Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.mft
File:                     YsuMEjOwFrHwSBCJc9asPnYvY-0.mft (raw, json)
Hash identifier:          rV/7sG6Xp9LgVhWzL+OD3n6zb5E/uJ6Y3dBqbspeKwI=
Subject key identifier:   C3:59:62:5A:4A:1F:8C:44:53:48:20:86:2D:14:B2:68:F0:72:D4:A8
Authority key identifier: 62:CB:8C:12:33:B0:16:B1:F0:48:10:89:73:D6:AC:3E:76:2F:63:ED
Certificate issuer:       /CN=62cb8c1233b016b1f048108973d6ac3e762f63ed
Certificate serial:       0195797DA622C617A6BA1870D3037C1A97E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YsuMEjOwFrHwSBCJc9asPnYvY-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.mft
Manifest number:          1034
Signing time:             Sun 09 Mar 2025 06:00:32 +0000
Manifest this update:     Sun 09 Mar 2025 06:00:32 +0000
Manifest next update:     Mon 10 Mar 2025 06:00:32 +0000
Files and hashes:         1: YsuMEjOwFrHwSBCJc9asPnYvY-0.crl (hash: GVsnmV19SphDvXUEoS0JozKk3x4gQfKCGNOmsge4fvc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YsuMEjOwFrHwSBCJc9asPnYvY-0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 10 Mar 2025 06:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:79:7d:a6:22:c6:17:a6:ba:18:70:d3:03:7c:1a:97:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62cb8c1233b016b1f048108973d6ac3e762f63ed
        Validity
            Not Before: Mar  9 06:00:32 2025 GMT
            Not After : Mar 10 06:00:32 2025 GMT
        Subject: CN=c359625a4a1f8c44534820862d14b268f072d4a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:87:ce:ce:11:01:48:95:32:16:7d:fc:c6:bb:
                    41:51:47:ec:e7:f6:8d:ba:05:13:8c:df:d9:de:92:
                    8f:1e:f1:62:7a:4b:0a:9d:af:7f:59:cb:c4:8d:d9:
                    3c:07:84:a2:95:fa:4e:7a:06:7b:e9:ba:0a:23:a7:
                    8f:a7:60:4d:ad:26:31:6c:f3:41:d2:ae:c4:97:2c:
                    f6:79:c1:b4:86:17:0b:8a:ed:44:c8:a3:df:8c:1e:
                    31:d4:16:7b:33:26:a8:1c:da:2c:50:d0:86:99:c8:
                    40:10:3d:e5:ef:b3:9c:d4:f9:d8:e8:d4:03:88:fc:
                    ef:11:66:e5:25:e9:54:21:69:bf:81:89:8b:69:12:
                    ea:e4:84:db:87:0b:a8:2c:0c:2c:a3:92:b7:b5:dc:
                    91:78:92:26:ba:38:fd:98:8a:23:48:f9:e9:37:99:
                    97:09:05:b4:51:a9:76:32:92:2b:4f:59:08:de:2c:
                    56:b7:28:03:f6:f5:dd:1c:c9:7a:e6:71:0b:e5:a1:
                    8c:f2:90:61:f9:9e:8b:1e:b0:15:23:70:83:5d:ea:
                    b9:ab:de:17:be:b5:6a:bb:b1:e0:43:69:ad:09:1e:
                    2b:23:70:90:e6:14:d8:08:89:f5:3f:55:f9:f3:ba:
                    2f:5b:73:73:ab:bc:ee:14:d9:76:4e:69:ec:19:7a:
                    c5:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:59:62:5A:4A:1F:8C:44:53:48:20:86:2D:14:B2:68:F0:72:D4:A8
