Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft
File:                     yKQR5q7CPK13xDcrTXsLH8gtXcA.mft (raw, json)
Hash identifier:          47c76rLiCsH5Fgk+rzwosHgUt5xm9sR7HLT5ehYyvmU=
Subject key identifier:   7B:94:63:F0:93:A8:94:B1:CB:FF:CE:9A:E9:48:49:07:A1:D4:0A:DB
Authority key identifier: C8:A4:11:E6:AE:C2:3C:AD:77:C4:37:2B:4D:7B:0B:1F:C8:2D:5D:C0
Certificate issuer:       /CN=c8a411e6aec23cad77c4372b4d7b0b1fc82d5dc0
Certificate serial:       0196501137B6595AE1C15EE02BE9BC5897E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft
Manifest number:          14F9
Signing time:             Sat 19 Apr 2025 22:00:27 +0000
Manifest this update:     Sat 19 Apr 2025 22:00:27 +0000
Manifest next update:     Sun 20 Apr 2025 22:00:27 +0000
Files and hashes:         1: yKQR5q7CPK13xDcrTXsLH8gtXcA.crl (hash: ElL6RB27vGs30xZXMxEshZCQ3UyHxs301ZFKDBZ10mQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:50:11:37:b6:59:5a:e1:c1:5e:e0:2b:e9:bc:58:97:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8a411e6aec23cad77c4372b4d7b0b1fc82d5dc0
        Validity
            Not Before: Apr 19 22:00:27 2025 GMT
            Not After : Apr 20 22:00:27 2025 GMT
        Subject: CN=7b9463f093a894b1cbffce9ae9484907a1d40adb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:b5:d5:76:63:4e:12:28:1d:20:c6:f4:91:c4:
                    45:dd:8b:67:f6:bb:8b:ff:26:6e:0d:6b:75:59:35:
                    c6:d3:86:4f:be:09:81:c3:65:2c:9c:a0:14:9c:cb:
                    45:fc:2c:19:47:8c:c4:16:c6:32:ed:de:cb:fd:02:
                    bc:a7:2e:ca:30:60:73:23:9d:97:2c:b3:95:0a:b5:
                    72:ae:83:a1:12:2f:48:d4:2d:53:ad:cf:1b:e5:65:
                    6a:05:ad:26:e7:80:b9:a7:56:8d:fe:ba:06:25:d2:
                    73:29:3d:d1:37:d3:a7:2c:4b:96:bf:1f:23:57:41:
                    c8:2a:57:c4:4a:c8:63:3e:10:fb:67:04:07:0e:18:
                    9d:73:81:e9:ce:b6:83:03:66:f7:d7:69:39:a8:63:
                    21:98:0b:fe:51:54:9a:64:81:82:67:4f:33:7e:63:
                    54:64:4c:6c:fe:ce:49:e3:13:dc:68:d2:16:e0:e0:
                    85:ff:3c:3f:8c:c5:5d:59:1c:7d:8e:55:ea:d3:99:
                    58:00:34:17:0b:82:4c:c4:e7:e4:4d:7b:e4:3e:45:
                    5a:d6:1f:e1:76:16:f1:b1:2e:7a:ff:1b:0f:9f:7b:
                    4e:f5:17:e8:2b:db:ec:43:96:90:7f:d8:5f:1e:d5:
                    e7:74:78:f4:c9:86:d5:d1:23:43:94:9b:1f:9c:89:
                    76:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:94:63:F0:93:A8:94:B1:CB:FF:CE:9A:E9:48:49:07:A1:D4:0A:DB
