Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.mft
File:                     rAsK5lTCnX8fDU4tNRarfe8Msp0.mft (raw, json)
Hash identifier:          X2ljlL1VimPoX0HHbcIyOyL7u08yWT5lI0LqSK+6K50=
Subject key identifier:   21:FB:EB:AE:67:18:2D:5F:A1:23:AD:78:F4:07:00:2F:CC:44:A4:88
Authority key identifier: AC:0B:0A:E6:54:C2:9D:7F:1F:0D:4E:2D:35:16:AB:7D:EF:0C:B2:9D
Certificate issuer:       /CN=ac0b0ae654c29d7f1f0d4e2d3516ab7def0cb29d
Certificate serial:       01951134A402F35784A45BCBC13A2FB28630
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rAsK5lTCnX8fDU4tNRarfe8Msp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.mft
Manifest number:          0375
Signing time:             Mon 17 Feb 2025 00:00:17 +0000
Manifest this update:     Mon 17 Feb 2025 00:00:17 +0000
Manifest next update:     Tue 18 Feb 2025 00:00:17 +0000
Files and hashes:         1: rAsK5lTCnX8fDU4tNRarfe8Msp0.crl (hash: qFCAnZRUoM1V7SpBq5KJREf1EURurmN9/iHzbJKE8JA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rAsK5lTCnX8fDU4tNRarfe8Msp0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:34:a4:02:f3:57:84:a4:5b:cb:c1:3a:2f:b2:86:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac0b0ae654c29d7f1f0d4e2d3516ab7def0cb29d
        Validity
            Not Before: Feb 17 00:00:17 2025 GMT
            Not After : Feb 18 00:00:17 2025 GMT
        Subject: CN=21fbebae67182d5fa123ad78f407002fcc44a488
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:a1:d4:87:2e:ae:1b:27:67:68:79:b5:59:d3:
                    fc:04:16:04:46:39:3a:dd:01:f7:bf:9d:27:c0:28:
                    0b:e0:d3:da:50:a3:6a:05:92:60:58:b5:b4:8e:87:
                    dd:e4:86:3b:55:13:a6:94:70:04:12:ce:2e:d5:2a:
                    bd:c7:5d:2a:4c:21:24:3a:37:50:ea:5f:a0:b2:f7:
                    d3:8c:41:5b:92:09:05:98:5f:e9:b8:fa:d1:d1:17:
                    af:62:01:98:5a:c8:cb:33:ea:7f:42:93:70:fb:fd:
                    e7:54:7f:53:85:5f:37:44:3f:f0:98:f1:6b:fc:42:
                    ed:c8:98:74:ce:2a:f5:b7:f0:9c:41:d8:d7:41:38:
                    0d:5b:e2:a5:6d:38:6d:04:96:f8:93:71:ac:ae:4e:
                    e1:4e:7c:a0:c7:a8:12:2f:1f:97:43:7c:8f:01:f4:
                    4a:00:f1:b0:72:b1:8f:be:a4:48:b7:34:2e:5b:40:
                    d4:9a:f7:d2:1c:f6:d6:e8:0f:3b:93:94:65:d9:94:
                    71:b5:d8:c8:b5:93:02:12:38:c6:8d:57:6b:ee:9b:
                    45:c7:f2:22:52:dd:1e:19:8a:f1:33:22:6b:68:dc:
                    29:09:6b:6b:64:06:77:8e:4b:b7:e1:ab:c6:55:4d:
                    7b:2c:eb:96:92:03:36:20:8a:93:55:6a:32:c6:da:
                    ad:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:FB:EB:AE:67:18:2D:5F:A1:23:AD:78:F4:07:00:2F:CC:44:A4:88
            X509v3 Authority Key Identifier:
