Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
File:                     TkB_fq2BapVV9HrxCQPvRcgXC4I.mft (raw, json)
Hash identifier:          S4a4gVTH0VzSO299RSQjDwbfd7g9762gUhygZKs+Mfs=
Subject key identifier:   91:D1:FE:3C:62:8B:E5:C0:41:19:B7:5A:B2:BB:34:19:64:87:B3:E4
Authority key identifier: 4E:40:7F:7E:AD:81:6A:95:55:F4:7A:F1:09:03:EF:45:C8:17:0B:82
Certificate issuer:       /CN=4e407f7ead816a9555f47af10903ef45c8170b82
Certificate serial:       0197512176EB5F9789215C2A8483627C215C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
Manifest number:          0665
Signing time:             Sun 08 Jun 2025 20:00:36 +0000
Manifest this update:     Sun 08 Jun 2025 20:00:36 +0000
Manifest next update:     Mon 09 Jun 2025 20:00:36 +0000
Files and hashes:         1: TkB_fq2BapVV9HrxCQPvRcgXC4I.crl (hash: bJ6AC9W5x9MfVTRcl/gDCW6lHHGDy/KpxxoPnf6NepY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 20:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:51:21:76:eb:5f:97:89:21:5c:2a:84:83:62:7c:21:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e407f7ead816a9555f47af10903ef45c8170b82
        Validity
            Not Before: Jun  8 20:00:36 2025 GMT
            Not After : Jun  9 20:00:36 2025 GMT
        Subject: CN=91d1fe3c628be5c04119b75ab2bb34196487b3e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:56:49:cc:3c:60:41:26:c1:8e:af:3d:9c:2b:
                    5f:9a:7d:92:69:c4:0e:f7:72:03:4f:28:f1:4c:97:
                    33:48:2d:75:71:51:d6:a9:fc:a6:41:1e:3e:2b:0c:
                    43:ba:69:49:a6:af:ab:b5:0a:22:b1:70:92:3d:8d:
                    37:bd:bd:92:8b:aa:71:d1:42:08:4c:ee:8f:a2:b9:
                    74:c3:64:10:02:44:ed:12:4a:b8:da:99:8b:1d:10:
                    02:60:17:7a:b2:3e:d9:41:36:5e:d4:16:8d:9e:79:
                    04:46:79:9e:c7:bf:9a:c2:ce:c0:4d:8e:00:75:f5:
                    12:63:2b:27:d3:64:6b:27:4d:69:33:00:24:75:77:
                    91:38:1f:fb:b6:3a:49:bc:a1:a9:db:d2:c0:4f:a5:
                    a1:0c:38:36:bd:4a:7e:5b:b8:a8:1c:b5:0c:60:99:
                    62:2a:d4:19:88:1e:37:7b:0a:ec:76:48:f0:2e:1b:
                    94:57:7c:c7:92:2f:da:2d:35:e1:f3:80:a9:8a:7d:
                    7d:ed:5a:30:ec:ab:04:a0:e1:c1:f1:47:96:53:7f:
                    e9:48:84:f3:22:20:f1:18:c8:97:e2:d6:62:dc:d8:
                    92:4d:c5:2d:83:ed:a5:ea:cb:0d:86:ab:90:aa:74:
                    3f:71:e7:b0:65:4f:e8:69:81:19:f8:d0:b4:63:c6:
                    11:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:D1:FE:3C:62:8B:E5:C0:41:19:B7:5A:B2:BB:34:19:64:87:B3:E4
