Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/441755-b52f-4fb6-b3ef-7acbc6c9f985/1/ryfUX8GLqRerHomhfvC2NgmEgiQ.mft
File:                     ryfUX8GLqRerHomhfvC2NgmEgiQ.mft (raw, json)
Hash identifier:          /R7hUWECzSgt61NiHmQcR+7WH9hVKXDmGib9Wz9bfwk=
Subject key identifier:   86:6B:18:E1:B1:75:FD:32:30:6D:C7:DE:B8:8E:6F:58:41:6A:18:5A
Authority key identifier: AF:27:D4:5F:C1:8B:A9:17:AB:1E:89:A1:7E:F0:B6:36:09:84:82:24
Certificate issuer:       /CN=af27d45fc18ba917ab1e89a17ef0b63609848224
Certificate serial:       01969C74E665EFEE6B5B080B10E9A2CE7D14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ryfUX8GLqRerHomhfvC2NgmEgiQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/441755-b52f-4fb6-b3ef-7acbc6c9f985/1/ryfUX8GLqRerHomhfvC2NgmEgiQ.mft
Manifest number:          11CB
Signing time:             Sun 04 May 2025 18:00:28 +0000
Manifest this update:     Sun 04 May 2025 18:00:28 +0000
Manifest next update:     Mon 05 May 2025 18:00:28 +0000
Files and hashes:         1: ryfUX8GLqRerHomhfvC2NgmEgiQ.crl (hash: XiO5RWxEl8MZDTGPBxtcZw2lPeF7OdTO47UT4uMetSU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/441755-b52f-4fb6-b3ef-7acbc6c9f985/1/ryfUX8GLqRerHomhfvC2NgmEgiQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/441755-b52f-4fb6-b3ef-7acbc6c9f985/1/ryfUX8GLqRerHomhfvC2NgmEgiQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ryfUX8GLqRerHomhfvC2NgmEgiQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 18:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9c:74:e6:65:ef:ee:6b:5b:08:0b:10:e9:a2:ce:7d:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af27d45fc18ba917ab1e89a17ef0b63609848224
        Validity
            Not Before: May  4 18:00:28 2025 GMT
            Not After : May  5 18:00:28 2025 GMT
        Subject: CN=866b18e1b175fd32306dc7deb88e6f58416a185a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:be:2b:4e:94:e1:88:d1:e3:d6:e7:c7:da:4d:
                    91:7c:0e:34:6a:4c:89:1f:35:0d:21:44:e8:cf:87:
                    40:dc:66:ea:7e:3c:58:09:1a:d5:29:4d:c7:5c:35:
                    b2:9c:79:37:d0:9b:cd:b1:48:6b:27:c6:8b:da:52:
                    9a:ca:c3:2e:a4:85:1d:c2:a0:8c:40:10:11:6f:d8:
                    cc:bb:79:b6:b8:13:2d:72:7e:a2:5b:d2:fc:35:ef:
                    dd:1a:3b:91:20:00:bb:fe:b2:8a:b8:46:3f:9b:6d:
                    ce:fa:cd:7d:d0:29:0c:50:c8:b6:62:7b:6c:56:4e:
                    bd:b1:a4:b0:80:4b:1c:26:c2:01:12:e6:03:7e:67:
                    eb:e7:c2:f8:67:c6:e9:50:ec:76:3c:a0:5c:df:e0:
                    8f:35:4f:1d:86:8c:52:1e:b9:9b:36:41:21:14:91:
                    8d:5c:03:03:92:42:9f:8b:09:72:e9:93:7c:67:73:
                    d8:d8:97:73:a4:af:84:42:86:d6:b8:00:b5:d0:44:
                    7f:c4:7a:70:f0:1e:a2:97:b0:3c:bf:d8:39:d9:ba:
                    89:b3:a4:df:81:f7:bb:27:f9:05:bc:52:61:ee:93:
                    d0:3e:ed:42:6f:73:16:aa:60:af:ba:08:83:9e:e6:
                    b8:bd:69:0f:40:85:fa:d8:a2:e7:cd:ac:de:da:54:
                    8e:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:6B:18:E1:B1:75:FD:32:30:6D:C7:DE:B8:8E:6F:58:41:6A:18:5A
