Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
File:                     1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft (raw, json)
Hash identifier:          xmHWWrcvPVO1lZ3l5TBcpOCSRpbRh5c2NaBABF3Jj9g=
Subject key identifier:   68:23:9C:B8:CE:11:5E:00:DB:89:65:5E:4B:3C:3F:0B:CC:FE:6A:D3
Authority key identifier: D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5
Certificate issuer:       /CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
Certificate serial:       0196BE5CD1A248F46FBA94B527BEE9004726
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
Manifest number:          024C
Signing time:             Sun 11 May 2025 08:01:15 +0000
Manifest this update:     Sun 11 May 2025 08:01:15 +0000
Manifest next update:     Mon 12 May 2025 08:01:15 +0000
Files and hashes:         1: 1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl (hash: dKFUUKb72r+Q0uddNWA8B8Lq1uAgqC6bD+Tr0sWJFtA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:be:5c:d1:a2:48:f4:6f:ba:94:b5:27:be:e9:00:47:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
        Validity
            Not Before: May 11 08:01:15 2025 GMT
            Not After : May 12 08:01:15 2025 GMT
        Subject: CN=68239cb8ce115e00db89655e4b3c3f0bccfe6ad3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:14:cb:28:02:d7:36:36:22:ea:73:81:06:76:
                    7d:0e:ef:07:d6:4b:77:8e:8a:f7:fe:24:2a:ce:5c:
                    19:0b:0a:d9:6d:6c:2d:53:57:54:25:c1:d0:c2:b2:
                    d4:14:c5:73:20:11:ac:61:2c:4f:02:7a:4e:f0:d9:
                    71:cb:72:22:cd:08:1e:33:4c:8e:5c:3a:f5:11:9f:
                    0a:a1:36:44:57:31:68:d6:c1:b4:6a:47:63:61:32:
                    ac:aa:89:2f:6d:29:fa:88:c8:0b:ec:32:91:1c:0a:
                    d3:82:38:9d:05:07:7c:9c:42:a9:82:27:83:ac:60:
                    d6:7a:22:c4:3c:be:3c:01:d8:84:1f:c2:f4:02:7f:
                    e0:05:69:7f:44:c0:ba:72:93:80:ec:07:ac:3d:b8:
                    36:c3:d1:aa:65:db:76:5f:ba:98:78:55:75:58:94:
                    d5:7b:3f:a9:31:ec:1f:d7:40:b1:b5:ce:ba:60:a0:
                    80:a8:46:5a:c3:f3:20:45:1c:0d:24:46:cf:ad:28:
                    f9:09:7c:7a:a6:88:28:24:19:0e:2c:dd:63:4c:a9:
                    ec:13:b9:f9:dc:53:7d:02:f9:28:ce:19:b1:44:54:
                    74:d1:23:40:0c:cc:7b:48:f4:6e:25:e5:3b:a3:76:
                    43:ba:d6:d1:f3:c7:c6:b4:cf:ac:df:22:78:64:26:
                    3b:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:23:9C:B8:CE:11:5E:00:DB:89:65:5E:4B:3C:3F:0B:CC:FE:6A:D3
            X509v3 Authority Key Identifier:
                keyid:D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:57:22:fc:ec:6a:4a:9b:ba:0d:7f:ac:9c:46:9f:34:6f:51:
         69:74:fe:d6:b7:fe:c6:ef:f7:e8:59:35:32:ac:65:76:90:f3:
         ed:4c:d8:f7:78:8f:a6:64:e5:97:46:80:77:0a:8e:cb:12:f5:
         14:da:94:59:c2:b2:25:db:d1:71:4f:1d:28:07:3b:45:6d:d7:
         29:9d:96:8e:31:17:00:60:e0:4c:6c:e1:98:08:e4:36:b7:da:
         f3:77:12:b0:e8:00:a5:13:c7:03:f3:95:cd:ce:de:d7:b9:b9:
         e8:e0:c8:fc:0d:75:0c:62:21:e2:04:7d:da:20:74:be:34:2b:
         2b:5b:27:d5:9a:8e:10:ae:ff:5d:9b:a1:45:e8:15:8f:62:62:
         1b:bb:d4:72:b5:5f:c5:6c:57:ac:de:fb:0a:6b:d6:be:43:40:
         82:d8:e8:a3:0c:d8:c3:7c:78:f2:d9:df:22:75:be:58:43:30:
         f5:06:8f:23:d0:88:c4:98:46:86:d6:b2:d0:44:8f:bc:b0:ed:
         a9:dc:97:d7:da:4a:8a:ea:c4:47:91:87:c6:fd:53:a0:ca:28:
         bb:a2:5c:c2:79:c2:e2:a8:02:00:0f:6e:15:7a:ee:58:67:a4:
         aa:6a:99:66:c0:42:34:a2:85:96:38:db:1d:d4:c4:51:d0:c9:
         61:cb:d7:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa+XNGiSPRvupS1J77pAEcmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjYyM2RhNGNkMmVlZGRjMmM4N2M1MTVjNjI1MThjNDMx
ZDNmYjUwHhcNMjUwNTExMDgwMTE1WhcNMjUwNTEyMDgwMTE1WjAzMTEwLwYDVQQD
Eyg2ODIzOWNiOGNlMTE1ZTAwZGI4OTY1NWU0YjNjM2YwYmNjZmU2YWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhTLKALXNjYi6nOBBnZ9Du8H1kt3
jor3/iQqzlwZCwrZbWwtU1dUJcHQwrLUFMVzIBGsYSxPAnpO8Nlxy3IizQgeM0yO
XDr1EZ8KoTZEVzFo1sG0akdjYTKsqokvbSn6iMgL7DKRHArTgjidBQd8nEKpgieD
rGDWeiLEPL48AdiEH8L0An/gBWl/RMC6cpOA7AesPbg2w9GqZdt2X7qYeFV1WJTV
ez+pMewf10Cxtc66YKCAqEZaw/MgRRwNJEbPrSj5CXx6pogoJBkOLN1jTKnsE7n5
3FN9AvkozhmxRFR00SNADMx7SPRuJeU7o3ZDutbR88fGtM+s3yJ4ZCY7dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGgjnLjOEV4A24llXks8PwvM/mrTMB8GA1UdIwQY
MBaAFNX2I9pM0u7dwsh8UVxiUYxDHT+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3Mzkt
MDRmMWRjZWMzMjBlLzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3MzktMDRmMWRjZWMzMjBl
LzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcFci/Oxq
Spu6DX+snEafNG9RaXT+1rf+xu/36Fk1MqxldpDz7UzY93iPpmTll0aAdwqOyxL1
FNqUWcKyJdvRcU8dKAc7RW3XKZ2WjjEXAGDgTGzhmAjkNrfa83cSsOgApRPHA/OV
zc7e17m56ODI/A11DGIh4gR92iB0vjQrK1sn1ZqOEK7/XZuhRegVj2JiG7vUcrVf
xWxXrN77CmvWvkNAgtjoowzYw3x48tnfInW+WEMw9QaPI9CIxJhGhtay0ESPvLDt
qdyX19pKiurER5GHxv1ToMoou6JcwnnC4qgCAA9uFXruWGekqmqZZsBCNKKFljjb
HdTEUdDJYcvXqg==
-----END CERTIFICATE-----