Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
File:                     ydD7lgitlbS_5q4unxPgAv2raA0.mft (raw, json)
Hash identifier:          O0KCBaMc4+4++QPzfiUjPU9SOS1bzA+dIj+ter8Q35g=
Subject key identifier:   5D:45:A0:32:E1:78:0C:82:C3:B6:D2:C0:3C:0E:9D:42:FD:A1:4F:A5
Authority key identifier: C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D
Certificate issuer:       /CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
Certificate serial:       0196BB244AE69F47CA8404089A183AB24A18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
Manifest number:          03CC
Signing time:             Sat 10 May 2025 17:00:39 +0000
Manifest this update:     Sat 10 May 2025 17:00:39 +0000
Manifest next update:     Sun 11 May 2025 17:00:39 +0000
Files and hashes:         1: ydD7lgitlbS_5q4unxPgAv2raA0.crl (hash: b4OD2/sBAUJ+mmWocLXgu/513sfF2iv7LnydrgJ6hJE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:24:4a:e6:9f:47:ca:84:04:08:9a:18:3a:b2:4a:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
        Validity
            Not Before: May 10 17:00:39 2025 GMT
            Not After : May 11 17:00:39 2025 GMT
        Subject: CN=5d45a032e1780c82c3b6d2c03c0e9d42fda14fa5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:86:b7:54:b1:5c:f4:7b:41:3c:0e:e5:91:1d:
                    d5:92:95:18:ff:92:4f:63:34:58:fd:bc:22:36:fe:
                    8f:35:58:aa:ee:b7:7c:c0:1b:06:3a:10:e0:6a:b5:
                    31:fd:95:2d:6a:0c:2d:a3:5b:34:f5:c6:9d:5f:6e:
                    d0:0b:85:59:8f:a2:7a:ed:9a:82:ce:d4:f5:6e:03:
                    e5:2c:9a:bc:ed:47:45:eb:0c:37:90:fa:b3:35:dd:
                    41:8d:ae:13:e4:d5:90:6f:fe:01:a8:8e:65:1f:47:
                    57:c3:f9:eb:b7:8f:d4:a9:38:c8:f6:73:a5:c8:b8:
                    01:b3:f6:07:21:8f:43:e5:b5:2e:9c:c9:7b:a7:1d:
                    b8:ef:00:43:bd:51:a1:b7:b1:b1:c1:4d:ab:5b:af:
                    33:dc:4a:75:b1:48:c9:d5:4b:2d:f8:ab:63:a6:a1:
                    3b:5a:a8:3a:7d:6c:b3:00:fd:8c:6e:82:5a:c1:7b:
                    69:03:23:21:f7:1d:b8:fd:7d:3f:8c:f1:b6:b1:61:
                    df:04:c2:96:76:5b:a5:f5:d3:c9:83:fb:5f:84:ac:
                    93:96:b5:8d:a1:27:5a:8f:7d:19:55:de:4a:49:b6:
                    d5:1b:09:3a:71:2e:d8:21:d1:b3:5c:55:81:45:1c:
                    59:d9:7a:66:bf:ab:f5:8d:30:0c:f1:e1:b2:b7:c0:
                    72:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:45:A0:32:E1:78:0C:82:C3:B6:D2:C0:3C:0E:9D:42:FD:A1:4F:A5
            X509v3 Authority Key Identifier:
                keyid:C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:0c:20:ad:ef:74:ad:f7:63:48:c5:56:ce:2a:f9:44:18:34:
         76:ff:81:3e:b1:01:b4:29:c0:11:95:32:c5:72:17:21:5c:ed:
         96:55:70:60:62:9d:4d:64:92:42:15:56:76:9e:aa:9a:a5:ed:
         6d:14:e6:de:0e:ae:e5:40:29:2c:fb:52:61:f7:cb:53:0b:9f:
         a4:a2:36:5f:c0:2d:58:ca:59:42:60:54:3b:1f:ac:eb:19:fa:
         c2:94:82:da:a1:19:03:8b:45:c5:30:a8:94:3d:74:f3:89:df:
         bb:74:23:3b:f6:cd:6c:a2:ac:56:08:9f:81:95:4a:af:4b:3a:
         f6:de:6d:95:40:be:4c:b1:63:ce:f1:ba:8a:1c:b6:b0:a1:48:
         2b:33:f0:b5:8e:6a:c7:f1:1f:e2:f2:18:1e:45:c1:f0:3b:5e:
         00:7a:7d:99:37:21:a4:c4:72:70:8c:f8:9d:37:9b:5d:64:e9:
         e7:40:7c:cb:9c:bd:8a:ce:24:57:22:29:c3:25:c1:86:94:7e:
         5f:3b:0e:df:dc:da:47:40:bd:5d:e4:6f:8c:21:ee:fa:4f:58:
         6a:f8:ed:20:77:5c:21:4b:f5:fe:93:c5:28:c9:d0:42:12:e8:
         cb:dd:d5:7c:27:b5:d0:36:ca:f7:27:c4:0c:93:a8:de:3d:fb:
         55:7f:83:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7JErmn0fKhAQImhg6skoYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDBmYjk2MDhhZDk1YjRiZmU2YWUyZTlmMTNlMDAyZmRh
YjY4MGQwHhcNMjUwNTEwMTcwMDM5WhcNMjUwNTExMTcwMDM5WjAzMTEwLwYDVQQD
Eyg1ZDQ1YTAzMmUxNzgwYzgyYzNiNmQyYzAzYzBlOWQ0MmZkYTE0ZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ia3VLFc9HtBPA7lkR3VkpUY/5JP
YzRY/bwiNv6PNViq7rd8wBsGOhDgarUx/ZUtagwto1s09cadX27QC4VZj6J67ZqC
ztT1bgPlLJq87UdF6ww3kPqzNd1Bja4T5NWQb/4BqI5lH0dXw/nrt4/UqTjI9nOl
yLgBs/YHIY9D5bUunMl7px247wBDvVGht7GxwU2rW68z3Ep1sUjJ1Ust+KtjpqE7
Wqg6fWyzAP2MboJawXtpAyMh9x24/X0/jPG2sWHfBMKWdlul9dPJg/tfhKyTlrWN
oSdaj30ZVd5KSbbVGwk6cS7YIdGzXFWBRRxZ2Xpmv6v1jTAM8eGyt8ByKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1FoDLheAyCw7bSwDwOnUL9oU+lMB8GA1UdIwQY
MBaAFMnQ+5YIrZW0v+auLp8T4AL9q2gNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjkt
MDUzNDk1ODc1OWFjLzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjktMDUzNDk1ODc1OWFj
LzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjQwgre90
rfdjSMVWzir5RBg0dv+BPrEBtCnAEZUyxXIXIVztllVwYGKdTWSSQhVWdp6qmqXt
bRTm3g6u5UApLPtSYffLUwufpKI2X8AtWMpZQmBUOx+s6xn6wpSC2qEZA4tFxTCo
lD1084nfu3QjO/bNbKKsVgifgZVKr0s69t5tlUC+TLFjzvG6ihy2sKFIKzPwtY5q
x/Ef4vIYHkXB8DteAHp9mTchpMRycIz4nTebXWTp50B8y5y9is4kVyIpwyXBhpR+
XzsO39zaR0C9XeRvjCHu+k9YavjtIHdcIUv1/pPFKMnQQhLoy93VfCe10DbK9yfE
DJOo3j37VX+DAQ==
-----END CERTIFICATE-----