Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
File:                     YDRE4ZlioZHv0vIWoSji9M_io94.mft (raw, json)
Hash identifier:          QD/0XIgTsXuTkPRBTxP1vpXejUUXh766WjPUL1uSodk=
Subject key identifier:   A1:2A:44:4B:A6:47:31:6E:CA:90:C7:AF:C1:17:76:FE:11:A4:23:8B
Authority key identifier: 60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE
Certificate issuer:       /CN=603444e19962a191efd2f216a128e2f4cfe2a3de
Certificate serial:       0196A84229052070321806CBCEFCC0065E0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
Manifest number:          0543
Signing time:             Wed 07 May 2025 01:00:30 +0000
Manifest this update:     Wed 07 May 2025 01:00:30 +0000
Manifest next update:     Thu 08 May 2025 01:00:30 +0000
Files and hashes:         1: YDRE4ZlioZHv0vIWoSji9M_io94.crl (hash: ubWgN5KVcRdm38uy7sbeRXeSioOajO10RXhLWFZVIaI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 01:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a8:42:29:05:20:70:32:18:06:cb:ce:fc:c0:06:5e:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=603444e19962a191efd2f216a128e2f4cfe2a3de
        Validity
            Not Before: May  7 01:00:30 2025 GMT
            Not After : May  8 01:00:30 2025 GMT
        Subject: CN=a12a444ba647316eca90c7afc11776fe11a4238b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:3f:47:d2:48:f7:6b:cb:63:77:2b:3a:c6:2f:
                    f6:d5:dc:52:76:34:e4:d4:48:5e:2d:bf:5d:57:7f:
                    7c:46:db:5e:03:41:99:55:ce:a8:ea:93:c1:62:45:
                    9a:e0:80:93:1a:a2:de:0b:39:9a:61:c3:83:5e:ab:
                    0d:26:2f:56:21:2a:3f:c3:7f:04:01:59:df:37:0d:
                    ed:5a:14:40:54:87:39:3c:f9:8b:7d:f0:fa:ce:93:
                    2d:2a:2b:74:b5:97:68:44:0a:82:0b:c8:26:9a:ea:
                    bd:d9:62:0d:ee:81:7e:92:36:9a:a3:27:c4:17:34:
                    0c:86:52:6d:69:11:d4:ca:4b:c9:18:88:b3:4b:ed:
                    c3:f6:f2:9a:29:bd:2c:12:f8:93:81:e8:cd:28:fe:
                    66:2e:bb:16:fc:27:20:ef:01:3c:a9:d9:db:85:63:
                    eb:19:0f:bc:71:da:5a:1a:f2:24:a4:73:52:30:90:
                    e5:a9:32:fa:5d:28:ad:5b:52:d0:93:30:f7:12:d6:
                    0a:98:bf:8d:e1:79:1c:c5:1c:f2:c6:b1:63:8f:d1:
                    48:82:e2:30:7c:ac:51:f5:fa:ca:9b:e9:74:e0:df:
                    ce:61:bf:76:29:33:a7:bd:29:0e:a3:08:a3:68:82:
                    02:57:f1:94:8a:25:ee:c5:79:4a:4f:be:1f:3a:b8:
                    b8:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:2A:44:4B:A6:47:31:6E:CA:90:C7:AF:C1:17:76:FE:11:A4:23:8B
            X509v3 Authority Key Identifier:
                keyid:60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:75:da:75:0f:6d:e4:6b:16:46:f2:b9:2b:52:2c:ab:78:b7:
         07:2e:f1:94:72:70:e0:27:6f:df:9d:6e:17:94:05:26:25:9e:
         f5:2b:8a:87:e0:e8:03:5d:3d:38:ec:ae:34:01:55:b2:7e:12:
         85:c0:23:06:70:36:51:a2:bd:be:98:a0:a5:3e:3e:c7:ba:a0:
         b6:6a:1e:a4:c6:b8:c3:55:97:24:2f:db:b0:ab:83:62:3a:be:
         94:58:af:a7:37:67:d6:fc:9f:d9:dc:9c:cc:98:13:aa:82:ef:
         1d:c2:5e:95:4a:e8:1d:60:de:68:e4:2e:a6:88:84:86:de:67:
         89:0f:8e:93:a7:65:72:05:f7:3a:27:b0:be:eb:22:d5:30:a2:
         c6:00:84:40:15:2e:5c:a9:4c:b8:d9:c0:3c:6f:40:76:f5:e4:
         55:ef:57:d0:f8:fd:a4:07:d4:7c:f5:c9:44:e1:dd:b4:7b:de:
         0b:25:97:fe:c6:fc:6a:09:e1:6a:77:b7:51:93:b1:39:ba:d0:
         5f:42:83:9f:a0:93:51:ec:aa:4a:f3:d1:db:fb:83:38:b9:6c:
         69:91:5e:73:2e:22:01:99:5e:36:32:e9:73:15:80:3d:34:99:
         a3:58:43:41:02:8c:1d:80:51:7b:e5:33:8d:b3:0e:b5:98:89:
         79:11:0e:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaoQikFIHAyGAbLzvzABl4NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzQ0NGUxOTk2MmExOTFlZmQyZjIxNmExMjhlMmY0Y2Zl
MmEzZGUwHhcNMjUwNTA3MDEwMDMwWhcNMjUwNTA4MDEwMDMwWjAzMTEwLwYDVQQD
EyhhMTJhNDQ0YmE2NDczMTZlY2E5MGM3YWZjMTE3NzZmZTExYTQyMzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj9H0kj3a8tjdys6xi/21dxSdjTk
1EheLb9dV398RtteA0GZVc6o6pPBYkWa4ICTGqLeCzmaYcODXqsNJi9WISo/w38E
AVnfNw3tWhRAVIc5PPmLffD6zpMtKit0tZdoRAqCC8gmmuq92WIN7oF+kjaaoyfE
FzQMhlJtaRHUykvJGIizS+3D9vKaKb0sEviTgejNKP5mLrsW/Ccg7wE8qdnbhWPr
GQ+8cdpaGvIkpHNSMJDlqTL6XSitW1LQkzD3EtYKmL+N4XkcxRzyxrFjj9FIguIw
fKxR9frKm+l04N/OYb92KTOnvSkOowijaIICV/GUiiXuxXlKT74fOri4RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKEqREumRzFuypDHr8EXdv4RpCOLMB8GA1UdIwQY
MBaAFGA0ROGZYqGR79LyFqEo4vTP4qPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzct
ODQ0N2UyOWMxNTI0LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzctODQ0N2UyOWMxNTI0
LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApHXadQ9t
5GsWRvK5K1Isq3i3By7xlHJw4Cdv351uF5QFJiWe9SuKh+DoA109OOyuNAFVsn4S
hcAjBnA2UaK9vpigpT4+x7qgtmoepMa4w1WXJC/bsKuDYjq+lFivpzdn1vyf2dyc
zJgTqoLvHcJelUroHWDeaOQupoiEht5niQ+Ok6dlcgX3Oiewvusi1TCixgCEQBUu
XKlMuNnAPG9AdvXkVe9X0Pj9pAfUfPXJROHdtHveCyWX/sb8agnhane3UZOxObrQ
X0KDn6CTUeyqSvPR2/uDOLlsaZFecy4iAZleNjLpcxWAPTSZo1hDQQKMHYBRe+Uz
jbMOtZiJeREOOQ==
-----END CERTIFICATE-----