Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
File:                     TStBlpVqQxU0D4J9mSoPeikoTD4.mft (raw, json)
Hash identifier:          PuaU1G/eLmrTHt6XEVaXE8akN/Qv9nltyXmmeUsLUcM=
Subject key identifier:   9E:86:F7:10:84:9E:F0:77:A2:05:32:13:91:CE:37:C5:93:6F:E7:8D
Authority key identifier: 4D:2B:41:96:95:6A:43:15:34:0F:82:7D:99:2A:0F:7A:29:28:4C:3E
Certificate issuer:       /CN=4d2b4196956a4315340f827d992a0f7a29284c3e
Certificate serial:       019654931D9E43CB51FF67B1BAA9DA304925
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
Manifest number:          118D
Signing time:             Sun 20 Apr 2025 19:00:49 +0000
Manifest this update:     Sun 20 Apr 2025 19:00:49 +0000
Manifest next update:     Mon 21 Apr 2025 19:00:49 +0000
Files and hashes:         1: TStBlpVqQxU0D4J9mSoPeikoTD4.crl (hash: oPDdNIaN5TqinpSnZ0PXy76QewE2WezMt58NmWMommI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 19:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:93:1d:9e:43:cb:51:ff:67:b1:ba:a9:da:30:49:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d2b4196956a4315340f827d992a0f7a29284c3e
        Validity
            Not Before: Apr 20 19:00:49 2025 GMT
            Not After : Apr 21 19:00:49 2025 GMT
        Subject: CN=9e86f710849ef077a205321391ce37c5936fe78d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d3:ff:f9:23:fd:c5:da:70:6d:b3:1e:48:ee:
                    9a:c8:84:36:44:cb:ae:a1:89:62:69:df:e1:ca:58:
                    76:79:d9:c5:d0:9d:68:d7:3d:fe:c2:6c:d6:15:30:
                    98:75:74:1b:28:58:71:ef:1b:04:7d:52:89:29:02:
                    2f:0e:05:8b:e7:44:97:67:6b:fb:48:7c:87:59:35:
                    18:ea:d7:46:89:18:6e:0d:af:bd:aa:b3:fe:ef:f7:
                    b6:e2:80:15:2c:09:b8:0e:ea:67:cd:c6:ed:13:58:
                    c5:47:e3:c2:5b:6d:41:a9:9e:83:28:2b:69:8c:31:
                    72:cc:8d:c8:b0:f5:46:19:9a:13:89:37:9b:0c:a6:
                    82:0b:a0:55:6e:eb:03:0f:6f:50:eb:b9:0d:2a:8a:
                    de:04:14:a7:41:93:07:de:19:10:4b:a1:16:9e:c6:
                    c4:f0:d4:5a:2f:83:df:b9:f9:ee:f8:81:78:81:b4:
                    0f:1d:3f:07:39:ce:ae:ef:ab:18:5f:08:94:af:7b:
                    1a:d5:f1:ea:0e:da:29:89:68:5e:51:da:2b:29:25:
                    5f:7d:f3:07:c4:a7:36:3e:84:8b:1e:77:e3:02:3d:
                    c0:94:51:dc:0d:b1:26:b0:9d:96:62:9d:81:57:a6:
                    a9:2d:c3:84:2f:2b:6e:8e:6e:9e:33:0c:f7:61:f1:
                    dc:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:86:F7:10:84:9E:F0:77:A2:05:32:13:91:CE:37:C5:93:6F:E7:8D
