Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
File:                     YNJSouMVOM2lhXutCYPIvfVYsXs.mft (raw, json)
Hash identifier:          kOpGd/RaxuqVGhupvGs1oThsLOtupb5YPauH2fUK3gQ=
Subject key identifier:   E9:4B:AA:80:30:07:20:09:D5:A1:42:FD:B6:E2:D7:A4:EC:11:1E:40
Authority key identifier: 60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B
Certificate issuer:       /CN=60d252a2e31538cda5857bad0983c8bdf558b17b
Certificate serial:       018F8748BE1E43E38A6BDDAD6BE2A6DFC5BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
Manifest number:          04B9
Signing time:             Fri 17 May 2024 16:00:42 +0000
Manifest this update:     Fri 17 May 2024 16:00:42 +0000
Manifest next update:     Sat 18 May 2024 16:00:42 +0000
Files and hashes:         1: YNJSouMVOM2lhXutCYPIvfVYsXs.crl (hash: NITKt7XS+sX269wABfirQ6hAxp3OBXttsoEqF2PEtbA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:48:be:1e:43:e3:8a:6b:dd:ad:6b:e2:a6:df:c5:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60d252a2e31538cda5857bad0983c8bdf558b17b
        Validity
            Not Before: May 17 16:00:42 2024 GMT
            Not After : May 18 16:00:42 2024 GMT
        Subject: CN=e94baa8030072009d5a142fdb6e2d7a4ec111e40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:1f:ed:6a:1c:da:04:7b:5f:85:d9:79:3b:4d:
                    7b:6d:dd:8f:3b:ca:86:4c:63:51:9c:ef:a9:6f:6c:
                    f0:52:fd:48:0e:b7:58:0d:0f:9e:f7:fd:b3:33:1c:
                    86:88:4d:e7:b7:3e:cf:df:24:c3:6c:a8:d9:dd:a4:
                    36:15:81:0e:36:08:49:c9:5f:54:62:39:78:9d:82:
                    67:d4:12:47:3a:a9:29:d5:f1:e3:5d:17:c5:89:5e:
                    91:71:d7:ac:fe:11:ce:ab:8b:29:c6:8d:04:61:96:
                    15:44:23:39:32:12:f7:7a:4b:eb:75:4b:73:a3:d5:
                    52:df:c7:90:8c:95:ff:78:60:18:e9:fa:87:4f:49:
                    14:38:06:20:23:54:64:64:16:08:e0:1f:b9:94:c3:
                    30:0e:01:e1:dd:fe:c8:20:8c:db:6e:8a:27:5b:37:
                    ce:47:56:ef:41:cb:1e:23:93:3f:fd:34:6d:77:4e:
                    14:7e:eb:af:f9:67:0f:0e:b4:c3:56:2f:8a:e2:7b:
                    db:76:2a:4b:2f:2f:4a:2f:ea:52:8d:b1:4b:3e:db:
                    ea:e9:58:05:44:ea:d7:2b:4c:a3:6a:d7:33:f3:66:
                    f1:71:49:b9:94:3e:2c:77:1c:7a:51:96:9e:d8:a3:
                    45:81:b1:2b:0c:5c:95:f6:72:78:04:9e:97:41:f2:
                    a7:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:4B:AA:80:30:07:20:09:D5:A1:42:FD:B6:E2:D7:A4:EC:11:1E:40
            X509v3 Authority Key Identifier:
                keyid:60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:e7:f7:89:c3:9f:28:e4:91:de:7f:0e:15:3d:56:13:74:d0:
         14:7a:1b:e3:6e:e0:49:d7:f7:7a:f4:3f:53:42:75:86:2d:a5:
         50:31:0d:4e:9d:42:ba:f2:42:8b:c8:ee:f9:1f:69:3e:5d:13:
         e6:b0:58:39:f7:54:67:7e:cf:69:7f:c1:2b:06:47:a6:35:b2:
         a8:58:a6:db:32:4e:f4:b9:53:b6:58:2e:05:d6:a7:09:1d:39:
         fc:09:7d:da:d2:a1:24:d8:d3:e2:33:db:22:23:64:59:f4:f9:
         35:fd:67:5a:1f:cb:2a:81:fc:62:25:4e:c9:fc:d5:a9:c4:f2:
         60:92:59:7a:c3:66:f9:04:b4:c3:45:91:fc:67:cc:79:d0:04:
         a2:fb:70:15:44:5d:54:8b:ba:3c:30:1f:c3:29:52:ef:39:49:
         a4:b6:00:93:7d:bd:71:d2:d8:46:c9:35:cc:18:91:21:64:0c:
         8b:d6:c8:3b:49:a3:b9:a4:93:97:b6:ce:bc:84:47:43:0d:d3:
         da:0d:b4:a0:17:ee:a3:2f:2f:e9:34:07:f0:84:e0:6e:e1:02:
         6d:c6:87:7c:1d:d7:05:bd:62:8f:d4:a7:9e:7b:0b:dc:41:fc:
         5a:87:cc:c5:9b:2c:56:a1:21:3f:3a:5e:cc:df:0a:ed:ce:fc:
         99:cc:8b:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSL4eQ+OKa92ta+Km38W6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZDI1MmEyZTMxNTM4Y2RhNTg1N2JhZDA5ODNjOGJkZjU1
OGIxN2IwHhcNMjQwNTE3MTYwMDQyWhcNMjQwNTE4MTYwMDQyWjAzMTEwLwYDVQQD
EyhlOTRiYWE4MDMwMDcyMDA5ZDVhMTQyZmRiNmUyZDdhNGVjMTExZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoh/tahzaBHtfhdl5O017bd2PO8qG
TGNRnO+pb2zwUv1IDrdYDQ+e9/2zMxyGiE3ntz7P3yTDbKjZ3aQ2FYEONghJyV9U
Yjl4nYJn1BJHOqkp1fHjXRfFiV6Rcdes/hHOq4spxo0EYZYVRCM5MhL3ekvrdUtz
o9VS38eQjJX/eGAY6fqHT0kUOAYgI1RkZBYI4B+5lMMwDgHh3f7IIIzbboonWzfO
R1bvQcseI5M//TRtd04Ufuuv+WcPDrTDVi+K4nvbdipLLy9KL+pSjbFLPtvq6VgF
ROrXK0yjatcz82bxcUm5lD4sdxx6UZae2KNFgbErDFyV9nJ4BJ6XQfKnCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOlLqoAwByAJ1aFC/bbi16TsER5AMB8GA1UdIwQY
MBaAFGDSUqLjFTjNpYV7rQmDyL31WLF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYt
NTY2ZjZjZjQzMWMwLzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYtNTY2ZjZjZjQzMWMw
LzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQef3icOf
KOSR3n8OFT1WE3TQFHob427gSdf3evQ/U0J1hi2lUDENTp1CuvJCi8ju+R9pPl0T
5rBYOfdUZ37PaX/BKwZHpjWyqFim2zJO9LlTtlguBdanCR05/Al92tKhJNjT4jPb
IiNkWfT5Nf1nWh/LKoH8YiVOyfzVqcTyYJJZesNm+QS0w0WR/GfMedAEovtwFURd
VIu6PDAfwylS7zlJpLYAk329cdLYRsk1zBiRIWQMi9bIO0mjuaSTl7bOvIRHQw3T
2g20oBfuoy8v6TQH8ITgbuECbcaHfB3XBb1ij9SnnnsL3EH8WofMxZssVqEhPzpe
zN8K7c78mcyLuw==
-----END CERTIFICATE-----