Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
File:                     YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft (raw, json)
Hash identifier:          Hd9fE4X1NiK/5czl7mbiaQBaya6JGXi3tmpTnTqPfWA=
Subject key identifier:   98:6D:DB:A3:C2:3F:2B:07:81:CB:55:6D:5A:F2:A0:F0:5A:4B:3C:1E
Authority key identifier: 60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30
Certificate issuer:       /CN=6062b21fb6655b897923e29d6fcb644ab10ac530
Certificate serial:       0196C2392AC20ABBD5AE1080A5283C68EDED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
Manifest number:          1533
Signing time:             Mon 12 May 2025 02:00:48 +0000
Manifest this update:     Mon 12 May 2025 02:00:48 +0000
Manifest next update:     Tue 13 May 2025 02:00:48 +0000
Files and hashes:         1: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl (hash: 7Woy0iHbVmzWtnfd/OnXjFP3r6kEhDQ+qDJgLrkUS68=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 02:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c2:39:2a:c2:0a:bb:d5:ae:10:80:a5:28:3c:68:ed:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6062b21fb6655b897923e29d6fcb644ab10ac530
        Validity
            Not Before: May 12 02:00:48 2025 GMT
            Not After : May 13 02:00:48 2025 GMT
        Subject: CN=986ddba3c23f2b0781cb556d5af2a0f05a4b3c1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:d4:ad:4f:53:1e:2c:02:76:8b:51:58:69:e5:
                    27:c0:e4:4e:38:49:14:46:cd:39:ee:82:1d:d7:06:
                    b9:6a:b8:2f:ae:2b:57:9d:35:0e:89:9e:29:3d:d1:
                    4d:66:8c:e6:63:80:77:98:d3:8c:8d:22:56:2b:f6:
                    60:03:f3:f5:77:40:8c:b6:31:cf:ea:ac:6e:20:f6:
                    c4:f9:54:de:43:de:1e:e7:0d:52:87:f7:0d:36:33:
                    25:ef:82:cf:26:3d:8c:61:17:87:7b:fd:63:4e:39:
                    e7:b6:59:59:2e:1b:44:98:68:25:08:6f:12:f5:78:
                    72:2b:d3:b1:ac:7e:4a:d6:87:fa:69:f5:8b:c6:ff:
                    3c:46:07:98:95:2c:13:21:5e:01:d5:f9:b1:b8:10:
                    ef:d7:63:10:36:23:74:9f:ce:c2:4e:3f:46:4e:3d:
                    ed:b5:fa:6f:3c:69:ce:71:45:24:89:4e:07:a2:b7:
                    85:b4:44:3a:8c:c4:1a:0d:d3:ae:ad:bf:a6:bc:2b:
                    77:6f:19:73:f8:bf:4b:30:5b:ef:5e:a7:be:2d:ab:
                    13:10:b1:51:a8:4a:e1:ab:a7:2b:9c:ff:81:63:37:
                    1a:72:b5:bd:55:49:3a:c8:51:90:44:80:55:1c:b2:
                    80:cf:57:4f:28:2c:d1:65:c6:e5:2b:56:a7:70:c8:
                    32:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:6D:DB:A3:C2:3F:2B:07:81:CB:55:6D:5A:F2:A0:F0:5A:4B:3C:1E
            X509v3 Authority Key Identifier:
                keyid:60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:84:ea:67:b9:42:11:2a:bf:df:0c:91:5a:90:b6:fa:10:c7:
         27:17:21:31:18:55:37:9c:a4:16:c9:d7:08:47:94:2c:fd:bf:
         d0:43:e3:6c:b2:3c:eb:3b:ab:2d:6d:63:2c:8f:68:52:12:48:
         84:f8:d8:46:2f:10:0e:4e:35:89:d1:da:81:83:0f:76:10:3f:
         4f:e9:ac:5b:fa:42:b6:0a:c8:9d:e3:6d:de:b9:a9:dc:71:2d:
         cc:02:47:de:a2:1b:91:d8:bd:fe:0e:fc:98:d2:f5:22:24:18:
         32:2a:53:5c:25:57:ce:b4:2a:bf:6f:7c:4a:7f:2e:c9:92:7a:
         06:c2:25:75:dc:89:11:ff:c2:e8:15:89:7f:23:f6:2c:27:51:
         00:b1:47:6d:e0:79:0c:b7:a8:32:07:66:fb:ed:da:88:a8:8a:
         ae:31:24:cc:a7:d3:0d:45:2e:c7:7c:d4:6b:57:80:43:02:21:
         47:4d:ba:c8:81:4d:d7:11:55:d1:e9:db:e3:ac:97:90:54:fb:
         a7:10:d5:45:a5:c2:ce:9d:8f:11:a2:1f:cc:64:bc:c7:cd:17:
         72:51:8e:ed:c7:2e:c2:d6:bf:19:76:b8:25:f3:f7:95:a1:ed:
         e1:74:e6:3c:3a:f9:1a:11:bf:39:cc:b3:8b:4f:84:53:cf:ef:
         f7:c2:d8:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbCOSrCCrvVrhCApSg8aO3tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjJiMjFmYjY2NTViODk3OTIzZTI5ZDZmY2I2NDRhYjEw
YWM1MzAwHhcNMjUwNTEyMDIwMDQ4WhcNMjUwNTEzMDIwMDQ4WjAzMTEwLwYDVQQD
Eyg5ODZkZGJhM2MyM2YyYjA3ODFjYjU1NmQ1YWYyYTBmMDVhNGIzYzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9StT1MeLAJ2i1FYaeUnwOROOEkU
Rs057oId1wa5argvritXnTUOiZ4pPdFNZozmY4B3mNOMjSJWK/ZgA/P1d0CMtjHP
6qxuIPbE+VTeQ94e5w1Sh/cNNjMl74LPJj2MYReHe/1jTjnntllZLhtEmGglCG8S
9XhyK9OxrH5K1of6afWLxv88RgeYlSwTIV4B1fmxuBDv12MQNiN0n87CTj9GTj3t
tfpvPGnOcUUkiU4HoreFtEQ6jMQaDdOurb+mvCt3bxlz+L9LMFvvXqe+LasTELFR
qErhq6crnP+BYzcacrW9VUk6yFGQRIBVHLKAz1dPKCzRZcblK1ancMgyvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJht26PCPysHgctVbVryoPBaSzweMB8GA1UdIwQY
MBaAFGBish+2ZVuJeSPinW/LZEqxCsUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYt
YjUyMGJlZGE2NjI2LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYtYjUyMGJlZGE2NjI2
LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnITqZ7lC
ESq/3wyRWpC2+hDHJxchMRhVN5ykFsnXCEeULP2/0EPjbLI86zurLW1jLI9oUhJI
hPjYRi8QDk41idHagYMPdhA/T+msW/pCtgrIneNt3rmp3HEtzAJH3qIbkdi9/g78
mNL1IiQYMipTXCVXzrQqv298Sn8uyZJ6BsIlddyJEf/C6BWJfyP2LCdRALFHbeB5
DLeoMgdm++3aiKiKrjEkzKfTDUUux3zUa1eAQwIhR026yIFN1xFV0enb46yXkFT7
pxDVRaXCzp2PEaIfzGS8x80XclGO7ccuwta/GXa4JfP3laHt4XTmPDr5GhG/Ocyz
i0+EU8/v98LYYA==
-----END CERTIFICATE-----