Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
File:                     y3yVUPThoer5UHL7G5q7JpVNJj0.mft (raw, json)
Hash identifier:          tQnm2NA0WEGUmuAhwLPuLrXU/TUJmrOp2FT6a16iub8=
Subject key identifier:   4E:3F:FD:98:49:48:31:1F:D8:A2:36:76:15:B6:B0:56:05:A8:77:4B
Authority key identifier: CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D
Certificate issuer:       /CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d
Certificate serial:       0196C238DF3C5328ED7EECE084ED38384433
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
Manifest number:          0BDE
Signing time:             Mon 12 May 2025 02:00:29 +0000
Manifest this update:     Mon 12 May 2025 02:00:29 +0000
Manifest next update:     Tue 13 May 2025 02:00:29 +0000
Files and hashes:         1: y3yVUPThoer5UHL7G5q7JpVNJj0.crl (hash: z984KABT05RUJ9yXW37w5DUJGeoslnFs0gtPHbLB5EA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c2:38:df:3c:53:28:ed:7e:ec:e0:84:ed:38:38:44:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d
        Validity
            Not Before: May 12 02:00:29 2025 GMT
            Not After : May 13 02:00:29 2025 GMT
        Subject: CN=4e3ffd984948311fd8a2367615b6b05605a8774b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e8:5e:7e:0f:e1:b4:0a:9e:e9:51:2c:9f:65:
                    65:8d:65:94:57:fd:94:11:26:9d:71:a1:aa:29:82:
                    5f:a8:f8:f4:a4:27:0f:c1:1b:b1:3c:e7:fe:3d:64:
                    87:46:dd:9f:26:37:02:3a:c8:04:63:c2:38:35:9e:
                    4c:02:c1:eb:87:4a:19:75:f8:39:c4:38:5f:50:fb:
                    06:3d:40:8b:a5:11:ba:cb:83:e4:8c:e4:fd:33:30:
                    07:b4:b1:b4:75:ac:97:1d:7d:8d:3b:32:5b:ec:bf:
                    24:47:1a:27:68:d5:82:e7:af:9c:6f:6b:9f:b3:dd:
                    a2:e6:ab:f3:47:b7:f2:72:04:3a:8a:e0:46:27:6e:
                    0f:6b:51:2c:c1:7e:23:21:83:8b:6d:2b:d9:1f:f9:
                    67:28:9e:c6:b5:75:44:d8:64:af:86:6c:31:e4:2d:
                    f5:cd:08:d0:fc:bb:0f:a5:5c:42:fc:33:c5:ca:6b:
                    9d:2c:60:cc:cd:c8:29:7d:1a:33:cc:ac:b4:33:7e:
                    45:c0:37:5d:80:de:6f:a2:ba:a7:8d:b3:bd:f7:d1:
                    c9:24:66:8c:67:1e:29:87:fb:11:ef:43:89:7e:2f:
                    42:96:ab:bf:c3:7f:b3:af:9d:6f:b6:69:6d:db:33:
                    f7:64:da:a9:7f:3c:18:71:9f:c3:ae:30:37:74:a6:
                    32:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:3F:FD:98:49:48:31:1F:D8:A2:36:76:15:B6:B0:56:05:A8:77:4B
            X509v3 Authority Key Identifier:
                keyid:CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:be:72:ce:f7:e9:a5:2e:c7:83:f4:ee:4e:0f:a5:db:1f:35:
         56:4c:4f:d1:7e:6b:aa:cd:ef:81:bf:22:5f:97:6f:9a:f6:cb:
         e4:a2:41:24:e4:81:46:02:0f:93:26:32:92:cc:56:04:a4:a7:
         61:f5:b7:c9:7b:17:a0:42:28:c3:e7:24:9f:dd:04:5b:b6:4c:
         aa:50:13:7c:7a:3b:96:ca:21:50:d1:7e:0b:c5:39:3c:7e:d5:
         d9:7f:24:84:4b:d3:5b:43:e9:35:4f:a5:8f:c2:f9:81:60:22:
         ab:0f:65:5b:8d:53:9f:e9:73:d8:07:12:df:4c:98:75:75:f3:
         bf:ff:a2:48:80:53:3d:60:a8:b6:4f:1d:4a:8e:4d:b5:8d:a9:
         29:6f:dc:0a:7a:3d:a4:68:8c:e4:b8:99:f0:e4:94:78:e5:26:
         e3:e2:f0:24:0a:73:0e:d8:cd:cf:65:e8:21:64:24:e1:71:ab:
         17:f4:43:d8:09:d8:b5:7f:d8:9f:43:65:e8:b2:06:6e:23:05:
         1c:65:06:22:c0:ab:4f:e6:cb:3b:18:bf:bd:fc:98:86:31:43:
         a7:f4:c4:3c:5d:64:41:f4:d0:1f:e9:21:f2:20:f7:4a:79:f4:
         78:72:0a:48:7d:0c:90:59:1e:da:2e:b2:69:59:c8:00:69:ab:
         9e:99:06:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbCON88UyjtfuzghO04OEQzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiN2M5NTUwZjRlMWExZWFmOTUwNzJmYjFiOWFiYjI2OTU0
ZDI2M2QwHhcNMjUwNTEyMDIwMDI5WhcNMjUwNTEzMDIwMDI5WjAzMTEwLwYDVQQD
Eyg0ZTNmZmQ5ODQ5NDgzMTFmZDhhMjM2NzYxNWI2YjA1NjA1YTg3NzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArehefg/htAqe6VEsn2VljWWUV/2U
ESadcaGqKYJfqPj0pCcPwRuxPOf+PWSHRt2fJjcCOsgEY8I4NZ5MAsHrh0oZdfg5
xDhfUPsGPUCLpRG6y4PkjOT9MzAHtLG0dayXHX2NOzJb7L8kRxonaNWC56+cb2uf
s92i5qvzR7fycgQ6iuBGJ24Pa1EswX4jIYOLbSvZH/lnKJ7GtXVE2GSvhmwx5C31
zQjQ/LsPpVxC/DPFymudLGDMzcgpfRozzKy0M35FwDddgN5vorqnjbO999HJJGaM
Zx4ph/sR70OJfi9Clqu/w3+zr51vtmlt2zP3ZNqpfzwYcZ/DrjA3dKYyNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE4//ZhJSDEf2KI2dhW2sFYFqHdLMB8GA1UdIwQY
MBaAFMt8lVD04aHq+VBy+xuauyaVTSY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTkt
OTYyNmY5ZjZjZGEyLzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTktOTYyNmY5ZjZjZGEy
LzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAib5yzvfp
pS7Hg/TuTg+l2x81VkxP0X5rqs3vgb8iX5dvmvbL5KJBJOSBRgIPkyYyksxWBKSn
YfW3yXsXoEIow+ckn90EW7ZMqlATfHo7lsohUNF+C8U5PH7V2X8khEvTW0PpNU+l
j8L5gWAiqw9lW41Tn+lz2AcS30yYdXXzv/+iSIBTPWCotk8dSo5NtY2pKW/cCno9
pGiM5LiZ8OSUeOUm4+LwJApzDtjNz2XoIWQk4XGrF/RD2AnYtX/Yn0Nl6LIGbiMF
HGUGIsCrT+bLOxi/vfyYhjFDp/TEPF1kQfTQH+kh8iD3Snn0eHIKSH0MkFke2i6y
aVnIAGmrnpkGIw==
-----END CERTIFICATE-----