Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
File:                     YDe79svKAic6peIbuIjj4exnZ98.mft (raw, json)
Hash identifier:          F67s3/f7TbjzeHkCmPBKT3c8o/3t97PmUsD1d6V5yfI=
Subject key identifier:   B8:04:38:93:3C:A9:69:27:5C:26:BB:3C:AC:FF:EB:75:B4:FB:53:F9
Authority key identifier: 60:37:BB:F6:CB:CA:02:27:3A:A5:E2:1B:B8:88:E3:E1:EC:67:67:DF
Certificate issuer:       /CN=6037bbf6cbca02273aa5e21bb888e3e1ec6767df
Certificate serial:       01962CAA6D34EC00BDF473CDAE1B14B02906
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
Manifest number:          0A0A
Signing time:             Sun 13 Apr 2025 01:01:28 +0000
Manifest this update:     Sun 13 Apr 2025 01:01:28 +0000
Manifest next update:     Mon 14 Apr 2025 01:01:28 +0000
Files and hashes:         1: YDe79svKAic6peIbuIjj4exnZ98.crl (hash: bEt97Fq950G6qutdzSkk8Azna/MfrvuafGnkJEgjIsY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 13 Apr 2025 23:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:2c:aa:6d:34:ec:00:bd:f4:73:cd:ae:1b:14:b0:29:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6037bbf6cbca02273aa5e21bb888e3e1ec6767df
        Validity
            Not Before: Apr 13 01:01:28 2025 GMT
            Not After : Apr 14 01:01:28 2025 GMT
        Subject: CN=b80438933ca969275c26bb3cacffeb75b4fb53f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:88:3d:11:a5:13:4a:eb:24:2d:15:2e:f8:f5:
                    e8:02:46:e4:c9:fe:b4:6b:bc:bf:8a:5f:00:e7:cd:
                    52:b0:aa:e9:c1:d6:7d:44:c7:08:36:bc:e9:1c:4b:
                    c7:45:5e:f6:00:63:6c:b1:c6:10:4e:47:7c:06:eb:
                    1b:c1:00:27:71:37:aa:e8:34:c7:8c:29:5c:c1:7a:
                    7b:a9:5a:26:37:14:74:04:8e:8c:f0:71:91:1b:e4:
                    f7:57:b3:60:ac:36:80:49:2d:f3:5b:3d:5b:1c:5c:
                    5c:d7:68:0f:22:d1:4e:ba:32:17:5c:6b:bc:18:d2:
                    02:13:40:d3:06:52:33:b7:13:18:22:fc:98:cf:15:
                    ad:d0:eb:fc:73:d4:66:83:40:6f:6d:c7:7b:8b:c8:
                    fd:c3:97:1c:35:df:63:45:f6:df:0f:43:76:66:44:
                    12:5e:41:f4:a8:0b:59:9b:4b:4e:be:3c:47:ea:22:
                    4f:66:23:dc:5c:77:37:e9:c8:7c:1f:32:da:c2:e1:
                    b7:86:bc:50:65:d7:01:c6:ce:91:6e:a1:c4:39:43:
                    51:67:fa:a7:6e:22:0b:73:f0:8c:ce:c4:2b:1b:e5:
                    7c:52:de:74:3a:5f:ba:a4:0a:3a:8b:85:1b:27:42:
                    30:ab:83:6f:06:b2:3f:76:80:23:ca:29:d2:6e:cf:
                    43:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:04:38:93:3C:A9:69:27:5C:26:BB:3C:AC:FF:EB:75:B4:FB:53:F9
