Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
File:                     TkB_fq2BapVV9HrxCQPvRcgXC4I.mft (raw, json)
Hash identifier:          0iALEOc28210aVhmBs64wKBkSS6p2ked8n1y/Ade8Fo=
Subject key identifier:   BB:13:E3:E1:C3:54:2F:33:AF:31:9A:C5:D8:86:F5:2D:C0:10:7E:65
Authority key identifier: 4E:40:7F:7E:AD:81:6A:95:55:F4:7A:F1:09:03:EF:45:C8:17:0B:82
Certificate issuer:       /CN=4e407f7ead816a9555f47af10903ef45c8170b82
Certificate serial:       01964A7D773F0EB5BA11F391740C72C1E2B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
Manifest number:          05DD
Signing time:             Fri 18 Apr 2025 20:00:58 +0000
Manifest this update:     Fri 18 Apr 2025 20:00:58 +0000
Manifest next update:     Sat 19 Apr 2025 20:00:58 +0000
Files and hashes:         1: TkB_fq2BapVV9HrxCQPvRcgXC4I.crl (hash: CCc7+ApfY09x8VgBY1Liitg6fIjQ4VJnIOGZ7LFJmPA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4a:7d:77:3f:0e:b5:ba:11:f3:91:74:0c:72:c1:e2:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e407f7ead816a9555f47af10903ef45c8170b82
        Validity
            Not Before: Apr 18 20:00:58 2025 GMT
            Not After : Apr 19 20:00:58 2025 GMT
        Subject: CN=bb13e3e1c3542f33af319ac5d886f52dc0107e65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:a1:f5:26:e0:c7:bc:eb:04:31:12:ca:f1:9b:
                    61:fc:f7:61:dc:a9:f9:e1:c4:b7:15:23:f6:a3:7b:
                    8d:d0:69:85:7a:32:6a:26:83:35:7a:f6:42:eb:2f:
                    b2:43:27:8b:b8:bd:c2:8a:37:5b:ab:1a:24:4a:d1:
                    bb:d9:4f:20:08:b2:0b:00:5b:22:e5:48:76:e1:e1:
                    e4:6a:12:31:11:7c:20:cc:5c:c8:b4:af:aa:34:cc:
                    2e:6e:ee:bb:9b:f9:09:33:93:24:31:18:ed:0a:39:
                    f9:95:bb:01:b5:35:af:88:99:e4:bc:7e:db:36:36:
                    cb:69:8b:86:6a:c9:81:a6:b9:9a:20:e5:d0:49:22:
                    9f:34:72:88:9e:59:98:59:fa:f3:1c:fd:c4:4f:c5:
                    16:2a:c5:05:da:ef:b6:1e:77:85:cf:02:56:76:29:
                    c6:3e:5a:f2:cd:3b:cd:b7:5b:31:ae:19:0c:e9:a2:
                    4f:13:66:6b:44:44:99:ec:4b:91:23:15:99:33:ce:
                    5a:da:43:fa:f3:a6:37:4a:f1:d2:ba:a0:b4:df:70:
                    cb:d9:ff:25:6d:21:ab:73:aa:2a:cc:94:6e:cd:4e:
                    87:33:d1:f9:04:31:91:f6:a3:7b:69:00:4e:3e:a0:
                    e7:35:1e:00:3c:b8:5a:48:7d:ea:d8:8e:e7:be:17:
                    db:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:13:E3:E1:C3:54:2F:33:AF:31:9A:C5:D8:86:F5:2D:C0:10:7E:65
