Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.mft
File:                     rAsK5lTCnX8fDU4tNRarfe8Msp0.mft (raw, json)
Hash identifier:          UbKvDtW64EgCHC62vMh2klVsa9B773GaBhvbYmtnXv8=
Subject key identifier:   14:E5:C8:67:01:7F:88:10:94:79:AC:46:1A:86:6C:98:E9:73:CE:A7
Authority key identifier: AC:0B:0A:E6:54:C2:9D:7F:1F:0D:4E:2D:35:16:AB:7D:EF:0C:B2:9D
Certificate issuer:       /CN=ac0b0ae654c29d7f1f0d4e2d3516ab7def0cb29d
Certificate serial:       01974CD71D793D461ADDC423EE8A0537AB41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rAsK5lTCnX8fDU4tNRarfe8Msp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.mft
Manifest number:          049D
Signing time:             Sun 08 Jun 2025 00:00:55 +0000
Manifest this update:     Sun 08 Jun 2025 00:00:55 +0000
Manifest next update:     Mon 09 Jun 2025 00:00:55 +0000
Files and hashes:         1: rAsK5lTCnX8fDU4tNRarfe8Msp0.crl (hash: 5py0niWZ2LMmUrzQAxAJp1OBJKhBEell4r5Lruo172w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rAsK5lTCnX8fDU4tNRarfe8Msp0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:d7:1d:79:3d:46:1a:dd:c4:23:ee:8a:05:37:ab:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac0b0ae654c29d7f1f0d4e2d3516ab7def0cb29d
        Validity
            Not Before: Jun  8 00:00:55 2025 GMT
            Not After : Jun  9 00:00:55 2025 GMT
        Subject: CN=14e5c867017f88109479ac461a866c98e973cea7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:e7:0d:14:86:f9:dc:23:fe:26:1b:a2:1f:96:
                    9f:e2:53:10:b5:c7:7f:7d:da:d2:da:48:ed:e0:83:
                    bf:18:9d:8c:55:1e:51:6d:d3:f7:22:be:4b:90:44:
                    47:db:0b:78:6e:c4:4d:7d:20:8a:d3:41:14:22:a9:
                    cb:ab:d3:dc:77:eb:94:e9:44:48:06:5b:9f:28:48:
                    85:3f:6a:93:36:1d:c2:48:5d:4b:da:84:75:b8:fa:
                    8f:45:09:6e:5b:56:34:67:59:f3:38:a9:7e:66:79:
                    07:8d:33:0a:78:36:6f:0e:98:16:32:78:ce:c5:24:
                    76:a6:e7:7e:a2:49:c4:40:5c:ef:06:86:e0:b2:9d:
                    bb:39:3b:83:58:41:ce:aa:05:e7:75:08:3b:f6:4b:
                    cb:15:b0:e4:4a:0f:ba:65:bc:ec:bd:dd:94:94:31:
                    99:39:de:ad:38:af:6a:08:96:33:54:53:9d:c0:ac:
                    f2:53:d2:11:04:2b:d3:da:8c:6f:d2:3f:98:7b:2e:
                    bd:3f:ee:45:10:77:e7:a7:fc:db:4e:51:eb:a0:02:
                    ed:45:d0:35:fe:9a:e6:a6:b8:ac:3a:c3:5f:3c:4b:
                    98:d8:b5:bc:d5:90:82:27:2a:fb:b3:be:32:f4:2d:
                    58:ac:00:a7:be:a7:10:16:10:af:cd:05:9c:f6:b0:
                    c8:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:E5:C8:67:01:7F:88:10:94:79:AC:46:1A:86:6C:98:E9:73:CE:A7
            X509v3 Authority Key Identifier:
