Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/14c8c5-9af5-41b0-9917-a0da45299c6e/1/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.mft
File:                     YAsRPgYtF-ojCAazSiHetWJ7Z3Q.mft (raw, json)
Hash identifier:          DDuDWehKIcBkzluZNGBfjtfrxhV9MyMHBDiVGvgdA+0=
Subject key identifier:   66:4A:4A:89:89:5C:F8:F8:A8:0B:AF:45:B7:51:C2:BD:63:CE:7A:36
Authority key identifier: 60:0B:11:3E:06:2D:17:EA:23:08:06:B3:4A:21:DE:B5:62:7B:67:74
Certificate issuer:       /CN=600b113e062d17ea230806b34a21deb5627b6774
Certificate serial:       019510C7963E9C9662F73640C8E0B12B73C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/14c8c5-9af5-41b0-9917-a0da45299c6e/1/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.mft
Manifest number:          10D3
Signing time:             Sun 16 Feb 2025 22:01:10 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:10 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:10 +0000
Files and hashes:         1: YAsRPgYtF-ojCAazSiHetWJ7Z3Q.crl (hash: eO1ngU/+wb4Utlbduj8nVL3ysBGJz+3lTO8NRPgzpyU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/14c8c5-9af5-41b0-9917-a0da45299c6e/1/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/14c8c5-9af5-41b0-9917-a0da45299c6e/1/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:96:3e:9c:96:62:f7:36:40:c8:e0:b1:2b:73:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=600b113e062d17ea230806b34a21deb5627b6774
        Validity
            Not Before: Feb 16 22:01:10 2025 GMT
            Not After : Feb 17 22:01:10 2025 GMT
        Subject: CN=664a4a89895cf8f8a80baf45b751c2bd63ce7a36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:da:92:a7:45:90:e9:0a:c9:57:5b:aa:8e:4c:
                    c7:bb:4c:52:b3:c1:7b:cb:dc:9c:52:b1:39:aa:6d:
                    7e:e7:b5:76:07:ea:95:75:ec:3e:d3:59:11:3b:6c:
                    df:34:97:8a:47:b6:d3:ae:72:a0:04:c5:24:54:28:
                    fd:c9:e8:49:f6:68:8e:4b:8c:19:6d:c7:00:20:e8:
                    16:b4:f4:7f:e6:db:91:c4:78:7e:58:56:1d:52:10:
                    11:ee:52:9f:bb:54:28:0e:22:66:64:0c:07:5d:27:
                    d0:52:27:d8:f0:81:99:a6:74:df:17:93:fe:1d:53:
                    67:7b:7e:60:5d:08:02:0e:ed:65:c6:8a:fc:d9:dc:
                    3e:7b:3c:9e:9c:41:e8:8c:e5:2b:29:68:32:ab:dc:
                    b3:ff:ab:ef:88:91:46:23:78:a7:f2:64:ad:60:5f:
                    85:e8:bf:08:db:cd:12:37:1c:72:15:ea:6c:cb:9b:
                    48:75:82:40:93:4c:fd:c2:22:fc:f2:f7:e4:98:61:
                    00:6c:cb:e9:dc:59:46:03:63:3d:db:cf:aa:5c:8b:
                    e1:82:7f:f0:df:31:24:45:1f:68:dd:4e:75:83:41:
                    3b:c6:0d:1b:15:96:47:d0:6e:e0:34:db:be:f9:1f:
                    55:03:d4:37:ff:d7:b5:c2:28:d5:99:c8:97:5a:ab:
                    a6:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:4A:4A:89:89:5C:F8:F8:A8:0B:AF:45:B7:51:C2:BD:63:CE:7A:36
