Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
File:                     YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft (raw, json)
Hash identifier:          fMlpc7udYkfQDkc1KQylOypiNOq8+SLWFnLKOTcs/tQ=
Subject key identifier:   DE:6D:CF:FF:62:00:35:E3:DB:88:F5:6A:56:18:4D:F1:8B:11:C2:ED
Authority key identifier: 60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F
Certificate issuer:       /CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
Certificate serial:       0196C0B83516AACB3F581A866E9159320E77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
Manifest number:          06CF
Signing time:             Sun 11 May 2025 19:00:19 +0000
Manifest this update:     Sun 11 May 2025 19:00:19 +0000
Manifest next update:     Mon 12 May 2025 19:00:19 +0000
Files and hashes:         1: YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl (hash: tetj7XLNDDhf3F0AQANlXTfzGBZtrjuWi3kjYqWyvU4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c0:b8:35:16:aa:cb:3f:58:1a:86:6e:91:59:32:0e:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
        Validity
            Not Before: May 11 19:00:19 2025 GMT
            Not After : May 12 19:00:19 2025 GMT
        Subject: CN=de6dcfff620035e3db88f56a56184df18b11c2ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:a8:63:25:d7:7f:2d:43:dc:1d:66:96:2a:b1:
                    30:2e:93:c4:8e:32:c8:2c:58:30:18:99:cd:ee:34:
                    0b:c5:8d:ad:22:6c:cf:7c:11:f8:42:3d:04:9a:46:
                    23:eb:03:32:28:4a:9f:80:42:ed:a5:b7:e8:32:9a:
                    be:41:e3:d4:c6:48:0f:13:62:1b:af:0f:09:f5:7f:
                    d6:70:78:32:68:41:94:d9:d2:7b:04:04:87:f9:4c:
                    21:00:39:c6:69:44:23:35:6a:6c:03:43:75:40:29:
                    b4:59:ca:32:67:9b:28:42:12:de:08:73:3b:27:b7:
                    eb:06:64:07:36:9e:19:0d:01:b2:7d:f5:31:b6:1e:
                    92:3e:e7:dc:6c:19:6d:8d:86:84:13:df:ba:8a:58:
                    74:c2:44:e7:99:42:42:b4:32:cf:ca:31:3b:d4:08:
                    74:b6:8e:82:a5:ae:53:b3:e4:be:41:1e:d3:00:cd:
                    2f:21:43:14:b7:28:91:58:21:a6:d3:64:01:44:45:
                    8b:92:58:15:54:63:23:20:6f:93:b1:08:92:61:68:
                    b3:4e:17:c5:29:8e:1e:b8:22:8b:d6:8b:dd:22:d6:
                    61:fe:42:1b:3e:f0:11:11:a5:f7:f3:19:41:2a:70:
                    d3:fa:d4:e1:50:65:b6:44:a3:a3:39:bb:41:09:8b:
                    1a:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:6D:CF:FF:62:00:35:E3:DB:88:F5:6A:56:18:4D:F1:8B:11:C2:ED
            X509v3 Authority Key Identifier:
                keyid:60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:57:1b:97:57:44:c3:eb:2f:50:81:52:0a:5c:e7:1f:84:83:
         a1:26:fb:30:27:25:d8:24:68:fe:af:17:7a:6b:2b:69:08:4f:
         14:f3:04:60:a0:a0:8a:a3:00:6b:8c:12:0d:fb:19:c9:93:ba:
         b7:d5:99:e8:65:88:65:f1:c0:e8:a7:96:02:d4:2b:74:41:a5:
         1a:09:45:0c:a9:10:55:d9:e4:c5:df:74:ac:68:e1:ab:22:e9:
         c0:7c:76:67:41:7c:f4:ec:6c:3f:17:0c:f1:c0:9e:67:e1:fb:
         66:7b:58:a5:a7:20:96:bc:24:54:81:1f:b4:88:c1:4a:0d:08:
         0c:9f:27:6e:d7:8c:31:06:e3:4f:fb:86:43:6a:4a:5b:1c:f5:
         57:4b:9e:f2:c3:49:87:13:43:c8:8e:38:a4:31:f5:e9:c1:e9:
         6d:7d:29:40:54:45:9f:3b:60:79:45:d3:ff:be:20:4b:4b:6b:
         a7:ce:03:9c:41:fb:48:67:89:ea:3e:93:ee:e6:71:99:f9:f3:
         d7:b9:64:b3:af:b5:19:d2:7d:2d:0c:19:9b:a7:9e:66:ff:73:
         82:40:46:63:c4:23:c1:e3:ad:e8:30:fa:90:f1:ba:2a:1a:c6:
         e9:e6:07:51:80:74:f8:ec:51:a7:0b:fa:a1:8b:0a:ec:39:2c:
         61:08:45:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbAuDUWqss/WBqGbpFZMg53MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYTQzNGZkNmJmZjhiNmZiYjBkNTJmOGRhNDJlOTFmOGE1
YTI5MmYwHhcNMjUwNTExMTkwMDE5WhcNMjUwNTEyMTkwMDE5WjAzMTEwLwYDVQQD
EyhkZTZkY2ZmZjYyMDAzNWUzZGI4OGY1NmE1NjE4NGRmMThiMTFjMmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA96hjJdd/LUPcHWaWKrEwLpPEjjLI
LFgwGJnN7jQLxY2tImzPfBH4Qj0EmkYj6wMyKEqfgELtpbfoMpq+QePUxkgPE2Ib
rw8J9X/WcHgyaEGU2dJ7BASH+UwhADnGaUQjNWpsA0N1QCm0WcoyZ5soQhLeCHM7
J7frBmQHNp4ZDQGyffUxth6SPufcbBltjYaEE9+6ilh0wkTnmUJCtDLPyjE71Ah0
to6Cpa5Ts+S+QR7TAM0vIUMUtyiRWCGm02QBREWLklgVVGMjIG+TsQiSYWizThfF
KY4euCKL1ovdItZh/kIbPvAREaX38xlBKnDT+tThUGW2RKOjObtBCYsa1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN5tz/9iADXj24j1alYYTfGLEcLtMB8GA1UdIwQY
MBaAFGCkNP1r/4tvuw1S+NpC6R+KWikvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAt
NmEzZjAxZDljYjUwLzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAtNmEzZjAxZDljYjUw
LzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVVcbl1dE
w+svUIFSClznH4SDoSb7MCcl2CRo/q8XemsraQhPFPMEYKCgiqMAa4wSDfsZyZO6
t9WZ6GWIZfHA6KeWAtQrdEGlGglFDKkQVdnkxd90rGjhqyLpwHx2Z0F89OxsPxcM
8cCeZ+H7ZntYpacglrwkVIEftIjBSg0IDJ8nbteMMQbjT/uGQ2pKWxz1V0ue8sNJ
hxNDyI44pDH16cHpbX0pQFRFnztgeUXT/74gS0trp84DnEH7SGeJ6j6T7uZxmfnz
17lks6+1GdJ9LQwZm6eeZv9zgkBGY8QjweOt6DD6kPG6KhrG6eYHUYB0+OxRpwv6
oYsK7DksYQhFxQ==
-----END CERTIFICATE-----