2FkNS00NWEzLWFmYWEt
OWNlZDVlNWVmZjBmLzEvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9hOGIzYzItY2FkNS00NWEzLWFmYWEtOWNlZDVlNWVmZjBm
LzEvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF5YhA2qM
wIwP7OPrCBcc05zQOWXzip8Cplo04e7F4Ivy66MEq5CLC1CjLoDkFZgajYkg4ezN
gktEle6M+pKnnT/x/RFq1Ob1jSTNQCIofxv5556fI/oAkyCILIyv43CDe7Owu4VF
d2V0yfzCYdUGxJGuA1Xb1h2LbroXeI+K1FF2jYA9hD6d/7l6IDDkQRD9hfi/mTfZ
gSiYHgNh5FGf4HLZc4/vnmwARZfM8BAtyHLJVjnqL3CMCtdmtwJGMDla1UVyjnrR
FKy2R8fclP1lCdHbcKekcN1pUTnoxXurui/obPNGJyniE0tzK/N7aUwAk1uUgZGU
g3XpD86jP01Oqw==
-----END CERTIFICATE-----