Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
File:                     pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft (raw, json)
Hash identifier:          oX1Aq6erOFjZ9KWDluWiMh3rjfQidHjPScQS3ThFwOM=
Subject key identifier:   29:70:5A:53:94:21:30:77:70:E1:45:98:32:6D:D1:11:39:87:B5:4D
Authority key identifier: A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92
Certificate issuer:       /CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92
Certificate serial:       0196C15D8D84C672835B0716D06D37B33631
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
Manifest number:          1033
Signing time:             Sun 11 May 2025 22:00:55 +0000
Manifest this update:     Sun 11 May 2025 22:00:55 +0000
Manifest next update:     Mon 12 May 2025 22:00:55 +0000
Files and hashes:         1: pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl (hash: vDedMZLyEAgen341HR2fUzIH4bDPvgCNRJ+1pVbOvw8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 22:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:5d:8d:84:c6:72:83:5b:07:16:d0:6d:37:b3:36:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92
        Validity
            Not Before: May 11 22:00:55 2025 GMT
            Not After : May 12 22:00:55 2025 GMT
        Subject: CN=29705a539421307770e14598326dd1113987b54d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:9d:04:6e:c2:69:eb:8d:12:2f:85:c0:96:72:
                    ff:2b:10:31:07:99:9e:6d:d7:04:84:07:4c:7b:b3:
                    dd:7f:4e:f4:8d:10:7e:b0:1c:89:ce:90:44:b0:1f:
                    c5:cc:2e:59:99:19:92:52:88:06:b5:85:d3:a0:11:
                    07:31:5a:c9:2e:6b:40:bf:2b:47:16:51:98:44:0d:
                    3d:49:44:6e:ad:7f:aa:97:83:95:a3:4b:8e:27:b0:
                    d6:37:71:1c:86:ab:9b:4a:b5:cb:69:bc:51:79:0e:
                    3e:ae:86:a3:c2:9d:ff:e1:a8:cb:5c:6f:67:da:9f:
                    5c:7a:e7:8f:3b:9f:de:55:53:ad:64:b5:55:5f:a8:
                    47:80:ee:2a:c5:d0:8e:6a:fb:d5:a8:ad:69:41:47:
                    c9:ab:a1:7a:08:91:19:01:00:83:87:16:bc:d2:a4:
                    eb:53:ef:f6:a2:72:95:51:13:82:c0:8b:93:1f:29:
                    1f:4f:b1:c6:17:c8:9e:d6:d6:48:1e:00:17:4a:88:
                    50:ef:11:f3:4b:27:15:ff:43:15:cb:ed:f8:d1:2a:
                    87:78:aa:15:c4:1e:60:0f:46:b1:9c:23:b1:e1:ff:
                    1c:c4:4f:c0:74:ad:a5:a4:f2:93:cd:7c:5e:fa:61:
                    ae:cb:43:fe:78:b5:eb:ab:42:08:75:61:be:c6:a1:
                    d7:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:70:5A:53:94:21:30:77:70:E1:45:98:32:6D:D1:11:39:87:B5:4D
            X509v3 Authority Key Identifier:
                keyid:A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:10:84:e0:99:5b:88:01:cc:ef:10:25:42:1f:3c:ae:80:06:
         87:3c:96:f3:36:78:fc:ee:0e:a7:af:0a:5b:af:99:aa:6d:3d:
         ec:cb:94:0b:f9:25:9b:25:1b:0c:cd:28:50:8d:22:5d:48:af:
         0b:8a:0d:1f:e1:f3:be:c6:18:f8:49:06:43:4d:c4:d7:70:2d:
         6d:89:b0:aa:36:5d:02:a9:5c:a0:bd:00:9b:1f:eb:0d:64:7f:
         8b:e8:7e:68:a8:65:54:bd:80:cc:01:2c:c5:b1:3a:c9:60:f3:
         1d:d7:13:da:65:47:cb:ba:af:71:42:4a:89:45:31:51:16:39:
         c5:a9:23:22:b2:6a:8f:c5:d4:11:4c:e0:c4:2c:7f:e8:67:a3:
         07:57:7c:9f:bb:30:6a:f5:bb:21:ab:b9:1d:5f:8e:0f:c2:42:
         8d:6a:c4:f0:b4:42:9a:58:88:53:99:cd:bc:8f:5a:a3:d2:9f:
         bc:37:1d:67:ea:c9:6f:26:cb:f4:4c:13:b0:ac:51:34:3a:57:
         b4:6b:e1:e6:fe:f6:92:c3:a3:b6:88:4e:b3:a2:62:f1:83:1a:
         00:06:3f:f7:ca:4a:87:33:59:20:23:cd:0e:da:56:1a:d3:b5:
         52:a4:f0:ea:7f:b0:56:50:2d:c0:c4:56:8b:4c:aa:ae:e9:3d:
         34:c8:9f:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbBXY2ExnKDWwcW0G03szYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OGVmZDEwOGQ0YzViMGY0ZjlhODhhZTUzYmI3ZmVjOWQ1
OTRiOTIwHhcNMjUwNTExMjIwMDU1WhcNMjUwNTEyMjIwMDU1WjAzMTEwLwYDVQQD
EygyOTcwNWE1Mzk0MjEzMDc3NzBlMTQ1OTgzMjZkZDExMTM5ODdiNTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJ0EbsJp640SL4XAlnL/KxAxB5me
bdcEhAdMe7Pdf070jRB+sByJzpBEsB/FzC5ZmRmSUogGtYXToBEHMVrJLmtAvytH
FlGYRA09SURurX+ql4OVo0uOJ7DWN3EchqubSrXLabxReQ4+roajwp3/4ajLXG9n
2p9ceuePO5/eVVOtZLVVX6hHgO4qxdCOavvVqK1pQUfJq6F6CJEZAQCDhxa80qTr
U+/2onKVUROCwIuTHykfT7HGF8ie1tZIHgAXSohQ7xHzSycV/0MVy+340SqHeKoV
xB5gD0axnCOx4f8cxE/AdK2lpPKTzXxe+mGuy0P+eLXrq0IIdWG+xqHXGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFClwWlOUITB3cOFFmDJt0RE5h7VNMB8GA1UdIwQY
MBaAFKWO/RCNTFsPT5qIrlO7f+ydWUuSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUt
MTVjYzVkYTA3ODI2LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUtMTVjYzVkYTA3ODI2
LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlBCE4Jlb
iAHM7xAlQh88roAGhzyW8zZ4/O4Op68KW6+Zqm097MuUC/klmyUbDM0oUI0iXUiv
C4oNH+HzvsYY+EkGQ03E13AtbYmwqjZdAqlcoL0Amx/rDWR/i+h+aKhlVL2AzAEs
xbE6yWDzHdcT2mVHy7qvcUJKiUUxURY5xakjIrJqj8XUEUzgxCx/6GejB1d8n7sw
avW7Iau5HV+OD8JCjWrE8LRCmliIU5nNvI9ao9KfvDcdZ+rJbybL9EwTsKxRNDpX
tGvh5v72ksOjtohOs6Ji8YMaAAY/98pKhzNZICPNDtpWGtO1UqTw6n+wVlAtwMRW
i0yqruk9NMifXw==
-----END CERTIFICATE-----