Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/23d64f-5192-4dd6-b026-ee9116d7e1d6/1/nYy-lCn5RJlbPJNL2vZglrURSNQ.mft
File:                     nYy-lCn5RJlbPJNL2vZglrURSNQ.mft (raw, json)
Hash identifier:          Geaujl+q6oIHFFGtwefQxZPgEeIUFkES8L3g5xUugRs=
Subject key identifier:   F8:0E:43:20:63:A4:1F:3E:61:95:30:64:49:B4:BD:F0:C3:14:3C:5F
Authority key identifier: 9D:8C:BE:94:29:F9:44:99:5B:3C:93:4B:DA:F6:60:96:B5:11:48:D4
Certificate issuer:       /CN=9d8cbe9429f944995b3c934bdaf66096b51148d4
Certificate serial:       019655DCADB0A9B902E6E8EFC0AF56BE08EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nYy-lCn5RJlbPJNL2vZglrURSNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/23d64f-5192-4dd6-b026-ee9116d7e1d6/1/nYy-lCn5RJlbPJNL2vZglrURSNQ.mft
Manifest number:          044B
Signing time:             Mon 21 Apr 2025 01:00:47 +0000
Manifest this update:     Mon 21 Apr 2025 01:00:47 +0000
Manifest next update:     Tue 22 Apr 2025 01:00:47 +0000
Files and hashes:         1: nYy-lCn5RJlbPJNL2vZglrURSNQ.crl (hash: nxyj17smKJHLme4OjYYayApRbZSwsXUNAz2VbJEY8eQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/23d64f-5192-4dd6-b026-ee9116d7e1d6/1/nYy-lCn5RJlbPJNL2vZglrURSNQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/23d64f-5192-4dd6-b026-ee9116d7e1d6/1/nYy-lCn5RJlbPJNL2vZglrURSNQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nYy-lCn5RJlbPJNL2vZglrURSNQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:dc:ad:b0:a9:b9:02:e6:e8:ef:c0:af:56:be:08:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d8cbe9429f944995b3c934bdaf66096b51148d4
        Validity
            Not Before: Apr 21 01:00:47 2025 GMT
            Not After : Apr 22 01:00:47 2025 GMT
        Subject: CN=f80e432063a41f3e6195306449b4bdf0c3143c5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:6f:0b:ad:f3:6c:45:7c:05:e2:f1:30:2c:77:
                    df:1c:9f:87:72:53:f8:a8:3b:48:22:02:52:f0:8e:
                    cf:e4:c0:85:df:4d:94:84:44:f0:9f:59:ed:46:1a:
                    6d:4a:c0:2e:58:37:75:61:19:d9:71:ae:10:e5:38:
                    c7:f8:6a:bf:09:85:8d:bf:85:30:21:92:27:19:c4:
                    03:c1:bd:64:63:33:57:f9:27:89:40:44:b8:0a:5e:
                    6e:21:2d:c1:74:10:0f:7a:01:db:71:3a:77:95:59:
                    61:bf:67:07:82:bf:11:a2:99:36:c1:66:09:0e:27:
                    c0:99:5b:07:05:27:95:42:88:35:11:62:26:67:27:
                    8e:55:c8:de:17:47:f5:4b:80:d4:3f:c3:d5:77:54:
                    90:db:23:59:87:6a:d3:ca:a7:df:4b:a4:d6:9e:b4:
                    55:99:06:a1:46:01:42:b9:79:96:de:58:59:63:2c:
                    f5:de:1f:1c:a8:68:a9:d0:8c:67:81:39:73:f5:dc:
                    48:f2:e2:15:d4:f7:59:a6:d8:31:57:35:b6:64:9b:
                    8f:bb:f2:02:a2:ba:7a:27:2a:30:7c:96:93:c3:74:
                    d1:fa:f1:ea:f8:b9:d1:98:4c:7a:4d:aa:3b:fc:93:
                    e2:31:7f:6b:ad:6e:0a:f8:1f:2b:f1:e3:cb:aa:da:
                    7f:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:0E:43:20:63:A4:1F:3E:61:95:30:64:49:B4:BD:F0:C3:14:3C:5F
