Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.mft
File:                     YsuMEjOwFrHwSBCJc9asPnYvY-0.mft (raw, json)
Hash identifier:          ELDlUvWOTbqfB550uh5nv4Xw4LeGBIrxE3WLNbV6raE=
Subject key identifier:   1E:C2:DC:4E:17:7A:57:ED:6F:DA:B3:6F:32:0F:1C:D8:A7:E4:31:6F
Authority key identifier: 62:CB:8C:12:33:B0:16:B1:F0:48:10:89:73:D6:AC:3E:76:2F:63:ED
Certificate issuer:       /CN=62cb8c1233b016b1f048108973d6ac3e762f63ed
Certificate serial:       01974EC5BCD792E3ED171523110B0E2263FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YsuMEjOwFrHwSBCJc9asPnYvY-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.mft
Manifest number:          1127
Signing time:             Sun 08 Jun 2025 09:01:11 +0000
Manifest this update:     Sun 08 Jun 2025 09:01:11 +0000
Manifest next update:     Mon 09 Jun 2025 09:01:11 +0000
Files and hashes:         1: YsuMEjOwFrHwSBCJc9asPnYvY-0.crl (hash: cAMtEwwyueRPziiRcjOMyaTA8BqNAGPtyFQMShWK6AA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YsuMEjOwFrHwSBCJc9asPnYvY-0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:c5:bc:d7:92:e3:ed:17:15:23:11:0b:0e:22:63:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62cb8c1233b016b1f048108973d6ac3e762f63ed
        Validity
            Not Before: Jun  8 09:01:11 2025 GMT
            Not After : Jun  9 09:01:11 2025 GMT
        Subject: CN=1ec2dc4e177a57ed6fdab36f320f1cd8a7e4316f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:d9:a0:01:78:0e:af:53:a1:9a:48:32:1e:de:
                    15:e1:71:af:9a:53:9f:73:b0:ea:54:69:38:7b:43:
                    cb:00:f4:fc:12:01:da:8a:5a:45:00:e3:0c:94:46:
                    70:04:12:ef:60:44:84:61:1e:95:d5:6b:82:93:3a:
                    c2:e4:9c:6a:55:15:75:76:27:24:83:c4:dd:70:5c:
                    b7:0d:fe:ea:3e:b6:22:b1:31:f0:5b:9b:52:a7:2e:
                    4a:ee:86:7f:a4:96:7c:31:4a:17:c5:bd:89:9f:62:
                    4c:69:a5:77:76:ac:3d:6b:47:df:71:37:3a:5c:79:
                    1e:dc:04:bf:8a:a9:9e:c4:eb:38:b2:3a:55:d5:25:
                    7f:fc:ba:1c:8b:82:e9:51:1a:f2:a6:e5:bb:17:aa:
                    a6:7a:55:e3:75:74:86:c5:4a:9c:ba:fa:4b:62:5e:
                    8c:f9:f1:60:56:3e:a4:95:f0:25:0e:9d:46:62:c7:
                    45:61:cd:45:1f:04:40:a8:ca:23:3f:ba:31:60:bb:
                    f2:2c:b2:c6:0c:18:e9:4d:6b:72:ca:a7:31:a8:40:
                    fa:ba:32:a8:5f:e9:8e:22:ab:29:9e:0d:62:91:8e:
                    d2:6d:ce:df:7d:90:a0:b4:4c:1a:3e:85:b7:04:e9:
                    20:a6:60:10:ef:d1:e2:61:ee:1a:c9:f7:93:45:41:
                    d5:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:C2:DC:4E:17:7A:57:ED:6F:DA:B3:6F:32:0F:1C:D8:A7:E4:31:6F
            X509v3 Authority Key Identifier:
