Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
File:                     TkB_fq2BapVV9HrxCQPvRcgXC4I.mft (raw, json)
Hash identifier:          tC8d94oOhkRxD/aWo8bluGbsTDEpzkDpv+Si7WHICy8=
Subject key identifier:   C6:05:C4:BA:B6:57:12:AE:1B:6A:1C:3B:11:AF:E2:7E:90:F3:26:79
Authority key identifier: 4E:40:7F:7E:AD:81:6A:95:55:F4:7A:F1:09:03:EF:45:C8:17:0B:82
Certificate issuer:       /CN=4e407f7ead816a9555f47af10903ef45c8170b82
Certificate serial:       019511A2A822404F52C50D15960B663489AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
Manifest number:          053B
Signing time:             Mon 17 Feb 2025 02:00:27 +0000
Manifest this update:     Mon 17 Feb 2025 02:00:27 +0000
Manifest next update:     Tue 18 Feb 2025 02:00:27 +0000
Files and hashes:         1: TkB_fq2BapVV9HrxCQPvRcgXC4I.crl (hash: nqo7xVn8XB7uvzCz0ot1Co3ddomo6WWwU7f1+kBpcoA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:a2:a8:22:40:4f:52:c5:0d:15:96:0b:66:34:89:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e407f7ead816a9555f47af10903ef45c8170b82
        Validity
            Not Before: Feb 17 02:00:27 2025 GMT
            Not After : Feb 18 02:00:27 2025 GMT
        Subject: CN=c605c4bab65712ae1b6a1c3b11afe27e90f32679
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:c6:16:27:22:ff:a8:97:71:2d:70:12:b8:ba:
                    7d:45:71:c6:aa:f0:36:30:e1:6f:9a:3a:65:8a:7b:
                    6b:4e:01:c7:ac:e5:0b:4b:18:3c:75:a3:94:8b:86:
                    11:40:99:95:43:75:c1:40:6c:27:ae:31:3a:ef:10:
                    60:b2:aa:c3:b4:b7:97:f8:40:ab:5d:b9:97:0b:dd:
                    7f:60:b8:b9:79:61:1a:dd:66:3b:bb:ce:b7:98:2e:
                    a2:2e:40:bd:b1:28:b3:92:fd:2d:1a:c3:a5:22:8f:
                    aa:7d:2f:e0:60:ed:07:3a:41:5c:eb:02:96:70:5a:
                    20:f7:ae:5f:6f:ef:a5:db:e0:af:d6:35:1b:4b:ee:
                    c5:7f:70:08:1f:e7:c3:49:94:42:4f:33:f9:d5:0f:
                    36:9d:3e:b7:26:d9:95:73:35:ab:33:bd:bd:0f:b4:
                    de:4e:ca:d4:ce:90:97:23:02:2c:0a:4f:28:29:9c:
                    62:12:03:7c:98:31:d3:a1:cb:6b:8b:44:e4:f8:d3:
                    86:48:e3:cb:95:1f:b7:d9:d7:4c:f4:43:a6:b8:cd:
                    e7:a1:c5:d1:14:ad:90:d6:c5:28:e7:a4:6a:0e:98:
                    e9:ee:3a:05:49:70:0a:f7:fb:b2:14:0b:ab:1e:33:
                    5e:7f:d8:ef:02:c0:c4:d8:41:13:1e:a7:4b:e1:02:
                    bf:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:05:C4:BA:B6:57:12:AE:1B:6A:1C:3B:11:AF:E2:7E:90:F3:26:79