                keyid:AC:0B:0A:E6:54:C2:9D:7F:1F:0D:4E:2D:35:16:AB:7D:EF:0C:B2:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rAsK5lTCnX8fDU4tNRarfe8Msp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:4e:6e:8c:bb:5e:1a:83:12:85:cc:dd:fd:7a:ac:1b:3f:5d:
         69:ef:b5:58:38:fe:e8:1f:00:83:e8:ab:00:30:d5:db:f4:1d:
         09:2f:3a:2f:74:1e:d3:8b:dc:70:35:81:02:4a:cc:b7:93:64:
         e3:10:7a:bf:75:2f:82:22:22:13:0e:10:71:b9:b3:2b:2d:8f:
         04:7a:a6:a5:e5:53:5a:56:4f:46:48:a5:5c:75:58:8c:ef:1f:
         a4:57:da:1c:5b:27:bb:16:13:d0:35:ca:ba:24:49:18:8d:41:
         e5:69:9d:18:c1:ca:34:ea:fe:52:14:64:e8:51:37:45:f4:41:
         e2:31:aa:a3:dc:c5:5a:f6:80:73:1a:91:30:3f:3c:05:98:6c:
         37:78:91:7b:b3:db:cf:7f:9b:ac:ef:67:3e:21:95:32:11:d9:
         d7:3f:10:f3:6d:d1:25:32:ad:c5:d0:c9:f5:62:b1:db:68:b4:
         9f:6f:09:b9:9b:cb:2a:59:89:48:71:c3:0f:02:26:6b:67:af:
         21:ae:4e:4b:98:57:04:76:dc:34:fc:fe:0c:03:74:b0:c1:19:
         f9:31:ec:5f:f0:bd:df:89:bd:01:36:99:e4:8c:8a:0c:b1:e0:
         e1:c6:71:2a:b7:3e:e5:76:9b:76:de:7b:b6:a5:48:1a:d2:f9:
         a9:c4:28:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNKQC81eEpFvLwTovsoYwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMGIwYWU2NTRjMjlkN2YxZjBkNGUyZDM1MTZhYjdkZWYw
Y2IyOWQwHhcNMjUwMjE3MDAwMDE3WhcNMjUwMjE4MDAwMDE3WjAzMTEwLwYDVQQD
EygyMWZiZWJhZTY3MTgyZDVmYTEyM2FkNzhmNDA3MDAyZmNjNDRhNDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqHUhy6uGydnaHm1WdP8BBYERjk6
3QH3v50nwCgL4NPaUKNqBZJgWLW0jofd5IY7VROmlHAEEs4u1Sq9x10qTCEkOjdQ
6l+gsvfTjEFbkgkFmF/puPrR0RevYgGYWsjLM+p/QpNw+/3nVH9ThV83RD/wmPFr
/ELtyJh0zir1t/CcQdjXQTgNW+KlbThtBJb4k3Gsrk7hTnygx6gSLx+XQ3yPAfRK
APGwcrGPvqRItzQuW0DUmvfSHPbW6A87k5Rl2ZRxtdjItZMCEjjGjVdr7ptFx/Ii
Ut0eGYrxMyJraNwpCWtrZAZ3jku34avGVU17LOuWkgM2IIqTVWoyxtqt5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCH7665nGC1foSOtePQHAC/MRKSIMB8GA1UdIwQY
MBaAFKwLCuZUwp1/Hw1OLTUWq33vDLKdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckFzSzVsVENuWDhmRFU0dE5SYXJmZThNc3AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi80MzVkNDUtYmVlMi00OTFhLWIyODct
NjVmNDJlZmU1OWRlLzEvckFzSzVsVENuWDhmRFU0dE5SYXJmZThNc3AwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi80MzVkNDUtYmVlMi00OTFhLWIyODctNjVmNDJlZmU1OWRl
LzEvckFzSzVsVENuWDhmRFU0dE5SYXJmZThNc3AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfE5ujLte
GoMShczd/XqsGz9dae+1WDj+6B8Ag+irADDV2/QdCS86L3Qe04vccDWBAkrMt5Nk
4xB6v3UvgiIiEw4QcbmzKy2PBHqmpeVTWlZPRkilXHVYjO8fpFfaHFsnuxYT0DXK
uiRJGI1B5WmdGMHKNOr+UhRk6FE3RfRB4jGqo9zFWvaAcxqRMD88BZhsN3iRe7Pb
z3+brO9nPiGVMhHZ1z8Q823RJTKtxdDJ9WKx22i0n28JuZvLKlmJSHHDDwIma2ev
Ia5OS5hXBHbcNPz+DAN0sMEZ+THsX/C934m9ATaZ5IyKDLHg4cZxKrc+5Xabdt57
tqVIGtL5qcQooQ==
-----END CERTIFICATE-----