                keyid:AC:0B:0A:E6:54:C2:9D:7F:1F:0D:4E:2D:35:16:AB:7D:EF:0C:B2:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rAsK5lTCnX8fDU4tNRarfe8Msp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:95:f8:36:a1:38:f6:9a:b6:76:67:4d:2d:31:6d:57:97:ca:
         ef:47:c9:d4:52:72:61:67:85:d3:72:2b:13:3c:03:3d:6b:7a:
         76:8b:19:23:a9:f7:2c:ed:6f:2e:e3:a6:af:7d:b0:6f:68:f0:
         67:22:94:76:ca:80:7c:7a:b6:a0:b2:f5:75:c2:df:40:e2:f4:
         26:f9:3c:bd:d9:3b:cc:51:aa:33:70:a5:97:a1:54:6c:2c:e4:
         0e:06:c5:e2:5f:ae:e1:9c:80:03:fb:f7:78:9a:a0:3f:02:36:
         c0:40:3d:37:f3:c2:a9:54:27:13:0a:0d:53:3d:13:db:58:1d:
         5a:14:f8:ff:14:1b:e8:64:a4:ca:25:aa:65:d4:ae:db:cb:40:
         8d:6d:28:b7:31:85:44:9a:14:98:c4:04:d6:5b:7a:f2:8e:9d:
         06:d9:76:2e:69:83:ee:ef:a6:07:1e:7f:70:f1:de:4b:9f:d0:
         56:51:f9:cb:2f:5d:5b:c0:1a:98:2f:7b:53:4a:f1:0e:a0:42:
         e2:8c:1d:33:c9:71:b7:9c:c8:ec:9b:b4:93:69:ac:95:31:5f:
         08:68:bc:bf:ee:24:c8:6f:eb:d3:1e:72:2c:fc:03:ff:76:07:
         10:db:50:b0:fa:d5:ba:a4:25:da:7e:3f:bc:22:71:c4:c9:38:
         82:cf:7a:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdM1x15PUYa3cQj7ooFN6tBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMGIwYWU2NTRjMjlkN2YxZjBkNGUyZDM1MTZhYjdkZWYw
Y2IyOWQwHhcNMjUwNjA4MDAwMDU1WhcNMjUwNjA5MDAwMDU1WjAzMTEwLwYDVQQD
EygxNGU1Yzg2NzAxN2Y4ODEwOTQ3OWFjNDYxYTg2NmM5OGU5NzNjZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApucNFIb53CP+JhuiH5af4lMQtcd/
fdrS2kjt4IO/GJ2MVR5RbdP3Ir5LkERH2wt4bsRNfSCK00EUIqnLq9Pcd+uU6URI
BlufKEiFP2qTNh3CSF1L2oR1uPqPRQluW1Y0Z1nzOKl+ZnkHjTMKeDZvDpgWMnjO
xSR2pud+oknEQFzvBobgsp27OTuDWEHOqgXndQg79kvLFbDkSg+6Zbzsvd2UlDGZ
Od6tOK9qCJYzVFOdwKzyU9IRBCvT2oxv0j+Yey69P+5FEHfnp/zbTlHroALtRdA1
/prmprisOsNfPEuY2LW81ZCCJyr7s74y9C1YrACnvqcQFhCvzQWc9rDI5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBTlyGcBf4gQlHmsRhqGbJjpc86nMB8GA1UdIwQY
MBaAFKwLCuZUwp1/Hw1OLTUWq33vDLKdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckFzSzVsVENuWDhmRFU0dE5SYXJmZThNc3AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi80MzVkNDUtYmVlMi00OTFhLWIyODct
NjVmNDJlZmU1OWRlLzEvckFzSzVsVENuWDhmRFU0dE5SYXJmZThNc3AwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi80MzVkNDUtYmVlMi00OTFhLWIyODctNjVmNDJlZmU1OWRl
LzEvckFzSzVsVENuWDhmRFU0dE5SYXJmZThNc3AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjJX4NqE4
9pq2dmdNLTFtV5fK70fJ1FJyYWeF03IrEzwDPWt6dosZI6n3LO1vLuOmr32wb2jw
ZyKUdsqAfHq2oLL1dcLfQOL0Jvk8vdk7zFGqM3Cll6FUbCzkDgbF4l+u4ZyAA/v3
eJqgPwI2wEA9N/PCqVQnEwoNUz0T21gdWhT4/xQb6GSkyiWqZdSu28tAjW0otzGF
RJoUmMQE1lt68o6dBtl2LmmD7u+mBx5/cPHeS5/QVlH5yy9dW8AamC97U0rxDqBC
4owdM8lxt5zI7Ju0k2mslTFfCGi8v+4kyG/r0x5yLPwD/3YHENtQsPrVuqQl2n4/
vCJxxMk4gs96BA==
-----END CERTIFICATE-----