Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft
File:                     yoaOeySqNaTdEKyVmfBkqpadAx0.mft (raw, json)
Hash identifier:          BQuaCYgihk59UgcjWQB5dtOvbTelnzZWDDF8zh9vPb0=
Subject key identifier:   77:E0:55:65:64:D7:1F:17:A8:D7:75:0B:B1:1F:A3:66:B8:08:15:A0
Authority key identifier: CA:86:8E:7B:24:AA:35:A4:DD:10:AC:95:99:F0:64:AA:96:9D:03:1D
Certificate issuer:       /CN=ca868e7b24aa35a4dd10ac9599f064aa969d031d
Certificate serial:       0196B4EB294D4DF2AF5019AF30FFEEAB89F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft
Manifest number:          01A1
Signing time:             Fri 09 May 2025 12:00:32 +0000
Manifest this update:     Fri 09 May 2025 12:00:32 +0000
Manifest next update:     Sat 10 May 2025 12:00:32 +0000
Files and hashes:         1: yoaOeySqNaTdEKyVmfBkqpadAx0.crl (hash: ckMx0G9Y2O2a6AkMjnVoLAK+ODkO0aesBrpsMIeQths=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b4:eb:29:4d:4d:f2:af:50:19:af:30:ff:ee:ab:89:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca868e7b24aa35a4dd10ac9599f064aa969d031d
        Validity
            Not Before: May  9 12:00:32 2025 GMT
            Not After : May 10 12:00:32 2025 GMT
        Subject: CN=77e0556564d71f17a8d7750bb11fa366b80815a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:50:ee:1d:d3:a6:f4:b8:5c:45:8d:83:a3:22:
                    80:65:d1:9b:30:c9:e3:ca:54:ff:3c:da:74:9e:87:
                    da:c6:3b:25:fa:40:75:5e:21:75:b6:6e:df:05:f8:
                    54:31:10:d7:e8:37:5a:4d:64:66:dc:c0:7a:5a:01:
                    d0:7e:cc:d2:19:2e:c3:fd:af:11:e9:6c:3c:47:67:
                    92:f4:2a:ec:6c:9a:2b:d2:2e:11:cd:21:70:07:25:
                    0e:d4:4f:17:35:71:c6:f7:17:91:fb:96:c5:54:83:
                    9f:36:73:d1:5f:ab:67:53:ff:25:30:ba:39:45:1e:
                    8f:97:22:51:d7:eb:ca:07:87:64:c3:eb:18:2d:68:
                    8b:15:a5:47:21:da:d5:ad:8a:b6:f0:9d:d9:ee:0c:
                    46:d4:4f:a8:43:72:20:ad:b9:cb:55:ce:6c:1b:e3:
                    bf:19:34:03:15:93:bd:3c:a0:eb:e1:69:c7:c5:8c:
                    46:00:f3:14:7c:67:c8:61:c5:28:f5:5c:6a:56:15:
                    a5:16:45:cf:03:e7:87:b0:4f:ce:23:7a:f0:5a:1b:
                    78:5b:82:68:fc:69:37:3c:3d:e7:37:dc:1c:74:14:
                    f4:7b:e1:02:7d:b9:80:3d:e1:e0:43:32:a2:bb:b8:
                    60:fa:58:2b:35:57:d6:e0:8a:bd:d6:ec:79:9f:aa:
                    64:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:E0:55:65:64:D7:1F:17:A8:D7:75:0B:B1:1F:A3:66:B8:08:15:A0
