Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/c5674e-db61-4722-b922-535be275e6f5/1/TaktycvByBxzpp8xWlMbR_ROPFQ.mft
File:                     TaktycvByBxzpp8xWlMbR_ROPFQ.mft (raw, json)
Hash identifier:          uSmbUvcqbyzjokwKjo2bGWPxQVBcFmpLGkbIo85RlGo=
Subject key identifier:   B7:4E:57:99:BD:70:D3:28:36:91:C5:E8:98:6A:A2:B3:E8:31:52:C6
Authority key identifier: 4D:A9:2D:C9:CB:C1:C8:1C:73:A6:9F:31:5A:53:1B:47:F4:4E:3C:54
Certificate issuer:       /CN=4da92dc9cbc1c81c73a69f315a531b47f44e3c54
Certificate serial:       0197488C402083A7A229397F82E3A2C60859
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TaktycvByBxzpp8xWlMbR_ROPFQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/c5674e-db61-4722-b922-535be275e6f5/1/TaktycvByBxzpp8xWlMbR_ROPFQ.mft
Manifest number:          0693
Signing time:             Sat 07 Jun 2025 04:00:40 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:40 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:40 +0000
Files and hashes:         1: TaktycvByBxzpp8xWlMbR_ROPFQ.crl (hash: 1MEQFZa0Txoyg2WjO15uNoN8XWFEPBmRBqobZ9HDQ8Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/c5674e-db61-4722-b922-535be275e6f5/1/TaktycvByBxzpp8xWlMbR_ROPFQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/c5674e-db61-4722-b922-535be275e6f5/1/TaktycvByBxzpp8xWlMbR_ROPFQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TaktycvByBxzpp8xWlMbR_ROPFQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:40:20:83:a7:a2:29:39:7f:82:e3:a2:c6:08:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4da92dc9cbc1c81c73a69f315a531b47f44e3c54
        Validity
            Not Before: Jun  7 04:00:40 2025 GMT
            Not After : Jun  8 04:00:40 2025 GMT
        Subject: CN=b74e5799bd70d3283691c5e8986aa2b3e83152c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:a8:36:75:12:a9:26:89:80:8c:6f:94:d9:35:
                    aa:ea:93:b0:33:1d:2e:6d:13:f6:16:38:aa:3f:e8:
                    c4:43:18:3e:c9:ce:30:14:11:37:4e:48:65:88:80:
                    fc:45:f6:c1:5a:a5:11:16:19:28:4d:dd:1a:8e:2e:
                    a8:78:40:9a:6c:a6:6d:a8:3c:0b:4f:79:2c:d8:38:
                    e5:3d:55:18:d5:74:a2:52:ab:2f:af:87:ba:81:84:
                    7c:28:83:d8:be:8c:04:ec:a0:ab:53:c0:1c:25:e8:
                    a1:8a:dc:2b:72:04:e7:91:da:bf:7a:0b:b0:22:cf:
                    c3:4d:1c:b4:60:c3:ce:ad:50:7b:dd:90:59:65:54:
                    c7:d5:35:1f:48:fc:7c:d4:d7:67:e1:c5:3a:0d:6d:
                    78:a5:4b:57:1e:2b:5e:9e:4d:44:b2:e6:15:76:04:
                    98:a0:dc:78:aa:30:b9:c7:db:67:ad:fd:23:ec:a5:
                    0d:af:b7:41:02:e5:8f:35:32:0b:99:2f:43:44:f9:
                    84:2a:b1:88:de:b0:4a:f5:f0:38:9e:9e:81:8b:ef:
                    71:8e:e3:4f:0d:9e:22:b8:94:27:03:c7:3a:e9:01:
                    3a:ee:6e:8c:3e:58:3f:e5:a8:d5:db:61:48:b7:af:
                    f4:85:f2:77:74:c6:c4:21:81:f8:4a:c3:d7:39:ba:
                    38:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:4E:57:99:BD:70:D3:28:36:91:C5:E8:98:6A:A2:B3:E8:31:52:C6