            X509v3 Authority Key Identifier:
                keyid:62:CB:8C:12:33:B0:16:B1:F0:48:10:89:73:D6:AC:3E:76:2F:63:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YsuMEjOwFrHwSBCJc9asPnYvY-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:4c:7e:1a:63:84:51:ef:61:5f:c7:df:af:01:bc:d0:4f:31:
         d2:e1:58:31:09:3d:97:0f:46:bd:42:08:3b:3f:e2:90:e1:86:
         eb:e8:06:72:91:c3:ea:2f:b3:0d:6e:d3:a5:ba:2d:cd:ef:02:
         54:96:1b:f3:56:a7:1d:67:ad:49:6e:f6:7a:04:6f:26:6a:f2:
         4f:fe:5a:34:f7:cd:fb:9e:24:ee:c8:61:96:97:52:a9:1c:97:
         4a:0e:fb:d2:15:b7:a4:81:7b:b6:f6:99:2a:5c:ab:16:2a:9e:
         30:a3:ca:6c:7f:2c:e7:41:19:2e:88:73:6b:5a:9b:3b:d9:3c:
         94:f8:8c:82:b8:98:ac:38:63:6a:74:ea:19:16:07:6b:27:b7:
         56:1c:cb:d9:68:89:31:35:d0:ba:52:4f:3e:67:7a:f8:f6:8a:
         38:be:01:63:a6:56:71:64:99:2e:79:a3:c6:ac:48:30:a4:bd:
         dc:5f:8b:93:d1:b2:3d:05:9f:34:52:1c:41:91:c8:b4:7a:d3:
         c8:5e:4a:81:f2:1c:c0:e8:fd:91:d9:93:d2:29:d1:70:83:f0:
         ce:68:82:69:82:93:64:34:02:11:52:d4:4a:8e:20:fd:fb:1a:
         c1:ce:84:f9:c2:58:d8:53:ab:91:b9:29:79:a7:e3:03:66:d0:
         d4:97:f9:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV5faYixhemuhhw0wN8GpfhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyY2I4YzEyMzNiMDE2YjFmMDQ4MTA4OTczZDZhYzNlNzYy
ZjYzZWQwHhcNMjUwMzA5MDYwMDMyWhcNMjUwMzEwMDYwMDMyWjAzMTEwLwYDVQQD
EyhjMzU5NjI1YTRhMWY4YzQ0NTM0ODIwODYyZDE0YjI2OGYwNzJkNGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIfOzhEBSJUyFn38xrtBUUfs5/aN
ugUTjN/Z3pKPHvFieksKna9/WcvEjdk8B4SilfpOegZ76boKI6ePp2BNrSYxbPNB
0q7Elyz2ecG0hhcLiu1EyKPfjB4x1BZ7MyaoHNosUNCGmchAED3l77Oc1PnY6NQD
iPzvEWblJelUIWm/gYmLaRLq5ITbhwuoLAwso5K3tdyReJImujj9mIojSPnpN5mX
CQW0Ual2MpIrT1kI3ixWtygD9vXdHMl65nEL5aGM8pBh+Z6LHrAVI3CDXeq5q94X
vrVqu7HgQ2mtCR4rI3CQ5hTYCIn1P1X587ovW3Nzq7zuFNl2TmnsGXrF6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMNZYlpKH4xEU0gghi0UsmjwctSoMB8GA1UdIwQY
MBaAFGLLjBIzsBax8EgQiXPWrD52L2PtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXN1TUVqT3dGckh3U0JDSmM5YXNQbll2WS0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC80MDJlZWEtNDgxNC00ODc3LThkN2Et
M2NhMmY3OTZiNTk2LzEvWXN1TUVqT3dGckh3U0JDSmM5YXNQbll2WS0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC80MDJlZWEtNDgxNC00ODc3LThkN2EtM2NhMmY3OTZiNTk2
LzEvWXN1TUVqT3dGckh3U0JDSmM5YXNQbll2WS0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUkx+GmOE
Ue9hX8ffrwG80E8x0uFYMQk9lw9GvUIIOz/ikOGG6+gGcpHD6i+zDW7Tpbotze8C
VJYb81anHWetSW72egRvJmryT/5aNPfN+54k7shhlpdSqRyXSg770hW3pIF7tvaZ
KlyrFiqeMKPKbH8s50EZLohza1qbO9k8lPiMgriYrDhjanTqGRYHaye3VhzL2WiJ
MTXQulJPPmd6+PaKOL4BY6ZWcWSZLnmjxqxIMKS93F+Lk9GyPQWfNFIcQZHItHrT
yF5KgfIcwOj9kdmT0inRcIPwzmiCaYKTZDQCEVLUSo4g/fsawc6E+cJY2FOrkbkp
eafjA2bQ1Jf5Ag==
-----END CERTIFICATE-----