Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.mft
File:                     SdA41NOnW7-ev-owZGh7Xjs0b-M.mft (raw, json)
Hash identifier:          ucPAskLOG5lHRZm29ycKLymTW09EkKtjLOikD71a10o=
Subject key identifier:   6C:21:CD:71:77:11:D2:BB:FB:ED:47:C7:73:21:71:AC:F9:86:3D:21
Authority key identifier: 49:D0:38:D4:D3:A7:5B:BF:9E:BF:EA:30:64:68:7B:5E:3B:34:6F:E3
Certificate issuer:       /CN=49d038d4d3a75bbf9ebfea3064687b5e3b346fe3
Certificate serial:       0195903D7F0DC4613CB97C33177E229C9739
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SdA41NOnW7-ev-owZGh7Xjs0b-M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.mft
Manifest number:          0AB9
Signing time:             Thu 13 Mar 2025 16:01:43 +0000
Manifest this update:     Thu 13 Mar 2025 16:01:43 +0000
Manifest next update:     Fri 14 Mar 2025 16:01:43 +0000
Files and hashes:         1: SdA41NOnW7-ev-owZGh7Xjs0b-M.crl (hash: jnnpgcZr6uc9X7jYoszSkWrWHLl9fvFP1bpVyQgDlMU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SdA41NOnW7-ev-owZGh7Xjs0b-M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 09:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:90:3d:7f:0d:c4:61:3c:b9:7c:33:17:7e:22:9c:97:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49d038d4d3a75bbf9ebfea3064687b5e3b346fe3
        Validity
            Not Before: Mar 13 16:01:43 2025 GMT
            Not After : Mar 14 16:01:43 2025 GMT
        Subject: CN=6c21cd717711d2bbfbed47c7732171acf9863d21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:5f:c6:b5:bf:43:36:f4:1c:07:e2:af:00:74:
                    89:42:38:91:08:9f:80:f5:38:91:52:e6:d1:63:f3:
                    f8:fc:fb:a7:be:2a:34:23:36:01:51:fe:06:b9:35:
                    f5:de:49:6d:ba:34:93:78:c5:1f:3a:ce:1a:6e:85:
                    e5:a7:e5:e1:c0:a5:95:5a:72:b2:66:74:53:57:7a:
                    ba:b5:6d:8f:4d:f0:0e:97:76:61:d9:f7:c3:80:a1:
                    c9:65:77:e5:c4:3b:85:c1:bf:35:90:7c:57:34:6b:
                    dd:90:10:6d:95:63:75:e6:44:77:e9:0b:be:52:ce:
                    73:c6:e9:58:ce:6b:6a:c4:f8:0a:a6:99:d4:b8:53:
                    e6:f7:38:64:a2:23:44:73:06:7c:67:44:7d:83:f7:
                    d9:64:d2:15:e2:ba:2a:c6:00:70:c7:ee:10:24:ad:
                    bf:7b:5e:27:09:e5:22:f3:78:9d:9f:b7:db:f7:9f:
                    c5:44:e4:40:4d:d3:fd:58:c4:be:2a:33:eb:c9:13:
                    3d:6f:cf:d4:34:44:c9:53:d0:4a:88:3b:10:be:4d:
                    2f:dc:19:39:2f:4a:7b:6d:fe:9d:5f:79:28:e1:e4:
                    ee:56:91:e0:fb:5c:ff:d6:44:46:44:9f:3c:a5:c2:
                    9d:f4:b2:c1:00:79:05:44:89:27:e1:e4:c4:05:38:
                    d1:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:21:CD:71:77:11:D2:BB:FB:ED:47:C7:73:21:71:AC:F9:86:3D:21
