Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
File:                     Y31k1HJWO36HP1t5-RydP__D2_k.mft (raw, json)
Hash identifier:          v/xzSLemYFIRIMJOUEXDNMps9ciWhxV4gXbUH3m1CVE=
Subject key identifier:   42:B9:A4:10:14:E4:07:CA:5A:B4:74:7C:68:25:C6:C2:FB:5C:88:95
Authority key identifier: 63:7D:64:D4:72:56:3B:7E:87:3F:5B:79:F9:1C:9D:3F:FF:C3:DB:F9
Certificate issuer:       /CN=637d64d472563b7e873f5b79f91c9d3fffc3dbf9
Certificate serial:       0196AA9EF36C9486D3BE3705A2909135B394
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
Manifest number:          0DE5
Signing time:             Wed 07 May 2025 12:01:05 +0000
Manifest this update:     Wed 07 May 2025 12:01:05 +0000
Manifest next update:     Thu 08 May 2025 12:01:05 +0000
Files and hashes:         1: Y31k1HJWO36HP1t5-RydP__D2_k.crl (hash: f27/7FO1BdkMbLh4HvvJ/yejSCIslGLODPopA6LhsUE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 12:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:aa:9e:f3:6c:94:86:d3:be:37:05:a2:90:91:35:b3:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=637d64d472563b7e873f5b79f91c9d3fffc3dbf9
        Validity
            Not Before: May  7 12:01:05 2025 GMT
            Not After : May  8 12:01:05 2025 GMT
        Subject: CN=42b9a41014e407ca5ab4747c6825c6c2fb5c8895
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:79:73:56:df:c4:52:06:a8:ef:45:0d:b4:79:
                    6a:6b:c7:46:63:e2:dc:41:56:d9:2b:3b:f4:de:47:
                    3f:80:89:67:33:0c:38:dc:2f:94:8e:bd:29:75:2d:
                    31:40:44:b7:f7:fa:be:6c:a9:56:7e:1b:47:0b:1a:
                    c4:7c:ad:5b:88:53:57:0b:71:76:53:3c:e1:9b:a5:
                    31:1b:41:fe:7a:c0:a6:1a:3e:20:79:26:13:b6:e7:
                    93:4b:d8:d1:1d:cf:6d:3a:23:b6:8b:b9:1f:62:c8:
                    15:25:f8:29:e8:22:e9:43:ea:5a:95:46:75:bf:0a:
                    0d:9c:46:83:26:71:42:3c:c4:62:81:eb:36:9d:9e:
                    26:ab:23:5a:c7:ad:7c:9d:5e:1e:05:40:3f:21:96:
                    ef:59:a7:c4:13:a5:96:7f:86:9f:bc:40:2d:4a:e6:
                    2d:50:8d:5e:b6:e9:98:20:a4:7e:d9:8e:b0:f5:22:
                    71:b8:b2:75:d0:11:e1:81:d4:fc:9b:b6:c7:a8:6c:
                    46:51:f5:28:5e:48:02:8b:8f:d4:e8:8a:dc:ce:5b:
                    6b:c0:67:ec:a3:68:bc:0b:50:03:4b:b7:ed:c5:5a:
                    3d:28:a1:d0:fb:bd:83:79:80:5e:eb:f9:fa:5c:17:
                    87:25:3b:d7:4c:80:ee:e0:41:0e:f7:96:16:99:55:
                    04:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:B9:A4:10:14:E4:07:CA:5A:B4:74:7C:68:25:C6:C2:FB:5C:88:95
