Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.mft
File:                     TNN3vorxFHipq-Jx-L3i3j0zNAg.mft (raw, json)
Hash identifier:          EMkgNrA/v1lbYJANdd1WqCLNaqusHoSWuKj/9nPtfAs=
Subject key identifier:   2A:93:F7:28:40:A6:6A:52:FD:02:BA:7D:88:5C:3D:89:B7:CD:A9:75
Authority key identifier: 4C:D3:77:BE:8A:F1:14:78:A9:AB:E2:71:F8:BD:E2:DE:3D:33:34:08
Certificate issuer:       /CN=4cd377be8af11478a9abe271f8bde2de3d333408
Certificate serial:       019748FA89C1D72914C534C34508150EEA54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TNN3vorxFHipq-Jx-L3i3j0zNAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.mft
Manifest number:          07CC
Signing time:             Sat 07 Jun 2025 06:01:08 +0000
Manifest this update:     Sat 07 Jun 2025 06:01:08 +0000
Manifest next update:     Sun 08 Jun 2025 06:01:08 +0000
Files and hashes:         1: TNN3vorxFHipq-Jx-L3i3j0zNAg.crl (hash: AQ5qwoN10AQ1F9wYahmp1KFD5LdgZbN0bYYxtDL7sJE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TNN3vorxFHipq-Jx-L3i3j0zNAg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:89:c1:d7:29:14:c5:34:c3:45:08:15:0e:ea:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4cd377be8af11478a9abe271f8bde2de3d333408
        Validity
            Not Before: Jun  7 06:01:08 2025 GMT
            Not After : Jun  8 06:01:08 2025 GMT
        Subject: CN=2a93f72840a66a52fd02ba7d885c3d89b7cda975
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c5:cc:70:c0:f2:f2:3f:be:6b:ca:67:fb:e7:
                    37:60:4d:9f:43:32:3e:b0:70:7d:af:41:70:84:c4:
                    e7:7c:e5:1c:05:64:7a:42:6e:2b:bd:b5:4e:3f:75:
                    b1:31:99:ac:53:8d:61:1b:48:71:8e:9d:ae:7b:5f:
                    27:11:e3:7d:3d:80:9d:d4:f2:36:5a:4b:9d:ba:e0:
                    cb:90:40:76:1e:5d:f9:6e:15:7a:2b:41:0f:81:f5:
                    24:34:05:3a:e9:e1:e3:29:db:99:38:f3:ac:6e:8f:
                    86:ec:d9:d3:fe:c2:ac:fe:6c:a7:59:98:42:ad:e1:
                    2f:65:41:7f:37:8a:b4:fa:47:f3:51:63:87:c6:37:
                    37:dc:fb:8c:c7:f8:07:c6:3c:f6:82:d9:a0:d0:39:
                    69:6d:db:e0:c7:8d:63:b2:91:e2:6f:fd:a8:58:a1:
                    02:ce:97:21:1a:87:e8:c8:c1:37:5b:eb:31:c5:5d:
                    3b:cd:ba:1a:fc:84:c5:6b:ad:51:44:40:ad:62:6f:
                    1f:e1:0e:cf:51:0b:13:d2:5a:7f:5d:3e:c5:66:9b:
                    04:c3:b6:e1:b7:43:3e:63:79:a9:6e:ec:d7:59:74:
                    55:ea:eb:c5:c0:01:77:29:33:7b:81:d9:77:9f:66:
                    be:a8:8a:eb:37:94:81:13:bc:e4:1c:92:fd:14:eb:
                    f5:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:93:F7:28:40:A6:6A:52:FD:02:BA:7D:88:5C:3D:89:B7:CD:A9:75
            X509v3 Authority Key Identifier:
