Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/23d64f-5192-4dd6-b026-ee9116d7e1d6/1/nYy-lCn5RJlbPJNL2vZglrURSNQ.mft
File:                     nYy-lCn5RJlbPJNL2vZglrURSNQ.mft (raw, json)
Hash identifier:          fjqKLp5DWFeAPJwTsaJgLiIiLytKLAUr7UwHKwR9Krs=
Subject key identifier:   A3:1C:56:0B:C7:98:69:58:1F:6C:DE:21:C9:75:BE:61:7A:94:A5:77
Authority key identifier: 9D:8C:BE:94:29:F9:44:99:5B:3C:93:4B:DA:F6:60:96:B5:11:48:D4
Certificate issuer:       /CN=9d8cbe9429f944995b3c934bdaf66096b51148d4
Certificate serial:       01974EFC8999BA3347BCEE99FA996CBBC5D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nYy-lCn5RJlbPJNL2vZglrURSNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/23d64f-5192-4dd6-b026-ee9116d7e1d6/1/nYy-lCn5RJlbPJNL2vZglrURSNQ.mft
Manifest number:          04CC
Signing time:             Sun 08 Jun 2025 10:01:02 +0000
Manifest this update:     Sun 08 Jun 2025 10:01:02 +0000
Manifest next update:     Mon 09 Jun 2025 10:01:02 +0000
Files and hashes:         1: nYy-lCn5RJlbPJNL2vZglrURSNQ.crl (hash: LFOEwEBvPat5y2V8RZqyyUKNOY1RobavrZ6MvZ7RyBw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/23d64f-5192-4dd6-b026-ee9116d7e1d6/1/nYy-lCn5RJlbPJNL2vZglrURSNQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/23d64f-5192-4dd6-b026-ee9116d7e1d6/1/nYy-lCn5RJlbPJNL2vZglrURSNQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nYy-lCn5RJlbPJNL2vZglrURSNQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:fc:89:99:ba:33:47:bc:ee:99:fa:99:6c:bb:c5:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d8cbe9429f944995b3c934bdaf66096b51148d4
        Validity
            Not Before: Jun  8 10:01:02 2025 GMT
            Not After : Jun  9 10:01:02 2025 GMT
        Subject: CN=a31c560bc79869581f6cde21c975be617a94a577
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:03:77:40:99:e3:b4:5e:3f:08:fa:ae:6d:23:
                    25:f4:0b:a9:1d:63:1d:d9:53:7d:0d:4b:82:0a:a6:
                    f9:35:f6:89:e9:bc:94:23:e3:8e:3d:38:1a:2b:fa:
                    60:ea:f4:46:ab:f9:57:94:04:17:76:e9:03:4d:d0:
                    a7:5a:2a:4f:6e:fd:bc:bd:66:24:b0:96:00:9c:16:
                    5c:b6:fa:75:e4:17:88:f3:47:01:35:db:c0:11:74:
                    25:69:ca:8f:e3:d3:70:a2:4a:e0:7e:30:0c:74:e2:
                    2c:8f:26:e6:cd:5f:7f:ee:7d:7e:bf:4e:4e:84:f8:
                    8d:af:d1:d7:bc:82:79:a9:7c:30:90:df:38:3e:a2:
                    4d:79:21:49:ad:16:d1:01:93:4f:5b:0a:df:8e:1b:
                    3c:cd:77:15:b7:f7:69:a0:94:c3:fd:58:98:92:7c:
                    03:2a:af:71:07:e5:a0:aa:15:0b:75:4a:8b:be:23:
                    98:97:02:76:b5:96:f9:94:1a:0a:51:1e:bd:5a:93:
                    89:65:be:3d:fc:73:45:9a:85:ef:67:e9:ea:09:0e:
                    00:c3:e2:b6:e6:ea:83:71:56:e6:c0:d8:10:b1:c6:
                    5e:69:dd:1d:7b:81:84:94:b7:2a:65:1d:0c:39:39:
                    07:71:40:b7:76:9f:6a:92:8a:14:44:26:4d:79:29:
                    42:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:1C:56:0B:C7:98:69:58:1F:6C:DE:21:C9:75:BE:61:7A:94:A5:77
