Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft
File:                     yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft (raw, json)
Hash identifier:          pHrwN3bLQo9HCXrjRLpb4y5Db8/euN3dxFyFHCedKhU=
Subject key identifier:   90:54:06:B9:4B:7C:3C:C9:71:FF:92:73:2A:90:56:8D:3E:2E:33:01
Authority key identifier: C8:ED:44:3F:85:D0:EE:C6:63:64:CD:75:36:F1:88:88:AC:1F:99:E3
Certificate issuer:       /CN=c8ed443f85d0eec66364cd7536f18888ac1f99e3
Certificate serial:       01963FF9BB4F89FE81E2AFCA6DB8DE79C041
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO1EP4XQ7sZjZM11NvGIiKwfmeM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft
Manifest number:          14EF
Signing time:             Wed 16 Apr 2025 19:00:52 +0000
Manifest this update:     Wed 16 Apr 2025 19:00:52 +0000
Manifest next update:     Thu 17 Apr 2025 19:00:52 +0000
Files and hashes:         1: yO1EP4XQ7sZjZM11NvGIiKwfmeM.crl (hash: EhhrbbIHtsmlPPOXkUMIQ2fzC2nz4KNGy++mVeHuu8E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO1EP4XQ7sZjZM11NvGIiKwfmeM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 13:16:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3f:f9:bb:4f:89:fe:81:e2:af:ca:6d:b8:de:79:c0:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ed443f85d0eec66364cd7536f18888ac1f99e3
        Validity
            Not Before: Apr 16 19:00:52 2025 GMT
            Not After : Apr 17 19:00:52 2025 GMT
        Subject: CN=905406b94b7c3cc971ff92732a90568d3e2e3301
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:8c:3d:96:07:9f:56:f6:dd:16:68:a0:92:a6:
                    23:8a:9a:52:aa:e0:f0:fd:6e:7f:4a:7e:fd:e5:f2:
                    30:33:37:14:7b:99:27:74:a4:77:af:26:9a:e0:3b:
                    56:06:ae:b4:9e:68:c2:d9:b3:0c:24:16:84:7b:8c:
                    f3:be:48:55:34:54:c3:3f:1c:36:aa:84:7c:0f:c0:
                    7b:f3:b5:dc:80:69:ac:26:bd:18:6e:8f:8a:3f:92:
                    d8:85:74:22:51:64:cc:fa:9f:34:62:d2:78:93:25:
                    e7:bb:5d:c5:c6:5c:19:f3:25:96:95:28:75:ea:6c:
                    b4:15:71:2b:f8:a3:2c:7a:d8:05:b7:e4:7c:59:e7:
                    65:71:7f:5d:96:75:5f:50:97:b2:f9:63:fd:3f:c5:
                    ff:d0:f0:bb:85:c1:cc:da:43:db:5b:bd:7c:eb:7a:
                    be:14:a2:c3:42:f2:d7:cd:ae:6b:eb:d2:28:aa:cd:
                    a5:d5:12:96:76:78:64:04:91:f4:bb:ce:e5:64:c6:
                    f3:47:69:73:6f:35:d9:5e:07:a7:74:5e:70:9f:12:
                    82:1f:52:38:8b:65:95:46:9d:0f:dd:16:19:18:41:
                    6a:74:cd:8a:bb:9b:a1:d7:ff:40:08:fa:28:26:56:
                    d2:b9:f1:23:b9:36:30:ca:62:50:c9:1d:05:74:d7:
                    1b:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:54:06:B9:4B:7C:3C:C9:71:FF:92:73:2A:90:56:8D:3E:2E:33:01
