Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.mft
File:                     rAsK5lTCnX8fDU4tNRarfe8Msp0.mft (raw, json)
Hash identifier:          uxQiGSM5+rR4xUXOFmT6olzU9HRxNfV3aTBRoCb7aRY=
Subject key identifier:   2D:4E:24:7C:DD:86:2D:5D:F4:B8:D1:4A:BB:52:E5:A9:1C:74:CF:97
Authority key identifier: AC:0B:0A:E6:54:C2:9D:7F:1F:0D:4E:2D:35:16:AB:7D:EF:0C:B2:9D
Certificate issuer:       /CN=ac0b0ae654c29d7f1f0d4e2d3516ab7def0cb29d
Certificate serial:       0199221EAD49A42B5D4665DECCA041806225
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rAsK5lTCnX8fDU4tNRarfe8Msp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.mft
Manifest number:          0590
Signing time:             Sun 07 Sep 2025 03:00:59 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:59 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:59 +0000
Files and hashes:         1: rAsK5lTCnX8fDU4tNRarfe8Msp0.crl (hash: B2HKsaA414fQGeKvcnIShHARDhpI/XCIC0w+zcmmCDI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rAsK5lTCnX8fDU4tNRarfe8Msp0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:ad:49:a4:2b:5d:46:65:de:cc:a0:41:80:62:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac0b0ae654c29d7f1f0d4e2d3516ab7def0cb29d
        Validity
            Not Before: Sep  7 03:00:59 2025 GMT
            Not After : Sep  8 03:00:59 2025 GMT
        Subject: CN=2d4e247cdd862d5df4b8d14abb52e5a91c74cf97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ce:13:a3:8c:dd:7f:bb:68:0d:b0:0b:fd:90:
                    a2:04:90:a1:4a:6f:74:46:92:3a:5f:af:2e:14:39:
                    28:4c:9c:72:aa:e5:0a:0a:4d:b7:6b:66:96:d1:c8:
                    14:6f:5f:da:bb:0f:ff:26:d2:67:40:47:73:5e:35:
                    b8:64:66:4c:15:ac:65:8d:5b:a6:98:04:58:6a:8b:
                    aa:a5:51:7e:19:c5:f7:80:f2:0e:16:f6:95:80:25:
                    5e:6f:fa:e4:d3:ed:5e:dd:f3:d6:d9:7d:94:26:4c:
                    9f:0a:62:94:f9:8b:a9:0e:31:7c:b9:cd:b7:aa:16:
                    6e:88:c5:cf:88:7c:a5:6c:3d:a3:87:34:9d:ef:bc:
                    f4:e9:7f:8f:ac:09:df:71:c1:45:5c:a8:d5:b0:bd:
                    80:3e:6b:fa:39:90:32:30:5f:19:ac:b6:b1:91:f9:
                    fb:26:df:52:e1:21:8e:02:3f:0e:c6:48:3d:a7:e2:
                    97:4d:0a:fd:46:73:ff:0e:b4:72:73:c3:00:bb:9e:
                    3a:76:59:e7:6e:d7:80:c2:cb:ae:cb:a1:4b:19:c9:
                    15:c5:85:ba:37:3e:8b:9b:f4:96:f9:b1:46:ce:11:
                    d2:42:98:03:c3:e5:e7:e6:7e:ab:fb:f4:8c:28:25:
                    71:4d:12:32:99:e2:cf:ef:c2:69:69:1a:63:d6:19:
                    7f:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:4E:24:7C:DD:86:2D:5D:F4:B8:D1:4A:BB:52:E5:A9:1C:74:CF:97
            X509v3 Authority Key Identifier:
                keyid:AC:0B:0A:E6:54:C2:9D:7F:1F:0D:4E:2D:35:16:AB:7D:EF:0C:B2:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rAsK5lTCnX8fDU4tNRarfe8Msp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:c8:bd:36:63:b6:33:d3:d0:3e:22:c8:79:f4:b4:c3:8c:b0:
         34:14:d1:f2:18:5f:68:13:e4:d9:f6:3f:98:bc:93:2b:70:12:
         03:a1:fa:77:ce:9d:b1:d5:67:d2:29:81:5d:0f:09:42:31:49:
         51:46:f5:d6:cd:e3:97:7a:de:fc:53:a5:47:10:11:b0:10:34:
         27:34:87:20:c6:ff:13:e9:9e:bd:a3:00:e8:c6:96:64:fb:ec:
         57:42:7b:2f:46:45:99:b2:cd:b0:6e:58:3c:c4:0a:4e:7a:87:
         d8:65:32:2e:be:c0:aa:57:72:9d:50:51:9e:56:37:60:61:d6:
         3e:d1:58:b8:e6:ab:89:fa:51:b5:be:7c:b4:24:1e:24:3b:ec:
         a2:24:e4:c3:c6:62:3d:47:43:fb:99:6c:47:a1:3a:ea:6a:cf:
         42:f6:60:3c:10:5b:48:d6:1e:ab:1f:45:ab:ea:cb:d1:01:74:
         8c:72:2b:a5:01:02:36:f3:61:b3:63:56:62:15:61:a2:60:b5:
         10:db:f0:df:98:2a:42:1b:4a:30:02:a2:0e:38:29:a6:31:21:
         e8:eb:47:79:37:f9:d4:36:f6:b2:70:ca:41:f4:4e:30:52:1d:
         7d:50:96:f6:68:4d:a9:bf:02:92:dc:78:76:0b:b3:8e:94:49:
         b4:d7:dd:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHq1JpCtdRmXezKBBgGIlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMGIwYWU2NTRjMjlkN2YxZjBkNGUyZDM1MTZhYjdkZWYw
Y2IyOWQwHhcNMjUwOTA3MDMwMDU5WhcNMjUwOTA4MDMwMDU5WjAzMTEwLwYDVQQD
EygyZDRlMjQ3Y2RkODYyZDVkZjRiOGQxNGFiYjUyZTVhOTFjNzRjZjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAus4To4zdf7toDbAL/ZCiBJChSm90
RpI6X68uFDkoTJxyquUKCk23a2aW0cgUb1/auw//JtJnQEdzXjW4ZGZMFaxljVum
mARYaouqpVF+GcX3gPIOFvaVgCVeb/rk0+1e3fPW2X2UJkyfCmKU+YupDjF8uc23
qhZuiMXPiHylbD2jhzSd77z06X+PrAnfccFFXKjVsL2APmv6OZAyMF8ZrLaxkfn7
Jt9S4SGOAj8Oxkg9p+KXTQr9RnP/DrRyc8MAu546dlnnbteAwsuuy6FLGckVxYW6
Nz6Lm/SW+bFGzhHSQpgDw+Xn5n6r+/SMKCVxTRIymeLP78JpaRpj1hl/KwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC1OJHzdhi1d9LjRSrtS5akcdM+XMB8GA1UdIwQY
MBaAFKwLCuZUwp1/Hw1OLTUWq33vDLKdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckFzSzVsVENuWDhmRFU0dE5SYXJmZThNc3AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi80MzVkNDUtYmVlMi00OTFhLWIyODct
NjVmNDJlZmU1OWRlLzEvckFzSzVsVENuWDhmRFU0dE5SYXJmZThNc3AwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi80MzVkNDUtYmVlMi00OTFhLWIyODctNjVmNDJlZmU1OWRl
LzEvckFzSzVsVENuWDhmRFU0dE5SYXJmZThNc3AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvMi9NmO2
M9PQPiLIefS0w4ywNBTR8hhfaBPk2fY/mLyTK3ASA6H6d86dsdVn0imBXQ8JQjFJ
UUb11s3jl3re/FOlRxARsBA0JzSHIMb/E+mevaMA6MaWZPvsV0J7L0ZFmbLNsG5Y
PMQKTnqH2GUyLr7AqldynVBRnlY3YGHWPtFYuOarifpRtb58tCQeJDvsoiTkw8Zi
PUdD+5lsR6E66mrPQvZgPBBbSNYeqx9Fq+rL0QF0jHIrpQECNvNhs2NWYhVhomC1
ENvw35gqQhtKMAKiDjgppjEh6OtHeTf51Db2snDKQfROMFIdfVCW9mhNqb8Cktx4
dguzjpRJtNfdkA==
-----END CERTIFICATE-----