            X509v3 Authority Key Identifier:
                keyid:4E:40:7F:7E:AD:81:6A:95:55:F4:7A:F1:09:03:EF:45:C8:17:0B:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:17:45:a4:d5:31:0a:3c:e5:b3:6e:19:3d:2b:7f:db:fd:7a:
         23:34:6f:9e:f1:42:5a:a4:c8:0c:49:91:e1:d4:4a:66:31:e3:
         8b:c6:4f:6e:61:eb:1b:02:f4:45:ba:d7:e2:80:a6:b4:b9:13:
         0a:a2:af:13:bb:73:76:3f:28:5e:39:57:f8:56:01:00:b6:f9:
         45:c3:36:bc:3f:4a:c0:c1:4d:09:d8:6a:2f:fd:19:92:e0:85:
         43:95:8a:97:5c:9e:a5:17:8b:0d:86:60:2e:61:d6:ab:3d:22:
         74:85:b8:a0:aa:11:10:82:e3:3f:06:91:92:4a:61:dc:bb:d8:
         47:5c:20:5e:70:90:03:a3:f5:2c:1f:7b:23:98:49:16:eb:9a:
         fe:92:b9:6d:76:e0:f7:01:5f:cb:c8:65:b6:b8:d6:30:7c:23:
         81:70:03:9d:47:b3:63:dc:0b:34:76:1b:a8:2b:1e:65:13:f8:
         4e:26:33:f5:1b:88:d5:94:46:cf:e0:f7:9b:21:1f:58:6c:97:
         a9:58:47:ca:a6:13:7b:6a:f8:00:c5:2d:14:6f:b4:78:24:f1:
         1b:ab:75:cb:3c:4b:52:45:9f:5a:47:49:1e:2b:f3:7c:11:10:
         94:d3:8c:69:7f:c7:fc:fe:f8:f1:59:15:31:57:79:a6:e2:36:
         10:30:4c:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURoqgiQE9SxQ0VlgtmNImsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNDA3ZjdlYWQ4MTZhOTU1NWY0N2FmMTA5MDNlZjQ1Yzgx
NzBiODIwHhcNMjUwMjE3MDIwMDI3WhcNMjUwMjE4MDIwMDI3WjAzMTEwLwYDVQQD
EyhjNjA1YzRiYWI2NTcxMmFlMWI2YTFjM2IxMWFmZTI3ZTkwZjMyNjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsYWJyL/qJdxLXASuLp9RXHGqvA2
MOFvmjplintrTgHHrOULSxg8daOUi4YRQJmVQ3XBQGwnrjE67xBgsqrDtLeX+ECr
XbmXC91/YLi5eWEa3WY7u863mC6iLkC9sSizkv0tGsOlIo+qfS/gYO0HOkFc6wKW
cFog965fb++l2+Cv1jUbS+7Ff3AIH+fDSZRCTzP51Q82nT63JtmVczWrM729D7Te
TsrUzpCXIwIsCk8oKZxiEgN8mDHToctri0Tk+NOGSOPLlR+32ddM9EOmuM3nocXR
FK2Q1sUo56RqDpjp7joFSXAK9/uyFAurHjNef9jvAsDE2EETHqdL4QK/3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMYFxLq2VxKuG2ocOxGv4n6Q8yZ5MB8GA1UdIwQY
MBaAFE5Af36tgWqVVfR68QkD70XIFwuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zNTY1NTItMzEyYS00NGNlLTg2Nzct
NDA1NTA1ZmM0NjBlLzEvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zNTY1NTItMzEyYS00NGNlLTg2NzctNDA1NTA1ZmM0NjBl
LzEvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWxdFpNUx
Cjzls24ZPSt/2/16IzRvnvFCWqTIDEmR4dRKZjHji8ZPbmHrGwL0RbrX4oCmtLkT
CqKvE7tzdj8oXjlX+FYBALb5RcM2vD9KwMFNCdhqL/0ZkuCFQ5WKl1yepReLDYZg
LmHWqz0idIW4oKoREILjPwaRkkph3LvYR1wgXnCQA6P1LB97I5hJFuua/pK5bXbg
9wFfy8hltrjWMHwjgXADnUezY9wLNHYbqCseZRP4TiYz9RuI1ZRGz+D3myEfWGyX
qVhHyqYTe2r4AMUtFG+0eCTxG6t1yzxLUkWfWkdJHivzfBEQlNOMaX/H/P748VkV
MVd5puI2EDBMLQ==
-----END CERTIFICATE-----