Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
File:                     YA09DkcUJu84PjkRODpJg78idkQ.mft (raw, json)
Hash identifier:          k6Oq6PIWSlatIHEnSOfepOBKa3U7cJwely3cvYRduRo=
Subject key identifier:   CD:EC:C7:1A:2A:7C:87:39:43:30:A9:1A:4C:D9:17:B8:4D:61:B6:2C
Authority key identifier: 60:0D:3D:0E:47:14:26:EF:38:3E:39:11:38:3A:49:83:BF:22:76:44
Certificate issuer:       /CN=600d3d0e471426ef383e3911383a4983bf227644
Certificate serial:       0197518F5CDC5F925FB8D6A9C4BADC2400A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
Manifest number:          0252
Signing time:             Sun 08 Jun 2025 22:00:39 +0000
Manifest this update:     Sun 08 Jun 2025 22:00:39 +0000
Manifest next update:     Mon 09 Jun 2025 22:00:39 +0000
Files and hashes:         1: YA09DkcUJu84PjkRODpJg78idkQ.crl (hash: tAPDnmMrALgwZwppDsLwsAxHGjPClrhyjiE74LkvOUE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 21:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:51:8f:5c:dc:5f:92:5f:b8:d6:a9:c4:ba:dc:24:00:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=600d3d0e471426ef383e3911383a4983bf227644
        Validity
            Not Before: Jun  8 22:00:39 2025 GMT
            Not After : Jun  9 22:00:39 2025 GMT
        Subject: CN=cdecc71a2a7c87394330a91a4cd917b84d61b62c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:b5:a8:6e:62:0b:63:ad:7d:0a:4a:8c:df:55:
                    89:e9:81:2d:17:d1:6e:f8:1a:02:44:70:08:c4:88:
                    34:04:8d:2d:70:df:8a:7d:3e:f0:34:7e:0c:15:74:
                    38:b0:fe:2e:0b:5a:33:a8:f1:47:74:04:88:bc:46:
                    99:c1:4d:ac:7f:5b:a4:3e:98:e4:61:6e:e5:eb:25:
                    69:eb:e5:82:05:71:2f:61:e7:ae:ff:ee:37:ec:a8:
                    1b:37:8b:6c:73:a0:4d:4f:6a:19:da:b2:5e:4a:e0:
                    5a:56:83:ab:de:97:4a:95:f6:10:b5:74:3e:3e:ae:
                    18:8a:f4:83:f5:47:1d:7f:b2:6f:7b:d7:95:ad:c6:
                    fe:7a:4d:3d:00:c2:a5:32:e2:d0:28:b2:ef:be:57:
                    d9:7a:e8:e2:ee:e2:c7:d2:46:b3:a9:c3:f0:a8:6f:
                    e3:1e:da:e8:52:12:54:c2:94:66:77:d9:c0:ca:14:
                    79:e8:32:2d:c2:50:55:20:d8:8c:f5:c3:10:e9:22:
                    c4:92:31:05:9a:0c:87:c0:f5:66:ca:1d:19:1e:99:
                    15:e6:03:0e:d4:e4:9e:fb:54:b4:46:fb:c5:a5:9c:
                    df:45:54:dd:a0:d3:15:5c:a0:ab:90:43:e8:b3:94:
                    89:f6:0b:79:01:6b:2b:2b:71:43:43:e5:52:92:9b:
                    f0:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:EC:C7:1A:2A:7C:87:39:43:30:A9:1A:4C:D9:17:B8:4D:61:B6:2C
