Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
File:                     PYyo-vPO4aXlGlxc2_lIKgACe2U.mft (raw, json)
Hash identifier:          n1dUMRXAgqPtwH2vQYqjHvwoJM3kCDsU9bAdoIygzms=
Subject key identifier:   4B:08:DC:F0:00:AB:62:73:B1:F3:1E:A8:0E:E6:EB:6A:BC:2D:BB:62
Authority key identifier: 3D:8C:A8:FA:F3:CE:E1:A5:E5:1A:5C:5C:DB:F9:48:2A:00:02:7B:65
Certificate issuer:       /CN=3d8ca8faf3cee1a5e51a5c5cdbf9482a00027b65
Certificate serial:       0196B9A3625EEC6596876E61EE068219EB6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
Manifest number:          0A9F
Signing time:             Sat 10 May 2025 10:00:14 +0000
Manifest this update:     Sat 10 May 2025 10:00:14 +0000
Manifest next update:     Sun 11 May 2025 10:00:14 +0000
Files and hashes:         1: PYyo-vPO4aXlGlxc2_lIKgACe2U.crl (hash: zMXdfAgvKQpiDIyoT7/4P5XR1G7XYapMtLP+YQZC0Zk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 10:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b9:a3:62:5e:ec:65:96:87:6e:61:ee:06:82:19:eb:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d8ca8faf3cee1a5e51a5c5cdbf9482a00027b65
        Validity
            Not Before: May 10 10:00:14 2025 GMT
            Not After : May 11 10:00:14 2025 GMT
        Subject: CN=4b08dcf000ab6273b1f31ea80ee6eb6abc2dbb62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:c6:2f:1c:4b:6e:1a:18:72:49:a3:6b:34:1b:
                    c0:f9:1d:94:61:b7:55:ad:64:1c:ad:13:98:cf:cd:
                    eb:c1:29:9f:d0:91:81:9f:08:ca:bd:c0:7c:66:2d:
                    5a:c9:6f:05:7a:e8:72:d9:00:29:b3:b6:6e:95:0f:
                    38:4b:8b:f9:af:ed:50:df:8b:c7:ab:72:5e:84:f6:
                    79:22:7c:09:2e:eb:d9:00:98:ac:e9:5e:ad:1b:94:
                    31:4b:29:a7:b0:1d:f9:68:b4:0f:09:06:b1:1d:ec:
                    4f:fd:20:f7:dc:1d:12:e5:e2:49:08:5e:3e:e3:93:
                    f2:fb:33:c1:13:f0:9c:62:2a:2f:95:c7:51:52:54:
                    c2:7e:18:37:63:5a:ee:b4:1a:1b:12:d8:c8:c5:64:
                    ea:99:39:87:ea:7a:9b:2a:1f:92:8e:96:f8:07:13:
                    f3:8a:f2:68:6c:9a:e9:c2:eb:2a:c2:7d:cf:6c:ee:
                    40:4e:e3:7e:fe:5b:4a:5a:3a:f6:cf:d9:c1:f4:e7:
                    ee:d5:e7:d4:7a:8d:14:7a:81:f4:27:f0:70:52:0f:
                    2f:71:b0:bc:3c:f3:f3:f9:9b:93:f8:51:4c:0a:71:
                    43:9c:21:5d:b7:ee:34:64:e9:5c:b8:0e:cc:e6:b4:
                    84:a5:52:cb:d6:eb:38:8e:93:b2:b9:ba:1e:82:e0:
                    8a:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:08:DC:F0:00:AB:62:73:B1:F3:1E:A8:0E:E6:EB:6A:BC:2D:BB:62