            X509v3 Authority Key Identifier:
                keyid:60:0B:11:3E:06:2D:17:EA:23:08:06:B3:4A:21:DE:B5:62:7B:67:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/14c8c5-9af5-41b0-9917-a0da45299c6e/1/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/14c8c5-9af5-41b0-9917-a0da45299c6e/1/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:c9:89:d9:04:9e:f4:cd:42:fb:d7:26:ad:b0:3f:87:4f:61:
         b9:d7:7a:b7:82:e0:12:01:48:b1:2c:bc:13:ab:ac:a6:84:96:
         00:6c:13:f4:19:8e:ad:5d:57:45:1c:d9:09:86:6f:2c:9d:46:
         f0:7c:6a:24:26:3c:ec:e3:9b:89:80:a5:a8:42:23:b1:82:1a:
         23:10:9f:d8:04:70:63:16:77:16:b9:84:83:4a:63:84:51:b6:
         95:dc:f3:08:92:b5:79:22:87:87:82:21:c0:eb:81:ab:4b:de:
         8c:03:a3:aa:19:a5:ef:ba:95:b4:1b:52:1d:9a:c8:75:f4:b6:
         6c:a7:65:44:f1:4c:3d:c7:2f:36:71:44:3e:91:13:ba:78:57:
         5b:3c:ea:58:f2:1d:f5:12:84:18:b0:88:10:e8:74:5b:a9:5d:
         b1:d9:c3:30:d1:80:23:65:07:26:f2:29:75:d0:c3:a2:2c:b1:
         5c:75:64:69:ea:76:33:a0:42:97:bd:cd:1f:a0:a6:6d:b0:d7:
         eb:6d:20:5c:1a:a0:77:89:12:79:10:2a:18:4b:3f:6c:f3:c9:
         4d:e4:2d:81:a6:55:2e:50:3a:51:61:62:72:4f:d5:f8:7a:ed:
         ad:aa:7c:a1:fb:cd:1d:b5:ad:a1:47:10:7c:b9:d0:19:9d:96:
         7f:4c:99:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx5Y+nJZi9zZAyOCxK3PAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMGIxMTNlMDYyZDE3ZWEyMzA4MDZiMzRhMjFkZWI1NjI3
YjY3NzQwHhcNMjUwMjE2MjIwMTEwWhcNMjUwMjE3MjIwMTEwWjAzMTEwLwYDVQQD
Eyg2NjRhNGE4OTg5NWNmOGY4YTgwYmFmNDViNzUxYzJiZDYzY2U3YTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9qSp0WQ6QrJV1uqjkzHu0xSs8F7
y9ycUrE5qm1+57V2B+qVdew+01kRO2zfNJeKR7bTrnKgBMUkVCj9yehJ9miOS4wZ
bccAIOgWtPR/5tuRxHh+WFYdUhAR7lKfu1QoDiJmZAwHXSfQUifY8IGZpnTfF5P+
HVNne35gXQgCDu1lxor82dw+ezyenEHojOUrKWgyq9yz/6vviJFGI3in8mStYF+F
6L8I280SNxxyFepsy5tIdYJAk0z9wiL88vfkmGEAbMvp3FlGA2M928+qXIvhgn/w
3zEkRR9o3U51g0E7xg0bFZZH0G7gNNu++R9VA9Q3/9e1wijVmciXWqumUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGZKSomJXPj4qAuvRbdRwr1jzno2MB8GA1UdIwQY
MBaAFGALET4GLRfqIwgGs0oh3rVie2d0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUFzUlBnWXRGLW9qQ0FhelNpSGV0V0o3WjNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xNGM4YzUtOWFmNS00MWIwLTk5MTct
YTBkYTQ1Mjk5YzZlLzEvWUFzUlBnWXRGLW9qQ0FhelNpSGV0V0o3WjNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xNGM4YzUtOWFmNS00MWIwLTk5MTctYTBkYTQ1Mjk5YzZl
LzEvWUFzUlBnWXRGLW9qQ0FhelNpSGV0V0o3WjNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd8mJ2QSe
9M1C+9cmrbA/h09hudd6t4LgEgFIsSy8E6uspoSWAGwT9BmOrV1XRRzZCYZvLJ1G
8HxqJCY87OObiYClqEIjsYIaIxCf2ARwYxZ3FrmEg0pjhFG2ldzzCJK1eSKHh4Ih
wOuBq0vejAOjqhml77qVtBtSHZrIdfS2bKdlRPFMPccvNnFEPpETunhXWzzqWPId
9RKEGLCIEOh0W6ldsdnDMNGAI2UHJvIpddDDoiyxXHVkaep2M6BCl73NH6CmbbDX
620gXBqgd4kSeRAqGEs/bPPJTeQtgaZVLlA6UWFick/V+Hrtrap8ofvNHbWtoUcQ
fLnQGZ2Wf0yZJQ==
-----END CERTIFICATE-----