            X509v3 Authority Key Identifier:
                keyid:9D:8C:BE:94:29:F9:44:99:5B:3C:93:4B:DA:F6:60:96:B5:11:48:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nYy-lCn5RJlbPJNL2vZglrURSNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/23d64f-5192-4dd6-b026-ee9116d7e1d6/1/nYy-lCn5RJlbPJNL2vZglrURSNQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/23d64f-5192-4dd6-b026-ee9116d7e1d6/1/nYy-lCn5RJlbPJNL2vZglrURSNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:50:1d:4e:db:71:5f:c5:c1:44:91:21:61:15:b6:47:df:e4:
         aa:e6:7c:96:3d:f9:10:f3:b0:da:5f:f0:c9:6c:5f:e3:f3:8b:
         ad:c5:af:c4:cc:1a:8c:6c:5d:a3:4e:be:9e:7b:ca:58:05:36:
         89:34:5b:e8:11:71:c8:14:f5:54:89:ab:56:8c:73:14:d0:bb:
         e0:f5:f3:90:0a:f4:2a:ba:5e:e6:3a:47:6d:e8:da:35:28:b1:
         0f:6f:22:3a:af:78:92:bd:66:ff:1d:4b:9d:3d:99:8f:8c:47:
         df:51:4c:61:b0:8c:86:36:1c:5e:a9:61:a5:a7:a2:9f:69:91:
         19:9e:e6:7a:76:31:ea:56:db:08:8d:df:1b:64:66:f4:2e:92:
         9f:2b:67:a2:42:6b:62:35:47:36:af:1f:3f:2a:be:68:c3:a3:
         ce:c3:2e:9f:70:a8:76:0c:79:d9:84:e9:69:08:4d:ef:6f:a8:
         93:07:c0:23:18:de:b7:cb:3c:a0:e3:e4:1f:74:0b:ab:8c:90:
         f3:f3:a0:5f:4b:a2:44:fc:69:fd:2e:d1:f9:d7:1d:b4:ca:28:
         47:c6:65:98:de:da:a9:6d:ff:8e:ed:92:1e:40:33:b0:56:38:
         47:43:2f:75:c7:67:ab:14:df:7b:0a:5f:1c:2a:40:bb:41:8e:
         8f:d3:a4:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZV3K2wqbkC5ujvwK9WvgjrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkOGNiZTk0MjlmOTQ0OTk1YjNjOTM0YmRhZjY2MDk2YjUx
MTQ4ZDQwHhcNMjUwNDIxMDEwMDQ3WhcNMjUwNDIyMDEwMDQ3WjAzMTEwLwYDVQQD
EyhmODBlNDMyMDYzYTQxZjNlNjE5NTMwNjQ0OWI0YmRmMGMzMTQzYzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW8LrfNsRXwF4vEwLHffHJ+HclP4
qDtIIgJS8I7P5MCF302UhETwn1ntRhptSsAuWDd1YRnZca4Q5TjH+Gq/CYWNv4Uw
IZInGcQDwb1kYzNX+SeJQES4Cl5uIS3BdBAPegHbcTp3lVlhv2cHgr8Ropk2wWYJ
DifAmVsHBSeVQog1EWImZyeOVcjeF0f1S4DUP8PVd1SQ2yNZh2rTyqffS6TWnrRV
mQahRgFCuXmW3lhZYyz13h8cqGip0IxngTlz9dxI8uIV1PdZptgxVzW2ZJuPu/IC
orp6JyowfJaTw3TR+vHq+LnRmEx6Tao7/JPiMX9rrW4K+B8r8ePLqtp/SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPgOQyBjpB8+YZUwZEm0vfDDFDxfMB8GA1UdIwQY
MBaAFJ2MvpQp+USZWzyTS9r2YJa1EUjUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbll5LWxDbjVSSmxiUEpOTDJ2WmdsclVSU05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8yM2Q2NGYtNTE5Mi00ZGQ2LWIwMjYt
ZWU5MTE2ZDdlMWQ2LzEvbll5LWxDbjVSSmxiUEpOTDJ2WmdsclVSU05RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8yM2Q2NGYtNTE5Mi00ZGQ2LWIwMjYtZWU5MTE2ZDdlMWQ2
LzEvbll5LWxDbjVSSmxiUEpOTDJ2WmdsclVSU05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe1AdTttx
X8XBRJEhYRW2R9/kquZ8lj35EPOw2l/wyWxf4/OLrcWvxMwajGxdo06+nnvKWAU2
iTRb6BFxyBT1VImrVoxzFNC74PXzkAr0Krpe5jpHbejaNSixD28iOq94kr1m/x1L
nT2Zj4xH31FMYbCMhjYcXqlhpaein2mRGZ7menYx6lbbCI3fG2Rm9C6SnytnokJr
YjVHNq8fPyq+aMOjzsMun3Codgx52YTpaQhN72+okwfAIxjet8s8oOPkH3QLq4yQ
8/OgX0uiRPxp/S7R+dcdtMooR8ZlmN7aqW3/ju2SHkAzsFY4R0MvdcdnqxTfewpf
HCpAu0GOj9OkWA==
-----END CERTIFICATE-----