Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
File:                     tj8U3_NUhamVlBKGMDe4XfqfE9g.mft (raw, json)
Hash identifier:          odEr0FfbCGpws7xSZKluXT0c2dHLw6P5o6kceOvCAj4=
Subject key identifier:   48:CB:9D:CA:AC:D4:CB:60:51:EC:13:56:CF:5D:5C:51:55:A7:0F:28
Authority key identifier: B6:3F:14:DF:F3:54:85:A9:95:94:12:86:30:37:B8:5D:FA:9F:13:D8
Certificate issuer:       /CN=b63f14dff35485a9959412863037b85dfa9f13d8
Certificate serial:       01977640F473BB45787718B17C19F3C3231C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
Manifest number:          04C9
Signing time:             Mon 16 Jun 2025 01:00:57 +0000
Manifest this update:     Mon 16 Jun 2025 01:00:57 +0000
Manifest next update:     Tue 17 Jun 2025 01:00:57 +0000
Files and hashes:         1: tj8U3_NUhamVlBKGMDe4XfqfE9g.crl (hash: mmTOFN+ISNZiGAgEQxcRPuZ5p3otGzIDEFsVfkXTOlc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 20:59:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:76:40:f4:73:bb:45:78:77:18:b1:7c:19:f3:c3:23:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b63f14dff35485a9959412863037b85dfa9f13d8
        Validity
            Not Before: Jun 16 01:00:57 2025 GMT
            Not After : Jun 17 01:00:57 2025 GMT
        Subject: CN=48cb9dcaacd4cb6051ec1356cf5d5c5155a70f28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:d5:a3:43:1a:1b:2d:31:22:0e:95:98:54:06:
                    93:4a:8f:b2:89:2e:d1:4e:92:ca:97:74:4f:47:6b:
                    2e:5b:ba:3e:47:f2:24:47:a8:20:70:4b:ee:93:93:
                    f2:cf:65:c9:42:5e:be:f4:57:af:51:db:b5:da:92:
                    fe:b6:dc:85:5d:06:45:9e:33:b0:81:2e:32:6a:c6:
                    b4:8c:ad:a4:67:1b:5e:dc:6e:e3:bd:04:7f:23:c4:
                    4c:a0:45:fb:fe:84:45:4e:da:fa:43:25:c0:48:47:
                    11:c6:52:d4:77:ac:3b:2c:f3:c2:2c:8c:60:22:5f:
                    6a:b5:b1:00:62:52:be:9c:64:03:6c:71:1a:01:b8:
                    e0:92:8c:6c:f4:80:29:b0:34:76:a5:26:88:89:b7:
                    34:db:37:bb:20:3a:62:c6:c3:47:28:0c:69:87:2a:
                    28:62:3a:b3:43:d1:3f:6b:22:32:d6:28:c7:92:f3:
                    bb:2b:d0:66:25:fd:e6:c6:ce:aa:e3:bf:c3:98:62:
                    26:6e:8a:cb:29:17:90:8b:ae:fe:50:ae:c1:84:1a:
                    78:b8:05:c1:f3:d8:a3:65:85:f8:fb:3d:f4:b0:5b:
                    80:33:e5:8f:c7:3c:78:4b:14:5c:57:e9:81:a1:b6:
                    d0:8d:ae:e9:3a:4c:28:0d:71:08:a7:2c:39:1c:1f:
                    e4:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:CB:9D:CA:AC:D4:CB:60:51:EC:13:56:CF:5D:5C:51:55:A7:0F:28
