Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
File:                     tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft (raw, json)
Hash identifier:          ZUMdJtWsp9lUlttg6t/UoncNRmwg9F4t0Z+I314uifw=
Subject key identifier:   49:17:51:84:E4:8D:88:73:3F:F7:AF:82:02:74:AE:F9:DD:7A:89:A2
Authority key identifier: B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8
Certificate issuer:       /CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
Certificate serial:       01969F08C68881B424BEB800366714C87A01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
Manifest number:          0739
Signing time:             Mon 05 May 2025 06:01:14 +0000
Manifest this update:     Mon 05 May 2025 06:01:14 +0000
Manifest next update:     Tue 06 May 2025 06:01:14 +0000
Files and hashes:         1: tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl (hash: SkMbXTzgL/w6y0u0n45xUp7zSLNgIB5kOxP8EElRUag=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9f:08:c6:88:81:b4:24:be:b8:00:36:67:14:c8:7a:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
        Validity
            Not Before: May  5 06:01:14 2025 GMT
            Not After : May  6 06:01:14 2025 GMT
        Subject: CN=49175184e48d88733ff7af820274aef9dd7a89a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:30:64:0f:36:31:00:ff:da:71:b7:34:ae:28:
                    95:58:1c:af:b8:03:0f:06:a1:11:e1:c6:75:04:ee:
                    27:06:c5:00:bc:4d:ff:2c:63:a2:35:1b:c4:87:89:
                    73:37:df:50:04:71:a0:25:d2:88:4d:33:78:96:a3:
                    9e:41:f0:47:c5:54:44:2e:a6:26:6b:e6:65:f4:08:
                    ac:ac:b9:cd:d6:73:bd:7a:8f:c0:8b:50:bc:6d:09:
                    dc:99:c5:31:96:27:0a:bd:be:dd:cf:be:70:c4:da:
                    1d:5f:db:ba:ba:e6:07:d6:04:e0:f8:20:d7:9f:72:
                    8f:9f:9c:4e:ba:2b:5e:e6:f3:53:0b:6a:f4:04:d6:
                    41:2a:d5:da:19:ec:9a:0e:66:98:a2:df:ed:e1:77:
                    16:78:cb:f5:0b:28:f8:a8:23:38:cc:a3:f7:bb:f8:
                    ce:5c:ed:da:c1:cd:69:b3:3d:c3:3e:e2:59:41:35:
                    43:e1:e1:2a:97:d6:54:2b:a2:1e:47:0e:6f:54:f3:
                    b3:e0:50:0f:31:83:38:e8:a5:09:c1:28:80:0a:be:
                    76:6c:5a:77:d3:cf:fa:63:47:72:04:24:c8:cd:39:
                    01:ae:63:30:e0:f6:5c:b3:21:75:72:40:77:27:4c:
                    b5:54:c4:7d:e9:7c:12:90:68:b5:82:cb:8a:c4:74:
                    a6:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:17:51:84:E4:8D:88:73:3F:F7:AF:82:02:74:AE:F9:DD:7A:89:A2
            X509v3 Authority Key Identifier:
                keyid:B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:c5:b3:83:7b:dc:19:44:6c:70:59:ff:90:35:e2:0c:cc:39:
         88:ce:73:ee:0b:0d:f7:8a:dc:dc:65:91:04:dd:16:5b:b4:3e:
         0a:58:13:32:d7:2a:76:5c:f7:77:eb:aa:75:2a:bb:24:c4:c3:
         9a:c9:65:1e:9f:6a:e8:6a:23:0b:08:bc:13:b8:08:9d:64:a7:
         e5:95:21:7a:17:72:4e:f9:6f:0d:2b:a9:f5:39:14:ba:d5:1b:
         41:fb:c2:79:c7:df:4d:4d:81:f8:68:ad:e7:a2:4a:40:8f:f1:
         68:0b:06:4e:e0:fe:bf:bb:da:ea:7d:51:09:5e:31:ab:47:1e:
         13:b6:e6:3b:68:dc:6e:e8:61:62:1c:15:57:3f:c4:4c:24:a0:
         1a:db:a2:be:2e:02:c8:cf:df:b1:46:8e:54:ce:70:74:2c:15:
         56:8e:e3:80:35:ff:68:aa:23:71:a4:20:e0:81:9f:4a:a5:0a:
         a5:46:18:44:92:9b:c9:86:f9:54:7b:c0:16:9c:17:6d:24:c9:
         b4:27:fe:53:78:02:d1:30:e7:aa:06:05:cb:d2:48:6f:10:c2:
         01:94:83:c7:db:ee:01:fd:57:ec:b7:51:93:1c:7b:40:e2:c6:
         de:46:1c:ee:c2:27:64:01:78:18:60:b1:2c:25:76:5b:9c:e7:
         67:b3:c1:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZafCMaIgbQkvrgANmcUyHoBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTNhOWJlNzdlMmQ5ZmRlN2ZmZTFmNTE2MjlmOTRlOThl
YTNjZDgwHhcNMjUwNTA1MDYwMTE0WhcNMjUwNTA2MDYwMTE0WjAzMTEwLwYDVQQD
Eyg0OTE3NTE4NGU0OGQ4ODczM2ZmN2FmODIwMjc0YWVmOWRkN2E4OWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DBkDzYxAP/acbc0riiVWByvuAMP
BqER4cZ1BO4nBsUAvE3/LGOiNRvEh4lzN99QBHGgJdKITTN4lqOeQfBHxVRELqYm
a+Zl9AisrLnN1nO9eo/Ai1C8bQncmcUxlicKvb7dz75wxNodX9u6uuYH1gTg+CDX
n3KPn5xOuite5vNTC2r0BNZBKtXaGeyaDmaYot/t4XcWeMv1Cyj4qCM4zKP3u/jO
XO3awc1psz3DPuJZQTVD4eEql9ZUK6IeRw5vVPOz4FAPMYM46KUJwSiACr52bFp3
08/6Y0dyBCTIzTkBrmMw4PZcsyF1ckB3J0y1VMR96XwSkGi1gsuKxHSmrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEkXUYTkjYhzP/evggJ0rvndeomiMB8GA1UdIwQY
MBaAFLSjqb534tn95//h9RYp+U6Y6jzYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYt
MzNjZmE1MTFiMGM3LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYtMzNjZmE1MTFiMGM3
LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOsWzg3vc
GURscFn/kDXiDMw5iM5z7gsN94rc3GWRBN0WW7Q+ClgTMtcqdlz3d+uqdSq7JMTD
msllHp9q6GojCwi8E7gInWSn5ZUhehdyTvlvDSup9TkUutUbQfvCecffTU2B+Git
56JKQI/xaAsGTuD+v7va6n1RCV4xq0ceE7bmO2jcbuhhYhwVVz/ETCSgGtuivi4C
yM/fsUaOVM5wdCwVVo7jgDX/aKojcaQg4IGfSqUKpUYYRJKbyYb5VHvAFpwXbSTJ
tCf+U3gC0TDnqgYFy9JIbxDCAZSDx9vuAf1X7LdRkxx7QOLG3kYc7sInZAF4GGCx
LCV2W5znZ7PBZg==
-----END CERTIFICATE-----