Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/cfb953-bfef-44fe-825a-af73dc0f6f2a/1/jYJ52u2rv5GDr7aOQ_seW7bUM6M.mft
File:                     jYJ52u2rv5GDr7aOQ_seW7bUM6M.mft (raw, json)
Hash identifier:          Y10dNz7U9u+sQcI7rsFuskgA1jnmQ/6mM1ARWki7s/U=
Subject key identifier:   CA:9B:E1:1B:A5:E3:68:03:63:3D:BD:35:9C:7E:99:74:1D:4F:C0:86
Authority key identifier: 8D:82:79:DA:ED:AB:BF:91:83:AF:B6:8E:43:FB:1E:5B:B6:D4:33:A3
Certificate issuer:       /CN=8d8279daedabbf9183afb68e43fb1e5bb6d433a3
Certificate serial:       0196451F73473E41BA4C3C0D9CCEC5CD3D9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jYJ52u2rv5GDr7aOQ_seW7bUM6M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/cfb953-bfef-44fe-825a-af73dc0f6f2a/1/jYJ52u2rv5GDr7aOQ_seW7bUM6M.mft
Manifest number:          041D
Signing time:             Thu 17 Apr 2025 19:00:11 +0000
Manifest this update:     Thu 17 Apr 2025 19:00:11 +0000
Manifest next update:     Fri 18 Apr 2025 19:00:11 +0000
Files and hashes:         1: jYJ52u2rv5GDr7aOQ_seW7bUM6M.crl (hash: nepgsA0TH+JZg8JWtzwSH+R6z7afPQFUXNub/x7/66U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/cfb953-bfef-44fe-825a-af73dc0f6f2a/1/jYJ52u2rv5GDr7aOQ_seW7bUM6M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/cfb953-bfef-44fe-825a-af73dc0f6f2a/1/jYJ52u2rv5GDr7aOQ_seW7bUM6M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jYJ52u2rv5GDr7aOQ_seW7bUM6M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:45:1f:73:47:3e:41:ba:4c:3c:0d:9c:ce:c5:cd:3d:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d8279daedabbf9183afb68e43fb1e5bb6d433a3
        Validity
            Not Before: Apr 17 19:00:11 2025 GMT
            Not After : Apr 18 19:00:11 2025 GMT
        Subject: CN=ca9be11ba5e36803633dbd359c7e99741d4fc086
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:b3:ac:7f:d0:cb:75:46:2e:a2:75:c8:e0:4f:
                    61:e4:6f:0a:fc:7e:98:ef:5d:f3:c6:5b:19:a8:7e:
                    10:db:d4:94:99:2b:37:4b:72:17:85:5e:17:69:7c:
                    18:af:ca:1f:b2:00:c7:bf:77:c9:2d:e7:cb:a8:48:
                    57:7b:4f:71:a6:20:9a:b4:4e:8d:60:46:35:3b:dc:
                    03:81:2a:c1:f0:4a:b1:f7:25:02:aa:c8:62:92:c0:
                    90:63:17:6a:c5:23:6e:e5:17:47:30:2a:c0:52:18:
                    79:49:eb:09:61:2d:a0:74:51:50:92:f1:34:57:a6:
                    b1:fa:cb:d5:af:67:01:23:56:1f:82:dd:51:3b:56:
                    5f:92:3d:1c:d4:4d:df:a9:0e:ee:52:76:27:aa:8d:
                    97:e7:9c:d8:f7:66:c0:2d:5f:1f:69:62:a2:93:2b:
                    a5:72:21:a4:68:33:d5:c5:da:5d:7c:3a:d8:d7:dc:
                    df:89:68:30:6d:84:17:d6:58:38:df:04:ff:a5:16:
                    63:62:88:cf:4a:37:63:fb:15:f6:27:09:c1:c6:a0:
                    d1:8c:12:ea:74:5b:99:34:03:d3:18:c4:e6:7c:2a:
                    3c:58:ad:d7:e8:6c:ba:5f:26:36:46:e1:a5:eb:ec:
                    ef:8d:62:98:e8:03:bd:8d:cd:2f:03:b3:27:84:21:
                    b7:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:9B:E1:1B:A5:E3:68:03:63:3D:BD:35:9C:7E:99:74:1D:4F:C0:86
