Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft
File:                     Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft (raw, json)
Hash identifier:          tJMj9qiYmN6h/r8iumXC9G29fxbj5I/yC5SmhiDKaIM=
Subject key identifier:   5E:B9:50:A4:28:1C:DF:E4:3D:D5:D3:F3:66:17:B3:D7:40:C2:41:1F
Authority key identifier: 63:6B:02:7B:FA:B9:1A:A4:71:9A:80:EF:E0:21:24:61:37:42:8B:DA
Certificate issuer:       /CN=636b027bfab91aa4719a80efe021246137428bda
Certificate serial:       0196A3C0900FA25197ACCE07FA47E2EADFB8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft
Manifest number:          12C6
Signing time:             Tue 06 May 2025 04:00:28 +0000
Manifest this update:     Tue 06 May 2025 04:00:28 +0000
Manifest next update:     Wed 07 May 2025 04:00:28 +0000
Files and hashes:         1: Y2sCe_q5GqRxmoDv4CEkYTdCi9o.crl (hash: zLbhlYSUI358civ+Ciht+W3ekyZENhW/yq0Hz5C1rtQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a3:c0:90:0f:a2:51:97:ac:ce:07:fa:47:e2:ea:df:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=636b027bfab91aa4719a80efe021246137428bda
        Validity
            Not Before: May  6 04:00:28 2025 GMT
            Not After : May  7 04:00:28 2025 GMT
        Subject: CN=5eb950a4281cdfe43dd5d3f36617b3d740c2411f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:bf:99:d3:2f:4a:3c:12:93:2e:3d:5b:40:23:
                    53:41:0b:6e:58:c9:d0:94:30:a8:a5:24:23:fa:db:
                    b9:72:4e:1e:cd:48:15:2a:34:1a:90:6c:21:22:63:
                    9c:71:b6:db:39:21:38:d7:9c:d9:10:39:9a:ee:68:
                    5f:62:0e:92:cc:82:6e:5b:59:00:b0:90:00:fd:2f:
                    2b:5c:e9:2e:84:1f:89:06:4d:6f:b9:b2:38:6e:9b:
                    32:46:d8:97:1a:5a:41:e7:ae:a0:98:ee:53:e2:f5:
                    e2:96:61:00:62:b0:f5:13:ba:7c:0a:cb:8a:a8:81:
                    8a:43:1f:3c:02:67:37:91:48:2e:32:1f:aa:62:c8:
                    63:68:04:cf:81:6d:52:99:68:87:14:d6:4b:d2:7d:
                    e5:de:27:34:72:d9:b1:22:17:82:6e:83:15:4a:a9:
                    b5:54:5e:52:c9:e5:5f:8e:53:47:a4:aa:0f:43:67:
                    d3:37:4e:be:25:db:4e:48:fd:8b:c6:e0:e6:41:2d:
                    c3:d5:5b:d2:77:ab:cd:a6:92:0e:4f:0f:f4:68:82:
                    3c:c2:f8:39:ba:ae:c4:55:3e:79:7c:ad:49:82:e8:
                    4a:de:c5:6c:40:b6:9e:76:86:de:43:70:87:b3:d1:
                    de:e2:c7:07:5a:26:c6:04:ac:b5:2b:18:d5:be:30:
                    89:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:B9:50:A4:28:1C:DF:E4:3D:D5:D3:F3:66:17:B3:D7:40:C2:41:1F
            X509v3 Authority Key Identifier:
