Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
File:                     ydD7lgitlbS_5q4unxPgAv2raA0.mft (raw, json)
Hash identifier:          XTaQGk8SfDAJJskhfMHh+6VVadFpHpzBqY0ezuqHYuM=
Subject key identifier:   87:0F:90:9A:BF:92:6F:41:89:3B:40:50:A1:23:92:93:34:48:11:7E
Authority key identifier: C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D
Certificate issuer:       /CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
Certificate serial:       0194C5082174B798791692BB3F9FCE96734F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
Manifest number:          02C8
Signing time:             Sun 02 Feb 2025 05:00:31 +0000
Manifest this update:     Sun 02 Feb 2025 05:00:31 +0000
Manifest next update:     Mon 03 Feb 2025 05:00:31 +0000
Files and hashes:         1: ydD7lgitlbS_5q4unxPgAv2raA0.crl (hash: vY5BuwYZNvMWSw/SgK8Nqo8696NS5pnACzjq+nvnNDM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c5:08:21:74:b7:98:79:16:92:bb:3f:9f:ce:96:73:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
        Validity
            Not Before: Feb  2 05:00:31 2025 GMT
            Not After : Feb  3 05:00:31 2025 GMT
        Subject: CN=870f909abf926f41893b4050a12392933448117e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:db:48:30:8e:27:a7:96:aa:29:94:0d:66:6b:
                    fb:c0:39:c4:7a:87:ce:81:7f:ca:48:83:fa:d4:68:
                    38:c8:3c:07:08:6c:af:96:24:11:94:48:92:e6:3f:
                    af:81:f1:64:fc:87:4e:1e:40:b0:2b:17:4b:5d:25:
                    7a:66:ee:c4:a8:30:51:a4:d2:68:c0:a2:b9:de:34:
                    7a:62:7d:6b:3d:f1:5b:87:59:16:f0:b5:bc:5b:d9:
                    3b:1a:1f:26:df:b2:96:12:85:49:26:c7:f8:4e:87:
                    02:2f:b6:9b:0e:66:7b:8d:36:d9:d1:06:56:79:d3:
                    6d:6e:c9:db:a4:38:82:4b:fd:4b:94:53:38:43:12:
                    9c:6c:51:39:c2:d4:72:a4:97:c3:41:57:49:bc:58:
                    fb:9a:cb:4f:83:a5:c5:a9:23:ec:8f:a9:64:21:fd:
                    69:d3:00:d4:8c:97:2a:cd:76:59:a6:d5:54:71:98:
                    8c:aa:a8:ee:e0:6d:f5:ba:7d:4d:ac:f2:e9:9a:75:
                    72:29:6b:54:13:4d:8f:e6:c0:fa:a8:41:29:9b:07:
                    9a:52:3b:65:e1:6a:68:7c:15:90:db:38:7f:6c:fc:
                    b5:8c:21:e4:e2:bd:32:9f:82:af:be:cf:07:cc:de:
                    a8:4c:34:2f:b2:69:15:7c:4e:5c:da:a1:fa:b1:f7:
                    a5:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:0F:90:9A:BF:92:6F:41:89:3B:40:50:A1:23:92:93:34:48:11:7E
            X509v3 Authority Key Identifier:
                keyid:C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:bf:46:17:b1:92:3b:15:cb:aa:89:06:51:5b:b1:b3:54:f1:
         4f:c4:f4:76:ee:b9:26:b7:70:01:7e:9d:43:95:35:de:58:97:
         e8:ed:3d:82:1a:1c:fd:d2:6f:e7:a2:ea:f5:a2:95:07:49:ec:
         fc:cd:f6:f3:79:7b:78:38:38:8e:0f:a5:be:08:aa:24:62:27:
         04:81:f7:ab:17:fe:b0:b8:c3:62:6a:55:d3:44:17:da:a3:75:
         0a:e1:4c:09:31:64:b8:fa:fc:51:67:74:57:f7:d6:ea:16:59:
         f0:d6:5d:2d:d9:33:bd:23:80:b2:aa:48:4b:a9:cd:2c:c8:02:
         47:8e:c0:e8:61:5f:55:2f:be:08:1b:08:61:b7:75:e5:b1:72:
         65:5f:f6:2c:40:b2:07:fb:df:51:21:a8:41:ce:4c:80:13:22:
         d2:42:f8:96:43:94:af:a5:1d:d1:3a:a4:9b:cf:87:98:0a:0a:
         c8:29:cc:f8:1f:5c:48:1e:ff:a4:3d:1b:e4:c3:5c:dc:a4:24:
         1c:70:f6:02:bd:e4:83:3b:92:d3:42:45:0b:77:66:d4:94:ee:
         8f:41:2f:03:16:2a:43:ec:47:af:aa:c7:0a:cc:1b:9c:7a:63:
         98:e2:8b:3a:8d:14:54:46:6a:bd:e2:d9:15:ac:55:07:8d:d9:
         3b:f4:0c:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTFCCF0t5h5FpK7P5/OlnNPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDBmYjk2MDhhZDk1YjRiZmU2YWUyZTlmMTNlMDAyZmRh
YjY4MGQwHhcNMjUwMjAyMDUwMDMxWhcNMjUwMjAzMDUwMDMxWjAzMTEwLwYDVQQD
Eyg4NzBmOTA5YWJmOTI2ZjQxODkzYjQwNTBhMTIzOTI5MzM0NDgxMTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA89tIMI4np5aqKZQNZmv7wDnEeofO
gX/KSIP61Gg4yDwHCGyvliQRlEiS5j+vgfFk/IdOHkCwKxdLXSV6Zu7EqDBRpNJo
wKK53jR6Yn1rPfFbh1kW8LW8W9k7Gh8m37KWEoVJJsf4TocCL7abDmZ7jTbZ0QZW
edNtbsnbpDiCS/1LlFM4QxKcbFE5wtRypJfDQVdJvFj7mstPg6XFqSPsj6lkIf1p
0wDUjJcqzXZZptVUcZiMqqju4G31un1NrPLpmnVyKWtUE02P5sD6qEEpmweaUjtl
4WpofBWQ2zh/bPy1jCHk4r0yn4Kvvs8HzN6oTDQvsmkVfE5c2qH6sfelEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIcPkJq/km9BiTtAUKEjkpM0SBF+MB8GA1UdIwQY
MBaAFMnQ+5YIrZW0v+auLp8T4AL9q2gNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjkt
MDUzNDk1ODc1OWFjLzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjktMDUzNDk1ODc1OWFj
LzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANr9GF7GS
OxXLqokGUVuxs1TxT8T0du65JrdwAX6dQ5U13liX6O09ghoc/dJv56Lq9aKVB0ns
/M3283l7eDg4jg+lvgiqJGInBIH3qxf+sLjDYmpV00QX2qN1CuFMCTFkuPr8UWd0
V/fW6hZZ8NZdLdkzvSOAsqpIS6nNLMgCR47A6GFfVS++CBsIYbd15bFyZV/2LECy
B/vfUSGoQc5MgBMi0kL4lkOUr6Ud0Tqkm8+HmAoKyCnM+B9cSB7/pD0b5MNc3KQk
HHD2Ar3kgzuS00JFC3dm1JTuj0EvAxYqQ+xHr6rHCswbnHpjmOKLOo0UVEZqveLZ
FaxVB43ZO/QM8w==
-----END CERTIFICATE-----