            X509v3 Authority Key Identifier:
                keyid:8D:82:79:DA:ED:AB:BF:91:83:AF:B6:8E:43:FB:1E:5B:B6:D4:33:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYJ52u2rv5GDr7aOQ_seW7bUM6M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/cfb953-bfef-44fe-825a-af73dc0f6f2a/1/jYJ52u2rv5GDr7aOQ_seW7bUM6M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/cfb953-bfef-44fe-825a-af73dc0f6f2a/1/jYJ52u2rv5GDr7aOQ_seW7bUM6M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:47:1c:ca:28:60:82:cf:7b:ca:cc:c7:eb:6b:a1:f0:b9:66:
         29:e3:61:84:20:3f:dd:4e:4a:05:4e:e4:06:26:51:d2:83:d1:
         f7:ae:9d:d7:a7:c5:c4:66:5d:52:b9:7b:7b:a5:43:49:d6:9f:
         ff:bf:1b:96:68:8b:8f:99:e7:be:6a:79:ac:88:82:ee:c7:e6:
         25:2e:51:7f:cb:91:38:95:be:f9:b4:8f:b4:08:7b:ed:3c:a6:
         1f:db:11:f0:07:5e:fa:2a:ac:4d:fe:f1:63:9b:b7:ab:fb:1e:
         d8:18:3c:5f:92:e1:88:a8:7e:d2:56:f4:68:d8:ac:14:59:22:
         97:02:66:6a:c1:f7:32:4e:b9:89:9b:80:b7:9f:ae:4a:2a:7a:
         15:5c:69:31:e8:a2:57:d7:e6:d5:c5:da:4d:7e:b9:f2:b0:34:
         f0:ee:c0:e1:d2:4b:69:05:b5:f4:2b:0f:84:c3:47:93:0d:c4:
         66:3a:b7:86:c8:8d:15:7e:df:e5:31:30:f6:43:74:d3:ee:6b:
         29:0a:f1:15:f9:36:15:4f:c3:48:f8:34:1f:02:fa:05:9a:bc:
         df:4d:e6:ac:a0:a8:42:23:a6:4f:29:c6:47:64:10:b3:f1:9e:
         62:4b:d7:81:b6:7f:1a:ef:ca:57:e2:a4:1b:f1:d5:bc:87:5c:
         58:b5:b7:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZFH3NHPkG6TDwNnM7FzT2dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODI3OWRhZWRhYmJmOTE4M2FmYjY4ZTQzZmIxZTViYjZk
NDMzYTMwHhcNMjUwNDE3MTkwMDExWhcNMjUwNDE4MTkwMDExWjAzMTEwLwYDVQQD
EyhjYTliZTExYmE1ZTM2ODAzNjMzZGJkMzU5YzdlOTk3NDFkNGZjMDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37Osf9DLdUYuonXI4E9h5G8K/H6Y
713zxlsZqH4Q29SUmSs3S3IXhV4XaXwYr8ofsgDHv3fJLefLqEhXe09xpiCatE6N
YEY1O9wDgSrB8Eqx9yUCqshiksCQYxdqxSNu5RdHMCrAUhh5SesJYS2gdFFQkvE0
V6ax+svVr2cBI1Yfgt1RO1Zfkj0c1E3fqQ7uUnYnqo2X55zY92bALV8faWKikyul
ciGkaDPVxdpdfDrY19zfiWgwbYQX1lg43wT/pRZjYojPSjdj+xX2JwnBxqDRjBLq
dFuZNAPTGMTmfCo8WK3X6Gy6XyY2RuGl6+zvjWKY6AO9jc0vA7MnhCG3hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMqb4Rul42gDYz29NZx+mXQdT8CGMB8GA1UdIwQY
MBaAFI2Cedrtq7+Rg6+2jkP7Hlu21DOjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallKNTJ1MnJ2NUdEcjdhT1Ffc2VXN2JVTTZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9jZmI5NTMtYmZlZi00NGZlLTgyNWEt
YWY3M2RjMGY2ZjJhLzEvallKNTJ1MnJ2NUdEcjdhT1Ffc2VXN2JVTTZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9jZmI5NTMtYmZlZi00NGZlLTgyNWEtYWY3M2RjMGY2ZjJh
LzEvallKNTJ1MnJ2NUdEcjdhT1Ffc2VXN2JVTTZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ0ccyihg
gs97yszH62uh8LlmKeNhhCA/3U5KBU7kBiZR0oPR966d16fFxGZdUrl7e6VDSdaf
/78blmiLj5nnvmp5rIiC7sfmJS5Rf8uROJW++bSPtAh77TymH9sR8Ade+iqsTf7x
Y5u3q/se2Bg8X5LhiKh+0lb0aNisFFkilwJmasH3Mk65iZuAt5+uSip6FVxpMeii
V9fm1cXaTX658rA08O7A4dJLaQW19CsPhMNHkw3EZjq3hsiNFX7f5TEw9kN00+5r
KQrxFfk2FU/DSPg0HwL6BZq8303mrKCoQiOmTynGR2QQs/GeYkvXgbZ/Gu/KV+Kk
G/HVvIdcWLW3ow==
-----END CERTIFICATE-----