Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
File:                     YA09DkcUJu84PjkRODpJg78idkQ.mft (raw, json)
Hash identifier:          tpENNSp3vqA1l5+JALKeMb4QI0RVsNn/2lar8U+uFwY=
Subject key identifier:   EE:FF:5A:40:A6:02:50:5C:AE:A3:32:5D:AD:67:6C:45:C0:23:D0:84
Authority key identifier: 60:0D:3D:0E:47:14:26:EF:38:3E:39:11:38:3A:49:83:BF:22:76:44
Certificate issuer:       /CN=600d3d0e471426ef383e3911383a4983bf227644
Certificate serial:       0196586F5348B66EFD69DC8D72E32713A2B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
Manifest number:          01D1
Signing time:             Mon 21 Apr 2025 13:00:12 +0000
Manifest this update:     Mon 21 Apr 2025 13:00:12 +0000
Manifest next update:     Tue 22 Apr 2025 13:00:12 +0000
Files and hashes:         1: YA09DkcUJu84PjkRODpJg78idkQ.crl (hash: PM3pr2h1ez+9AEUsHayF7KhR6Tl8LK/3lX2Tf/usHB4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:58:6f:53:48:b6:6e:fd:69:dc:8d:72:e3:27:13:a2:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=600d3d0e471426ef383e3911383a4983bf227644
        Validity
            Not Before: Apr 21 13:00:12 2025 GMT
            Not After : Apr 22 13:00:12 2025 GMT
        Subject: CN=eeff5a40a602505caea3325dad676c45c023d084
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:60:29:d5:cb:3d:99:a2:83:ab:7d:ac:2a:f3:
                    46:53:fa:c8:39:95:e4:8b:f1:fd:61:13:e5:49:65:
                    2f:6f:3d:44:67:fc:91:db:6b:78:31:52:a0:e8:9d:
                    53:6d:be:f2:3d:44:5d:eb:22:c1:55:10:4d:fb:47:
                    55:6d:44:96:bf:eb:89:1d:91:a4:d6:28:b4:4a:55:
                    35:3a:4b:28:9f:19:04:e5:59:91:43:b4:8b:e4:70:
                    01:e4:63:77:95:fd:16:72:e0:99:85:b8:cd:89:d5:
                    12:de:c7:c2:35:4f:e3:ce:89:c7:60:19:f1:19:bd:
                    43:fb:f6:66:1d:dc:48:b6:f1:1c:86:cd:2e:b7:bc:
                    69:c1:5a:2b:cd:6c:4d:fc:1d:86:05:71:81:d4:88:
                    6f:55:67:5d:90:9a:29:5d:86:34:47:d9:8a:45:05:
                    04:46:3a:39:bd:de:23:11:c7:08:8a:33:33:52:7a:
                    b7:2a:23:4c:47:33:1c:61:41:dc:8d:e2:c6:a0:e9:
                    01:01:64:c5:85:f2:f1:78:8a:23:9f:3f:af:fd:b1:
                    08:dc:e5:10:9f:a8:e2:de:99:ab:d6:7e:ba:04:26:
                    37:d4:1b:b3:d3:fc:29:f9:81:d2:ba:7b:0c:3e:5f:
                    92:af:b8:0b:34:d0:b2:f2:c4:78:cb:94:3e:cb:70:
                    96:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:FF:5A:40:A6:02:50:5C:AE:A3:32:5D:AD:67:6C:45:C0:23:D0:84
