Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
File:                     Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft (raw, json)
Hash identifier:          Tadr6Sif7snXiZFZ9GdSw/00D57WRMBe2leE8J0Z11c=
Subject key identifier:   D1:E3:96:67:C0:12:01:21:31:FC:8A:B5:72:05:4F:D6:C9:A9:92:08
Authority key identifier: 63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7
Certificate issuer:       /CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7
Certificate serial:       01969E99F98BBEED97F1A3103ED22822632D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
Manifest number:          0A04
Signing time:             Mon 05 May 2025 04:00:13 +0000
Manifest this update:     Mon 05 May 2025 04:00:13 +0000
Manifest next update:     Tue 06 May 2025 04:00:13 +0000
Files and hashes:         1: Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl (hash: xqOq1CJWuYWbh+X8eb91C32TWziKEUCTpSXz5K82kyw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9e:99:f9:8b:be:ed:97:f1:a3:10:3e:d2:28:22:63:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7
        Validity
            Not Before: May  5 04:00:13 2025 GMT
            Not After : May  6 04:00:13 2025 GMT
        Subject: CN=d1e39667c012012131fc8ab572054fd6c9a99208
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:c0:ed:49:53:35:3b:94:a0:43:87:0f:4c:cc:
                    72:e1:c0:9f:da:68:52:c6:95:08:9f:66:c5:2d:cd:
                    e4:73:49:fd:93:17:76:fb:fe:0b:8c:b8:12:79:cf:
                    a6:2c:9e:e0:74:83:87:08:86:fe:e4:37:67:61:ab:
                    07:58:a6:56:d4:55:ac:44:20:4d:19:22:ef:ce:3b:
                    b8:ec:e2:2b:34:b5:bf:3f:a7:df:b4:8c:bd:99:c1:
                    ec:26:5f:e0:4d:d0:23:22:7d:17:d1:c0:a7:4e:89:
                    58:82:80:27:f8:89:b8:c9:52:df:8b:31:fd:57:12:
                    d9:04:39:9e:94:fb:89:23:8b:d3:8d:99:78:59:f9:
                    bb:c6:26:03:79:65:2b:39:89:0f:ac:0d:24:7f:8a:
                    df:e1:a1:bd:8b:0d:79:a1:5f:1a:fa:c0:4a:ab:c7:
                    f8:9d:5e:fb:37:f8:22:74:3b:f3:20:1f:6f:1e:7f:
                    8a:a0:50:8d:68:9c:da:11:2e:9a:d9:07:b0:38:cc:
                    61:56:c2:91:8b:b7:71:85:cb:b2:82:b0:05:6f:58:
                    b0:36:b2:2b:e6:38:90:2c:90:0d:a2:a3:be:c0:e3:
                    2e:8b:a0:3f:e9:84:50:1c:06:3c:7a:5b:c9:1a:04:
                    b1:ab:7e:fb:7e:e2:f0:38:10:c3:83:83:38:d8:d1:
                    82:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:E3:96:67:C0:12:01:21:31:FC:8A:B5:72:05:4F:D6:C9:A9:92:08
            X509v3 Authority Key Identifier:
                keyid:63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:67:60:87:fd:2a:f6:4d:3e:5c:dc:3a:88:07:81:f2:fb:a0:
         61:e5:a9:f2:73:5d:80:e4:3b:b2:30:af:35:0e:ab:d5:05:c5:
         c7:74:f5:9b:76:ec:b7:26:e9:67:12:8f:80:09:94:d5:f8:b7:
         f4:0b:ff:61:5b:e0:c2:82:9d:36:f3:d8:ae:41:61:61:e8:d1:
         eb:a0:6a:0f:57:a9:ba:61:5e:57:ed:12:a6:fa:73:59:89:5f:
         2c:09:48:bf:e7:ea:97:2a:15:ae:33:d5:92:b2:5b:f5:9e:a0:
         21:16:34:ac:fd:d3:14:b4:e8:ca:03:5d:3c:cf:6a:27:cb:14:
         d8:71:1c:ed:01:c6:82:15:a5:dc:13:ce:f1:ad:54:aa:19:60:
         45:35:69:09:35:c6:d2:f1:34:b8:5c:d0:01:87:15:6c:97:2a:
         16:6c:e3:ca:aa:5f:2f:3a:1c:1d:45:58:66:be:8a:84:77:9d:
         30:4d:34:a1:c0:05:37:98:1a:df:89:08:39:f3:73:bc:ee:ce:
         94:e0:7b:90:db:a4:5b:92:79:f0:fe:c3:8c:33:3d:c7:35:d2:
         ed:7b:f6:63:46:4c:3b:cb:d0:bd:e9:b4:15:df:ab:a6:68:e6:
         f6:d1:f9:72:8c:21:15:b8:53:83:f1:4e:c9:d3:6c:cc:5e:c0:
         58:61:ac:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaemfmLvu2X8aMQPtIoImMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNzFkMmZiZWNmMmY5MGRjN2Y0OTUxN2E0NDBkYTUzMzlm
NGE2YzcwHhcNMjUwNTA1MDQwMDEzWhcNMjUwNTA2MDQwMDEzWjAzMTEwLwYDVQQD
EyhkMWUzOTY2N2MwMTIwMTIxMzFmYzhhYjU3MjA1NGZkNmM5YTk5MjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysDtSVM1O5SgQ4cPTMxy4cCf2mhS
xpUIn2bFLc3kc0n9kxd2+/4LjLgSec+mLJ7gdIOHCIb+5DdnYasHWKZW1FWsRCBN
GSLvzju47OIrNLW/P6fftIy9mcHsJl/gTdAjIn0X0cCnTolYgoAn+Im4yVLfizH9
VxLZBDmelPuJI4vTjZl4Wfm7xiYDeWUrOYkPrA0kf4rf4aG9iw15oV8a+sBKq8f4
nV77N/gidDvzIB9vHn+KoFCNaJzaES6a2QewOMxhVsKRi7dxhcuygrAFb1iwNrIr
5jiQLJANoqO+wOMui6A/6YRQHAY8elvJGgSxq377fuLwOBDDg4M42NGCpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNHjlmfAEgEhMfyKtXIFT9bJqZIIMB8GA1UdIwQY
MBaAFGNx0vvs8vkNx/SVF6RA2lM59KbHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAt
N2UxNGQzNTk4ZjA5LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAtN2UxNGQzNTk4ZjA5
LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr2dgh/0q
9k0+XNw6iAeB8vugYeWp8nNdgOQ7sjCvNQ6r1QXFx3T1m3bstybpZxKPgAmU1fi3
9Av/YVvgwoKdNvPYrkFhYejR66BqD1epumFeV+0SpvpzWYlfLAlIv+fqlyoVrjPV
krJb9Z6gIRY0rP3TFLToygNdPM9qJ8sU2HEc7QHGghWl3BPO8a1UqhlgRTVpCTXG
0vE0uFzQAYcVbJcqFmzjyqpfLzocHUVYZr6KhHedME00ocAFN5ga34kIOfNzvO7O
lOB7kNukW5J58P7DjDM9xzXS7Xv2Y0ZMO8vQvem0Fd+rpmjm9tH5cowhFbhTg/FO
ydNszF7AWGGsDQ==
-----END CERTIFICATE-----