Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft
File:                     _yBr0QgxynN4dWteFhc4lqYLAZE.mft (raw, json)
Hash identifier:          TfgBhWVzsz1ttijdhvr14edpZJ9SqBSoqWDEwQS0orQ=
Subject key identifier:   67:E7:67:24:9B:F0:43:2B:EF:59:6B:78:A4:C6:D5:CF:6E:65:BE:82
Authority key identifier: FF:20:6B:D1:08:31:CA:73:78:75:6B:5E:16:17:38:96:A6:0B:01:91
Certificate issuer:       /CN=ff206bd10831ca7378756b5e16173896a60b0191
Certificate serial:       019641E7D62CD3BA21F2605FA7A642DF992F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_yBr0QgxynN4dWteFhc4lqYLAZE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft
Manifest number:          0CB3
Signing time:             Thu 17 Apr 2025 04:00:34 +0000
Manifest this update:     Thu 17 Apr 2025 04:00:34 +0000
Manifest next update:     Fri 18 Apr 2025 04:00:34 +0000
Files and hashes:         1: _yBr0QgxynN4dWteFhc4lqYLAZE.crl (hash: DOXE11OEZgk2UO2anmdRYgIwrUuJRSmv0qjX/rhbB4I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_yBr0QgxynN4dWteFhc4lqYLAZE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 04:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:41:e7:d6:2c:d3:ba:21:f2:60:5f:a7:a6:42:df:99:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff206bd10831ca7378756b5e16173896a60b0191
        Validity
            Not Before: Apr 17 04:00:34 2025 GMT
            Not After : Apr 18 04:00:34 2025 GMT
        Subject: CN=67e767249bf0432bef596b78a4c6d5cf6e65be82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ad:db:e8:b8:c1:eb:14:9b:98:ec:75:22:0c:
                    3e:ad:c0:d3:f8:a0:31:40:06:6c:9d:82:63:8b:d3:
                    91:68:1e:21:b5:2a:fb:94:d5:b1:94:5e:71:79:e3:
                    8b:cf:85:43:3c:fa:49:ff:5c:c0:5c:50:90:d2:b9:
                    a8:65:df:53:04:10:2f:69:79:ad:bb:af:09:15:b3:
                    b1:11:5e:bc:af:4c:d1:1e:97:e8:52:61:47:20:1b:
                    53:34:3f:af:ee:bf:19:3d:61:f4:98:8a:bf:46:0f:
                    f6:9f:01:74:6e:2e:f5:2f:f9:64:ff:d9:88:08:50:
                    60:5f:c3:e8:91:3c:82:81:29:b4:f0:6f:55:57:68:
                    2d:f5:ab:85:9e:fe:98:62:77:8b:55:cf:58:c5:70:
                    40:4a:73:d7:d4:bf:37:7c:5f:37:7e:ef:8e:14:21:
                    02:ec:e1:0c:a2:ab:fe:48:03:14:db:b3:0b:74:75:
                    cf:82:4f:b1:5d:5e:26:bb:ba:2f:a7:1a:ce:ec:a5:
                    2d:96:8f:5d:70:52:f3:e3:b6:ee:cf:e8:55:5d:32:
                    9b:d8:a8:72:3f:8e:eb:cf:a0:40:f2:73:fb:ca:94:
                    16:3e:e1:47:37:78:8d:2f:3e:b6:80:23:82:e2:d0:
                    6c:98:ea:fd:8b:e0:e1:fd:8f:8c:5e:47:cb:b0:d6:
                    08:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:E7:67:24:9B:F0:43:2B:EF:59:6B:78:A4:C6:D5:CF:6E:65:BE:82