            X509v3 Authority Key Identifier:
                keyid:4D:2B:41:96:95:6A:43:15:34:0F:82:7D:99:2A:0F:7A:29:28:4C:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:c7:15:9a:f2:34:1a:99:46:0b:72:af:fa:99:ce:47:c0:5a:
         dc:4a:78:14:6c:f9:f2:77:6a:ea:3c:93:e1:5c:01:1c:4e:2b:
         d7:f5:2c:4f:13:3a:d0:e8:79:81:e0:fc:6a:37:da:65:cd:ee:
         82:1b:e8:c1:8e:76:23:f6:22:b9:8e:e4:a0:31:4e:ae:12:df:
         3f:72:1a:97:50:d8:36:f5:51:6f:b8:4f:20:60:09:b0:29:ec:
         51:9f:33:b4:e4:98:fa:6e:a4:84:81:07:89:85:b8:d8:2e:d2:
         a1:da:66:42:5d:b0:57:26:f2:cc:c4:da:1d:ab:4e:e3:d0:ac:
         5c:6b:33:f4:fe:d2:ae:00:2b:f2:57:2b:4b:8e:bf:92:40:6d:
         c5:d8:f2:0e:db:b1:17:91:9c:fd:f0:e0:05:cb:86:2b:0a:2f:
         5e:56:ed:df:75:a4:d9:0e:5e:ce:f5:c5:d4:a0:fa:eb:38:7a:
         3b:b8:a1:9c:84:0d:3c:75:6a:fa:61:04:d5:a3:04:1a:1a:07:
         86:d9:b8:9c:f2:44:94:c9:51:04:2c:fa:9e:3d:44:af:af:aa:
         69:c0:7a:3b:f5:5b:e5:58:52:b5:c6:b4:ff:e5:e8:9d:9b:f6:
         27:ad:ff:cf:72:9d:81:2d:44:13:ee:84:b4:b7:4d:99:5d:1d:
         a5:af:da:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUkx2eQ8tR/2exuqnaMEklMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMmI0MTk2OTU2YTQzMTUzNDBmODI3ZDk5MmEwZjdhMjky
ODRjM2UwHhcNMjUwNDIwMTkwMDQ5WhcNMjUwNDIxMTkwMDQ5WjAzMTEwLwYDVQQD
Eyg5ZTg2ZjcxMDg0OWVmMDc3YTIwNTMyMTM5MWNlMzdjNTkzNmZlNzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9P/+SP9xdpwbbMeSO6ayIQ2RMuu
oYliad/hylh2ednF0J1o1z3+wmzWFTCYdXQbKFhx7xsEfVKJKQIvDgWL50SXZ2v7
SHyHWTUY6tdGiRhuDa+9qrP+7/e24oAVLAm4DupnzcbtE1jFR+PCW21BqZ6DKCtp
jDFyzI3IsPVGGZoTiTebDKaCC6BVbusDD29Q67kNKoreBBSnQZMH3hkQS6EWnsbE
8NRaL4Pfufnu+IF4gbQPHT8HOc6u76sYXwiUr3sa1fHqDtopiWheUdorKSVfffMH
xKc2PoSLHnfjAj3AlFHcDbEmsJ2WYp2BV6apLcOELytujm6eMwz3YfHctwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ6G9xCEnvB3ogUyE5HON8WTb+eNMB8GA1UdIwQY
MBaAFE0rQZaVakMVNA+CfZkqD3opKEw+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zYzAyYjktMjVjNC00ODhmLWE5NzUt
NDU1YTBhNjFmMWVhLzEvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zYzAyYjktMjVjNC00ODhmLWE5NzUtNDU1YTBhNjFmMWVh
LzEvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB8cVmvI0
GplGC3Kv+pnOR8Ba3Ep4FGz58ndq6jyT4VwBHE4r1/UsTxM60Oh5geD8ajfaZc3u
ghvowY52I/YiuY7koDFOrhLfP3Ial1DYNvVRb7hPIGAJsCnsUZ8ztOSY+m6khIEH
iYW42C7SodpmQl2wVybyzMTaHatO49CsXGsz9P7SrgAr8lcrS46/kkBtxdjyDtux
F5Gc/fDgBcuGKwovXlbt33Wk2Q5ezvXF1KD66zh6O7ihnIQNPHVq+mEE1aMEGhoH
htm4nPJElMlRBCz6nj1Er6+qacB6O/Vb5VhStca0/+XonZv2J63/z3KdgS1EE+6E
tLdNmV0dpa/acg==
-----END CERTIFICATE-----