Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
File:                     ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft (raw, json)
Hash identifier:          QpN8efUFlDEuNmO6iQ5nVmoe3dXA5RjCS+jBJMP3kEw=
Subject key identifier:   78:D6:2E:6C:67:8F:5F:DA:0F:3C:E1:2B:67:84:17:C2:55:45:93:F1
Authority key identifier: CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9
Certificate issuer:       /CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9
Certificate serial:       0196BE5C42D21B904A747F282D112E4109D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
Manifest number:          1531
Signing time:             Sun 11 May 2025 08:00:39 +0000
Manifest this update:     Sun 11 May 2025 08:00:39 +0000
Manifest next update:     Mon 12 May 2025 08:00:39 +0000
Files and hashes:         1: ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl (hash: 6IEn80VHgqMhTzT5pIdfzPS/zvaH7dq8V9qlcCWIC/s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:be:5c:42:d2:1b:90:4a:74:7f:28:2d:11:2e:41:09:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9
        Validity
            Not Before: May 11 08:00:39 2025 GMT
            Not After : May 12 08:00:39 2025 GMT
        Subject: CN=78d62e6c678f5fda0f3ce12b678417c2554593f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:a0:42:b4:fb:e5:9e:44:65:54:81:f9:4b:7a:
                    52:29:5f:81:fc:09:42:0f:65:62:ed:4c:aa:dd:c5:
                    de:41:8b:34:f7:61:a6:20:34:ab:ab:86:69:a5:2b:
                    85:d1:f2:a7:b4:f7:1e:ff:79:90:b8:37:3f:39:84:
                    15:fb:db:33:51:2c:63:29:40:c2:b0:6c:c8:c1:75:
                    c5:35:28:d7:bd:35:dc:22:f2:c6:90:ff:08:fa:01:
                    9f:3a:d0:f4:cf:e4:a3:82:17:5e:9f:7d:09:54:56:
                    71:51:73:09:af:a0:51:18:9c:76:2e:e8:3b:75:40:
                    4b:8e:81:b9:57:74:66:60:8f:1e:39:34:0e:9b:d9:
                    8b:90:17:22:e4:89:df:cb:02:01:23:fc:32:ec:ee:
                    4d:ae:7e:d0:f9:c6:71:53:9b:f0:b2:89:16:32:ce:
                    b9:fe:8d:56:e8:ed:68:ad:20:8c:76:b6:fd:c2:02:
                    a5:2d:29:c2:6f:9e:f9:dc:6c:d5:c6:e0:61:15:dd:
                    5b:45:38:c4:8e:7c:cc:29:86:75:c1:c6:19:2b:ea:
                    9a:5a:4d:11:6d:3e:58:4b:c9:ba:71:2d:70:06:67:
                    a0:f4:bb:89:78:c7:14:21:3f:e9:5b:59:bc:ce:93:
                    8c:3b:38:6a:89:fa:8f:8c:c0:9b:c3:4f:c2:42:aa:
                    b9:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:D6:2E:6C:67:8F:5F:DA:0F:3C:E1:2B:67:84:17:C2:55:45:93:F1
            X509v3 Authority Key Identifier:
                keyid:CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d3:32:89:37:95:fe:c1:f6:70:55:b7:ff:5d:17:db:ca:1e:98:
         1a:a5:25:74:7c:2d:3a:ab:7a:68:de:fa:30:13:d5:f1:bd:a8:
         07:1e:27:68:d7:03:3c:61:de:05:64:54:12:67:6a:60:7c:6e:
         56:97:79:77:e2:17:3b:e1:06:5e:56:b1:49:89:cf:ff:75:59:
         e5:0e:4d:53:b7:ca:c5:b8:ac:15:b1:0a:b2:1f:e0:94:6a:02:
         76:1a:87:76:a5:f3:12:f4:b0:2d:fb:a5:64:b9:29:f8:3e:16:
         f7:a9:8c:c2:ec:72:93:61:19:60:bb:d5:57:42:4b:fd:3c:a8:
         bb:4c:14:f9:90:8a:be:74:92:16:f7:b3:a4:64:e8:e5:bd:c2:
         f7:28:ce:1b:9f:ef:25:af:e9:f9:57:be:fc:b2:b5:b3:91:a9:
         bd:7d:b5:59:5a:8f:d1:9f:88:a6:94:38:fa:c5:11:a6:35:c2:
         29:79:9f:1d:3d:3e:8f:78:d4:fd:13:50:94:1e:53:3f:fd:4e:
         41:f0:71:c1:cc:2c:53:f5:e0:de:2e:93:e8:68:6d:75:fa:63:
         fb:4a:f6:9e:5d:30:ba:53:3c:59:46:0d:55:69:1a:7c:3e:ac:
         43:ca:a6:3e:bc:b6:46:4b:ce:b7:0a:81:ad:70:12:7b:65:9f:
         dc:e3:42:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa+XELSG5BKdH8oLREuQQnZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNDU3ZTExNzNjNGU4NTFiOTJkM2M4ZWU5OTY3MTUxOTQ4
YTlhZTkwHhcNMjUwNTExMDgwMDM5WhcNMjUwNTEyMDgwMDM5WjAzMTEwLwYDVQQD
Eyg3OGQ2MmU2YzY3OGY1ZmRhMGYzY2UxMmI2Nzg0MTdjMjU1NDU5M2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaBCtPvlnkRlVIH5S3pSKV+B/AlC
D2Vi7Uyq3cXeQYs092GmIDSrq4ZppSuF0fKntPce/3mQuDc/OYQV+9szUSxjKUDC
sGzIwXXFNSjXvTXcIvLGkP8I+gGfOtD0z+Sjghden30JVFZxUXMJr6BRGJx2Lug7
dUBLjoG5V3RmYI8eOTQOm9mLkBci5InfywIBI/wy7O5Nrn7Q+cZxU5vwsokWMs65
/o1W6O1orSCMdrb9wgKlLSnCb5753GzVxuBhFd1bRTjEjnzMKYZ1wcYZK+qaWk0R
bT5YS8m6cS1wBmeg9LuJeMcUIT/pW1m8zpOMOzhqifqPjMCbw0/CQqq5XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHjWLmxnj1/aDzzhK2eEF8JVRZPxMB8GA1UdIwQY
MBaAFMpFfhFzxOhRuS08jumWcVGUiprpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQt
MTlkZTJjMTgzYzA1LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQtMTlkZTJjMTgzYzA1
LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0zKJN5X+
wfZwVbf/XRfbyh6YGqUldHwtOqt6aN76MBPV8b2oBx4naNcDPGHeBWRUEmdqYHxu
Vpd5d+IXO+EGXlaxSYnP/3VZ5Q5NU7fKxbisFbEKsh/glGoCdhqHdqXzEvSwLful
ZLkp+D4W96mMwuxyk2EZYLvVV0JL/Tyou0wU+ZCKvnSSFvezpGTo5b3C9yjOG5/v
Ja/p+Ve+/LK1s5GpvX21WVqP0Z+IppQ4+sURpjXCKXmfHT0+j3jU/RNQlB5TP/1O
QfBxwcwsU/Xg3i6T6Ghtdfpj+0r2nl0wulM8WUYNVWkafD6sQ8qmPry2RkvOtwqB
rXASe2Wf3ONCKA==
-----END CERTIFICATE-----