            X509v3 Authority Key Identifier:
                keyid:C8:ED:44:3F:85:D0:EE:C6:63:64:CD:75:36:F1:88:88:AC:1F:99:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO1EP4XQ7sZjZM11NvGIiKwfmeM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:94:81:c2:ff:ab:5b:77:5a:30:73:25:42:b1:fc:2f:d0:6e:
         78:9a:fa:ff:a1:31:ee:9d:c2:fd:2f:37:55:83:00:52:13:2c:
         e6:98:97:0f:9c:4b:84:88:f2:b1:5c:de:e2:c7:64:a0:b8:8c:
         b6:47:c8:c6:97:11:c3:7d:ce:6f:05:f7:aa:6c:7d:0d:b8:e1:
         a3:4e:52:59:6e:8f:02:2f:96:38:b7:0f:e9:8f:87:d6:06:4e:
         e0:51:42:3d:68:6c:d3:17:4f:18:22:9e:ea:c1:ff:79:68:40:
         f9:45:d6:72:64:e5:f0:fb:b6:16:38:da:f0:41:79:86:66:c2:
         00:2c:0b:38:a7:e4:f8:e8:6d:d4:fe:75:04:0a:a1:32:85:99:
         23:71:87:22:8b:c1:7d:d0:cb:50:0c:f5:ae:ff:24:3f:a2:55:
         9a:ab:bb:28:df:e0:fb:6b:33:f9:27:d8:43:19:c3:6e:69:c2:
         c5:c5:41:07:58:6e:d3:93:ee:45:6b:e8:03:71:c8:f4:d2:9f:
         82:98:50:2a:51:61:2a:c9:7b:fa:5f:9b:45:aa:4a:d2:22:47:
         b2:e5:bb:24:d7:c1:29:00:45:c5:63:37:94:ee:bb:21:4f:57:
         81:0c:4d:eb:a6:97:6a:8c:eb:28:63:20:f1:6b:11:68:73:10:
         89:d5:37:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY/+btPif6B4q/KbbjeecBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWQ0NDNmODVkMGVlYzY2MzY0Y2Q3NTM2ZjE4ODg4YWMx
Zjk5ZTMwHhcNMjUwNDE2MTkwMDUyWhcNMjUwNDE3MTkwMDUyWjAzMTEwLwYDVQQD
Eyg5MDU0MDZiOTRiN2MzY2M5NzFmZjkyNzMyYTkwNTY4ZDNlMmUzMzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuow9lgefVvbdFmigkqYjippSquDw
/W5/Sn795fIwMzcUe5kndKR3ryaa4DtWBq60nmjC2bMMJBaEe4zzvkhVNFTDPxw2
qoR8D8B787XcgGmsJr0Ybo+KP5LYhXQiUWTM+p80YtJ4kyXnu13FxlwZ8yWWlSh1
6my0FXEr+KMsetgFt+R8WedlcX9dlnVfUJey+WP9P8X/0PC7hcHM2kPbW71863q+
FKLDQvLXza5r69Ioqs2l1RKWdnhkBJH0u87lZMbzR2lzbzXZXgendF5wnxKCH1I4
i2WVRp0P3RYZGEFqdM2Ku5uh1/9ACPooJlbSufEjuTYwymJQyR0FdNcb2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJBUBrlLfDzJcf+ScyqQVo0+LjMBMB8GA1UdIwQY
MBaAFMjtRD+F0O7GY2TNdTbxiIisH5njMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU8xRVA0WFE3c1pqWk0xMU52R0lpS3dmbWVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9hYzQ5ZWItYzQ3YS00YzVkLTgxYmYt
NmQwNDMxMGUzNDJiLzEveU8xRVA0WFE3c1pqWk0xMU52R0lpS3dmbWVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9hYzQ5ZWItYzQ3YS00YzVkLTgxYmYtNmQwNDMxMGUzNDJi
LzEveU8xRVA0WFE3c1pqWk0xMU52R0lpS3dmbWVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIJSBwv+r
W3daMHMlQrH8L9BueJr6/6Ex7p3C/S83VYMAUhMs5piXD5xLhIjysVze4sdkoLiM
tkfIxpcRw33ObwX3qmx9Dbjho05SWW6PAi+WOLcP6Y+H1gZO4FFCPWhs0xdPGCKe
6sH/eWhA+UXWcmTl8Pu2Fjja8EF5hmbCACwLOKfk+Oht1P51BAqhMoWZI3GHIovB
fdDLUAz1rv8kP6JVmqu7KN/g+2sz+SfYQxnDbmnCxcVBB1hu05PuRWvoA3HI9NKf
gphQKlFhKsl7+l+bRapK0iJHsuW7JNfBKQBFxWM3lO67IU9XgQxN66aXaozrKGMg
8WsRaHMQidU35g==
-----END CERTIFICATE-----