Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
File:                     _ypds7oz42wW2_UmCy_idK5_siI.mft (raw, json)
Hash identifier:          P2NWYRrNTzCmzXyFJk0H9Tf9yN4a2Anai208QpWji48=
Subject key identifier:   0E:0F:09:09:DD:8C:92:14:D7:14:AF:B3:9A:53:82:BE:D6:F0:AA:90
Authority key identifier: FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22
Certificate issuer:       /CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
Certificate serial:       018F9428E2EB08E86AA280C91BD14FC001C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
Manifest number:          085E
Signing time:             Mon 20 May 2024 04:00:58 +0000
Manifest this update:     Mon 20 May 2024 04:00:58 +0000
Manifest next update:     Tue 21 May 2024 04:00:58 +0000
Files and hashes:         1: _ypds7oz42wW2_UmCy_idK5_siI.crl (hash: 6KSfn0Ww73YmNQCjZPuqgw0g05M8jBfgJMI2bGNr2Iw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 May 2024 23:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:94:28:e2:eb:08:e8:6a:a2:80:c9:1b:d1:4f:c0:01:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
        Validity
            Not Before: May 20 04:00:58 2024 GMT
            Not After : May 21 04:00:58 2024 GMT
        Subject: CN=0e0f0909dd8c9214d714afb39a5382bed6f0aa90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:db:2e:d3:c3:34:01:93:9c:ab:e8:77:c7:c0:
                    78:a8:8d:e8:96:6e:d6:61:83:02:f7:ce:54:b8:36:
                    92:23:1a:02:37:e4:af:20:10:31:ab:e9:67:1e:f5:
                    07:86:fe:44:2d:d5:ef:01:40:82:9b:d2:7d:ac:31:
                    1a:11:e0:44:de:8e:93:72:f9:72:ba:49:39:e3:28:
                    ad:1c:4f:5d:a1:83:1c:80:ad:9b:db:b5:07:6f:45:
                    68:f8:e4:ab:88:30:c1:b0:3a:4a:c6:0c:45:ba:63:
                    6c:e0:7b:aa:36:22:70:c9:ca:b8:e1:45:ed:59:bc:
                    01:9c:13:da:83:98:a0:3a:4b:b7:b0:97:7e:8e:2b:
                    6e:32:39:3f:30:dc:2c:99:f0:48:24:85:6b:9f:af:
                    4e:bc:41:ec:9a:89:ea:04:4a:b8:51:45:63:34:58:
                    1b:70:5e:8c:5e:0f:ab:5a:5f:5c:a9:8e:5b:1e:cf:
                    5e:2c:a7:87:de:d2:22:c1:3c:a5:56:c1:4e:51:ed:
                    50:01:d5:d3:b9:0e:c0:61:9e:f9:2a:b3:9a:ae:13:
                    68:5e:0e:bd:e3:db:aa:b2:b4:c1:55:b5:91:96:71:
                    e1:d3:27:86:0e:f7:ce:90:f3:80:67:c3:d0:14:e4:
                    65:af:f6:b7:04:f8:d4:68:2a:37:79:9e:7d:91:76:
                    4d:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:0F:09:09:DD:8C:92:14:D7:14:AF:B3:9A:53:82:BE:D6:F0:AA:90
            X509v3 Authority Key Identifier:
                keyid:FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:90:71:83:74:32:ec:7f:d4:04:94:53:d0:58:38:2e:63:76:
         f3:16:9d:49:24:b5:cd:7d:5c:07:75:15:9e:26:4c:25:4c:a2:
         50:11:74:6d:3e:c6:3e:69:19:3e:1a:b0:a7:64:4b:6e:9f:eb:
         a8:ca:b0:16:82:88:7f:d9:3d:fe:49:14:48:a9:a9:c6:a7:80:
         04:21:66:35:64:0e:b9:fe:59:e9:d0:d7:c8:20:b3:f2:79:71:
         e1:1b:6f:21:91:fc:4f:45:35:cd:1d:7d:9b:b8:6c:02:cf:6e:
         ea:55:a0:73:a3:86:8d:de:cb:a4:6c:7f:95:0a:55:4c:77:c4:
         db:c8:45:d6:c4:7f:a5:30:10:b2:78:61:84:61:72:21:ab:69:
         9e:16:04:01:47:d0:67:69:52:d0:a2:41:42:9f:02:32:fb:44:
         e9:0c:35:40:1d:af:f7:de:37:91:d6:2e:0f:d3:e6:bb:29:e0:
         63:2b:22:60:be:a7:58:d2:44:78:7d:4e:54:b6:28:18:68:a7:
         ed:e3:ee:a3:7a:3a:b9:f3:81:4b:58:dd:3b:b9:a8:a1:a0:ab:
         89:03:c5:46:15:b0:f4:56:f3:cd:bb:6b:a3:9b:84:29:ae:54:
         53:d6:6f:b1:96:a4:c1:3b:4e:85:f4:45:72:e8:e0:83:ce:27:
         d3:d3:78:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+UKOLrCOhqooDJG9FPwAHDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMmE1ZGIzYmEzM2UzNmMxNmRiZjUyNjBiMmZlMjc0YWU3
ZmIyMjIwHhcNMjQwNTIwMDQwMDU4WhcNMjQwNTIxMDQwMDU4WjAzMTEwLwYDVQQD
EygwZTBmMDkwOWRkOGM5MjE0ZDcxNGFmYjM5YTUzODJiZWQ2ZjBhYTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtsu08M0AZOcq+h3x8B4qI3olm7W
YYMC985UuDaSIxoCN+SvIBAxq+lnHvUHhv5ELdXvAUCCm9J9rDEaEeBE3o6Tcvly
ukk54yitHE9doYMcgK2b27UHb0Vo+OSriDDBsDpKxgxFumNs4HuqNiJwycq44UXt
WbwBnBPag5igOku3sJd+jituMjk/MNwsmfBIJIVrn69OvEHsmonqBEq4UUVjNFgb
cF6MXg+rWl9cqY5bHs9eLKeH3tIiwTylVsFOUe1QAdXTuQ7AYZ75KrOarhNoXg69
49uqsrTBVbWRlnHh0yeGDvfOkPOAZ8PQFORlr/a3BPjUaCo3eZ59kXZNAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA4PCQndjJIU1xSvs5pTgr7W8KqQMB8GA1UdIwQY
MBaAFP8qXbO6M+NsFtv1Jgsv4nSuf7IiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTIt
NTI2MGNkNWMyNGMzLzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTItNTI2MGNkNWMyNGMz
LzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ5Bxg3Qy
7H/UBJRT0Fg4LmN28xadSSS1zX1cB3UVniZMJUyiUBF0bT7GPmkZPhqwp2RLbp/r
qMqwFoKIf9k9/kkUSKmpxqeABCFmNWQOuf5Z6dDXyCCz8nlx4RtvIZH8T0U1zR19
m7hsAs9u6lWgc6OGjd7LpGx/lQpVTHfE28hF1sR/pTAQsnhhhGFyIatpnhYEAUfQ
Z2lS0KJBQp8CMvtE6Qw1QB2v9943kdYuD9PmuyngYysiYL6nWNJEeH1OVLYoGGin
7ePuo3o6ufOBS1jdO7mooaCriQPFRhWw9Fbzzbtro5uEKa5UU9ZvsZakwTtOhfRF
cujgg84n09N4zA==
-----END CERTIFICATE-----