                keyid:63:6B:02:7B:FA:B9:1A:A4:71:9A:80:EF:E0:21:24:61:37:42:8B:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:0a:2f:51:2a:ea:e2:50:22:a0:55:17:dc:27:72:66:ea:40:
         3c:50:29:5c:2e:2c:c9:18:d0:1b:6c:29:d6:90:f2:99:e7:8d:
         43:da:4e:77:92:d4:ff:8c:14:ad:7e:55:19:8f:17:80:cc:6f:
         34:28:b7:21:82:d7:c8:db:bb:c2:30:de:0a:0f:be:a9:1d:7c:
         0b:57:9b:00:b6:43:79:db:9d:35:a0:44:d7:4a:d7:5e:c9:33:
         18:99:a5:69:6a:4b:eb:8b:d7:6d:3f:e5:30:ed:05:4c:13:0e:
         6c:1b:1f:40:79:7b:0e:51:2d:7a:44:d3:77:74:49:e4:60:9c:
         40:b1:0a:09:d6:15:5b:18:1c:b7:0f:ac:49:49:3a:64:b8:c5:
         89:ad:15:d9:4c:3e:0e:53:0f:63:d7:e4:ce:87:bb:8c:5e:0a:
         2b:2f:75:5b:51:99:c8:17:bc:d7:d5:a8:20:84:a9:91:bd:1a:
         82:c5:4c:40:5c:77:c9:68:51:3b:de:ac:b9:a9:0c:6c:32:aa:
         fb:66:d0:88:66:99:b6:e6:ef:ba:d8:6b:b0:8e:7b:c6:6b:a6:
         ee:6e:1c:63:fa:e0:64:ca:ff:d3:20:5e:da:81:22:5c:8d:64:
         d3:2c:a8:c0:48:93:a1:10:99:63:35:d4:55:aa:70:01:dd:37:
         9c:b1:af:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZajwJAPolGXrM4H+kfi6t+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNmIwMjdiZmFiOTFhYTQ3MTlhODBlZmUwMjEyNDYxMzc0
MjhiZGEwHhcNMjUwNTA2MDQwMDI4WhcNMjUwNTA3MDQwMDI4WjAzMTEwLwYDVQQD
Eyg1ZWI5NTBhNDI4MWNkZmU0M2RkNWQzZjM2NjE3YjNkNzQwYzI0MTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8r+Z0y9KPBKTLj1bQCNTQQtuWMnQ
lDCopSQj+tu5ck4ezUgVKjQakGwhImOccbbbOSE415zZEDma7mhfYg6SzIJuW1kA
sJAA/S8rXOkuhB+JBk1vubI4bpsyRtiXGlpB566gmO5T4vXilmEAYrD1E7p8CsuK
qIGKQx88Amc3kUguMh+qYshjaATPgW1SmWiHFNZL0n3l3ic0ctmxIheCboMVSqm1
VF5SyeVfjlNHpKoPQ2fTN06+JdtOSP2LxuDmQS3D1VvSd6vNppIOTw/0aII8wvg5
uq7EVT55fK1JguhK3sVsQLaedobeQ3CHs9He4scHWibGBKy1KxjVvjCJ8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF65UKQoHN/kPdXT82YXs9dAwkEfMB8GA1UdIwQY
MBaAFGNrAnv6uRqkcZqA7+AhJGE3QovaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJzQ2VfcTVHcVJ4bW9EdjRDRWtZVGRDaTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9hMGNkZDgtMDkyZC00M2JiLWEyYTgt
ODgwYzJlNGZhYTZlLzEvWTJzQ2VfcTVHcVJ4bW9EdjRDRWtZVGRDaTlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9hMGNkZDgtMDkyZC00M2JiLWEyYTgtODgwYzJlNGZhYTZl
LzEvWTJzQ2VfcTVHcVJ4bW9EdjRDRWtZVGRDaTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYwovUSrq
4lAioFUX3CdyZupAPFApXC4syRjQG2wp1pDymeeNQ9pOd5LU/4wUrX5VGY8XgMxv
NCi3IYLXyNu7wjDeCg++qR18C1ebALZDedudNaBE10rXXskzGJmlaWpL64vXbT/l
MO0FTBMObBsfQHl7DlEtekTTd3RJ5GCcQLEKCdYVWxgctw+sSUk6ZLjFia0V2Uw+
DlMPY9fkzoe7jF4KKy91W1GZyBe819WoIISpkb0agsVMQFx3yWhRO96suakMbDKq
+2bQiGaZtubvuthrsI57xmum7m4cY/rgZMr/0yBe2oEiXI1k0yyowEiToRCZYzXU
VapwAd03nLGvWw==
-----END CERTIFICATE-----