Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
File:                     yh3vhAA2XhysFuj3iHCS2smDtz4.mft (raw, json)
Hash identifier:          YHAZkEjh6oag2ZCqB461axNCe+PxuUVcZCPY6o4Ixwo=
Subject key identifier:   B9:52:58:EC:D1:DB:8C:68:DF:9D:FE:E6:4E:33:48:40:91:A2:CA:0D
Authority key identifier: CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E
Certificate issuer:       /CN=ca1def8400365e1cac16e8f7887092dac983b73e
Certificate serial:       0196BFDC975379053C2AE5C8B9B6874E59F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
Manifest number:          10D2
Signing time:             Sun 11 May 2025 15:00:26 +0000
Manifest this update:     Sun 11 May 2025 15:00:26 +0000
Manifest next update:     Mon 12 May 2025 15:00:26 +0000
Files and hashes:         1: yh3vhAA2XhysFuj3iHCS2smDtz4.crl (hash: 3S74FD4DkyusFjkK2QSUIAcvNddGEL9sU+9ezriCPMI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 15:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:dc:97:53:79:05:3c:2a:e5:c8:b9:b6:87:4e:59:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca1def8400365e1cac16e8f7887092dac983b73e
        Validity
            Not Before: May 11 15:00:26 2025 GMT
            Not After : May 12 15:00:26 2025 GMT
        Subject: CN=b95258ecd1db8c68df9dfee64e33484091a2ca0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:7c:95:fa:e1:6e:31:db:b0:8f:97:9d:62:5f:
                    81:1d:c9:ce:11:f1:35:53:f0:bc:b6:c7:19:20:a8:
                    25:45:8f:25:95:47:16:81:07:2a:a7:19:bf:8b:83:
                    da:9b:2b:9e:d5:41:fe:3a:a3:b0:f5:ef:9d:0e:e0:
                    5d:9c:eb:65:85:c0:56:d5:74:9c:8e:09:75:5d:7e:
                    a8:31:02:e7:91:f3:50:1f:c5:90:77:c0:78:a4:9d:
                    df:ee:f5:1a:aa:68:1b:95:b2:49:ec:8e:86:9c:c7:
                    c5:56:7c:73:02:fc:bf:3e:20:6b:40:ce:eb:dc:61:
                    31:8e:29:6f:f2:dd:77:12:75:7e:e9:17:95:46:c8:
                    85:72:3b:f9:e2:8f:17:65:e7:d1:b8:04:c7:4a:db:
                    99:68:5b:bc:d2:93:6a:4c:a3:17:dd:79:cd:70:ea:
                    20:0b:64:10:c3:32:56:17:a7:c0:5a:a1:8d:e2:81:
                    4f:c0:e6:6f:df:1f:a8:23:87:ab:47:50:11:f7:9f:
                    aa:5a:e5:36:a2:a8:e1:df:e8:15:46:9c:82:7c:50:
                    ab:95:ef:63:87:a8:e7:ed:c4:f8:cd:4b:54:9e:57:
                    9a:b3:1c:a3:23:c8:44:44:a3:5e:2e:4b:42:4e:8f:
                    fd:aa:cb:c7:d2:f7:b1:bc:bf:11:5d:2d:4f:b5:40:
                    00:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:52:58:EC:D1:DB:8C:68:DF:9D:FE:E6:4E:33:48:40:91:A2:CA:0D
            X509v3 Authority Key Identifier:
                keyid:CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:f3:f0:49:9d:be:53:a3:ff:9f:28:4a:35:a5:ac:81:d1:0d:
         81:29:9f:6a:43:10:54:5f:91:bb:b5:93:d7:a9:85:0b:55:de:
         0e:fe:65:8d:5a:d4:87:6a:06:80:b2:4d:64:62:31:a7:06:d0:
         34:95:56:d3:ca:fc:f8:0d:c0:78:aa:50:b6:5a:fb:29:c6:54:
         44:7d:7f:8d:66:14:16:50:ec:d6:f0:95:7b:69:6c:76:f0:45:
         7e:33:37:05:b2:98:73:dd:49:c9:4e:6d:3d:f0:09:4a:f9:d5:
         40:87:a6:d7:74:bb:8f:53:6f:39:7d:50:03:5f:99:8c:0e:db:
         f3:83:f4:42:f0:e1:06:4b:f1:0f:d7:63:16:ce:88:97:e8:1f:
         02:5b:b4:0c:aa:92:15:a3:33:0d:cf:b1:d7:37:6f:3f:79:b5:
         25:0d:f4:2c:e1:93:5e:1c:46:05:a0:0d:9e:42:3c:5f:34:a2:
         6d:38:61:06:c0:48:fe:d3:6e:8e:dd:f2:27:56:27:1f:34:49:
         02:bf:7b:a0:37:f3:97:6b:46:f5:a7:ab:5b:83:58:bf:1c:5b:
         5c:38:89:e5:3e:44:e5:61:b7:5c:b9:9b:ba:1d:46:cd:ef:21:
         01:4d:66:e7:d7:7e:c9:4f:4e:7e:50:c2:5a:0f:45:38:7d:1a:
         e8:5e:ca:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/3JdTeQU8KuXIubaHTlnxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWRlZjg0MDAzNjVlMWNhYzE2ZThmNzg4NzA5MmRhYzk4
M2I3M2UwHhcNMjUwNTExMTUwMDI2WhcNMjUwNTEyMTUwMDI2WjAzMTEwLwYDVQQD
EyhiOTUyNThlY2QxZGI4YzY4ZGY5ZGZlZTY0ZTMzNDg0MDkxYTJjYTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3yV+uFuMduwj5edYl+BHcnOEfE1
U/C8tscZIKglRY8llUcWgQcqpxm/i4Pamyue1UH+OqOw9e+dDuBdnOtlhcBW1XSc
jgl1XX6oMQLnkfNQH8WQd8B4pJ3f7vUaqmgblbJJ7I6GnMfFVnxzAvy/PiBrQM7r
3GExjilv8t13EnV+6ReVRsiFcjv54o8XZefRuATHStuZaFu80pNqTKMX3XnNcOog
C2QQwzJWF6fAWqGN4oFPwOZv3x+oI4erR1AR95+qWuU2oqjh3+gVRpyCfFCrle9j
h6jn7cT4zUtUnleasxyjI8hERKNeLktCTo/9qsvH0vexvL8RXS1PtUAAyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLlSWOzR24xo353+5k4zSECRosoNMB8GA1UdIwQY
MBaAFMod74QANl4crBbo94hwktrJg7c+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEt
Zjk4ZWM5ZDE2MmJlLzEveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEtZjk4ZWM5ZDE2MmJl
LzEveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW/PwSZ2+
U6P/nyhKNaWsgdENgSmfakMQVF+Ru7WT16mFC1XeDv5ljVrUh2oGgLJNZGIxpwbQ
NJVW08r8+A3AeKpQtlr7KcZURH1/jWYUFlDs1vCVe2lsdvBFfjM3BbKYc91JyU5t
PfAJSvnVQIem13S7j1NvOX1QA1+ZjA7b84P0QvDhBkvxD9djFs6Il+gfAlu0DKqS
FaMzDc+x1zdvP3m1JQ30LOGTXhxGBaANnkI8XzSibThhBsBI/tNujt3yJ1YnHzRJ
Ar97oDfzl2tG9aerW4NYvxxbXDiJ5T5E5WG3XLmbuh1Gze8hAU1m59d+yU9OflDC
Wg9FOH0a6F7KHA==
-----END CERTIFICATE-----