            X509v3 Authority Key Identifier:
                keyid:FF:20:6B:D1:08:31:CA:73:78:75:6B:5E:16:17:38:96:A6:0B:01:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_yBr0QgxynN4dWteFhc4lqYLAZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:cf:51:9c:35:d4:7a:fe:64:ab:07:f8:fa:49:c2:87:b1:ca:
         60:fe:9e:1c:13:a1:3c:38:cd:f2:cf:06:f2:51:23:cf:c9:80:
         19:3c:54:2b:63:c5:fa:51:7f:90:29:b0:64:32:f2:c3:04:56:
         cd:74:95:19:4a:6a:a2:25:30:c9:cd:0b:74:80:ec:1d:18:a5:
         48:3d:0d:93:4b:9f:83:84:00:dd:fa:05:bc:7b:2c:8e:65:56:
         82:97:46:2a:55:81:f4:f1:08:2f:e2:a0:ef:59:47:4b:5e:22:
         6f:e2:74:9e:4e:e9:97:54:31:65:ec:66:35:43:bc:c2:67:ac:
         8c:85:03:91:88:f7:9c:ba:e4:f9:dd:b8:a2:0f:7c:e7:c2:e0:
         be:c2:70:62:2a:0f:57:65:76:8c:79:de:0d:c8:14:2a:f8:46:
         28:3f:6c:96:44:77:19:a4:4e:6b:77:41:46:e1:76:af:75:7e:
         70:4c:3b:ee:81:26:f3:f9:a5:24:38:bd:98:49:61:96:79:48:
         b0:f4:a9:5c:34:79:c1:26:9a:0e:ff:b2:df:bf:af:5a:c8:ff:
         e4:d4:e3:19:65:49:71:3e:5c:9e:06:29:24:be:53:25:cf:50:
         11:2c:ee:7c:4d:cf:19:a0:00:5f:7f:87:b6:ca:0c:cd:e4:da:
         6d:8d:9e:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZB59Ys07oh8mBfp6ZC35kvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMjA2YmQxMDgzMWNhNzM3ODc1NmI1ZTE2MTczODk2YTYw
YjAxOTEwHhcNMjUwNDE3MDQwMDM0WhcNMjUwNDE4MDQwMDM0WjAzMTEwLwYDVQQD
Eyg2N2U3NjcyNDliZjA0MzJiZWY1OTZiNzhhNGM2ZDVjZjZlNjViZTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwq3b6LjB6xSbmOx1Igw+rcDT+KAx
QAZsnYJji9ORaB4htSr7lNWxlF5xeeOLz4VDPPpJ/1zAXFCQ0rmoZd9TBBAvaXmt
u68JFbOxEV68r0zRHpfoUmFHIBtTND+v7r8ZPWH0mIq/Rg/2nwF0bi71L/lk/9mI
CFBgX8PokTyCgSm08G9VV2gt9auFnv6YYneLVc9YxXBASnPX1L83fF83fu+OFCEC
7OEMoqv+SAMU27MLdHXPgk+xXV4mu7ovpxrO7KUtlo9dcFLz47buz+hVXTKb2Khy
P47rz6BA8nP7ypQWPuFHN3iNLz62gCOC4tBsmOr9i+Dh/Y+MXkfLsNYIgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfnZySb8EMr71lreKTG1c9uZb6CMB8GA1UdIwQY
MBaAFP8ga9EIMcpzeHVrXhYXOJamCwGRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lCcjBRZ3h5bk40ZFd0ZUZoYzRscVlMQVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9hMzVkMzctNzQ0Ny00Y2Y0LTk4MmYt
NTBmMzk4YmIyNmU5LzEvX3lCcjBRZ3h5bk40ZFd0ZUZoYzRscVlMQVpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9hMzVkMzctNzQ0Ny00Y2Y0LTk4MmYtNTBmMzk4YmIyNmU5
LzEvX3lCcjBRZ3h5bk40ZFd0ZUZoYzRscVlMQVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJc9RnDXU
ev5kqwf4+knCh7HKYP6eHBOhPDjN8s8G8lEjz8mAGTxUK2PF+lF/kCmwZDLywwRW
zXSVGUpqoiUwyc0LdIDsHRilSD0Nk0ufg4QA3foFvHssjmVWgpdGKlWB9PEIL+Kg
71lHS14ib+J0nk7pl1QxZexmNUO8wmesjIUDkYj3nLrk+d24og9858LgvsJwYioP
V2V2jHneDcgUKvhGKD9slkR3GaROa3dBRuF2r3V+cEw77oEm8/mlJDi9mElhlnlI
sPSpXDR5wSaaDv+y37+vWsj/5NTjGWVJcT5cngYpJL5TJc9QESzufE3PGaAAX3+H
tsoMzeTabY2e3w==
-----END CERTIFICATE-----