Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
File:                     TStBlpVqQxU0D4J9mSoPeikoTD4.mft (raw, json)
Hash identifier:          7oXfeZJUG/sIyvd/W9MdcUSVr9f2uZiRfV6W3NDXhGc=
Subject key identifier:   08:B3:69:81:C3:84:4A:BB:9E:A1:76:75:1D:B8:8F:C6:C5:FA:7A:DD
Authority key identifier: 4D:2B:41:96:95:6A:43:15:34:0F:82:7D:99:2A:0F:7A:29:28:4C:3E
Certificate issuer:       /CN=4d2b4196956a4315340f827d992a0f7a29284c3e
Certificate serial:       0197D2F3F2EDA75BE1ADF4BBCC5C1B8F1737
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
Manifest number:          1253
Signing time:             Fri 04 Jul 2025 01:01:32 +0000
Manifest this update:     Fri 04 Jul 2025 01:01:32 +0000
Manifest next update:     Sat 05 Jul 2025 01:01:32 +0000
Files and hashes:         1: TStBlpVqQxU0D4J9mSoPeikoTD4.crl (hash: JCKs2jqgvvHFYA6LtI5dNzUcJ4vH0AVKq3248lRvYLU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 04 Jul 2025 23:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:d2:f3:f2:ed:a7:5b:e1:ad:f4:bb:cc:5c:1b:8f:17:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d2b4196956a4315340f827d992a0f7a29284c3e
        Validity
            Not Before: Jul  4 01:01:32 2025 GMT
            Not After : Jul  5 01:01:32 2025 GMT
        Subject: CN=08b36981c3844abb9ea176751db88fc6c5fa7add
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:45:6f:90:40:c3:d9:7d:ac:e9:b1:c5:c3:3c:
                    9b:e7:65:0e:6e:3a:2c:0d:f6:4e:91:d4:6c:ab:22:
                    7f:6a:db:6a:97:3a:54:82:af:5e:e1:70:f8:96:2c:
                    d3:21:28:00:e6:f3:96:fc:6f:92:25:c3:4d:84:3a:
                    84:ec:33:46:ae:d1:1f:a6:63:21:98:1b:da:2c:8a:
                    c3:c9:0e:6c:6b:00:ef:b1:94:12:ab:c0:cd:15:76:
                    6f:a7:c9:cd:c2:a5:72:c3:6a:c8:e2:55:10:57:25:
                    2a:aa:3f:15:0b:2d:b0:e6:cd:7d:ca:91:1d:a2:8b:
                    55:f6:76:bd:7a:71:ac:59:b8:ed:4b:79:96:cd:bc:
                    1e:b9:eb:1f:fc:65:53:e1:ee:88:31:8a:d8:27:f3:
                    13:9e:e2:9c:ce:3f:a2:fe:da:43:12:92:4c:44:9e:
                    f1:73:d3:1a:09:6d:49:f2:c7:e9:83:42:43:58:ad:
                    a6:42:9f:c6:53:e0:ce:65:5b:70:de:ff:0f:35:60:
                    65:e2:7a:d1:15:9c:ac:41:bc:66:30:56:56:72:3d:
                    16:d1:91:d8:04:b2:c2:31:56:48:bc:3b:24:3a:23:
                    ee:fa:ba:de:03:11:ea:63:c5:b3:8c:0d:19:64:9c:
                    e0:19:fc:92:fa:80:68:bf:6c:99:0e:ba:32:ff:c7:
                    e6:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:B3:69:81:C3:84:4A:BB:9E:A1:76:75:1D:B8:8F:C6:C5:FA:7A:DD
