Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft
File:                     tkDbwv_PXWNFicBEAV1xdcuv8-0.mft (raw, json)
Hash identifier:          uDbjFbOqf1L63b5a+BclAyDb7CcOTI0C/KLuKG71v2Y=
Subject key identifier:   07:E1:7E:1E:50:28:BF:4F:6B:00:38:68:69:4C:6E:0B:3D:C2:A3:75
Authority key identifier: B6:40:DB:C2:FF:CF:5D:63:45:89:C0:44:01:5D:71:75:CB:AF:F3:ED
Certificate issuer:       /CN=b640dbc2ffcf5d634589c044015d7175cbaff3ed
Certificate serial:       019650117EB61DC74CBDAD677ED4C4CEB232
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tkDbwv_PXWNFicBEAV1xdcuv8-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft
Manifest number:          0F9A
Signing time:             Sat 19 Apr 2025 22:00:45 +0000
Manifest this update:     Sat 19 Apr 2025 22:00:45 +0000
Manifest next update:     Sun 20 Apr 2025 22:00:45 +0000
Files and hashes:         1: tkDbwv_PXWNFicBEAV1xdcuv8-0.crl (hash: ZsNpSNLFH4+m06Byds9Nc3mEI7MeFPj0ZIbe0SbjrB0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tkDbwv_PXWNFicBEAV1xdcuv8-0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 16:41:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:50:11:7e:b6:1d:c7:4c:bd:ad:67:7e:d4:c4:ce:b2:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b640dbc2ffcf5d634589c044015d7175cbaff3ed
        Validity
            Not Before: Apr 19 22:00:45 2025 GMT
            Not After : Apr 20 22:00:45 2025 GMT
        Subject: CN=07e17e1e5028bf4f6b003868694c6e0b3dc2a375
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:3e:3f:e9:2a:41:35:2c:81:9f:39:6e:2b:d0:
                    7e:bc:ba:fd:66:d5:0b:4e:d2:38:4e:36:9f:37:c8:
                    b3:ae:fb:c7:a0:57:f3:9d:7b:67:5e:8f:eb:db:23:
                    a3:d9:d2:e2:15:32:17:1f:ec:db:15:ee:f1:e9:76:
                    2b:03:76:48:c7:79:4e:e5:d9:bb:c8:84:bd:aa:79:
                    ef:d5:5d:57:c7:ac:20:8c:c2:23:97:67:81:13:df:
                    3e:40:29:9f:76:78:90:7d:de:58:09:a6:69:38:fa:
                    88:2b:99:ac:2a:c3:53:e3:82:cc:5a:9d:d3:28:71:
                    f6:de:e7:ab:9e:9d:a5:40:e7:21:e0:ca:75:ce:a7:
                    e6:cb:45:55:42:d0:87:89:f9:4e:7a:63:22:7d:98:
                    21:33:c0:ab:76:64:f8:73:8d:77:54:ab:41:0b:2a:
                    4d:8e:e3:27:7e:c1:12:3c:43:27:37:99:ad:fa:57:
                    94:d7:ba:38:37:ad:13:13:95:ce:29:68:69:82:2b:
                    1f:85:18:47:d7:8e:49:76:01:33:e8:51:76:6c:a0:
                    78:fa:0e:8c:88:3e:5c:7d:30:aa:dc:b4:b5:a5:52:
                    c5:bc:b7:ab:fd:12:c8:4a:9c:7e:58:16:64:b6:47:
                    d0:c5:16:a0:fa:0e:7b:0e:d8:37:d5:c3:53:4e:ec:
                    77:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:E1:7E:1E:50:28:BF:4F:6B:00:38:68:69:4C:6E:0B:3D:C2:A3:75