            X509v3 Authority Key Identifier:
                keyid:C8:A4:11:E6:AE:C2:3C:AD:77:C4:37:2B:4D:7B:0B:1F:C8:2D:5D:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:3a:65:7e:72:de:ef:fc:ef:dc:91:10:dc:53:b5:77:e9:5b:
         fb:18:12:bf:82:08:b7:48:1f:57:bb:5e:e6:1e:0e:59:8e:be:
         f0:ac:32:7d:19:67:28:74:ed:8c:54:71:57:a3:22:01:c4:9f:
         01:f0:9b:5b:c1:46:ea:e9:59:dc:92:95:4c:38:e9:db:aa:fa:
         0f:5a:93:9a:59:b2:69:d5:df:2f:22:57:a7:08:e3:4c:27:50:
         61:4b:f0:72:a1:e5:a7:ff:bd:02:59:43:c3:66:f2:74:94:38:
         da:dc:b7:6f:e1:c6:c3:6e:35:0e:b7:e0:0b:0e:dd:c8:39:01:
         b5:e6:96:f3:a5:52:85:cf:cb:69:50:2e:be:ec:a1:3b:5b:f3:
         09:fb:1c:c3:50:ff:4c:ec:f3:8f:3f:7f:7a:52:fa:48:22:92:
         60:66:db:36:6c:b4:05:fb:e1:1d:4b:9e:d1:4f:7a:30:87:2d:
         cb:57:d2:35:f6:71:38:52:b8:4d:ce:45:92:3b:06:dc:eb:bd:
         18:2d:d4:c6:91:20:ec:c7:c4:9c:89:7a:d8:d9:4f:ac:a4:92:
         bb:bb:76:03:d7:4a:00:d1:85:f5:d0:ba:a0:7d:52:1f:71:bc:
         2b:82:69:46:79:11:0b:90:a2:2f:9b:19:c4:8f:52:40:61:10:
         f1:0c:e7:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQETe2WVrhwV7gK+m8WJfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YTQxMWU2YWVjMjNjYWQ3N2M0MzcyYjRkN2IwYjFmYzgy
ZDVkYzAwHhcNMjUwNDE5MjIwMDI3WhcNMjUwNDIwMjIwMDI3WjAzMTEwLwYDVQQD
Eyg3Yjk0NjNmMDkzYTg5NGIxY2JmZmNlOWFlOTQ4NDkwN2ExZDQwYWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47XVdmNOEigdIMb0kcRF3Ytn9ruL
/yZuDWt1WTXG04ZPvgmBw2UsnKAUnMtF/CwZR4zEFsYy7d7L/QK8py7KMGBzI52X
LLOVCrVyroOhEi9I1C1Trc8b5WVqBa0m54C5p1aN/roGJdJzKT3RN9OnLEuWvx8j
V0HIKlfESshjPhD7ZwQHDhidc4HpzraDA2b312k5qGMhmAv+UVSaZIGCZ08zfmNU
ZExs/s5J4xPcaNIW4OCF/zw/jMVdWRx9jlXq05lYADQXC4JMxOfkTXvkPkVa1h/h
dhbxsS56/xsPn3tO9RfoK9vsQ5aQf9hfHtXndHj0yYbV0SNDlJsfnIl2hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHuUY/CTqJSxy//OmulISQeh1ArbMB8GA1UdIwQY
MBaAFMikEeauwjytd8Q3K017Cx/ILV3AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83YjU0MGYtYjgzYS00MGI5LWFlNmQt
Y2RjZWUyM2E4M2IwLzEveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83YjU0MGYtYjgzYS00MGI5LWFlNmQtY2RjZWUyM2E4M2Iw
LzEveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkDplfnLe
7/zv3JEQ3FO1d+lb+xgSv4IIt0gfV7te5h4OWY6+8KwyfRlnKHTtjFRxV6MiAcSf
AfCbW8FG6ulZ3JKVTDjp26r6D1qTmlmyadXfLyJXpwjjTCdQYUvwcqHlp/+9AllD
w2bydJQ42ty3b+HGw241DrfgCw7dyDkBteaW86VShc/LaVAuvuyhO1vzCfscw1D/
TOzzjz9/elL6SCKSYGbbNmy0BfvhHUue0U96MIcty1fSNfZxOFK4Tc5FkjsG3Ou9
GC3UxpEg7MfEnIl62NlPrKSSu7t2A9dKANGF9dC6oH1SH3G8K4JpRnkRC5CiL5sZ
xI9SQGEQ8Qzn/A==
-----END CERTIFICATE-----