            X509v3 Authority Key Identifier:
                keyid:60:0D:3D:0E:47:14:26:EF:38:3E:39:11:38:3A:49:83:BF:22:76:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:9e:72:5a:31:3d:83:70:0d:01:d2:7c:53:56:22:f4:2c:b0:
         6e:ab:13:34:f1:88:8a:52:81:19:34:5e:b6:78:66:96:f2:68:
         d2:ca:34:3f:3d:fb:05:84:f0:99:af:b4:fb:82:66:78:e9:a9:
         34:8b:bd:90:1c:9a:68:19:5b:09:65:1e:fc:c4:c2:2f:5e:95:
         f4:5c:9a:b3:97:a1:18:07:d3:d2:6a:da:c1:15:ea:f5:84:78:
         71:a1:1e:05:d3:88:a9:0b:33:f8:0a:a8:ac:77:b6:55:ea:f6:
         1b:f3:a7:76:68:8e:7b:69:bb:05:ad:a9:6d:b1:d8:e7:c7:2e:
         b9:c5:c9:87:26:dc:9b:16:11:ff:82:8c:fc:6c:5e:ee:61:18:
         20:1d:ef:dd:3e:81:8a:4d:bb:b2:4f:09:99:3a:ba:46:81:cd:
         f4:a4:18:da:ce:f6:d6:f9:89:2a:c7:b3:dc:65:12:38:6b:7b:
         bb:4c:73:15:d2:1a:c0:09:19:17:bb:7f:a4:56:59:26:74:1a:
         44:a5:aa:7a:9b:81:1f:73:39:d9:06:f3:1c:21:d3:9e:d3:da:
         b6:03:be:d5:c3:00:a1:2e:d3:e3:32:9b:a4:01:fb:33:e7:f0:
         a7:5a:37:71:9c:b2:ca:01:d2:28:3a:68:08:02:f6:89:92:b6:
         a7:98:04:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdRj1zcX5JfuNapxLrcJACiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMGQzZDBlNDcxNDI2ZWYzODNlMzkxMTM4M2E0OTgzYmYy
Mjc2NDQwHhcNMjUwNjA4MjIwMDM5WhcNMjUwNjA5MjIwMDM5WjAzMTEwLwYDVQQD
EyhjZGVjYzcxYTJhN2M4NzM5NDMzMGE5MWE0Y2Q5MTdiODRkNjFiNjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLWobmILY619CkqM31WJ6YEtF9Fu
+BoCRHAIxIg0BI0tcN+KfT7wNH4MFXQ4sP4uC1ozqPFHdASIvEaZwU2sf1ukPpjk
YW7l6yVp6+WCBXEvYeeu/+437KgbN4tsc6BNT2oZ2rJeSuBaVoOr3pdKlfYQtXQ+
Pq4YivSD9Ucdf7Jve9eVrcb+ek09AMKlMuLQKLLvvlfZeuji7uLH0kazqcPwqG/j
HtroUhJUwpRmd9nAyhR56DItwlBVINiM9cMQ6SLEkjEFmgyHwPVmyh0ZHpkV5gMO
1OSe+1S0RvvFpZzfRVTdoNMVXKCrkEPos5SJ9gt5AWsrK3FDQ+VSkpvwpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM3sxxoqfIc5QzCpGkzZF7hNYbYsMB8GA1UdIwQY
MBaAFGANPQ5HFCbvOD45ETg6SYO/InZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8xYWY1MWItN2IxNy00OTgwLTk4Yzct
M2MyZmE4YWFmMDMxLzEvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8xYWY1MWItN2IxNy00OTgwLTk4YzctM2MyZmE4YWFmMDMx
LzEvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjZ5yWjE9
g3ANAdJ8U1Yi9CywbqsTNPGIilKBGTRetnhmlvJo0so0Pz37BYTwma+0+4JmeOmp
NIu9kByaaBlbCWUe/MTCL16V9Fyas5ehGAfT0mrawRXq9YR4caEeBdOIqQsz+Aqo
rHe2Ver2G/OndmiOe2m7Ba2pbbHY58cuucXJhybcmxYR/4KM/Gxe7mEYIB3v3T6B
ik27sk8JmTq6RoHN9KQY2s721vmJKsez3GUSOGt7u0xzFdIawAkZF7t/pFZZJnQa
RKWqepuBH3M52QbzHCHTntPatgO+1cMAoS7T4zKbpAH7M+fwp1o3cZyyygHSKDpo
CAL2iZK2p5gEsQ==
-----END CERTIFICATE-----