Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a20d6a-91ba-442f-8927-dc0043e9bb4d/1/YG03z4fxLyqy3vMTgMOGuCbBnWU.mft
File:                     YG03z4fxLyqy3vMTgMOGuCbBnWU.mft (raw, json)
Hash identifier:          KvhKK+OHefJoy2XqzXRyRLGWI3nG3gkkWzZ3+hLVXaI=
Subject key identifier:   DF:F3:B0:0D:5E:BB:96:5C:4D:57:DD:3D:C3:F1:F0:11:1C:F9:9A:C2
Authority key identifier: 60:6D:37:CF:87:F1:2F:2A:B2:DE:F3:13:80:C3:86:B8:26:C1:9D:65
Certificate issuer:       /CN=606d37cf87f12f2ab2def31380c386b826c19d65
Certificate serial:       0196AAD584EFBB98752FE8C4FC9476F08C0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YG03z4fxLyqy3vMTgMOGuCbBnWU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/a20d6a-91ba-442f-8927-dc0043e9bb4d/1/YG03z4fxLyqy3vMTgMOGuCbBnWU.mft
Manifest number:          1526
Signing time:             Wed 07 May 2025 13:00:42 +0000
Manifest this update:     Wed 07 May 2025 13:00:42 +0000
Manifest next update:     Thu 08 May 2025 13:00:42 +0000
Files and hashes:         1: YG03z4fxLyqy3vMTgMOGuCbBnWU.crl (hash: yqEnbDdzfj6dv6mbM0BmW2W21yRwzkc7EJb/BXo4vb0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/a20d6a-91ba-442f-8927-dc0043e9bb4d/1/YG03z4fxLyqy3vMTgMOGuCbBnWU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/a20d6a-91ba-442f-8927-dc0043e9bb4d/1/YG03z4fxLyqy3vMTgMOGuCbBnWU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YG03z4fxLyqy3vMTgMOGuCbBnWU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 13:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:aa:d5:84:ef:bb:98:75:2f:e8:c4:fc:94:76:f0:8c:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606d37cf87f12f2ab2def31380c386b826c19d65
        Validity
            Not Before: May  7 13:00:42 2025 GMT
            Not After : May  8 13:00:42 2025 GMT
        Subject: CN=dff3b00d5ebb965c4d57dd3dc3f1f0111cf99ac2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:3a:ef:cf:9e:f7:50:71:f4:35:f2:7d:b9:d7:
                    94:28:8d:b1:13:49:a0:30:57:4c:bc:dd:5e:94:41:
                    d7:75:49:73:8b:75:d5:70:68:b7:3a:fa:82:3d:65:
                    17:77:cd:96:4c:04:4c:9d:4c:12:e3:05:f2:a3:e5:
                    25:71:0c:07:b4:01:eb:12:25:db:eb:23:13:5f:91:
                    6f:0d:81:8d:ae:84:c0:3d:51:72:91:fa:c6:fd:33:
                    f9:c6:68:3b:ed:eb:f1:a7:04:3b:05:c8:d1:b1:b2:
                    fc:46:6c:13:76:13:6a:a1:74:4a:2f:9c:f6:15:14:
                    2f:3c:a5:1e:ff:e6:ca:bd:c8:67:0e:a5:05:ae:26:
                    a0:93:8f:69:15:f8:1d:d4:aa:97:63:7d:ce:aa:c3:
                    ef:80:32:c0:18:36:e9:53:a4:87:d8:6c:ee:e4:91:
                    94:15:bc:2d:7b:91:be:b2:63:6f:d5:42:b0:ed:94:
                    b7:3b:36:dd:22:1e:99:81:2e:6e:9f:f5:76:c2:25:
                    5a:7d:3a:f1:ea:fb:67:45:41:eb:56:58:04:8d:a3:
                    a0:70:59:ad:ca:41:62:f5:a4:53:d2:0f:40:65:4d:
                    8f:1a:b2:bb:8f:39:5a:eb:39:dd:71:00:9e:66:81:
                    e5:0a:17:fe:36:7a:af:71:46:f3:7a:e3:c9:fb:b5:
                    8d:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:F3:B0:0D:5E:BB:96:5C:4D:57:DD:3D:C3:F1:F0:11:1C:F9:9A:C2
