Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
File:                     _ypds7oz42wW2_UmCy_idK5_siI.mft (raw, json)
Hash identifier:          kshzr6dqNJ6J0razacDbG5OgczJtEtniXGM4X2hfmjA=
Subject key identifier:   A8:25:12:F0:54:31:87:E3:90:E2:33:BB:43:30:2B:DA:BA:7B:1F:73
Authority key identifier: FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22
Certificate issuer:       /CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
Certificate serial:       019747E7B3E371A42AACD899929B72BC3DF4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
Manifest number:          0C5B
Signing time:             Sat 07 Jun 2025 01:00:56 +0000
Manifest this update:     Sat 07 Jun 2025 01:00:56 +0000
Manifest next update:     Sun 08 Jun 2025 01:00:56 +0000
Files and hashes:         1: _ypds7oz42wW2_UmCy_idK5_siI.crl (hash: E2Lt7TE1TtBJAfriqzku9olZYqQbP7VhjXB1HUb6jYA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:e7:b3:e3:71:a4:2a:ac:d8:99:92:9b:72:bc:3d:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
        Validity
            Not Before: Jun  7 01:00:56 2025 GMT
            Not After : Jun  8 01:00:56 2025 GMT
        Subject: CN=a82512f0543187e390e233bb43302bdaba7b1f73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:00:cc:71:65:da:8b:2b:97:38:52:6f:c1:7c:
                    1b:74:a5:af:76:c8:6a:db:7f:02:61:7a:26:7e:81:
                    99:0a:ae:26:85:46:3e:bc:86:8a:ed:a2:85:d8:ce:
                    7f:16:6d:41:72:6a:57:c9:ca:84:8f:18:88:d1:af:
                    ea:b2:94:76:fc:08:4a:9c:a4:f3:2a:72:18:ee:d9:
                    ba:82:77:da:09:d5:9c:f8:56:21:56:6d:51:5f:50:
                    bc:53:6f:bb:e9:a9:a8:41:93:bc:76:8f:4d:9e:4a:
                    8b:27:3f:09:0f:6b:45:2b:f1:f3:16:70:ad:77:70:
                    85:26:73:fe:1f:c5:0b:b9:e9:ca:eb:7e:a8:27:d6:
                    66:e1:09:e9:fc:6c:12:99:e0:05:e5:91:ae:dd:ed:
                    52:7c:c8:99:e9:4e:c5:ce:9d:0e:91:8e:6b:f9:2a:
                    02:72:38:21:05:c3:18:97:f4:af:ad:d2:76:b4:82:
                    10:e7:56:57:bf:71:bb:0a:df:33:ce:2a:c2:64:48:
                    a8:85:1b:5c:13:f4:e9:38:20:c5:7f:19:7f:50:cb:
                    1f:18:6b:ab:c2:d9:fc:c0:fb:34:bc:5e:c6:ce:f6:
                    33:85:1a:e5:0e:30:0a:5e:95:e6:79:d2:ba:d2:78:
                    44:60:bc:2f:ba:c1:b1:fb:93:36:94:ad:0a:55:ff:
                    e1:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:25:12:F0:54:31:87:E3:90:E2:33:BB:43:30:2B:DA:BA:7B:1F:73
            X509v3 Authority Key Identifier:
                keyid:FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:db:66:ce:97:f7:25:43:38:17:35:d7:4f:fa:a8:90:cd:4e:
         5c:e0:95:e8:78:09:3e:b9:cc:29:7b:ed:6d:2c:8e:c7:29:bd:
         fa:20:e3:28:23:32:c9:81:47:ad:6f:a5:97:a2:b6:54:76:99:
         72:75:ca:1c:10:72:d0:b8:2d:3d:2e:c8:5d:23:e6:3f:40:76:
         d8:1f:2c:a6:e3:1d:5c:ba:82:e3:31:ee:f2:79:58:8e:ed:5f:
         9e:00:a7:11:41:bd:70:18:1a:86:cd:8c:bd:b0:ef:27:ed:14:
         5c:db:a9:52:88:b1:56:2d:6d:e7:08:d0:37:03:e5:9a:76:ec:
         89:c8:3c:d5:95:4e:50:c1:23:1a:54:70:45:9f:45:18:66:9c:
         6b:6d:82:f8:1a:44:df:1b:b7:97:6e:fc:d3:99:c6:1e:84:71:
         c1:3c:a7:b4:f3:e4:df:0a:b2:1c:91:a5:7a:ea:67:86:11:5c:
         46:33:80:eb:8d:33:6c:a5:28:f4:bc:68:b5:d1:2b:a0:aa:0d:
         e9:78:7e:66:01:2c:fe:6c:2d:57:7d:49:7d:8c:47:db:b0:86:
         27:63:34:b1:13:bb:34:d4:ca:de:d7:bc:97:3f:4d:61:06:50:
         19:d1:39:65:1c:03:32:a3:f0:f6:9b:d3:75:93:78:0c:28:9b:
         06:ec:62:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdH57PjcaQqrNiZkptyvD30MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMmE1ZGIzYmEzM2UzNmMxNmRiZjUyNjBiMmZlMjc0YWU3
ZmIyMjIwHhcNMjUwNjA3MDEwMDU2WhcNMjUwNjA4MDEwMDU2WjAzMTEwLwYDVQQD
EyhhODI1MTJmMDU0MzE4N2UzOTBlMjMzYmI0MzMwMmJkYWJhN2IxZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtADMcWXaiyuXOFJvwXwbdKWvdshq
238CYXomfoGZCq4mhUY+vIaK7aKF2M5/Fm1BcmpXycqEjxiI0a/qspR2/AhKnKTz
KnIY7tm6gnfaCdWc+FYhVm1RX1C8U2+76amoQZO8do9NnkqLJz8JD2tFK/HzFnCt
d3CFJnP+H8ULuenK636oJ9Zm4Qnp/GwSmeAF5ZGu3e1SfMiZ6U7Fzp0OkY5r+SoC
cjghBcMYl/SvrdJ2tIIQ51ZXv3G7Ct8zzirCZEiohRtcE/TpOCDFfxl/UMsfGGur
wtn8wPs0vF7GzvYzhRrlDjAKXpXmedK60nhEYLwvusGx+5M2lK0KVf/hVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKglEvBUMYfjkOIzu0MwK9q6ex9zMB8GA1UdIwQY
MBaAFP8qXbO6M+NsFtv1Jgsv4nSuf7IiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTIt
NTI2MGNkNWMyNGMzLzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTItNTI2MGNkNWMyNGMz
LzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG9tmzpf3
JUM4FzXXT/qokM1OXOCV6HgJPrnMKXvtbSyOxym9+iDjKCMyyYFHrW+ll6K2VHaZ
cnXKHBBy0LgtPS7IXSPmP0B22B8spuMdXLqC4zHu8nlYju1fngCnEUG9cBgahs2M
vbDvJ+0UXNupUoixVi1t5wjQNwPlmnbsicg81ZVOUMEjGlRwRZ9FGGaca22C+BpE
3xu3l27805nGHoRxwTyntPPk3wqyHJGleupnhhFcRjOA640zbKUo9LxotdEroKoN
6Xh+ZgEs/mwtV31JfYxH27CGJ2M0sRO7NNTK3te8lz9NYQZQGdE5ZRwDMqPw9pvT
dZN4DCibBuxiHA==
-----END CERTIFICATE-----