            X509v3 Authority Key Identifier:
                keyid:4D:A9:2D:C9:CB:C1:C8:1C:73:A6:9F:31:5A:53:1B:47:F4:4E:3C:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TaktycvByBxzpp8xWlMbR_ROPFQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/c5674e-db61-4722-b922-535be275e6f5/1/TaktycvByBxzpp8xWlMbR_ROPFQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/c5674e-db61-4722-b922-535be275e6f5/1/TaktycvByBxzpp8xWlMbR_ROPFQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:60:fd:f7:b9:43:f7:80:66:18:2d:ba:05:93:11:0a:67:6b:
         0a:bc:5f:0e:11:b8:4d:7e:1a:af:de:8d:be:2b:da:bd:c0:71:
         65:c5:99:96:25:02:1e:e2:de:78:90:64:50:58:7e:2e:03:9b:
         20:9f:6e:e9:f9:bf:17:10:f0:05:3d:82:fd:07:1b:ba:31:74:
         0a:15:31:30:83:94:ad:c8:83:ef:d8:12:2d:3a:a0:46:c1:eb:
         62:19:e5:0d:80:f7:df:0c:5a:0e:1b:76:2e:e5:e6:e2:09:8c:
         39:9b:bc:ad:d1:44:d1:7a:91:92:15:cd:ba:95:ca:4b:9b:ee:
         01:c5:5e:a2:ed:25:63:c9:3e:15:ee:b0:ee:1a:7d:ab:fe:b2:
         6a:4a:15:82:07:6c:df:cb:35:e9:dd:89:e0:1c:6c:e8:db:b6:
         48:cb:ba:02:a4:09:1c:7a:26:18:0b:10:2c:f3:25:77:17:1d:
         cd:a1:cb:a1:26:5e:3a:79:10:19:1c:1c:12:ee:6e:14:90:32:
         f9:d1:b7:86:a0:ce:9d:50:c2:ba:d6:1f:9c:59:94:ce:00:cd:
         f8:82:c9:da:b4:0c:16:8d:30:0d:8e:15:ce:4a:39:3f:d9:7f:
         a5:ec:6f:1b:18:dd:a8:82:50:17:07:12:e4:66:a8:95:a1:70:
         20:a0:5f:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjEAgg6eiKTl/guOixghZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTkyZGM5Y2JjMWM4MWM3M2E2OWYzMTVhNTMxYjQ3ZjQ0
ZTNjNTQwHhcNMjUwNjA3MDQwMDQwWhcNMjUwNjA4MDQwMDQwWjAzMTEwLwYDVQQD
EyhiNzRlNTc5OWJkNzBkMzI4MzY5MWM1ZTg5ODZhYTJiM2U4MzE1MmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Kg2dRKpJomAjG+U2TWq6pOwMx0u
bRP2FjiqP+jEQxg+yc4wFBE3TkhliID8RfbBWqURFhkoTd0aji6oeECabKZtqDwL
T3ks2DjlPVUY1XSiUqsvr4e6gYR8KIPYvowE7KCrU8AcJeihitwrcgTnkdq/eguw
Is/DTRy0YMPOrVB73ZBZZVTH1TUfSPx81Ndn4cU6DW14pUtXHitenk1EsuYVdgSY
oNx4qjC5x9tnrf0j7KUNr7dBAuWPNTILmS9DRPmEKrGI3rBK9fA4np6Bi+9xjuNP
DZ4iuJQnA8c66QE67m6MPlg/5ajV22FIt6/0hfJ3dMbEIYH4SsPXObo4YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLdOV5m9cNMoNpHF6JhqorPoMVLGMB8GA1UdIwQY
MBaAFE2pLcnLwcgcc6afMVpTG0f0TjxUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFrdHljdkJ5Qnh6cHA4eFdsTWJSX1JPUEZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9jNTY3NGUtZGI2MS00NzIyLWI5MjIt
NTM1YmUyNzVlNmY1LzEvVGFrdHljdkJ5Qnh6cHA4eFdsTWJSX1JPUEZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9jNTY3NGUtZGI2MS00NzIyLWI5MjItNTM1YmUyNzVlNmY1
LzEvVGFrdHljdkJ5Qnh6cHA4eFdsTWJSX1JPUEZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkmD997lD
94BmGC26BZMRCmdrCrxfDhG4TX4ar96NvivavcBxZcWZliUCHuLeeJBkUFh+LgOb
IJ9u6fm/FxDwBT2C/QcbujF0ChUxMIOUrciD79gSLTqgRsHrYhnlDYD33wxaDht2
LuXm4gmMOZu8rdFE0XqRkhXNupXKS5vuAcVeou0lY8k+Fe6w7hp9q/6yakoVggds
38s16d2J4Bxs6Nu2SMu6AqQJHHomGAsQLPMldxcdzaHLoSZeOnkQGRwcEu5uFJAy
+dG3hqDOnVDCutYfnFmUzgDN+ILJ2rQMFo0wDY4Vzko5P9l/pexvGxjdqIJQFwcS
5GaolaFwIKBfGQ==
-----END CERTIFICATE-----