Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
File:                     _ypds7oz42wW2_UmCy_idK5_siI.mft (raw, json)
Hash identifier:          t8AGP7emY3cnztgAF8IOPcg5MIHvIu5lvlgAMeWX8Ys=
Subject key identifier:   6B:D1:8C:EE:57:79:84:FB:32:1E:9C:7D:46:DF:EF:8E:BB:1B:70:7A
Authority key identifier: FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22
Certificate issuer:       /CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
Certificate serial:       01964CD91483894B74A54085900DEA4056AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
Manifest number:          0BD9
Signing time:             Sat 19 Apr 2025 07:00:16 +0000
Manifest this update:     Sat 19 Apr 2025 07:00:16 +0000
Manifest next update:     Sun 20 Apr 2025 07:00:16 +0000
Files and hashes:         1: _ypds7oz42wW2_UmCy_idK5_siI.crl (hash: /iSnJMGmAW3YLnr0DmOkpkVNMODtUZMdTBNY3Bb3q+M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4c:d9:14:83:89:4b:74:a5:40:85:90:0d:ea:40:56:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
        Validity
            Not Before: Apr 19 07:00:16 2025 GMT
            Not After : Apr 20 07:00:16 2025 GMT
        Subject: CN=6bd18cee577984fb321e9c7d46dfef8ebb1b707a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:5f:95:ae:bc:95:24:4b:0a:95:b2:7a:38:23:
                    26:0c:61:4f:91:d9:00:cb:ce:70:09:a6:be:bf:56:
                    87:d4:06:84:2a:9e:65:d4:7d:7e:2e:e1:f0:f4:78:
                    29:b4:c1:be:11:a8:a1:b5:19:fd:dd:c9:13:02:67:
                    39:51:9b:7d:ed:d7:49:5c:cf:47:3c:ff:9c:d2:d0:
                    1d:c6:77:dd:a3:33:09:d9:c3:12:da:7a:be:7c:89:
                    74:de:18:e6:33:49:a0:7b:05:d6:7f:ce:6d:31:5d:
                    28:e4:02:43:c9:e2:0b:aa:72:20:b9:ed:c9:02:01:
                    68:4b:2b:cf:54:a4:1c:8f:61:b9:91:b2:86:6e:7c:
                    cb:60:5e:bc:dd:80:83:4e:3a:32:9a:8e:87:09:9b:
                    81:db:8b:2e:80:0e:83:2d:dd:6d:38:2f:6f:82:58:
                    be:af:4d:ec:fc:d3:f8:84:84:2d:8c:a8:52:27:da:
                    b0:0e:7e:09:e1:12:e3:1f:21:c3:6b:c0:26:2a:45:
                    09:04:27:76:56:f0:38:93:0a:87:4b:22:23:bc:98:
                    9f:0b:e6:07:05:56:03:ec:56:4b:c4:4b:6b:f0:49:
                    54:2b:70:46:e2:74:fc:d8:e3:6a:d4:20:e4:89:f8:
                    70:b5:3d:18:6f:f1:0d:32:e0:21:3a:10:4e:7b:53:
                    1e:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:D1:8C:EE:57:79:84:FB:32:1E:9C:7D:46:DF:EF:8E:BB:1B:70:7A
            X509v3 Authority Key Identifier:
                keyid:FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:c0:02:fa:35:1b:0a:d9:03:91:bc:65:45:3a:21:ee:b2:63:
         ff:d3:bf:3d:d0:57:0c:76:70:33:c0:4b:f3:69:b0:5a:34:c9:
         90:f2:dd:83:4b:91:4a:ba:f1:2b:52:9a:58:69:fc:22:85:35:
         62:16:2a:75:54:f3:ea:52:19:0a:b7:19:d1:94:66:50:fd:4a:
         29:ec:ca:e5:4c:ba:68:23:37:75:82:d7:4f:c5:45:88:6f:9f:
         fe:de:ea:d4:25:ae:12:38:45:f6:95:be:04:01:db:2e:49:d4:
         23:32:8a:89:ee:29:f2:18:c5:7a:79:85:fb:50:36:f1:1e:8a:
         ab:05:18:ea:5b:ef:5a:7a:bc:fc:54:1d:ee:ad:d9:ed:e8:69:
         f5:c5:f9:24:a0:a8:e0:82:df:39:c2:d4:36:0f:04:0c:8a:52:
         3e:94:0c:4e:97:e2:19:5e:bf:26:e1:0c:d1:af:97:a2:d1:12:
         bc:04:3e:0b:2a:b8:0a:0f:37:01:f4:f4:cf:de:63:14:0e:66:
         4f:3f:8f:f7:12:d4:be:a3:66:59:f5:0b:92:d4:81:38:ca:3b:
         22:5f:07:ee:b5:82:cb:f0:ce:7f:b9:e1:c4:e4:ea:55:84:f2:
         d6:ab:b6:85:a2:71:cb:dc:d1:07:2e:ce:35:21:d7:d2:fe:70:
         21:80:a2:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZM2RSDiUt0pUCFkA3qQFaqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMmE1ZGIzYmEzM2UzNmMxNmRiZjUyNjBiMmZlMjc0YWU3
ZmIyMjIwHhcNMjUwNDE5MDcwMDE2WhcNMjUwNDIwMDcwMDE2WjAzMTEwLwYDVQQD
Eyg2YmQxOGNlZTU3Nzk4NGZiMzIxZTljN2Q0NmRmZWY4ZWJiMWI3MDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApl+VrryVJEsKlbJ6OCMmDGFPkdkA
y85wCaa+v1aH1AaEKp5l1H1+LuHw9HgptMG+EaihtRn93ckTAmc5UZt97ddJXM9H
PP+c0tAdxnfdozMJ2cMS2nq+fIl03hjmM0mgewXWf85tMV0o5AJDyeILqnIgue3J
AgFoSyvPVKQcj2G5kbKGbnzLYF683YCDTjoymo6HCZuB24sugA6DLd1tOC9vgli+
r03s/NP4hIQtjKhSJ9qwDn4J4RLjHyHDa8AmKkUJBCd2VvA4kwqHSyIjvJifC+YH
BVYD7FZLxEtr8ElUK3BG4nT82ONq1CDkifhwtT0Yb/ENMuAhOhBOe1MeBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGvRjO5XeYT7Mh6cfUbf7467G3B6MB8GA1UdIwQY
MBaAFP8qXbO6M+NsFtv1Jgsv4nSuf7IiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTIt
NTI2MGNkNWMyNGMzLzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTItNTI2MGNkNWMyNGMz
LzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvMAC+jUb
CtkDkbxlRToh7rJj/9O/PdBXDHZwM8BL82mwWjTJkPLdg0uRSrrxK1KaWGn8IoU1
YhYqdVTz6lIZCrcZ0ZRmUP1KKezK5Uy6aCM3dYLXT8VFiG+f/t7q1CWuEjhF9pW+
BAHbLknUIzKKie4p8hjFenmF+1A28R6KqwUY6lvvWnq8/FQd7q3Z7ehp9cX5JKCo
4ILfOcLUNg8EDIpSPpQMTpfiGV6/JuEM0a+XotESvAQ+Cyq4Cg83AfT0z95jFA5m
Tz+P9xLUvqNmWfULktSBOMo7Il8H7rWCy/DOf7nhxOTqVYTy1qu2haJxy9zRBy7O
NSHX0v5wIYCi+A==
-----END CERTIFICATE-----