            X509v3 Authority Key Identifier:
                keyid:CA:86:8E:7B:24:AA:35:A4:DD:10:AC:95:99:F0:64:AA:96:9D:03:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:dd:70:b6:a7:80:00:fd:5c:21:61:68:f6:31:5c:ab:5e:d9:
         b2:98:93:c1:b2:b9:f7:dc:7b:e3:27:d9:7e:db:66:86:94:ea:
         45:61:48:55:5b:8a:4a:a3:7f:ab:2e:52:e8:f3:27:7a:67:2b:
         47:29:03:e6:76:fa:59:36:02:9d:3c:36:88:06:34:b3:34:2b:
         0a:8f:b5:56:e9:4b:a7:0d:b8:e8:6d:3a:cd:4c:16:74:be:24:
         a0:5b:9b:28:67:42:4f:e7:b1:38:20:93:d2:33:10:e3:dc:91:
         f3:35:e2:5e:53:51:58:93:92:e4:bc:1b:e6:88:f7:6e:36:c5:
         05:90:14:5c:1d:13:a1:8a:69:6f:0a:13:a3:b5:50:98:21:4b:
         c8:d1:7a:fa:fc:6e:06:02:6a:07:70:ba:0b:ce:14:45:00:63:
         55:b4:06:d7:72:94:8e:a6:85:9e:1f:78:09:1f:62:95:b8:f6:
         4d:0e:09:94:76:c7:71:ff:42:eb:72:a1:23:98:73:c2:84:b1:
         90:d8:85:f9:a6:33:08:85:64:20:b2:0e:64:5a:fc:50:ea:6b:
         c1:94:58:c3:94:2f:84:49:0f:02:40:d1:be:61:4a:2b:81:17:
         82:06:24:95:09:85:92:2a:f8:17:3d:2f:50:89:6f:fe:29:61:
         00:e4:87:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa06ylNTfKvUBmvMP/uq4n2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhODY4ZTdiMjRhYTM1YTRkZDEwYWM5NTk5ZjA2NGFhOTY5
ZDAzMWQwHhcNMjUwNTA5MTIwMDMyWhcNMjUwNTEwMTIwMDMyWjAzMTEwLwYDVQQD
Eyg3N2UwNTU2NTY0ZDcxZjE3YThkNzc1MGJiMTFmYTM2NmI4MDgxNWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1DuHdOm9LhcRY2DoyKAZdGbMMnj
ylT/PNp0nofaxjsl+kB1XiF1tm7fBfhUMRDX6DdaTWRm3MB6WgHQfszSGS7D/a8R
6Ww8R2eS9CrsbJor0i4RzSFwByUO1E8XNXHG9xeR+5bFVIOfNnPRX6tnU/8lMLo5
RR6PlyJR1+vKB4dkw+sYLWiLFaVHIdrVrYq28J3Z7gxG1E+oQ3IgrbnLVc5sG+O/
GTQDFZO9PKDr4WnHxYxGAPMUfGfIYcUo9VxqVhWlFkXPA+eHsE/OI3rwWht4W4Jo
/Gk3PD3nN9wcdBT0e+ECfbmAPeHgQzKiu7hg+lgrNVfW4Iq91ux5n6pkYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHfgVWVk1x8XqNd1C7Efo2a4CBWgMB8GA1UdIwQY
MBaAFMqGjnskqjWk3RCslZnwZKqWnQMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMzI3ZWItZDcxYS00Mjc5LWFmMjIt
YjhkMDZmNDZhZWMzLzEveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMzI3ZWItZDcxYS00Mjc5LWFmMjItYjhkMDZmNDZhZWMz
LzEveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcd1wtqeA
AP1cIWFo9jFcq17ZspiTwbK599x74yfZfttmhpTqRWFIVVuKSqN/qy5S6PMnemcr
RykD5nb6WTYCnTw2iAY0szQrCo+1VulLpw246G06zUwWdL4koFubKGdCT+exOCCT
0jMQ49yR8zXiXlNRWJOS5Lwb5oj3bjbFBZAUXB0ToYppbwoTo7VQmCFLyNF6+vxu
BgJqB3C6C84URQBjVbQG13KUjqaFnh94CR9ilbj2TQ4JlHbHcf9C63KhI5hzwoSx
kNiF+aYzCIVkILIOZFr8UOprwZRYw5QvhEkPAkDRvmFKK4EXggYklQmFkir4Fz0v
UIlv/ilhAOSHaw==
-----END CERTIFICATE-----