Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
File:                     yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft (raw, json)
Hash identifier:          kx8elLVCktqIzBaTQicEMm+Ah66JuYdhzUzreaNG2GE=
Subject key identifier:   08:F6:2A:12:33:93:64:8E:A2:04:2D:D4:64:79:0E:4E:2D:34:64:97
Authority key identifier: CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13
Certificate issuer:       /CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
Certificate serial:       0196C04A838CB855833C8C58C9A21E5B301B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
Manifest number:          084D
Signing time:             Sun 11 May 2025 17:00:30 +0000
Manifest this update:     Sun 11 May 2025 17:00:30 +0000
Manifest next update:     Mon 12 May 2025 17:00:30 +0000
Files and hashes:         1: yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl (hash: RAEnoa7z19qrRmxE1Qq+iHM17suLZLxpzX0Nfyh2LjM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c0:4a:83:8c:b8:55:83:3c:8c:58:c9:a2:1e:5b:30:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
        Validity
            Not Before: May 11 17:00:30 2025 GMT
            Not After : May 12 17:00:30 2025 GMT
        Subject: CN=08f62a123393648ea2042dd464790e4e2d346497
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:b8:d0:1e:70:70:27:e5:c1:95:dc:7f:7c:f7:
                    05:66:3c:b7:83:1c:a3:ac:53:e3:90:bc:80:cf:7d:
                    df:f1:93:9b:7e:40:24:e5:ae:39:34:d8:83:62:f9:
                    9c:1b:f2:59:e7:59:47:93:b4:51:5b:64:47:ce:b8:
                    25:b0:eb:11:20:06:00:9c:0d:89:8a:92:b3:bb:f7:
                    4b:97:8d:0a:e3:af:18:02:8e:f5:14:21:fe:44:66:
                    8c:4e:e8:83:31:cd:12:a0:47:cf:b6:43:7d:30:52:
                    0c:29:a6:bb:98:d2:80:99:f6:51:b3:09:42:e3:5e:
                    b3:b5:77:50:c2:e9:a7:90:ae:73:53:8f:38:f1:a6:
                    16:d0:4e:97:51:31:fb:59:ff:4c:8d:fd:1e:10:16:
                    89:1a:e4:c6:ca:ec:49:7d:49:ec:8c:5f:d8:d8:73:
                    7b:ce:a3:82:fa:3b:c1:9e:4a:93:58:80:1a:02:af:
                    37:65:3d:b6:ed:27:0d:d2:7d:33:a4:62:e3:c1:51:
                    14:55:85:7d:e5:f2:f9:67:3b:8a:4f:ed:57:f2:bb:
                    81:28:bc:87:36:40:4f:93:5d:28:88:cf:b4:d2:44:
                    f1:f3:e3:cb:de:04:e2:ac:00:e5:fd:3d:a7:5c:47:
                    23:58:ea:5a:37:6c:f1:e4:44:e1:6a:50:99:6b:dc:
                    ec:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:F6:2A:12:33:93:64:8E:A2:04:2D:D4:64:79:0E:4E:2D:34:64:97
            X509v3 Authority Key Identifier:
                keyid:CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:d5:d2:2a:dd:a2:23:b1:2e:2a:3f:1a:0f:14:49:08:50:52:
         01:89:bf:c0:3b:53:ec:c7:ac:60:9c:19:5d:09:73:75:82:2c:
         14:00:d8:bb:53:e6:2c:9d:c9:45:c7:aa:2e:41:57:aa:bd:a5:
         ad:1c:84:4a:ad:43:02:c6:29:83:61:7d:06:ef:8c:02:d5:18:
         f9:03:47:c8:c3:61:54:86:44:90:c1:e5:40:93:c9:fe:e6:d4:
         05:3a:fc:e0:11:ad:94:af:61:ab:36:2e:62:01:d7:8c:1c:c5:
         12:66:b0:00:a5:5c:71:bc:16:b3:6b:ce:35:43:77:7b:88:bb:
         96:33:ce:58:c2:93:6e:8d:da:cc:be:f4:ee:43:c9:41:27:b7:
         7a:f3:8f:69:d2:6d:81:53:e6:a4:d8:6f:a4:df:23:fe:44:df:
         0e:62:08:cb:9e:03:e6:66:93:e0:6d:5b:c9:d0:be:d5:f3:a7:
         9e:35:3e:5d:26:38:69:d9:60:58:e3:10:5c:7f:80:09:37:2c:
         7a:67:99:2c:5c:85:43:64:46:6e:b4:30:42:b4:a0:9e:e1:82:
         ea:d5:a1:4e:a9:58:5f:21:cf:84:a6:7a:2a:28:79:05:f4:52:
         05:92:c4:f5:d8:5b:40:9f:6f:35:9e:e7:98:56:dc:f1:b2:8f:
         ab:b5:e0:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbASoOMuFWDPIxYyaIeWzAbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWExYTYyYzgwYjBmMzMzNGM1ZGMxOGRjNjRiN2JmOTc4
ODkwMTMwHhcNMjUwNTExMTcwMDMwWhcNMjUwNTEyMTcwMDMwWjAzMTEwLwYDVQQD
EygwOGY2MmExMjMzOTM2NDhlYTIwNDJkZDQ2NDc5MGU0ZTJkMzQ2NDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rjQHnBwJ+XBldx/fPcFZjy3gxyj
rFPjkLyAz33f8ZObfkAk5a45NNiDYvmcG/JZ51lHk7RRW2RHzrglsOsRIAYAnA2J
ipKzu/dLl40K468YAo71FCH+RGaMTuiDMc0SoEfPtkN9MFIMKaa7mNKAmfZRswlC
416ztXdQwumnkK5zU4848aYW0E6XUTH7Wf9Mjf0eEBaJGuTGyuxJfUnsjF/Y2HN7
zqOC+jvBnkqTWIAaAq83ZT227ScN0n0zpGLjwVEUVYV95fL5ZzuKT+1X8ruBKLyH
NkBPk10oiM+00kTx8+PL3gTirADl/T2nXEcjWOpaN2zx5EThalCZa9zsUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAj2KhIzk2SOogQt1GR5Dk4tNGSXMB8GA1UdIwQY
MBaAFMoaGmLICw8zNMXcGNxkt7+XiJATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2Qt
YTA5ODU0YWI2NWEyLzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2QtYTA5ODU0YWI2NWEy
LzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFNXSKt2i
I7EuKj8aDxRJCFBSAYm/wDtT7MesYJwZXQlzdYIsFADYu1PmLJ3JRceqLkFXqr2l
rRyESq1DAsYpg2F9Bu+MAtUY+QNHyMNhVIZEkMHlQJPJ/ubUBTr84BGtlK9hqzYu
YgHXjBzFEmawAKVccbwWs2vONUN3e4i7ljPOWMKTbo3azL707kPJQSe3evOPadJt
gVPmpNhvpN8j/kTfDmIIy54D5maT4G1bydC+1fOnnjU+XSY4adlgWOMQXH+ACTcs
emeZLFyFQ2RGbrQwQrSgnuGC6tWhTqlYXyHPhKZ6Kih5BfRSBZLE9dhbQJ9vNZ7n
mFbc8bKPq7Xgyw==
-----END CERTIFICATE-----