            X509v3 Authority Key Identifier:
                keyid:9D:8C:BE:94:29:F9:44:99:5B:3C:93:4B:DA:F6:60:96:B5:11:48:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nYy-lCn5RJlbPJNL2vZglrURSNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/23d64f-5192-4dd6-b026-ee9116d7e1d6/1/nYy-lCn5RJlbPJNL2vZglrURSNQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/23d64f-5192-4dd6-b026-ee9116d7e1d6/1/nYy-lCn5RJlbPJNL2vZglrURSNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:05:60:be:51:54:02:11:8c:22:87:72:e9:77:d1:7b:9b:95:
         1a:9c:c0:61:c9:04:92:c8:44:36:98:1d:68:95:7a:db:d6:92:
         c9:60:c5:6f:c1:79:39:bb:02:6c:54:63:70:d5:1f:3a:0b:ee:
         2d:2b:fd:e9:a8:8b:b6:ce:ff:0a:f3:98:d2:77:29:ea:de:46:
         c6:c9:2c:f9:9b:6c:ac:f0:c0:06:3b:ce:ab:d3:0d:c3:16:94:
         15:e7:f3:ed:72:b6:de:88:15:f9:ee:35:54:70:ba:a4:09:6a:
         a3:21:f9:57:af:c7:4c:48:9a:76:71:58:e4:98:fc:69:90:63:
         39:3c:0c:41:52:79:d2:81:e0:02:20:04:d5:a7:20:66:71:95:
         38:18:5b:cb:2c:52:f3:58:32:1c:52:d8:97:e5:d6:14:87:92:
         26:79:f2:dd:c2:da:4b:22:17:f7:fd:aa:ef:80:26:2f:a9:e9:
         d6:06:7d:81:a7:cb:51:9e:63:ee:4c:05:eb:1c:8d:64:b4:4b:
         77:d0:7c:34:b7:48:87:48:bd:25:08:b2:19:2a:04:5e:16:c1:
         31:c3:43:9f:07:56:a8:ee:56:d7:8c:34:67:54:04:5a:b9:68:
         0c:bf:13:6a:2b:bf:4a:d0:df:57:9c:ff:69:36:bc:fd:d0:1e:
         15:1c:cc:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdO/ImZujNHvO6Z+plsu8XXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkOGNiZTk0MjlmOTQ0OTk1YjNjOTM0YmRhZjY2MDk2YjUx
MTQ4ZDQwHhcNMjUwNjA4MTAwMTAyWhcNMjUwNjA5MTAwMTAyWjAzMTEwLwYDVQQD
EyhhMzFjNTYwYmM3OTg2OTU4MWY2Y2RlMjFjOTc1YmU2MTdhOTRhNTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQN3QJnjtF4/CPqubSMl9AupHWMd
2VN9DUuCCqb5NfaJ6byUI+OOPTgaK/pg6vRGq/lXlAQXdukDTdCnWipPbv28vWYk
sJYAnBZctvp15BeI80cBNdvAEXQlacqP49NwokrgfjAMdOIsjybmzV9/7n1+v05O
hPiNr9HXvIJ5qXwwkN84PqJNeSFJrRbRAZNPWwrfjhs8zXcVt/dpoJTD/ViYknwD
Kq9xB+WgqhULdUqLviOYlwJ2tZb5lBoKUR69WpOJZb49/HNFmoXvZ+nqCQ4Aw+K2
5uqDcVbmwNgQscZead0de4GElLcqZR0MOTkHcUC3dp9qkooURCZNeSlCBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKMcVgvHmGlYH2zeIcl1vmF6lKV3MB8GA1UdIwQY
MBaAFJ2MvpQp+USZWzyTS9r2YJa1EUjUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbll5LWxDbjVSSmxiUEpOTDJ2WmdsclVSU05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8yM2Q2NGYtNTE5Mi00ZGQ2LWIwMjYt
ZWU5MTE2ZDdlMWQ2LzEvbll5LWxDbjVSSmxiUEpOTDJ2WmdsclVSU05RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8yM2Q2NGYtNTE5Mi00ZGQ2LWIwMjYtZWU5MTE2ZDdlMWQ2
LzEvbll5LWxDbjVSSmxiUEpOTDJ2WmdsclVSU05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARAVgvlFU
AhGMIody6XfRe5uVGpzAYckEkshENpgdaJV629aSyWDFb8F5ObsCbFRjcNUfOgvu
LSv96aiLts7/CvOY0ncp6t5Gxsks+ZtsrPDABjvOq9MNwxaUFefz7XK23ogV+e41
VHC6pAlqoyH5V6/HTEiadnFY5Jj8aZBjOTwMQVJ50oHgAiAE1acgZnGVOBhbyyxS
81gyHFLYl+XWFIeSJnny3cLaSyIX9/2q74AmL6np1gZ9gafLUZ5j7kwF6xyNZLRL
d9B8NLdIh0i9JQiyGSoEXhbBMcNDnwdWqO5W14w0Z1QEWrloDL8Taiu/StDfV5z/
aTa8/dAeFRzMmA==
-----END CERTIFICATE-----