Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft
File:                     TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft (raw, json)
Hash identifier:          eYpUgB61BcVU/rDGwZHCWoAkEV7yekU/Tk8VaaO0+J4=
Subject key identifier:   2F:3E:23:5B:43:95:7D:0E:D2:D3:2E:02:7E:A3:5B:60:1A:8B:3C:46
Authority key identifier: 4C:00:06:E0:58:96:F6:FF:B3:01:61:E7:C8:DD:A2:F9:AD:05:B5:61
Certificate issuer:       /CN=4c0006e05896f6ffb30161e7c8dda2f9ad05b561
Certificate serial:       01974AE908E2FA662BEFDD769531EA1750E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TAAG4FiW9v-zAWHnyN2i-a0FtWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft
Manifest number:          14DA
Signing time:             Sat 07 Jun 2025 15:01:15 +0000
Manifest this update:     Sat 07 Jun 2025 15:01:15 +0000
Manifest next update:     Sun 08 Jun 2025 15:01:15 +0000
Files and hashes:         1: TAAG4FiW9v-zAWHnyN2i-a0FtWE.crl (hash: M3bg1UlaIhXGFqnzIyfZI3U4rrnidGeO2kNaMRNd1M4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TAAG4FiW9v-zAWHnyN2i-a0FtWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:e9:08:e2:fa:66:2b:ef:dd:76:95:31:ea:17:50:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c0006e05896f6ffb30161e7c8dda2f9ad05b561
        Validity
            Not Before: Jun  7 15:01:15 2025 GMT
            Not After : Jun  8 15:01:15 2025 GMT
        Subject: CN=2f3e235b43957d0ed2d32e027ea35b601a8b3c46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:11:ab:b7:bb:3e:4a:80:b0:23:cf:fc:5c:cb:
                    a6:9c:d5:7f:de:6a:21:da:6f:9e:75:4a:3a:3e:71:
                    10:ad:fd:87:a4:4e:48:48:c5:ec:67:b9:e8:ea:5c:
                    64:75:7d:52:e8:bf:33:bb:d3:80:95:1b:49:7d:00:
                    77:2e:f1:34:4b:04:e7:5b:d0:3e:d7:36:c3:22:58:
                    d2:02:7e:6b:b8:6b:75:ef:d9:2c:38:af:dc:eb:fb:
                    d7:15:6a:ca:4a:c7:60:60:b1:1d:63:0b:51:f7:01:
                    74:5b:96:54:4a:17:9b:b8:e4:9c:cf:35:7a:1c:2f:
                    af:d6:11:88:c1:b3:b6:eb:14:e8:f8:50:6b:1d:89:
                    48:40:26:e4:d5:ad:eb:f3:7c:b4:e9:4b:59:d6:af:
                    a9:37:d4:f1:98:f9:a6:df:03:fe:60:b3:ea:b5:71:
                    fe:3a:0f:9e:08:bf:a4:90:60:97:63:e7:ae:93:85:
                    f3:ca:79:cc:c3:b0:f0:f1:0a:ff:3d:d7:b4:d6:84:
                    a4:67:df:63:98:35:ae:d6:24:25:31:2f:df:a1:74:
                    6a:13:4e:fb:9a:96:33:2b:6a:e9:d1:d1:6b:64:0c:
                    8c:3b:79:f3:ed:77:e9:3d:92:9e:65:8a:6d:cd:68:
                    6a:ad:32:8c:26:c3:e4:6f:b9:db:41:76:b9:4d:05:
                    b6:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:3E:23:5B:43:95:7D:0E:D2:D3:2E:02:7E:A3:5B:60:1A:8B:3C:46
            X509v3 Authority Key Identifier:
                keyid:4C:00:06:E0:58:96:F6:FF:B3:01:61:E7:C8:DD:A2:F9:AD:05:B5:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TAAG4FiW9v-zAWHnyN2i-a0FtWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:c3:fd:86:0f:79:12:88:b0:0a:62:b6:05:62:95:b0:92:f1:
         bd:3c:25:ae:d5:9c:6e:5e:75:3e:01:db:19:c1:7e:25:a3:25:
         29:a2:82:8d:67:c9:f4:23:83:0d:c3:3a:90:32:b3:f4:13:cf:
         92:7d:62:86:87:39:99:59:b7:2d:70:6f:7f:76:8b:92:34:7f:
         c0:02:b7:a5:e5:d4:69:02:5d:bc:ab:58:8d:d5:96:74:ac:6e:
         2c:5b:a3:4a:1d:b3:23:a1:28:a0:94:91:76:9a:0b:78:19:38:
         89:b2:04:52:3b:6b:fc:5b:96:49:3f:11:81:54:c9:30:75:c0:
         0e:05:8a:26:b6:e6:03:60:41:36:0e:75:b0:97:b5:d3:f9:fc:
         0f:3b:4f:f9:11:c2:42:ad:54:c8:e6:82:c8:b6:d0:39:cd:c1:
         12:3b:6d:7c:fd:31:a1:63:60:12:e2:87:25:3c:09:ac:f0:89:
         38:3a:62:ef:16:03:86:e6:9f:a8:d2:fb:4c:22:7b:5e:c5:63:
         f1:c2:21:04:f4:0a:06:0a:c2:ad:ff:ae:49:c1:45:f6:11:b6:
         08:10:c8:11:0e:95:85:17:79:f6:ca:20:9b:c0:e5:83:77:c0:
         4f:57:bd:2a:b1:7c:a7:70:0c:f1:f2:ea:a1:d9:cb:43:60:c9:
         4e:8b:ab:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdK6Qji+mYr7912lTHqF1DoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMDAwNmUwNTg5NmY2ZmZiMzAxNjFlN2M4ZGRhMmY5YWQw
NWI1NjEwHhcNMjUwNjA3MTUwMTE1WhcNMjUwNjA4MTUwMTE1WjAzMTEwLwYDVQQD
EygyZjNlMjM1YjQzOTU3ZDBlZDJkMzJlMDI3ZWEzNWI2MDFhOGIzYzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRGrt7s+SoCwI8/8XMumnNV/3moh
2m+edUo6PnEQrf2HpE5ISMXsZ7no6lxkdX1S6L8zu9OAlRtJfQB3LvE0SwTnW9A+
1zbDIljSAn5ruGt179ksOK/c6/vXFWrKSsdgYLEdYwtR9wF0W5ZUShebuOSczzV6
HC+v1hGIwbO26xTo+FBrHYlIQCbk1a3r83y06UtZ1q+pN9TxmPmm3wP+YLPqtXH+
Og+eCL+kkGCXY+euk4XzynnMw7Dw8Qr/Pde01oSkZ99jmDWu1iQlMS/foXRqE077
mpYzK2rp0dFrZAyMO3nz7XfpPZKeZYptzWhqrTKMJsPkb7nbQXa5TQW2rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC8+I1tDlX0O0tMuAn6jW2AaizxGMB8GA1UdIwQY
MBaAFEwABuBYlvb/swFh58jdovmtBbVhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEFBRzRGaVc5di16QVdIbnlOMmktYTBGdFdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9iN2Y4MzktYzY4MC00NWVhLWE4ZWUt
MTMwODdiZWJkMWU0LzEvVEFBRzRGaVc5di16QVdIbnlOMmktYTBGdFdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9iN2Y4MzktYzY4MC00NWVhLWE4ZWUtMTMwODdiZWJkMWU0
LzEvVEFBRzRGaVc5di16QVdIbnlOMmktYTBGdFdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG8P9hg95
EoiwCmK2BWKVsJLxvTwlrtWcbl51PgHbGcF+JaMlKaKCjWfJ9CODDcM6kDKz9BPP
kn1ihoc5mVm3LXBvf3aLkjR/wAK3peXUaQJdvKtYjdWWdKxuLFujSh2zI6EooJSR
dpoLeBk4ibIEUjtr/FuWST8RgVTJMHXADgWKJrbmA2BBNg51sJe10/n8DztP+RHC
Qq1UyOaCyLbQOc3BEjttfP0xoWNgEuKHJTwJrPCJODpi7xYDhuafqNL7TCJ7XsVj
8cIhBPQKBgrCrf+uScFF9hG2CBDIEQ6VhRd59sogm8Dlg3fAT1e9KrF8p3AM8fLq
odnLQ2DJTourfg==
-----END CERTIFICATE-----