            X509v3 Authority Key Identifier:
                keyid:63:7D:64:D4:72:56:3B:7E:87:3F:5B:79:F9:1C:9D:3F:FF:C3:DB:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:10:e2:af:08:c1:14:56:19:80:df:29:fe:65:dc:60:40:77:
         c7:8d:cf:fe:25:93:fe:94:29:4b:c5:05:40:c4:13:f4:69:b6:
         d3:23:b2:dc:ef:20:bf:ba:27:d2:a2:8c:88:c0:7b:4d:cb:63:
         43:bd:29:c6:46:86:b7:e4:af:3f:66:f1:27:92:da:cd:98:22:
         0d:98:65:0b:98:09:cd:38:a7:35:f5:8a:9f:ab:b3:36:1f:3c:
         cb:5f:63:59:32:b2:1e:8d:b2:27:4d:90:ae:15:cf:f2:d1:8f:
         a6:07:7a:8b:f2:ac:f3:8f:41:f0:5e:7a:f2:b2:85:ca:ff:e9:
         a0:ff:5d:fc:91:76:27:0b:dd:e6:86:89:82:15:10:43:dc:a9:
         26:86:2f:74:19:9d:69:7a:06:95:2d:66:e7:3e:ae:89:9d:bd:
         96:75:ff:a6:19:67:a5:e6:82:2f:88:f7:e0:20:82:b6:d7:5b:
         54:85:c4:05:d6:5c:61:ec:d6:eb:75:30:11:e3:0d:ac:99:1b:
         2d:96:1a:1f:7d:68:86:20:35:24:0a:b7:39:6f:fa:b0:41:6d:
         6b:7e:f9:d2:0b:9a:5a:cf:c6:50:0e:e0:24:1d:a3:40:db:d5:
         5c:a9:08:fa:55:a1:01:53:60:8c:4d:33:e7:d6:4e:93:fb:fc:
         11:06:b1:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaqnvNslIbTvjcFopCRNbOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzN2Q2NGQ0NzI1NjNiN2U4NzNmNWI3OWY5MWM5ZDNmZmZj
M2RiZjkwHhcNMjUwNTA3MTIwMTA1WhcNMjUwNTA4MTIwMTA1WjAzMTEwLwYDVQQD
Eyg0MmI5YTQxMDE0ZTQwN2NhNWFiNDc0N2M2ODI1YzZjMmZiNWM4ODk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3lzVt/EUgao70UNtHlqa8dGY+Lc
QVbZKzv03kc/gIlnMww43C+Ujr0pdS0xQES39/q+bKlWfhtHCxrEfK1biFNXC3F2
Uzzhm6UxG0H+esCmGj4geSYTtueTS9jRHc9tOiO2i7kfYsgVJfgp6CLpQ+palUZ1
vwoNnEaDJnFCPMRiges2nZ4mqyNax618nV4eBUA/IZbvWafEE6WWf4afvEAtSuYt
UI1etumYIKR+2Y6w9SJxuLJ10BHhgdT8m7bHqGxGUfUoXkgCi4/U6IrczltrwGfs
o2i8C1ADS7ftxVo9KKHQ+72DeYBe6/n6XBeHJTvXTIDu4EEO95YWmVUE3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEK5pBAU5AfKWrR0fGglxsL7XIiVMB8GA1UdIwQY
MBaAFGN9ZNRyVjt+hz9befkcnT//w9v5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yYmQ2YjQtZWViMi00ZjFiLThhYWYt
ODE3YWY4YTc2MjUwLzEvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yYmQ2YjQtZWViMi00ZjFiLThhYWYtODE3YWY4YTc2MjUw
LzEvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAixDirwjB
FFYZgN8p/mXcYEB3x43P/iWT/pQpS8UFQMQT9Gm20yOy3O8gv7on0qKMiMB7Tctj
Q70pxkaGt+SvP2bxJ5LazZgiDZhlC5gJzTinNfWKn6uzNh88y19jWTKyHo2yJ02Q
rhXP8tGPpgd6i/Ks849B8F568rKFyv/poP9d/JF2Jwvd5oaJghUQQ9ypJoYvdBmd
aXoGlS1m5z6uiZ29lnX/phlnpeaCL4j34CCCttdbVIXEBdZcYezW63UwEeMNrJkb
LZYaH31ohiA1JAq3OW/6sEFta3750guaWs/GUA7gJB2jQNvVXKkI+lWhAVNgjE0z
59ZOk/v8EQaxqA==
-----END CERTIFICATE-----