            X509v3 Authority Key Identifier:
                keyid:AF:27:D4:5F:C1:8B:A9:17:AB:1E:89:A1:7E:F0:B6:36:09:84:82:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ryfUX8GLqRerHomhfvC2NgmEgiQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/441755-b52f-4fb6-b3ef-7acbc6c9f985/1/ryfUX8GLqRerHomhfvC2NgmEgiQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/441755-b52f-4fb6-b3ef-7acbc6c9f985/1/ryfUX8GLqRerHomhfvC2NgmEgiQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:7b:6e:1a:eb:cc:e8:39:46:6a:ce:03:be:ef:50:24:22:d3:
         b8:6c:a1:33:f5:0b:0e:14:c7:ae:7f:33:9c:f6:9b:32:ec:44:
         79:56:66:92:2a:de:1b:a3:8b:07:10:92:1e:24:0a:bb:43:1d:
         8f:40:73:c5:94:e5:a9:56:1b:72:90:4a:e5:3f:ed:46:fc:b5:
         21:82:48:96:ba:27:5a:0c:fb:94:3d:4e:0b:32:65:c0:11:f2:
         5f:a5:89:f0:3f:09:36:7a:2c:6c:b6:58:f9:fa:c7:ff:e4:d3:
         62:67:7e:b3:7b:22:bd:11:7a:df:6e:60:ee:7c:91:f3:9d:23:
         1d:4c:bc:88:2e:51:c8:8e:15:4d:52:42:7e:2b:5a:83:86:2d:
         c7:a7:72:6d:9e:74:02:7e:0c:11:94:7c:11:75:09:3e:46:4f:
         6b:d0:9a:18:87:c9:7d:3b:6c:48:2e:ad:c3:1c:48:9c:8a:d0:
         56:c6:04:84:5a:63:83:ee:a0:dc:16:56:c2:9d:fe:af:0b:29:
         38:5b:22:7c:f6:e4:bb:f5:28:db:08:c1:2c:49:36:b0:d6:d3:
         fe:c4:9d:0d:f7:57:11:30:f2:6e:b2:d5:71:f8:ae:92:8f:ee:
         5e:b0:80:36:53:96:c4:63:63:63:b2:01:11:4c:45:db:82:d9:
         d6:15:bd:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZacdOZl7+5rWwgLEOmizn0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMjdkNDVmYzE4YmE5MTdhYjFlODlhMTdlZjBiNjM2MDk4
NDgyMjQwHhcNMjUwNTA0MTgwMDI4WhcNMjUwNTA1MTgwMDI4WjAzMTEwLwYDVQQD
Eyg4NjZiMThlMWIxNzVmZDMyMzA2ZGM3ZGViODhlNmY1ODQxNmExODVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhb4rTpThiNHj1ufH2k2RfA40akyJ
HzUNIUToz4dA3GbqfjxYCRrVKU3HXDWynHk30JvNsUhrJ8aL2lKaysMupIUdwqCM
QBARb9jMu3m2uBMtcn6iW9L8Ne/dGjuRIAC7/rKKuEY/m23O+s190CkMUMi2Ynts
Vk69saSwgEscJsIBEuYDfmfr58L4Z8bpUOx2PKBc3+CPNU8dhoxSHrmbNkEhFJGN
XAMDkkKfiwly6ZN8Z3PY2JdzpK+EQobWuAC10ER/xHpw8B6il7A8v9g52bqJs6Tf
gfe7J/kFvFJh7pPQPu1Cb3MWqmCvugiDnua4vWkPQIX62KLnzaze2lSO9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZrGOGxdf0yMG3H3riOb1hBahhaMB8GA1UdIwQY
MBaAFK8n1F/Bi6kXqx6JoX7wtjYJhIIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnlmVVg4R0xxUmVySG9taGZ2QzJOZ21FZ2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80NDE3NTUtYjUyZi00ZmI2LWIzZWYt
N2FjYmM2YzlmOTg1LzEvcnlmVVg4R0xxUmVySG9taGZ2QzJOZ21FZ2lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80NDE3NTUtYjUyZi00ZmI2LWIzZWYtN2FjYmM2YzlmOTg1
LzEvcnlmVVg4R0xxUmVySG9taGZ2QzJOZ21FZ2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnHtuGuvM
6DlGas4Dvu9QJCLTuGyhM/ULDhTHrn8znPabMuxEeVZmkireG6OLBxCSHiQKu0Md
j0BzxZTlqVYbcpBK5T/tRvy1IYJIlronWgz7lD1OCzJlwBHyX6WJ8D8JNnosbLZY
+frH/+TTYmd+s3sivRF6325g7nyR850jHUy8iC5RyI4VTVJCfitag4Ytx6dybZ50
An4MEZR8EXUJPkZPa9CaGIfJfTtsSC6twxxInIrQVsYEhFpjg+6g3BZWwp3+rwsp
OFsifPbku/Uo2wjBLEk2sNbT/sSdDfdXETDybrLVcfiuko/uXrCANlOWxGNjY7IB
EUxF24LZ1hW9Ug==
-----END CERTIFICATE-----