            X509v3 Authority Key Identifier:
                keyid:4E:40:7F:7E:AD:81:6A:95:55:F4:7A:F1:09:03:EF:45:C8:17:0B:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:a9:e5:72:68:af:56:0a:bb:2f:fa:36:a7:43:7b:52:9e:99:
         16:b0:eb:50:aa:c0:d8:50:e2:24:05:3c:d8:86:63:c1:2e:62:
         d5:6b:e9:b9:bb:c7:9e:4f:ec:00:a0:73:fc:da:62:b0:80:1f:
         57:9a:02:36:b5:03:76:d7:84:86:7b:ca:bb:3b:f1:36:9f:66:
         e2:04:3a:3f:23:dd:29:dc:d3:eb:28:8b:00:29:4c:a5:dd:dc:
         5e:69:c5:e6:89:20:d5:ac:0d:f8:2a:ec:22:9c:a5:da:63:c9:
         e1:9a:2c:17:fc:f0:5c:2c:56:9b:b8:5c:57:67:18:cc:93:62:
         21:f2:b5:6c:bf:f8:12:31:f9:33:17:d9:8f:52:b2:f3:5b:05:
         7b:60:91:a4:91:35:05:4d:88:c6:9a:f9:1f:98:4c:92:76:be:
         8a:9d:0c:3c:8c:93:10:72:71:d6:84:cf:89:b8:13:d5:f8:86:
         28:e6:b6:63:7e:ed:16:a6:a2:d4:cf:1c:9b:f8:5e:03:4d:06:
         02:a1:87:a9:d1:2d:32:05:40:85:18:15:cf:6c:81:74:45:e4:
         84:4f:33:c0:18:a7:41:1c:20:25:33:0b:cd:19:53:b2:f1:98:
         a8:55:d0:0c:89:da:ab:f8:76:5e:f6:7d:65:05:97:92:85:b3:
         b7:f1:d1:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdRIXbrX5eJIVwqhINifCFcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNDA3ZjdlYWQ4MTZhOTU1NWY0N2FmMTA5MDNlZjQ1Yzgx
NzBiODIwHhcNMjUwNjA4MjAwMDM2WhcNMjUwNjA5MjAwMDM2WjAzMTEwLwYDVQQD
Eyg5MWQxZmUzYzYyOGJlNWMwNDExOWI3NWFiMmJiMzQxOTY0ODdiM2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVZJzDxgQSbBjq89nCtfmn2SacQO
93IDTyjxTJczSC11cVHWqfymQR4+KwxDumlJpq+rtQoisXCSPY03vb2Si6px0UII
TO6Porl0w2QQAkTtEkq42pmLHRACYBd6sj7ZQTZe1BaNnnkERnmex7+aws7ATY4A
dfUSYysn02RrJ01pMwAkdXeROB/7tjpJvKGp29LAT6WhDDg2vUp+W7ioHLUMYJli
KtQZiB43ewrsdkjwLhuUV3zHki/aLTXh84Cpin197Vow7KsEoOHB8UeWU3/pSITz
IiDxGMiX4tZi3NiSTcUtg+2l6ssNhquQqnQ/ceewZU/oaYEZ+NC0Y8YR7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJHR/jxii+XAQRm3WrK7NBlkh7PkMB8GA1UdIwQY
MBaAFE5Af36tgWqVVfR68QkD70XIFwuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zNTY1NTItMzEyYS00NGNlLTg2Nzct
NDA1NTA1ZmM0NjBlLzEvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zNTY1NTItMzEyYS00NGNlLTg2NzctNDA1NTA1ZmM0NjBl
LzEvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALqnlcmiv
Vgq7L/o2p0N7Up6ZFrDrUKrA2FDiJAU82IZjwS5i1WvpubvHnk/sAKBz/NpisIAf
V5oCNrUDdteEhnvKuzvxNp9m4gQ6PyPdKdzT6yiLAClMpd3cXmnF5okg1awN+Crs
Ipyl2mPJ4ZosF/zwXCxWm7hcV2cYzJNiIfK1bL/4EjH5MxfZj1Ky81sFe2CRpJE1
BU2Ixpr5H5hMkna+ip0MPIyTEHJx1oTPibgT1fiGKOa2Y37tFqai1M8cm/heA00G
AqGHqdEtMgVAhRgVz2yBdEXkhE8zwBinQRwgJTMLzRlTsvGYqFXQDInaq/h2XvZ9
ZQWXkoWzt/HRyA==
-----END CERTIFICATE-----