                keyid:62:CB:8C:12:33:B0:16:B1:F0:48:10:89:73:D6:AC:3E:76:2F:63:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YsuMEjOwFrHwSBCJc9asPnYvY-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:d8:ed:a2:3a:aa:68:45:1c:d1:5d:f3:bb:d9:37:eb:57:76:
         23:55:d6:d2:78:1a:07:24:9a:01:0f:79:2f:af:cb:1c:88:94:
         1a:52:31:52:7a:26:00:b4:ff:64:91:63:ea:45:bf:7d:2c:92:
         1d:dc:96:e5:7f:f5:52:ef:d6:e8:0f:da:ef:9c:8a:3b:c6:fe:
         17:57:68:96:91:15:72:a3:f5:68:ad:f8:42:86:8c:83:67:7b:
         66:cb:b1:d0:05:33:02:ac:4c:de:72:5c:99:9d:43:0a:29:c0:
         31:f4:ef:75:5b:9c:ee:3b:10:9e:b9:7f:1f:bd:58:d1:16:87:
         6e:fd:83:d7:38:c7:5a:cb:c2:82:31:b0:36:c9:f8:c1:fe:a5:
         3b:0a:e4:8f:1b:f3:98:3e:6b:1c:42:9a:84:e7:84:ba:43:c0:
         e7:1b:da:f4:e4:ff:d1:6b:c0:fa:49:ac:db:72:05:bb:f7:c7:
         54:47:23:3d:a7:ca:4b:ee:86:81:9a:e6:6c:42:71:90:84:f8:
         59:07:aa:b6:fe:0b:20:2a:d4:49:81:97:0b:d8:92:77:c7:f4:
         59:56:33:2c:e3:f9:92:a2:a7:db:72:8e:bf:86:b3:3c:ea:b6:
         77:01:1c:9d:b5:d9:7c:ae:b7:ed:3c:da:90:ec:99:b1:09:22:
         88:3f:96:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOxbzXkuPtFxUjEQsOImP+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyY2I4YzEyMzNiMDE2YjFmMDQ4MTA4OTczZDZhYzNlNzYy
ZjYzZWQwHhcNMjUwNjA4MDkwMTExWhcNMjUwNjA5MDkwMTExWjAzMTEwLwYDVQQD
EygxZWMyZGM0ZTE3N2E1N2VkNmZkYWIzNmYzMjBmMWNkOGE3ZTQzMTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA99mgAXgOr1OhmkgyHt4V4XGvmlOf
c7DqVGk4e0PLAPT8EgHailpFAOMMlEZwBBLvYESEYR6V1WuCkzrC5JxqVRV1dick
g8TdcFy3Df7qPrYisTHwW5tSpy5K7oZ/pJZ8MUoXxb2Jn2JMaaV3dqw9a0ffcTc6
XHke3AS/iqmexOs4sjpV1SV//Loci4LpURrypuW7F6qmelXjdXSGxUqcuvpLYl6M
+fFgVj6klfAlDp1GYsdFYc1FHwRAqMojP7oxYLvyLLLGDBjpTWtyyqcxqED6ujKo
X+mOIqspng1ikY7Sbc7ffZCgtEwaPoW3BOkgpmAQ79HiYe4ayfeTRUHVIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB7C3E4Xelftb9qzbzIPHNin5DFvMB8GA1UdIwQY
MBaAFGLLjBIzsBax8EgQiXPWrD52L2PtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXN1TUVqT3dGckh3U0JDSmM5YXNQbll2WS0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC80MDJlZWEtNDgxNC00ODc3LThkN2Et
M2NhMmY3OTZiNTk2LzEvWXN1TUVqT3dGckh3U0JDSmM5YXNQbll2WS0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC80MDJlZWEtNDgxNC00ODc3LThkN2EtM2NhMmY3OTZiNTk2
LzEvWXN1TUVqT3dGckh3U0JDSmM5YXNQbll2WS0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIdjtojqq
aEUc0V3zu9k361d2I1XW0ngaBySaAQ95L6/LHIiUGlIxUnomALT/ZJFj6kW/fSyS
HdyW5X/1Uu/W6A/a75yKO8b+F1dolpEVcqP1aK34QoaMg2d7Zsux0AUzAqxM3nJc
mZ1DCinAMfTvdVuc7jsQnrl/H71Y0RaHbv2D1zjHWsvCgjGwNsn4wf6lOwrkjxvz
mD5rHEKahOeEukPA5xva9OT/0WvA+kms23IFu/fHVEcjPafKS+6GgZrmbEJxkIT4
WQeqtv4LICrUSYGXC9iSd8f0WVYzLOP5kqKn23KOv4azPOq2dwEcnbXZfK637Tza
kOyZsQkiiD+WGw==
-----END CERTIFICATE-----