            X509v3 Authority Key Identifier:
                keyid:B6:3F:14:DF:F3:54:85:A9:95:94:12:86:30:37:B8:5D:FA:9F:13:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:97:64:96:8d:37:4b:b8:2e:c8:31:c5:c0:f2:32:81:6a:cb:
         87:ea:14:41:5b:92:df:3e:eb:df:71:f9:a9:a9:0f:db:98:f6:
         43:4f:bf:88:4d:ef:9b:dc:39:33:4b:60:47:6a:26:b1:71:33:
         90:9e:ec:25:f4:5f:68:b4:ee:b0:53:a6:a6:36:27:61:d7:93:
         3e:2c:d7:b7:c3:4d:46:d7:99:1a:54:59:67:d9:eb:f2:38:a3:
         e4:ab:4d:c0:b0:a6:a6:8f:95:a7:0a:33:97:3a:8d:1b:cc:92:
         b3:b2:48:fd:ae:41:5f:c7:2a:af:38:a5:03:1c:d0:b7:6a:da:
         1b:ec:fc:93:4d:d2:ab:90:6a:13:cb:4c:41:79:17:66:7a:ec:
         6d:9c:18:fe:72:a3:a6:3e:2e:cb:e4:22:f7:8d:65:21:18:56:
         92:05:33:69:0d:13:0c:4c:d8:be:7a:2d:8f:28:b4:80:61:4f:
         ae:b8:ff:23:f2:49:c9:24:28:1d:38:1f:c2:6e:28:f5:cf:e7:
         49:36:9b:03:04:b0:67:51:c0:0c:e4:92:3e:0d:34:7c:e4:fa:
         94:48:49:ff:0a:29:e8:1c:ca:40:3f:e4:80:a9:cf:ed:05:2f:
         5f:e7:56:66:f5:5c:ed:40:3c:4a:2d:1c:69:81:d9:7e:5a:22:
         2f:44:a0:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd2QPRzu0V4dxixfBnzwyMcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2M2YxNGRmZjM1NDg1YTk5NTk0MTI4NjMwMzdiODVkZmE5
ZjEzZDgwHhcNMjUwNjE2MDEwMDU3WhcNMjUwNjE3MDEwMDU3WjAzMTEwLwYDVQQD
Eyg0OGNiOWRjYWFjZDRjYjYwNTFlYzEzNTZjZjVkNWM1MTU1YTcwZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9WjQxobLTEiDpWYVAaTSo+yiS7R
TpLKl3RPR2suW7o+R/IkR6ggcEvuk5Pyz2XJQl6+9FevUdu12pL+ttyFXQZFnjOw
gS4yasa0jK2kZxte3G7jvQR/I8RMoEX7/oRFTtr6QyXASEcRxlLUd6w7LPPCLIxg
Il9qtbEAYlK+nGQDbHEaAbjgkoxs9IApsDR2pSaIibc02ze7IDpixsNHKAxphyoo
YjqzQ9E/ayIy1ijHkvO7K9BmJf3mxs6q47/DmGImborLKReQi67+UK7BhBp4uAXB
89ijZYX4+z30sFuAM+WPxzx4SxRcV+mBobbQja7pOkwoDXEIpyw5HB/kOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEjLncqs1MtgUewTVs9dXFFVpw8oMB8GA1UdIwQY
MBaAFLY/FN/zVIWplZQShjA3uF36nxPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zYmM4NjUtMzg2Yi00YmVhLWFiYTAt
NjZjOThjMDFkZmQ3LzEvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zYmM4NjUtMzg2Yi00YmVhLWFiYTAtNjZjOThjMDFkZmQ3
LzEvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABZdklo03
S7guyDHFwPIygWrLh+oUQVuS3z7r33H5qakP25j2Q0+/iE3vm9w5M0tgR2omsXEz
kJ7sJfRfaLTusFOmpjYnYdeTPizXt8NNRteZGlRZZ9nr8jij5KtNwLCmpo+Vpwoz
lzqNG8ySs7JI/a5BX8cqrzilAxzQt2raG+z8k03Sq5BqE8tMQXkXZnrsbZwY/nKj
pj4uy+Qi941lIRhWkgUzaQ0TDEzYvnotjyi0gGFPrrj/I/JJySQoHTgfwm4o9c/n
STabAwSwZ1HADOSSPg00fOT6lEhJ/wop6BzKQD/kgKnP7QUvX+dWZvVc7UA8Si0c
aYHZfloiL0SgSw==
-----END CERTIFICATE-----