Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
File:                     y_nNJDztaTe2vqVxAoFP-bpCZiE.mft (raw, json)
Hash identifier:          pK6eaakMjLwqind1h94EG5aCkmUdZxAIhJzNyJKeF58=
Subject key identifier:   F7:F4:77:27:CD:8C:E9:1A:F1:C3:D3:93:B9:AF:31:69:CE:40:F1:4C
Authority key identifier: CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21
Certificate issuer:       /CN=cbf9cd243ced6937b6bea57102814ff9ba426621
Certificate serial:       0196B823A0767F02FF4294224A9D21D63405
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
Manifest number:          152E
Signing time:             Sat 10 May 2025 03:01:04 +0000
Manifest this update:     Sat 10 May 2025 03:01:04 +0000
Manifest next update:     Sun 11 May 2025 03:01:04 +0000
Files and hashes:         1: y_nNJDztaTe2vqVxAoFP-bpCZiE.crl (hash: MWQMmGgdQPrHSUttn2JrJFUZf2D2fKRMKgrl9Uwxo+w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 03:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b8:23:a0:76:7f:02:ff:42:94:22:4a:9d:21:d6:34:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbf9cd243ced6937b6bea57102814ff9ba426621
        Validity
            Not Before: May 10 03:01:04 2025 GMT
            Not After : May 11 03:01:04 2025 GMT
        Subject: CN=f7f47727cd8ce91af1c3d393b9af3169ce40f14c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:0b:17:b4:d9:4e:ee:7e:5d:74:0d:49:67:f5:
                    e5:fb:ec:ee:20:a2:ac:33:dd:2a:04:e0:95:33:41:
                    75:57:7d:3c:fb:a9:03:b8:a8:1f:fd:f4:0b:ec:d4:
                    94:37:8f:6a:68:6b:d5:0f:04:d0:8f:65:e0:a3:7c:
                    af:23:46:6d:99:bf:a6:e1:2b:4e:77:c3:be:ae:d7:
                    f4:85:07:8e:5f:36:ba:f5:d8:a7:ad:ef:9d:a4:8e:
                    67:23:ad:e9:92:1d:47:cb:b3:3a:4e:3a:7a:a8:f5:
                    10:7a:1e:23:a2:9e:81:c4:4d:05:7c:44:ce:60:82:
                    57:e5:9a:5d:7d:3e:ab:4e:16:25:46:8b:17:ea:a7:
                    d9:a3:9d:d8:e5:87:0b:68:d6:ce:1a:d9:cb:7d:69:
                    4e:db:70:b2:01:bc:54:11:d0:3e:8a:22:4a:7e:bd:
                    df:8c:4a:31:e9:55:83:39:45:e0:5a:eb:8d:9e:f0:
                    8a:87:15:e5:78:4c:23:99:12:49:8c:61:ca:84:08:
                    66:cb:e2:a2:48:0a:0a:fa:ed:4d:72:bc:ff:6b:39:
                    bf:58:a3:d7:27:02:2c:85:72:5d:c0:c7:8b:3f:78:
                    68:d1:4e:a5:79:be:16:49:a2:84:f8:27:92:d6:48:
                    02:0b:6b:b7:19:7f:25:be:e1:8c:c9:b2:19:b1:97:
                    a0:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:F4:77:27:CD:8C:E9:1A:F1:C3:D3:93:B9:AF:31:69:CE:40:F1:4C
            X509v3 Authority Key Identifier:
                keyid:CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:ef:e2:6f:32:79:e1:13:28:54:30:e1:b4:c1:82:75:83:c1:
         20:7d:83:b9:3a:9e:da:86:a8:e8:42:dd:50:db:71:4f:8f:95:
         c1:0f:49:1f:5f:e4:45:9e:85:75:09:48:17:f0:11:bc:8c:c7:
         79:03:b0:d6:6c:28:63:f5:0f:70:37:b9:f4:fa:e8:1b:40:90:
         63:73:32:c2:0c:bd:9f:a5:98:8c:10:1d:45:4c:7a:5d:6e:95:
         c4:12:f8:83:e7:59:12:2e:89:0e:2a:af:ad:b6:65:35:a6:f2:
         0d:a5:74:26:2e:5a:58:51:70:70:62:3b:77:58:64:9b:45:b6:
         4e:b8:b4:aa:8f:fa:33:dc:8a:ac:0c:6e:c7:e9:37:ef:27:1f:
         f9:06:2c:96:4e:b3:85:5a:6c:8a:76:e5:f6:d0:11:37:f9:06:
         7c:79:f2:9c:34:53:c0:ca:7c:f6:9a:0b:ee:79:c4:4a:02:09:
         60:82:b7:2d:a9:ba:30:43:38:cf:0a:98:e2:ca:66:33:94:a8:
         49:53:7d:51:ee:e6:74:e6:05:b4:e2:c0:ad:73:72:71:4a:8c:
         b9:50:90:2f:f0:38:03:fd:46:52:54:7b:f4:4c:bb:73:0a:3f:
         81:0e:67:23:cb:4f:fe:4c:d1:46:cf:fc:9f:1b:66:6b:ff:8f:
         5e:67:51:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa4I6B2fwL/QpQiSp0h1jQFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjljZDI0M2NlZDY5MzdiNmJlYTU3MTAyODE0ZmY5YmE0
MjY2MjEwHhcNMjUwNTEwMDMwMTA0WhcNMjUwNTExMDMwMTA0WjAzMTEwLwYDVQQD
EyhmN2Y0NzcyN2NkOGNlOTFhZjFjM2QzOTNiOWFmMzE2OWNlNDBmMTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7QsXtNlO7n5ddA1JZ/Xl++zuIKKs
M90qBOCVM0F1V308+6kDuKgf/fQL7NSUN49qaGvVDwTQj2Xgo3yvI0Ztmb+m4StO
d8O+rtf0hQeOXza69dinre+dpI5nI63pkh1Hy7M6Tjp6qPUQeh4jop6BxE0FfETO
YIJX5ZpdfT6rThYlRosX6qfZo53Y5YcLaNbOGtnLfWlO23CyAbxUEdA+iiJKfr3f
jEox6VWDOUXgWuuNnvCKhxXleEwjmRJJjGHKhAhmy+KiSAoK+u1Ncrz/azm/WKPX
JwIshXJdwMeLP3ho0U6leb4WSaKE+CeS1kgCC2u3GX8lvuGMybIZsZegZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPf0dyfNjOka8cPTk7mvMWnOQPFMMB8GA1UdIwQY
MBaAFMv5zSQ87Wk3tr6lcQKBT/m6QmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQt
MWMxMzI1MGE2YTNjLzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQtMWMxMzI1MGE2YTNj
LzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF+/ibzJ5
4RMoVDDhtMGCdYPBIH2DuTqe2oao6ELdUNtxT4+VwQ9JH1/kRZ6FdQlIF/ARvIzH
eQOw1mwoY/UPcDe59ProG0CQY3Mywgy9n6WYjBAdRUx6XW6VxBL4g+dZEi6JDiqv
rbZlNabyDaV0Ji5aWFFwcGI7d1hkm0W2Tri0qo/6M9yKrAxux+k37ycf+QYslk6z
hVpsinbl9tARN/kGfHnynDRTwMp89poL7nnESgIJYIK3Lam6MEM4zwqY4spmM5So
SVN9Ue7mdOYFtOLArXNycUqMuVCQL/A4A/1GUlR79Ey7cwo/gQ5nI8tP/kzRRs/8
nxtma/+PXmdRnA==
-----END CERTIFICATE-----