                keyid:4C:D3:77:BE:8A:F1:14:78:A9:AB:E2:71:F8:BD:E2:DE:3D:33:34:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNN3vorxFHipq-Jx-L3i3j0zNAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:9c:02:a4:e8:d1:c0:69:db:25:d8:72:1a:fa:40:88:c6:dc:
         1f:c9:74:03:ba:d9:bb:ca:aa:83:75:8b:2a:aa:2d:7c:a0:9c:
         6a:18:23:cb:c8:1f:cb:b6:e0:15:84:6f:df:15:8e:40:a2:19:
         f0:e0:6e:82:1c:3f:57:f0:14:41:1e:50:dd:93:d4:4e:d4:16:
         71:30:f7:db:b4:d4:03:07:e8:2a:38:13:ca:c2:4c:13:91:c5:
         b8:9b:52:91:35:b9:89:b9:54:1e:df:3e:81:b7:61:0e:4c:b7:
         5a:ce:e4:21:c3:2d:80:72:15:b9:d4:bf:7a:a5:b7:74:71:ad:
         29:0a:f7:50:0f:d9:4c:51:91:2b:de:56:24:41:21:1c:04:9a:
         ab:b5:d9:c0:70:01:2a:f1:88:79:a1:99:65:49:c9:cf:44:0f:
         39:de:cd:a0:ab:47:4f:a9:a4:0a:71:3b:a0:30:49:47:ce:46:
         1c:d1:e8:da:d9:a8:a9:17:0a:0e:46:da:85:1e:51:29:68:8f:
         c4:f9:b3:38:94:c6:4a:2f:76:de:75:2b:f5:42:0f:f4:a4:cd:
         d9:f5:12:07:f4:13:6c:d2:f5:3c:e3:4b:81:d0:05:b1:3a:18:
         5d:6a:7f:70:fb:c0:f7:c0:1a:de:8f:f3:8e:02:b3:70:ad:f8:
         fd:80:d4:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+onB1ykUxTTDRQgVDupUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZDM3N2JlOGFmMTE0NzhhOWFiZTI3MWY4YmRlMmRlM2Qz
MzM0MDgwHhcNMjUwNjA3MDYwMTA4WhcNMjUwNjA4MDYwMTA4WjAzMTEwLwYDVQQD
EygyYTkzZjcyODQwYTY2YTUyZmQwMmJhN2Q4ODVjM2Q4OWI3Y2RhOTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMXMcMDy8j++a8pn++c3YE2fQzI+
sHB9r0FwhMTnfOUcBWR6Qm4rvbVOP3WxMZmsU41hG0hxjp2ue18nEeN9PYCd1PI2
WkuduuDLkEB2Hl35bhV6K0EPgfUkNAU66eHjKduZOPOsbo+G7NnT/sKs/mynWZhC
reEvZUF/N4q0+kfzUWOHxjc33PuMx/gHxjz2gtmg0Dlpbdvgx41jspHib/2oWKEC
zpchGofoyME3W+sxxV07zboa/ITFa61RRECtYm8f4Q7PUQsT0lp/XT7FZpsEw7bh
t0M+Y3mpbuzXWXRV6uvFwAF3KTN7gdl3n2a+qIrrN5SBE7zkHJL9FOv1mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqT9yhApmpS/QK6fYhcPYm3zal1MB8GA1UdIwQY
MBaAFEzTd76K8RR4qavicfi94t49MzQIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE5OM3ZvcnhGSGlwcS1KeC1MM2kzajB6TkFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81MWU4YjUtN2UyYy00MDA4LWJmODMt
YjEyZWIxY2VhYTE0LzEvVE5OM3ZvcnhGSGlwcS1KeC1MM2kzajB6TkFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81MWU4YjUtN2UyYy00MDA4LWJmODMtYjEyZWIxY2VhYTE0
LzEvVE5OM3ZvcnhGSGlwcS1KeC1MM2kzajB6TkFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtZwCpOjR
wGnbJdhyGvpAiMbcH8l0A7rZu8qqg3WLKqotfKCcahgjy8gfy7bgFYRv3xWOQKIZ
8OBughw/V/AUQR5Q3ZPUTtQWcTD327TUAwfoKjgTysJME5HFuJtSkTW5iblUHt8+
gbdhDky3Ws7kIcMtgHIVudS/eqW3dHGtKQr3UA/ZTFGRK95WJEEhHASaq7XZwHAB
KvGIeaGZZUnJz0QPOd7NoKtHT6mkCnE7oDBJR85GHNHo2tmoqRcKDkbahR5RKWiP
xPmzOJTGSi923nUr9UIP9KTN2fUSB/QTbNL1PONLgdAFsToYXWp/cPvA98Aa3o/z
jgKzcK34/YDU4A==
-----END CERTIFICATE-----