Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
File:                     y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft (raw, json)
Hash identifier:          ALORVn/vMdQagn8egvovC6aijpAaZQcg5xxJJpTomXU=
Subject key identifier:   2D:93:09:52:F3:2F:6F:2D:3E:5C:85:5F:D3:F2:C8:D7:3A:55:19:0E
Authority key identifier: CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06
Certificate issuer:       /CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
Certificate serial:       0196AA9EFDB7F6EC209C20C013539AE4C609
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
Manifest number:          0242
Signing time:             Wed 07 May 2025 12:01:08 +0000
Manifest this update:     Wed 07 May 2025 12:01:08 +0000
Manifest next update:     Thu 08 May 2025 12:01:08 +0000
Files and hashes:         1: y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl (hash: W5H2RDAEBMU3qGEBqF/DOY+4DwNUKzx5msG47r15OGI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 12:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:aa:9e:fd:b7:f6:ec:20:9c:20:c0:13:53:9a:e4:c6:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
        Validity
            Not Before: May  7 12:01:08 2025 GMT
            Not After : May  8 12:01:08 2025 GMT
        Subject: CN=2d930952f32f6f2d3e5c855fd3f2c8d73a55190e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:cc:9a:fe:82:f1:83:e3:83:c1:b7:f3:4e:13:
                    c5:72:45:b8:17:d7:ef:03:30:ad:eb:af:34:da:9b:
                    01:a6:ec:d8:89:9d:14:f9:55:29:47:7c:e5:99:16:
                    5b:7e:a3:10:d0:64:1a:65:1f:d4:8e:c6:1d:f1:37:
                    b1:49:74:89:f9:b9:f3:40:a1:90:4b:e8:1e:2f:14:
                    67:43:d9:4b:db:6e:cb:16:cd:e6:8d:79:61:04:c8:
                    44:4c:7d:bd:8a:aa:e6:5e:c6:74:35:41:05:6a:07:
                    6e:e3:aa:54:1c:99:0d:0a:a2:b1:3a:e3:9d:e5:25:
                    dd:9f:fd:93:85:db:c8:7e:de:2e:36:f6:d5:7a:67:
                    b3:ae:4b:4c:5b:a3:67:68:e6:aa:a0:46:96:f7:31:
                    fe:f8:4d:4d:0d:43:25:48:75:6d:01:dd:f0:6d:a9:
                    99:2b:96:5f:21:d1:68:41:68:cc:64:21:90:99:1a:
                    3f:15:40:a0:4b:d7:0b:a7:96:e8:d4:7d:38:f2:14:
                    05:cd:72:9d:b8:91:9b:07:ed:da:30:8d:ed:fa:33:
                    aa:80:6c:c0:5f:c5:95:bf:5e:22:bd:e8:43:2a:a9:
                    c9:fe:61:0f:37:d8:74:5e:3c:4b:3a:b4:ed:52:1c:
                    d1:43:c6:98:7f:24:44:3a:f2:ac:44:57:31:de:fd:
                    c6:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:93:09:52:F3:2F:6F:2D:3E:5C:85:5F:D3:F2:C8:D7:3A:55:19:0E
            X509v3 Authority Key Identifier:
                keyid:CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:79:ec:fd:7b:30:95:06:10:ec:07:75:71:bc:08:14:0c:81:
         ae:30:f0:3c:42:3b:28:e6:bf:3a:b8:4f:14:2a:aa:88:45:fa:
         7f:07:49:5f:6c:ff:f4:c8:ae:98:bc:b3:bc:ae:24:8e:7c:c2:
         42:52:6b:3f:48:c6:8e:2a:87:d5:6c:da:c4:19:9f:b8:60:fb:
         20:ce:f4:ec:35:9f:fa:50:29:89:fa:55:b7:2a:3c:a0:f4:49:
         55:a0:9c:95:f3:bc:ea:2a:ec:34:dc:f2:75:7e:7d:12:fd:c1:
         3d:6d:13:d5:10:64:cc:0b:74:e6:e6:7d:ba:a6:fb:c9:eb:7c:
         54:77:60:bf:83:0f:2b:33:86:54:39:0f:d6:4b:49:2f:b7:db:
         56:32:37:56:6d:18:e3:e0:67:55:35:d3:c9:7f:cf:08:48:3b:
         27:72:63:90:57:4f:5e:16:f1:68:97:57:37:8f:67:73:6b:52:
         6c:64:3e:7e:8e:03:64:c9:c0:4a:f5:99:cb:62:b1:50:21:4e:
         60:65:ca:c6:40:75:e3:44:bf:18:92:7f:10:e2:aa:ed:11:dc:
         6c:13:cb:5d:92:5d:e2:b0:f5:4c:07:03:03:76:e8:37:dd:05:
         7f:c4:4b:af:7a:46:2c:cc:91:ac:b7:b8:88:87:1d:d4:b5:fb:
         b5:dd:aa:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaqnv239uwgnCDAE1Oa5MYJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOWExY2I4MGZiNjM3MzJlNTMwMDQ3YTFlYzU1MjlmOGM4
YjFhMDYwHhcNMjUwNTA3MTIwMTA4WhcNMjUwNTA4MTIwMTA4WjAzMTEwLwYDVQQD
EygyZDkzMDk1MmYzMmY2ZjJkM2U1Yzg1NWZkM2YyYzhkNzNhNTUxOTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8ya/oLxg+ODwbfzThPFckW4F9fv
AzCt66802psBpuzYiZ0U+VUpR3zlmRZbfqMQ0GQaZR/UjsYd8TexSXSJ+bnzQKGQ
S+geLxRnQ9lL227LFs3mjXlhBMhETH29iqrmXsZ0NUEFagdu46pUHJkNCqKxOuOd
5SXdn/2ThdvIft4uNvbVemezrktMW6NnaOaqoEaW9zH++E1NDUMlSHVtAd3wbamZ
K5ZfIdFoQWjMZCGQmRo/FUCgS9cLp5bo1H048hQFzXKduJGbB+3aMI3t+jOqgGzA
X8WVv14ivehDKqnJ/mEPN9h0XjxLOrTtUhzRQ8aYfyREOvKsRFcx3v3GAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2TCVLzL28tPlyFX9PyyNc6VRkOMB8GA1UdIwQY
MBaAFMuaHLgPtjcy5TAEeh7FUp+MixoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMt
MTEzZWRlM2FmZjc5LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMtMTEzZWRlM2FmZjc5
LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACXns/Xsw
lQYQ7Ad1cbwIFAyBrjDwPEI7KOa/OrhPFCqqiEX6fwdJX2z/9MiumLyzvK4kjnzC
QlJrP0jGjiqH1WzaxBmfuGD7IM707DWf+lApifpVtyo8oPRJVaCclfO86irsNNzy
dX59Ev3BPW0T1RBkzAt05uZ9uqb7yet8VHdgv4MPKzOGVDkP1ktJL7fbVjI3Vm0Y
4+BnVTXTyX/PCEg7J3JjkFdPXhbxaJdXN49nc2tSbGQ+fo4DZMnASvWZy2KxUCFO
YGXKxkB140S/GJJ/EOKq7RHcbBPLXZJd4rD1TAcDA3boN90Ff8RLr3pGLMyRrLe4
iIcd1LX7td2qQw==
-----END CERTIFICATE-----