            X509v3 Authority Key Identifier:
                keyid:B6:40:DB:C2:FF:CF:5D:63:45:89:C0:44:01:5D:71:75:CB:AF:F3:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tkDbwv_PXWNFicBEAV1xdcuv8-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:2b:1a:22:de:1f:f1:4d:06:b4:22:8a:4a:a8:ae:f1:4e:c7:
         8d:9d:e6:97:9d:c3:97:9d:c5:bb:df:32:1d:12:d6:58:08:22:
         14:d4:6d:2f:36:8a:7f:96:f4:02:11:02:6e:c2:e5:14:ff:a3:
         ad:09:e1:5b:54:ad:fb:05:98:d0:1b:e2:08:a0:62:1c:30:96:
         16:5b:06:2b:92:8b:36:0f:01:94:1f:fb:34:62:be:63:50:7a:
         19:d3:a6:76:4c:56:ad:45:0d:a5:d8:24:ee:7d:df:94:c9:d8:
         c6:45:c9:7c:7b:b8:e7:37:a9:38:f6:f9:d2:21:6e:53:c3:83:
         d1:7b:0e:97:8a:00:88:3b:80:d2:fb:12:58:09:2a:3b:e4:f9:
         09:df:c6:56:f1:47:f8:7c:ac:2a:6a:46:1f:2a:dc:65:50:04:
         54:44:3c:e8:2b:6b:94:4a:87:fe:e3:95:d9:db:9c:f0:c4:66:
         3b:bb:32:ef:a8:c2:d6:9d:df:ab:3b:5c:23:c2:b7:33:53:1a:
         e5:82:28:60:9d:12:92:35:0d:67:09:a2:c1:f7:60:17:26:86:
         c1:df:4e:2d:59:b2:a0:06:c3:aa:cc:6b:68:4b:23:95:34:e2:
         0a:43:4b:c4:67:ab:cd:eb:2a:ff:fc:65:56:24:51:8c:19:35:
         4d:57:ef:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQEX62HcdMva1nftTEzrIyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NDBkYmMyZmZjZjVkNjM0NTg5YzA0NDAxNWQ3MTc1Y2Jh
ZmYzZWQwHhcNMjUwNDE5MjIwMDQ1WhcNMjUwNDIwMjIwMDQ1WjAzMTEwLwYDVQQD
EygwN2UxN2UxZTUwMjhiZjRmNmIwMDM4Njg2OTRjNmUwYjNkYzJhMzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtj4/6SpBNSyBnzluK9B+vLr9ZtUL
TtI4TjafN8izrvvHoFfznXtnXo/r2yOj2dLiFTIXH+zbFe7x6XYrA3ZIx3lO5dm7
yIS9qnnv1V1Xx6wgjMIjl2eBE98+QCmfdniQfd5YCaZpOPqIK5msKsNT44LMWp3T
KHH23uernp2lQOch4Mp1zqfmy0VVQtCHiflOemMifZghM8CrdmT4c413VKtBCypN
juMnfsESPEMnN5mt+leU17o4N60TE5XOKWhpgisfhRhH145JdgEz6FF2bKB4+g6M
iD5cfTCq3LS1pVLFvLer/RLISpx+WBZktkfQxRag+g57Dtg31cNTTux3SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAfhfh5QKL9PawA4aGlMbgs9wqN1MB8GA1UdIwQY
MBaAFLZA28L/z11jRYnARAFdcXXLr/PtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGtEYnd2X1BYV05GaWNCRUFWMXhkY3V2OC0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi83Njc2OGMtY2Q3NS00NmE5LThkNjUt
NmNiYjc3YmFhMDJkLzEvdGtEYnd2X1BYV05GaWNCRUFWMXhkY3V2OC0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi83Njc2OGMtY2Q3NS00NmE5LThkNjUtNmNiYjc3YmFhMDJk
LzEvdGtEYnd2X1BYV05GaWNCRUFWMXhkY3V2OC0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjisaIt4f
8U0GtCKKSqiu8U7HjZ3ml53Dl53Fu98yHRLWWAgiFNRtLzaKf5b0AhECbsLlFP+j
rQnhW1St+wWY0BviCKBiHDCWFlsGK5KLNg8BlB/7NGK+Y1B6GdOmdkxWrUUNpdgk
7n3flMnYxkXJfHu45zepOPb50iFuU8OD0XsOl4oAiDuA0vsSWAkqO+T5Cd/GVvFH
+HysKmpGHyrcZVAEVEQ86CtrlEqH/uOV2duc8MRmO7sy76jC1p3fqztcI8K3M1Ma
5YIoYJ0SkjUNZwmiwfdgFyaGwd9OLVmyoAbDqsxraEsjlTTiCkNLxGerzesq//xl
ViRRjBk1TVfvuw==
-----END CERTIFICATE-----