            X509v3 Authority Key Identifier:
                keyid:49:D0:38:D4:D3:A7:5B:BF:9E:BF:EA:30:64:68:7B:5E:3B:34:6F:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SdA41NOnW7-ev-owZGh7Xjs0b-M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:10:9e:0f:f1:e0:bd:de:3d:07:cd:b7:12:79:3e:76:03:ff:
         aa:40:2e:47:13:2b:53:e7:a2:a2:8c:61:d8:e2:65:be:9f:17:
         24:f9:57:30:14:f8:24:32:22:44:29:ab:bf:60:6b:41:6b:e1:
         43:80:a3:68:84:fe:5c:26:68:a4:70:40:77:ff:73:33:bd:05:
         a9:db:eb:da:e6:95:03:e1:f3:54:f3:92:d1:23:9c:2e:24:47:
         75:c8:ab:b9:1b:4a:6d:a8:dd:0e:8d:a4:d1:b0:38:86:24:0f:
         0a:89:5d:8c:e7:3f:f5:90:9f:58:23:72:48:ce:01:bd:f9:a7:
         56:26:30:4a:88:9f:8d:38:f6:23:0c:be:a3:33:7a:92:95:e8:
         43:2b:69:6a:a3:a0:b6:1e:0a:38:38:cd:86:39:b2:8d:e6:41:
         d5:b9:54:da:f2:48:e4:41:7f:aa:60:9e:05:3c:b5:61:86:72:
         47:67:4a:bf:1b:c9:bd:5b:ce:5c:1d:d5:2b:25:0d:4e:14:b0:
         a1:f2:48:77:ee:45:5c:b1:93:fd:79:77:78:f7:be:5e:dd:53:
         20:0f:4f:21:84:90:c1:99:cd:1a:30:7d:3d:53:1f:e8:db:94:
         3b:7f:d3:72:ab:43:d2:25:c6:51:a7:55:cf:9c:66:ae:73:aa:
         0b:a6:3c:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWQPX8NxGE8uXwzF34inJc5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZDAzOGQ0ZDNhNzViYmY5ZWJmZWEzMDY0Njg3YjVlM2Iz
NDZmZTMwHhcNMjUwMzEzMTYwMTQzWhcNMjUwMzE0MTYwMTQzWjAzMTEwLwYDVQQD
Eyg2YzIxY2Q3MTc3MTFkMmJiZmJlZDQ3Yzc3MzIxNzFhY2Y5ODYzZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzV/Gtb9DNvQcB+KvAHSJQjiRCJ+A
9TiRUubRY/P4/Punvio0IzYBUf4GuTX13kltujSTeMUfOs4aboXlp+XhwKWVWnKy
ZnRTV3q6tW2PTfAOl3Zh2ffDgKHJZXflxDuFwb81kHxXNGvdkBBtlWN15kR36Qu+
Us5zxulYzmtqxPgKppnUuFPm9zhkoiNEcwZ8Z0R9g/fZZNIV4roqxgBwx+4QJK2/
e14nCeUi83idn7fb95/FRORATdP9WMS+KjPryRM9b8/UNETJU9BKiDsQvk0v3Bk5
L0p7bf6dX3ko4eTuVpHg+1z/1kRGRJ88pcKd9LLBAHkFRIkn4eTEBTjR6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGwhzXF3EdK7++1Hx3Mhcaz5hj0hMB8GA1UdIwQY
MBaAFEnQONTTp1u/nr/qMGRoe147NG/jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2RBNDFOT25XNy1ldi1vd1pHaDdYanMwYi1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC83MzU3NTYtODg1Ny00MjRkLTk1MjQt
MjBmNTMxMTIyYjU3LzEvU2RBNDFOT25XNy1ldi1vd1pHaDdYanMwYi1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC83MzU3NTYtODg1Ny00MjRkLTk1MjQtMjBmNTMxMTIyYjU3
LzEvU2RBNDFOT25XNy1ldi1vd1pHaDdYanMwYi1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAARCeD/Hg
vd49B823Enk+dgP/qkAuRxMrU+eiooxh2OJlvp8XJPlXMBT4JDIiRCmrv2BrQWvh
Q4CjaIT+XCZopHBAd/9zM70Fqdvr2uaVA+HzVPOS0SOcLiRHdciruRtKbajdDo2k
0bA4hiQPColdjOc/9ZCfWCNySM4BvfmnViYwSoifjTj2Iwy+ozN6kpXoQytpaqOg
th4KODjNhjmyjeZB1blU2vJI5EF/qmCeBTy1YYZyR2dKvxvJvVvOXB3VKyUNThSw
ofJId+5FXLGT/Xl3ePe+Xt1TIA9PIYSQwZnNGjB9PVMf6NuUO3/TcqtD0iXGUadV
z5xmrnOqC6Y8fw==
-----END CERTIFICATE-----