            X509v3 Authority Key Identifier:
                keyid:60:37:BB:F6:CB:CA:02:27:3A:A5:E2:1B:B8:88:E3:E1:EC:67:67:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:23:d5:d3:4b:fc:d3:ec:a2:4f:4d:13:6b:12:83:f9:e0:2d:
         c9:21:f7:3b:f4:b4:2a:3f:b8:e6:8b:dc:4d:cd:71:29:fc:e5:
         4c:50:6d:0a:67:86:17:b0:0a:b7:23:d9:2d:b9:e7:e1:19:41:
         ce:aa:eb:fa:04:da:4d:95:5f:ef:07:b7:14:0c:6a:8b:5a:88:
         4f:9e:3c:2e:4d:ba:ea:8d:1c:a8:1e:7c:35:55:a5:6d:ac:67:
         21:69:59:bd:73:5b:56:d7:99:46:b0:2f:5d:4c:dd:68:ef:d5:
         09:40:72:b4:40:33:db:7b:76:f3:7d:d0:4c:e1:19:ac:0b:a2:
         38:9c:00:70:60:bc:d7:32:20:ee:b5:0c:25:4a:7d:de:69:68:
         fe:17:20:32:2b:04:ef:5e:15:4b:c4:3c:ef:e9:e1:09:fa:d2:
         50:e2:c7:4d:f8:9c:b1:91:1d:dd:d1:ed:bb:dd:f6:f2:3a:19:
         57:f1:c7:15:19:0d:45:e1:aa:1c:99:96:e4:21:a2:71:36:43:
         ca:ff:ea:f5:3c:a1:7f:34:bb:5f:56:ff:8b:5a:7f:c1:4e:5a:
         14:b6:22:ae:85:99:dc:02:d2:a0:23:ac:16:82:3b:83:76:b3:
         d0:79:eb:67:da:6d:a9:65:a0:71:9f:5a:06:25:c4:c6:52:d2:
         ac:ca:0a:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYsqm007AC99HPNrhsUsCkGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzdiYmY2Y2JjYTAyMjczYWE1ZTIxYmI4ODhlM2UxZWM2
NzY3ZGYwHhcNMjUwNDEzMDEwMTI4WhcNMjUwNDE0MDEwMTI4WjAzMTEwLwYDVQQD
EyhiODA0Mzg5MzNjYTk2OTI3NWMyNmJiM2NhY2ZmZWI3NWI0ZmI1M2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4g9EaUTSuskLRUu+PXoAkbkyf60
a7y/il8A581SsKrpwdZ9RMcINrzpHEvHRV72AGNsscYQTkd8BusbwQAncTeq6DTH
jClcwXp7qVomNxR0BI6M8HGRG+T3V7NgrDaASS3zWz1bHFxc12gPItFOujIXXGu8
GNICE0DTBlIztxMYIvyYzxWt0Ov8c9Rmg0Bvbcd7i8j9w5ccNd9jRfbfD0N2ZkQS
XkH0qAtZm0tOvjxH6iJPZiPcXHc36ch8HzLawuG3hrxQZdcBxs6RbqHEOUNRZ/qn
biILc/CMzsQrG+V8Ut50Ol+6pAo6i4UbJ0Iwq4NvBrI/doAjyinSbs9DNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgEOJM8qWknXCa7PKz/63W0+1P5MB8GA1UdIwQY
MBaAFGA3u/bLygInOqXiG7iI4+HsZ2ffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC82NGUyMGMtOGY2MS00MzUxLTgwNzct
ZmMzYjNlMTExNjFkLzEvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC82NGUyMGMtOGY2MS00MzUxLTgwNzctZmMzYjNlMTExNjFk
LzEvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuCPV00v8
0+yiT00TaxKD+eAtySH3O/S0Kj+45ovcTc1xKfzlTFBtCmeGF7AKtyPZLbnn4RlB
zqrr+gTaTZVf7we3FAxqi1qIT548Lk266o0cqB58NVWlbaxnIWlZvXNbVteZRrAv
XUzdaO/VCUBytEAz23t2833QTOEZrAuiOJwAcGC81zIg7rUMJUp93mlo/hcgMisE
714VS8Q87+nhCfrSUOLHTficsZEd3dHtu9328joZV/HHFRkNReGqHJmW5CGicTZD
yv/q9TyhfzS7X1b/i1p/wU5aFLYiroWZ3ALSoCOsFoI7g3az0HnrZ9ptqWWgcZ9a
BiXExlLSrMoKCQ==
-----END CERTIFICATE-----