            X509v3 Authority Key Identifier:
                keyid:60:6D:37:CF:87:F1:2F:2A:B2:DE:F3:13:80:C3:86:B8:26:C1:9D:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YG03z4fxLyqy3vMTgMOGuCbBnWU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a20d6a-91ba-442f-8927-dc0043e9bb4d/1/YG03z4fxLyqy3vMTgMOGuCbBnWU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a20d6a-91ba-442f-8927-dc0043e9bb4d/1/YG03z4fxLyqy3vMTgMOGuCbBnWU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:fb:5b:10:06:70:40:70:3f:eb:dc:38:7e:aa:f1:63:87:1d:
         31:b5:41:12:38:6c:68:7d:a9:96:74:57:f1:4f:af:dc:c1:cf:
         58:c7:10:8b:02:57:c6:47:fd:f5:09:ad:a3:fb:b3:bf:69:62:
         76:da:45:30:2e:6e:16:49:3e:2a:4a:19:26:12:f8:d7:b9:73:
         9f:e0:82:74:25:16:cf:2b:a4:a9:17:6b:b7:73:3b:04:85:0e:
         6c:dc:bd:c1:45:0a:a7:32:97:94:8a:64:2e:37:de:2a:78:9c:
         28:82:b6:0a:30:5c:4f:a7:00:27:22:86:cf:33:7b:c1:04:f7:
         98:d9:6d:98:d9:26:5a:e8:02:24:95:86:5c:fb:7a:1b:1c:67:
         da:fd:21:5f:36:2b:3d:30:3f:b5:b7:1d:f5:dc:15:57:b7:46:
         1d:9e:8e:d8:b4:a6:c4:60:ce:d5:fe:43:d2:3b:bb:51:51:cd:
         e4:f1:c4:54:3b:d6:3c:c9:73:0a:5e:f0:14:35:05:a1:b5:8a:
         8e:e4:7b:eb:f3:02:82:c4:c0:00:6b:e3:6a:3c:eb:cc:42:ae:
         d0:e3:f3:a6:bd:5e:e4:c3:2e:63:24:9b:85:2d:f9:d0:28:4e:
         ab:7f:e3:35:69:00:89:84:02:ea:07:5e:f7:74:4a:b9:86:05:
         b0:00:12:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaq1YTvu5h1L+jE/JR28IwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNmQzN2NmODdmMTJmMmFiMmRlZjMxMzgwYzM4NmI4MjZj
MTlkNjUwHhcNMjUwNTA3MTMwMDQyWhcNMjUwNTA4MTMwMDQyWjAzMTEwLwYDVQQD
EyhkZmYzYjAwZDVlYmI5NjVjNGQ1N2RkM2RjM2YxZjAxMTFjZjk5YWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzrvz573UHH0NfJ9udeUKI2xE0mg
MFdMvN1elEHXdUlzi3XVcGi3OvqCPWUXd82WTARMnUwS4wXyo+UlcQwHtAHrEiXb
6yMTX5FvDYGNroTAPVFykfrG/TP5xmg77evxpwQ7BcjRsbL8RmwTdhNqoXRKL5z2
FRQvPKUe/+bKvchnDqUFriagk49pFfgd1KqXY33OqsPvgDLAGDbpU6SH2Gzu5JGU
Fbwte5G+smNv1UKw7ZS3OzbdIh6ZgS5un/V2wiVafTrx6vtnRUHrVlgEjaOgcFmt
ykFi9aRT0g9AZU2PGrK7jzla6zndcQCeZoHlChf+NnqvcUbzeuPJ+7WN2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/zsA1eu5ZcTVfdPcPx8BEc+ZrCMB8GA1UdIwQY
MBaAFGBtN8+H8S8qst7zE4DDhrgmwZ1lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUcwM3o0ZnhMeXF5M3ZNVGdNT0d1Q2JCbldVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hMjBkNmEtOTFiYS00NDJmLTg5Mjct
ZGMwMDQzZTliYjRkLzEvWUcwM3o0ZnhMeXF5M3ZNVGdNT0d1Q2JCbldVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hMjBkNmEtOTFiYS00NDJmLTg5MjctZGMwMDQzZTliYjRk
LzEvWUcwM3o0ZnhMeXF5M3ZNVGdNT0d1Q2JCbldVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtvtbEAZw
QHA/69w4fqrxY4cdMbVBEjhsaH2plnRX8U+v3MHPWMcQiwJXxkf99Qmto/uzv2li
dtpFMC5uFkk+KkoZJhL417lzn+CCdCUWzyukqRdrt3M7BIUObNy9wUUKpzKXlIpk
LjfeKnicKIK2CjBcT6cAJyKGzzN7wQT3mNltmNkmWugCJJWGXPt6Gxxn2v0hXzYr
PTA/tbcd9dwVV7dGHZ6O2LSmxGDO1f5D0ju7UVHN5PHEVDvWPMlzCl7wFDUFobWK
juR76/MCgsTAAGvjajzrzEKu0OPzpr1e5MMuYySbhS350ChOq3/jNWkAiYQC6gde
93RKuYYFsAASRA==
-----END CERTIFICATE-----