            X509v3 Authority Key Identifier:
                keyid:3D:8C:A8:FA:F3:CE:E1:A5:E5:1A:5C:5C:DB:F9:48:2A:00:02:7B:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:1e:d9:df:55:b8:ce:e9:88:be:1e:7a:0e:af:c9:f8:df:7a:
         77:42:6c:fb:49:16:bc:94:63:56:a3:00:b5:cd:39:80:68:e9:
         27:af:dd:fd:55:75:2c:ac:12:4b:a7:4d:dd:5e:8b:5c:6c:e1:
         76:aa:61:1a:9e:15:d9:13:2b:d8:65:91:70:6f:9f:e4:54:2f:
         87:65:87:09:01:72:4f:14:5d:8f:68:21:22:dc:80:4a:f3:4e:
         24:38:a0:78:f3:e7:11:6a:f6:d1:6f:11:62:ed:0c:74:d5:dc:
         bc:3f:96:c4:2f:56:6f:fb:9e:eb:8f:cd:1e:5e:ae:8f:c3:4c:
         f6:42:ee:d9:d9:d9:64:2a:a6:94:46:b6:c0:5b:f1:da:33:c1:
         64:35:67:24:62:7b:74:20:2b:9d:29:1b:f4:cb:9e:df:2e:41:
         bf:77:43:bd:05:46:66:65:58:d6:a6:a7:b0:ae:dc:70:e7:fb:
         92:3c:d0:36:c0:8d:7a:2b:1d:71:2a:d3:71:1b:60:a9:aa:96:
         41:63:b4:a7:f9:fa:05:74:b7:e8:e3:b3:b3:56:93:50:b8:b1:
         0e:78:b4:12:3a:e4:31:2d:c1:83:f5:1f:f5:70:43:73:61:6c:
         12:cd:b1:8f:08:26:58:df:f3:65:60:3d:f3:1b:ec:d5:bf:01:
         f0:af:2a:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa5o2Je7GWWh25h7gaCGetuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGNhOGZhZjNjZWUxYTVlNTFhNWM1Y2RiZjk0ODJhMDAw
MjdiNjUwHhcNMjUwNTEwMTAwMDE0WhcNMjUwNTExMTAwMDE0WjAzMTEwLwYDVQQD
Eyg0YjA4ZGNmMDAwYWI2MjczYjFmMzFlYTgwZWU2ZWI2YWJjMmRiYjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8YvHEtuGhhySaNrNBvA+R2UYbdV
rWQcrROYz83rwSmf0JGBnwjKvcB8Zi1ayW8Feuhy2QAps7ZulQ84S4v5r+1Q34vH
q3JehPZ5InwJLuvZAJis6V6tG5QxSymnsB35aLQPCQaxHexP/SD33B0S5eJJCF4+
45Py+zPBE/CcYiovlcdRUlTCfhg3Y1rutBobEtjIxWTqmTmH6nqbKh+Sjpb4BxPz
ivJobJrpwusqwn3PbO5ATuN+/ltKWjr2z9nB9Ofu1efUeo0UeoH0J/BwUg8vcbC8
PPPz+ZuT+FFMCnFDnCFdt+40ZOlcuA7M5rSEpVLL1us4jpOyuboeguCK/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEsI3PAAq2JzsfMeqA7m62q8LbtiMB8GA1UdIwQY
MBaAFD2MqPrzzuGl5RpcXNv5SCoAAntlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8xMTIzN2QtYzY5ZC00MGQ0LWI0ZDct
NGUxNWI4NGVlNzA2LzEvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8xMTIzN2QtYzY5ZC00MGQ0LWI0ZDctNGUxNWI4NGVlNzA2
LzEvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACh7Z31W4
zumIvh56Dq/J+N96d0Js+0kWvJRjVqMAtc05gGjpJ6/d/VV1LKwSS6dN3V6LXGzh
dqphGp4V2RMr2GWRcG+f5FQvh2WHCQFyTxRdj2ghItyASvNOJDigePPnEWr20W8R
Yu0MdNXcvD+WxC9Wb/ue64/NHl6uj8NM9kLu2dnZZCqmlEa2wFvx2jPBZDVnJGJ7
dCArnSkb9Mue3y5Bv3dDvQVGZmVY1qansK7ccOf7kjzQNsCNeisdcSrTcRtgqaqW
QWO0p/n6BXS36OOzs1aTULixDni0EjrkMS3Bg/Uf9XBDc2FsEs2xjwgmWN/zZWA9
8xvs1b8B8K8qsQ==
-----END CERTIFICATE-----