            X509v3 Authority Key Identifier:
                keyid:4D:2B:41:96:95:6A:43:15:34:0F:82:7D:99:2A:0F:7A:29:28:4C:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:43:c6:dd:b1:14:36:f5:31:10:7b:42:69:0f:1f:24:2d:d4:
         13:f7:03:43:f5:9e:f9:3e:a1:63:a4:2c:32:47:92:78:19:92:
         8d:bb:8d:eb:7c:09:7f:46:45:48:49:bf:50:76:c4:2a:03:56:
         99:9a:61:93:7c:82:41:26:62:eb:1e:c0:5b:a8:0f:22:1a:f9:
         d7:5b:34:1a:d8:0b:96:2e:4b:75:2d:f0:8d:f4:ea:93:71:14:
         2b:bf:26:76:ca:33:00:cf:8c:ac:f5:cf:b6:ed:e4:de:00:60:
         20:44:fd:2e:2a:d2:b2:ad:3e:9b:3d:f8:1e:ee:fd:16:c2:65:
         23:86:90:5b:06:bd:e3:83:64:b4:a4:5b:1e:ae:63:d5:23:4c:
         fe:f8:cf:af:c8:3a:24:bd:66:96:87:ea:ee:88:22:d2:c1:6b:
         b2:3f:e5:df:2b:07:38:65:4e:c8:7f:92:3f:a6:ca:79:81:7a:
         be:a0:c1:0a:8d:c0:80:ea:15:93:f8:47:fe:d6:f2:dd:e7:c4:
         ce:f1:ae:c0:cb:57:98:9d:8d:94:96:87:b9:ba:4c:46:41:ea:
         b2:fe:1c:f5:bc:09:bf:c9:0b:5e:0d:77:64:b3:d4:d2:37:75:
         51:b8:9a:fd:c0:6b:d3:85:59:96:4a:52:e2:c1:81:bf:51:7c:
         20:f1:20:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfS8/Ltp1vhrfS7zFwbjxc3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMmI0MTk2OTU2YTQzMTUzNDBmODI3ZDk5MmEwZjdhMjky
ODRjM2UwHhcNMjUwNzA0MDEwMTMyWhcNMjUwNzA1MDEwMTMyWjAzMTEwLwYDVQQD
EygwOGIzNjk4MWMzODQ0YWJiOWVhMTc2NzUxZGI4OGZjNmM1ZmE3YWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3UVvkEDD2X2s6bHFwzyb52UObjos
DfZOkdRsqyJ/attqlzpUgq9e4XD4lizTISgA5vOW/G+SJcNNhDqE7DNGrtEfpmMh
mBvaLIrDyQ5sawDvsZQSq8DNFXZvp8nNwqVyw2rI4lUQVyUqqj8VCy2w5s19ypEd
ootV9na9enGsWbjtS3mWzbweuesf/GVT4e6IMYrYJ/MTnuKczj+i/tpDEpJMRJ7x
c9MaCW1J8sfpg0JDWK2mQp/GU+DOZVtw3v8PNWBl4nrRFZysQbxmMFZWcj0W0ZHY
BLLCMVZIvDskOiPu+rreAxHqY8WzjA0ZZJzgGfyS+oBov2yZDroy/8fmaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAizaYHDhEq7nqF2dR24j8bF+nrdMB8GA1UdIwQY
MBaAFE0rQZaVakMVNA+CfZkqD3opKEw+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zYzAyYjktMjVjNC00ODhmLWE5NzUt
NDU1YTBhNjFmMWVhLzEvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zYzAyYjktMjVjNC00ODhmLWE5NzUtNDU1YTBhNjFmMWVh
LzEvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmkPG3bEU
NvUxEHtCaQ8fJC3UE/cDQ/We+T6hY6QsMkeSeBmSjbuN63wJf0ZFSEm/UHbEKgNW
mZphk3yCQSZi6x7AW6gPIhr511s0GtgLli5LdS3wjfTqk3EUK78mdsozAM+MrPXP
tu3k3gBgIET9LirSsq0+mz34Hu79FsJlI4aQWwa944NktKRbHq5j1SNM/vjPr8g6
JL1mlofq7ogi0sFrsj/l3ysHOGVOyH+SP6bKeYF6vqDBCo3AgOoVk/hH/tby3efE
zvGuwMtXmJ2NlJaHubpMRkHqsv4c9bwJv8kLXg13ZLPU0jd1Ubia/cBr04VZlkpS
4sGBv1F8IPEg5w==
-----END CERTIFICATE-----