Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
File:                     YNJSouMVOM2lhXutCYPIvfVYsXs.mft (raw, json)
Hash identifier:          IiXe+FCeOsME6hYC+ZPah7rWSetvDicqNGdVDxyMZOA=
Subject key identifier:   88:98:75:9A:7C:E9:4D:32:25:05:0D:7B:12:B1:11:AA:9A:8A:5C:6F
Authority key identifier: 60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B
Certificate issuer:       /CN=60d252a2e31538cda5857bad0983c8bdf558b17b
Certificate serial:       0196515B0FDA6EB3A41AE8665CD50398C7E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
Manifest number:          083D
Signing time:             Sun 20 Apr 2025 04:00:44 +0000
Manifest this update:     Sun 20 Apr 2025 04:00:44 +0000
Manifest next update:     Mon 21 Apr 2025 04:00:44 +0000
Files and hashes:         1: YNJSouMVOM2lhXutCYPIvfVYsXs.crl (hash: PDqwbzxHk4UBA36cowL2s4wQ/vRsgnCFxONkk/b4+LI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 04:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:5b:0f:da:6e:b3:a4:1a:e8:66:5c:d5:03:98:c7:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60d252a2e31538cda5857bad0983c8bdf558b17b
        Validity
            Not Before: Apr 20 04:00:44 2025 GMT
            Not After : Apr 21 04:00:44 2025 GMT
        Subject: CN=8898759a7ce94d3225050d7b12b111aa9a8a5c6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:2a:0d:39:9d:f0:ad:83:58:38:6e:da:91:20:
                    ee:99:de:c7:5d:21:fc:5a:95:40:6d:cc:14:a5:f1:
                    1f:2f:3a:1b:b3:9d:49:0b:8a:c8:40:64:2f:35:e7:
                    e0:42:47:11:35:c4:16:d6:02:2d:a1:f7:92:7e:cb:
                    01:ba:ef:e0:c1:5a:ee:f5:6f:9c:65:6e:a8:d7:c9:
                    73:cc:8b:38:1e:17:86:44:c3:30:4b:77:93:80:3f:
                    07:f8:02:4e:61:1a:c8:ac:c2:1a:ad:8b:8d:b5:08:
                    78:1d:1c:f1:47:d0:a7:e7:56:92:6f:11:3c:cb:0c:
                    99:74:fd:1e:46:b3:61:7c:ce:82:fc:92:c8:ca:fd:
                    a3:9f:6b:9f:22:f1:3c:ed:0a:85:16:a6:14:25:c8:
                    39:bb:a4:bc:21:4a:72:fc:28:85:ed:bb:a5:5d:b1:
                    b9:1e:d1:b1:39:e3:ed:9c:4c:fa:60:c3:5e:4e:05:
                    a1:56:f7:97:ba:52:00:41:9b:17:a1:b2:15:23:e0:
                    42:da:a1:d3:6b:5e:42:a0:81:47:c3:c3:fc:74:af:
                    cc:81:05:e4:42:6a:97:cf:cf:04:3f:ce:5e:69:e3:
                    99:d8:7e:e4:be:50:af:4e:20:7a:08:4e:1c:6f:2d:
                    ef:77:0b:fd:a6:dd:f3:43:e2:61:f6:a5:ba:ce:84:
                    30:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:98:75:9A:7C:E9:4D:32:25:05:0D:7B:12:B1:11:AA:9A:8A:5C:6F
            X509v3 Authority Key Identifier:
                keyid:60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:97:6d:54:65:8c:c3:03:07:cf:9b:88:6a:a9:fd:7d:da:ad:
         f1:fa:a1:0e:53:8a:95:82:53:15:4f:60:02:93:8a:92:49:38:
         d7:75:e5:20:87:ab:1d:2f:eb:73:db:1e:38:4f:0f:01:fb:6b:
         da:73:53:8f:0c:6b:1b:03:6e:21:2f:ab:16:fd:4e:ca:15:a5:
         22:17:85:1f:c3:a8:15:59:40:cc:d1:03:4e:17:09:53:90:e5:
         c4:6f:26:13:72:1f:10:30:69:12:e3:69:8d:14:25:bf:50:c1:
         86:67:e6:33:b1:16:90:ef:00:6d:db:8f:d0:3f:b7:08:48:ec:
         0c:f6:11:c7:4e:0c:a4:53:ab:a2:21:15:6d:a5:ec:5f:94:5f:
         87:96:0b:95:f2:ba:92:73:a1:d1:60:c7:56:f6:64:b4:26:cb:
         f8:bb:16:93:2b:59:85:cc:b0:6f:f3:fa:ff:3b:14:72:71:94:
         a8:17:f8:e8:cd:87:b0:f8:44:79:64:d4:26:39:ba:91:b8:2e:
         b5:63:93:7e:3b:a0:8b:26:fe:c9:84:51:86:cb:44:f5:a9:c9:
         40:6c:f2:78:eb:62:6f:f5:be:31:22:40:c3:c7:18:26:8b:d9:
         ff:f0:55:31:2d:b2:0b:7f:27:98:70:b7:a1:9b:0a:6c:64:b1:
         a5:f4:58:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRWw/abrOkGuhmXNUDmMflMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZDI1MmEyZTMxNTM4Y2RhNTg1N2JhZDA5ODNjOGJkZjU1
OGIxN2IwHhcNMjUwNDIwMDQwMDQ0WhcNMjUwNDIxMDQwMDQ0WjAzMTEwLwYDVQQD
Eyg4ODk4NzU5YTdjZTk0ZDMyMjUwNTBkN2IxMmIxMTFhYTlhOGE1YzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApioNOZ3wrYNYOG7akSDumd7HXSH8
WpVAbcwUpfEfLzobs51JC4rIQGQvNefgQkcRNcQW1gItofeSfssBuu/gwVru9W+c
ZW6o18lzzIs4HheGRMMwS3eTgD8H+AJOYRrIrMIarYuNtQh4HRzxR9Cn51aSbxE8
ywyZdP0eRrNhfM6C/JLIyv2jn2ufIvE87QqFFqYUJcg5u6S8IUpy/CiF7bulXbG5
HtGxOePtnEz6YMNeTgWhVveXulIAQZsXobIVI+BC2qHTa15CoIFHw8P8dK/MgQXk
QmqXz88EP85eaeOZ2H7kvlCvTiB6CE4cby3vdwv9pt3zQ+Jh9qW6zoQwDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIiYdZp86U0yJQUNexKxEaqailxvMB8GA1UdIwQY
MBaAFGDSUqLjFTjNpYV7rQmDyL31WLF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYt
NTY2ZjZjZjQzMWMwLzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYtNTY2ZjZjZjQzMWMw
LzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXpdtVGWM
wwMHz5uIaqn9fdqt8fqhDlOKlYJTFU9gApOKkkk413XlIIerHS/rc9seOE8PAftr
2nNTjwxrGwNuIS+rFv1OyhWlIheFH8OoFVlAzNEDThcJU5DlxG8mE3IfEDBpEuNp
jRQlv1DBhmfmM7EWkO8AbduP0D+3CEjsDPYRx04MpFOroiEVbaXsX5Rfh5YLlfK6
knOh0WDHVvZktCbL+LsWkytZhcywb/P6/zsUcnGUqBf46M2HsPhEeWTUJjm6kbgu
tWOTfjugiyb+yYRRhstE9anJQGzyeOtib/W+MSJAw8cYJovZ//BVMS2yC38nmHC3
oZsKbGSxpfRYOQ==
-----END CERTIFICATE-----