            X509v3 Authority Key Identifier:
                keyid:60:0D:3D:0E:47:14:26:EF:38:3E:39:11:38:3A:49:83:BF:22:76:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:b8:08:2e:71:11:71:e5:41:35:3f:5b:d9:2b:9e:5e:7f:93:
         ef:62:46:d1:60:71:87:89:36:a6:93:40:d9:7a:d7:e0:b1:45:
         d2:12:7f:ce:72:23:19:f5:ee:76:4f:17:a3:eb:01:d5:79:fa:
         85:9f:2d:e1:9c:24:38:d3:b7:11:65:a0:b6:aa:48:c9:fd:f4:
         fc:32:c4:89:c7:67:15:17:13:55:98:50:07:4e:67:67:03:91:
         f2:23:e5:23:d3:af:5b:71:25:a3:8a:8f:bd:f1:f6:7c:9d:55:
         49:60:77:83:98:6e:c4:47:bc:b9:e7:f3:3c:07:2a:48:51:09:
         04:74:f4:7c:29:8e:6b:6a:46:ed:a1:24:b4:9a:1f:85:e3:7d:
         db:49:de:08:ea:06:be:c0:1e:4a:08:97:f8:1a:65:ab:30:6d:
         6d:37:a8:21:6b:92:28:51:59:4a:0c:bb:b9:bb:c5:82:7a:84:
         40:70:b0:24:d2:a4:b0:8b:f4:fd:41:40:79:8c:75:e0:a6:c6:
         cd:90:0d:30:10:0e:a0:18:3b:87:aa:a3:ce:8a:fd:72:c8:c5:
         d4:85:b3:84:f0:19:14:9f:62:05:85:b2:39:69:13:56:30:83:
         a3:21:77:4a:a5:39:16:ce:47:7b:2d:0b:a0:e3:ac:9b:e5:95:
         81:a5:e0:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZYb1NItm79adyNcuMnE6K3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMGQzZDBlNDcxNDI2ZWYzODNlMzkxMTM4M2E0OTgzYmYy
Mjc2NDQwHhcNMjUwNDIxMTMwMDEyWhcNMjUwNDIyMTMwMDEyWjAzMTEwLwYDVQQD
EyhlZWZmNWE0MGE2MDI1MDVjYWVhMzMyNWRhZDY3NmM0NWMwMjNkMDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumAp1cs9maKDq32sKvNGU/rIOZXk
i/H9YRPlSWUvbz1EZ/yR22t4MVKg6J1Tbb7yPURd6yLBVRBN+0dVbUSWv+uJHZGk
1ii0SlU1OksonxkE5VmRQ7SL5HAB5GN3lf0WcuCZhbjNidUS3sfCNU/jzonHYBnx
Gb1D+/ZmHdxItvEchs0ut7xpwVorzWxN/B2GBXGB1IhvVWddkJopXYY0R9mKRQUE
Rjo5vd4jEccIijMzUnq3KiNMRzMcYUHcjeLGoOkBAWTFhfLxeIojnz+v/bEI3OUQ
n6ji3pmr1n66BCY31Buz0/wp+YHSunsMPl+Sr7gLNNCy8sR4y5Q+y3CWYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO7/WkCmAlBcrqMyXa1nbEXAI9CEMB8GA1UdIwQY
MBaAFGANPQ5HFCbvOD45ETg6SYO/InZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8xYWY1MWItN2IxNy00OTgwLTk4Yzct
M2MyZmE4YWFmMDMxLzEvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8xYWY1MWItN2IxNy00OTgwLTk4YzctM2MyZmE4YWFmMDMx
LzEvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn7gILnER
ceVBNT9b2SueXn+T72JG0WBxh4k2ppNA2XrX4LFF0hJ/znIjGfXudk8Xo+sB1Xn6
hZ8t4ZwkONO3EWWgtqpIyf30/DLEicdnFRcTVZhQB05nZwOR8iPlI9OvW3Elo4qP
vfH2fJ1VSWB3g5huxEe8uefzPAcqSFEJBHT0fCmOa2pG7aEktJofheN920neCOoG
vsAeSgiX+BplqzBtbTeoIWuSKFFZSgy7ubvFgnqEQHCwJNKksIv0/UFAeYx14KbG
zZANMBAOoBg7h6qjzor9csjF1IWzhPAZFJ9iBYWyOWkTVjCDoyF3SqU5Fs5Hey0L
oOOsm+WVgaXgwA==
-----END CERTIFICATE-----