            X509v3 Authority Key Identifier:
                keyid:4E:40:7F:7E:AD:81:6A:95:55:F4:7A:F1:09:03:EF:45:C8:17:0B:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:20:0f:0e:4a:15:94:e3:b4:b4:f7:16:e1:fc:5e:80:12:7d:
         da:cf:cd:94:1d:e1:8e:67:7e:70:c8:d0:4a:a2:13:a9:ac:9d:
         ce:ab:26:23:60:f8:c0:bf:75:68:5e:6c:e0:97:f6:71:5b:a2:
         07:4e:88:84:1d:23:5e:ab:15:9a:7d:26:16:a6:fe:1a:39:6f:
         b2:bf:e4:6d:6b:86:28:c3:57:02:85:e7:3e:2a:60:53:3c:c7:
         09:bd:97:b6:40:30:6e:fb:5a:87:2a:8e:87:cc:5e:82:d4:3c:
         28:cf:66:ae:73:8d:df:9e:65:0e:0b:84:c6:7e:4b:67:1d:a1:
         59:b3:34:90:0d:06:3e:50:dd:54:8c:98:d6:43:ae:ca:70:5f:
         49:32:0c:4f:9b:27:11:a8:d6:47:12:19:7b:c7:d4:b3:06:72:
         e1:1f:f4:22:d4:45:12:3d:36:44:22:30:c4:e1:e7:06:fc:63:
         e3:ed:cd:f5:82:3f:44:dc:1f:4e:80:c8:66:67:f7:02:7c:e7:
         95:70:68:40:47:99:d6:4a:b7:27:05:a1:31:bd:63:59:fe:83:
         26:ae:fb:98:c4:b1:b3:be:28:c1:dd:94:52:19:1d:e5:07:95:
         a2:8c:fc:d8:0a:f9:f6:58:74:be:f1:34:c3:65:80:10:9b:96:
         c3:6f:88:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZKfXc/DrW6EfORdAxyweK3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNDA3ZjdlYWQ4MTZhOTU1NWY0N2FmMTA5MDNlZjQ1Yzgx
NzBiODIwHhcNMjUwNDE4MjAwMDU4WhcNMjUwNDE5MjAwMDU4WjAzMTEwLwYDVQQD
EyhiYjEzZTNlMWMzNTQyZjMzYWYzMTlhYzVkODg2ZjUyZGMwMTA3ZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aH1JuDHvOsEMRLK8Zth/Pdh3Kn5
4cS3FSP2o3uN0GmFejJqJoM1evZC6y+yQyeLuL3CijdbqxokStG72U8gCLILAFsi
5Uh24eHkahIxEXwgzFzItK+qNMwubu67m/kJM5MkMRjtCjn5lbsBtTWviJnkvH7b
NjbLaYuGasmBprmaIOXQSSKfNHKInlmYWfrzHP3ET8UWKsUF2u+2HneFzwJWdinG
PlryzTvNt1sxrhkM6aJPE2ZrRESZ7EuRIxWZM85a2kP686Y3SvHSuqC033DL2f8l
bSGrc6oqzJRuzU6HM9H5BDGR9qN7aQBOPqDnNR4APLhaSH3q2I7nvhfbPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLsT4+HDVC8zrzGaxdiG9S3AEH5lMB8GA1UdIwQY
MBaAFE5Af36tgWqVVfR68QkD70XIFwuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zNTY1NTItMzEyYS00NGNlLTg2Nzct
NDA1NTA1ZmM0NjBlLzEvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zNTY1NTItMzEyYS00NGNlLTg2NzctNDA1NTA1ZmM0NjBl
LzEvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACSAPDkoV
lOO0tPcW4fxegBJ92s/NlB3hjmd+cMjQSqITqaydzqsmI2D4wL91aF5s4Jf2cVui
B06IhB0jXqsVmn0mFqb+Gjlvsr/kbWuGKMNXAoXnPipgUzzHCb2XtkAwbvtahyqO
h8xegtQ8KM9mrnON355lDguExn5LZx2hWbM0kA0GPlDdVIyY1kOuynBfSTIMT5sn
EajWRxIZe8fUswZy4R/0ItRFEj02RCIwxOHnBvxj4+3N9YI/RNwfToDIZmf3Anzn
lXBoQEeZ1kq3JwWhMb1jWf6DJq77mMSxs74owd2UUhkd5QeVooz82Ar59lh0vvE0
w2WAEJuWw2+IZQ==
-----END CERTIFICATE-----