Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
File:                     YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft (raw, json)
Hash identifier:          4vvVFwy54P0AUkMSbAUuuhtg6PYfr8u261AjdLL4lSc=
Subject key identifier:   04:F1:D9:85:30:87:BA:ED:1E:3D:40:FC:90:49:18:2B:5C:4B:59:CB
Authority key identifier: 60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F
Certificate issuer:       /CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
Certificate serial:       0195121087A3018DFEB2518A1D3F2D06A3C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
Manifest number:          05F0
Signing time:             Mon 17 Feb 2025 04:00:27 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:27 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:27 +0000
Files and hashes:         1: YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl (hash: m7lmFnaX7j1AgnFytNb1X2OoKzl5xkKPuJmS4solE8U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:87:a3:01:8d:fe:b2:51:8a:1d:3f:2d:06:a3:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
        Validity
            Not Before: Feb 17 04:00:27 2025 GMT
            Not After : Feb 18 04:00:27 2025 GMT
        Subject: CN=04f1d9853087baed1e3d40fc9049182b5c4b59cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:a3:60:91:90:1d:74:2a:90:65:48:75:be:60:
                    c2:6d:6d:62:f3:21:e8:76:73:f4:5c:b3:f1:50:fb:
                    97:6b:11:4d:17:a0:04:d2:47:aa:42:dc:be:01:52:
                    9f:6e:7c:82:80:f1:4a:b4:61:0c:fa:3d:1a:f1:ee:
                    84:6f:1a:51:e7:00:07:f4:fa:20:65:6b:1f:2c:c1:
                    95:a2:43:cb:aa:1e:e6:ec:2d:74:56:39:3d:c4:8b:
                    7f:cf:3d:c3:b6:1a:f8:f1:98:57:65:7b:c8:67:dd:
                    09:a2:b8:56:31:d7:e7:6b:62:12:38:05:da:9b:45:
                    19:11:36:37:df:55:81:b6:f8:8a:1c:53:95:c1:e8:
                    f5:1a:33:dc:0a:4b:54:9b:84:ab:42:07:13:c2:fd:
                    90:5d:12:13:c6:5a:d6:94:37:cc:ee:b5:d7:ac:7d:
                    e7:0e:b4:19:29:5d:b7:11:64:5a:78:f3:dc:5a:07:
                    78:87:bf:b7:1a:d0:b3:ce:2e:93:fe:71:13:98:04:
                    57:04:d5:e8:75:f4:f1:72:05:96:de:76:24:ed:ba:
                    b1:d3:7e:44:34:23:1b:1c:f0:75:4b:1c:ee:58:90:
                    a3:30:98:c4:eb:f7:33:19:4d:2c:3a:40:d3:cf:65:
                    12:53:ec:b8:de:85:4d:6e:0d:2b:4a:fd:e9:a2:d7:
                    d2:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:F1:D9:85:30:87:BA:ED:1E:3D:40:FC:90:49:18:2B:5C:4B:59:CB
            X509v3 Authority Key Identifier:
                keyid:60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:da:ba:d6:8d:1a:38:11:8d:4e:2b:15:cd:ec:db:e7:a3:d3:
         89:67:65:dc:b0:ef:fa:f2:fa:0b:ed:a8:8d:32:29:db:13:01:
         41:5c:59:57:88:7b:11:9e:8c:fe:4b:59:f2:bc:ec:28:fb:75:
         7f:b3:48:c0:85:d9:d2:cf:2f:e6:21:da:3a:2b:4e:3e:92:26:
         97:e8:4e:ae:4a:a2:c1:7a:ed:da:46:76:35:cd:bc:8b:1e:ff:
         e9:13:27:82:25:91:3a:b4:7e:35:4b:94:40:52:7e:46:6d:19:
         eb:c5:d2:79:a2:0b:e3:be:c2:58:84:b1:8a:ac:e1:a5:d8:be:
         d8:3f:a4:3e:18:e5:fc:22:f3:ac:ca:a9:77:57:91:1d:19:aa:
         53:23:74:a1:77:7a:fe:5b:ec:a7:27:74:70:4b:30:2d:72:3e:
         f3:e8:21:ac:a6:ab:96:01:9c:c6:83:08:ed:48:ee:37:f6:20:
         9a:0e:51:31:da:69:6f:f3:3b:f1:f1:d0:ca:e9:7b:45:70:3a:
         08:42:ec:69:a0:80:1d:e4:d2:51:0d:de:9a:03:0b:fd:7d:a4:
         54:a1:bc:c0:7a:29:10:9e:4c:55:0c:05:7d:87:81:84:f8:24:
         58:9b:87:55:19:14:e4:88:d6:f9:45:6a:aa:3b:47:14:81:71:
         81:ea:9b:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEIejAY3+slGKHT8tBqPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYTQzNGZkNmJmZjhiNmZiYjBkNTJmOGRhNDJlOTFmOGE1
YTI5MmYwHhcNMjUwMjE3MDQwMDI3WhcNMjUwMjE4MDQwMDI3WjAzMTEwLwYDVQQD
EygwNGYxZDk4NTMwODdiYWVkMWUzZDQwZmM5MDQ5MTgyYjVjNGI1OWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqNgkZAddCqQZUh1vmDCbW1i8yHo
dnP0XLPxUPuXaxFNF6AE0keqQty+AVKfbnyCgPFKtGEM+j0a8e6EbxpR5wAH9Pog
ZWsfLMGVokPLqh7m7C10Vjk9xIt/zz3Dthr48ZhXZXvIZ90JorhWMdfna2ISOAXa
m0UZETY331WBtviKHFOVwej1GjPcCktUm4SrQgcTwv2QXRITxlrWlDfM7rXXrH3n
DrQZKV23EWRaePPcWgd4h7+3GtCzzi6T/nETmARXBNXodfTxcgWW3nYk7bqx035E
NCMbHPB1SxzuWJCjMJjE6/czGU0sOkDTz2USU+y43oVNbg0rSv3potfSyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFATx2YUwh7rtHj1A/JBJGCtcS1nLMB8GA1UdIwQY
MBaAFGCkNP1r/4tvuw1S+NpC6R+KWikvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAt
NmEzZjAxZDljYjUwLzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAtNmEzZjAxZDljYjUw
LzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATdq61o0a
OBGNTisVzezb56PTiWdl3LDv+vL6C+2ojTIp2xMBQVxZV4h7EZ6M/ktZ8rzsKPt1
f7NIwIXZ0s8v5iHaOitOPpIml+hOrkqiwXrt2kZ2Nc28ix7/6RMngiWROrR+NUuU
QFJ+Rm0Z68XSeaIL477CWISxiqzhpdi+2D+kPhjl/CLzrMqpd1eRHRmqUyN0oXd6
/lvspyd0cEswLXI+8+ghrKarlgGcxoMI7UjuN/Ygmg5RMdppb/M78fHQyul7RXA6
CELsaaCAHeTSUQ3emgML/X2kVKG8wHopEJ5MVQwFfYeBhPgkWJuHVRkU5IjW+UVq
qjtHFIFxgeqbmQ==
-----END CERTIFICATE-----