Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/fb93ea-6163-47ec-8bdc-63d90e664822/1/T_TbtnXuCOi72XQHoafv2RkZ5zg.mft
File:                     T_TbtnXuCOi72XQHoafv2RkZ5zg.mft (raw, json)
Hash identifier:          BnL6MbfFfT70PTYVsYdLwe9Ja/rTfilulSnGbYoAAyI=
Subject key identifier:   BC:D7:CC:E4:8A:DB:4F:04:87:14:42:06:BA:03:20:DA:6F:16:B9:0F
Authority key identifier: 4F:F4:DB:B6:75:EE:08:E8:BB:D9:74:07:A1:A7:EF:D9:19:19:E7:38
Certificate issuer:       /CN=4ff4dbb675ee08e8bbd97407a1a7efd91919e738
Certificate serial:       019649A1EBF8CADF1BDF82F700BF63E38B04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T_TbtnXuCOi72XQHoafv2RkZ5zg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/fb93ea-6163-47ec-8bdc-63d90e664822/1/T_TbtnXuCOi72XQHoafv2RkZ5zg.mft
Manifest number:          0E0E
Signing time:             Fri 18 Apr 2025 16:01:10 +0000
Manifest this update:     Fri 18 Apr 2025 16:01:10 +0000
Manifest next update:     Sat 19 Apr 2025 16:01:10 +0000
Files and hashes:         1: T_TbtnXuCOi72XQHoafv2RkZ5zg.crl (hash: gNOSBEzEhADahbek//E+1IWt72macbDwr3K9ebGOm1U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/fb93ea-6163-47ec-8bdc-63d90e664822/1/T_TbtnXuCOi72XQHoafv2RkZ5zg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/fb93ea-6163-47ec-8bdc-63d90e664822/1/T_TbtnXuCOi72XQHoafv2RkZ5zg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T_TbtnXuCOi72XQHoafv2RkZ5zg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 14:20:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:49:a1:eb:f8:ca:df:1b:df:82:f7:00:bf:63:e3:8b:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ff4dbb675ee08e8bbd97407a1a7efd91919e738
        Validity
            Not Before: Apr 18 16:01:10 2025 GMT
            Not After : Apr 19 16:01:10 2025 GMT
        Subject: CN=bcd7cce48adb4f0487144206ba0320da6f16b90f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:fd:bf:59:d5:e7:64:38:5d:a3:57:44:87:ac:
                    67:f9:15:00:71:97:cf:f9:de:e2:51:a1:a2:f5:b1:
                    ca:b4:f0:c0:3a:45:32:c9:90:d3:4f:b7:c2:4e:11:
                    7c:62:07:a3:1e:28:11:a1:73:5e:2b:b0:5c:2e:09:
                    3f:41:ab:0e:e4:85:b1:d2:fc:26:a9:12:2f:b7:b3:
                    47:f3:c8:2f:f4:48:4b:57:f9:31:26:8a:a1:61:c6:
                    fb:e5:a9:73:49:59:6d:4a:6c:d6:6a:7f:50:ab:95:
                    c1:31:39:f3:85:23:50:1b:c6:36:96:33:32:5c:ba:
                    88:26:ee:d7:42:73:69:8a:0c:3d:7b:1e:15:38:ce:
                    e0:c5:9a:5a:0f:56:28:84:00:23:0b:8e:aa:00:4c:
                    14:49:74:34:28:86:e8:a6:3d:51:a4:63:4b:24:83:
                    7c:5f:98:47:dd:55:5b:69:42:ea:64:d1:3c:a9:ce:
                    c8:b7:94:97:1f:f1:24:b7:05:98:7e:fc:d3:bd:89:
                    e0:e5:96:3c:80:71:b1:1b:42:5e:ea:7e:43:0f:0c:
                    10:4b:82:c5:bc:b1:8e:3d:40:c3:06:5a:56:cf:7e:
                    b2:74:6a:da:24:08:db:ce:6f:d3:0d:67:38:27:51:
                    c2:0b:5d:e6:94:e4:a4:48:52:d6:cb:01:ff:c1:9c:
                    71:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:D7:CC:E4:8A:DB:4F:04:87:14:42:06:BA:03:20:DA:6F:16:B9:0F
            X509v3 Authority Key Identifier:
                keyid:4F:F4:DB:B6:75:EE:08:E8:BB:D9:74:07:A1:A7:EF:D9:19:19:E7:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T_TbtnXuCOi72XQHoafv2RkZ5zg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fb93ea-6163-47ec-8bdc-63d90e664822/1/T_TbtnXuCOi72XQHoafv2RkZ5zg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fb93ea-6163-47ec-8bdc-63d90e664822/1/T_TbtnXuCOi72XQHoafv2RkZ5zg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:e8:fa:72:5d:74:7f:61:4e:0e:4f:da:18:23:a1:90:99:2d:
         f1:4d:8d:a8:d0:d2:a4:d3:49:6a:9b:7b:c6:d0:5f:18:d4:dc:
         a6:f1:4a:52:d7:ee:99:8e:f8:5c:06:f9:a5:68:04:35:17:45:
         dd:d0:bc:c4:df:6d:bf:06:ea:1a:3e:fe:89:42:09:48:e1:8a:
         36:09:87:e0:fb:6e:3a:d3:f3:5a:ba:22:8b:6f:31:14:ab:0c:
         89:16:74:73:f9:07:bb:68:aa:85:6d:f9:d1:d3:b9:98:cc:91:
         c1:2f:97:37:e6:14:8c:bf:8b:35:42:c2:b5:27:3b:33:52:32:
         d2:7d:a4:7a:1c:97:cb:1d:9c:a1:a7:b3:90:26:13:30:2c:d5:
         4c:c9:3a:d3:1f:cf:12:2b:5e:85:ae:1d:a5:24:5b:c1:2b:c0:
         39:83:06:7c:c2:5a:04:85:bb:87:2b:a3:6f:57:8b:2b:23:a2:
         42:bc:2d:de:9b:52:7b:71:c4:bb:f2:df:13:ae:c7:70:88:06:
         23:b9:c8:36:fa:5b:4d:3d:d6:d6:1b:ab:4e:e5:3b:9c:1a:85:
         c7:d4:6a:df:75:ec:63:79:24:3c:f9:f4:e4:0a:85:5e:58:d0:
         4d:62:db:95:5b:10:4b:c9:1e:c6:a0:09:59:d5:8e:fa:cf:68:
         b7:ec:14:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZJoev4yt8b34L3AL9j44sEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmZjRkYmI2NzVlZTA4ZThiYmQ5NzQwN2ExYTdlZmQ5MTkx
OWU3MzgwHhcNMjUwNDE4MTYwMTEwWhcNMjUwNDE5MTYwMTEwWjAzMTEwLwYDVQQD
EyhiY2Q3Y2NlNDhhZGI0ZjA0ODcxNDQyMDZiYTAzMjBkYTZmMTZiOTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/2/WdXnZDhdo1dEh6xn+RUAcZfP
+d7iUaGi9bHKtPDAOkUyyZDTT7fCThF8YgejHigRoXNeK7BcLgk/QasO5IWx0vwm
qRIvt7NH88gv9EhLV/kxJoqhYcb75alzSVltSmzWan9Qq5XBMTnzhSNQG8Y2ljMy
XLqIJu7XQnNpigw9ex4VOM7gxZpaD1YohAAjC46qAEwUSXQ0KIbopj1RpGNLJIN8
X5hH3VVbaULqZNE8qc7It5SXH/EktwWYfvzTvYng5ZY8gHGxG0Je6n5DDwwQS4LF
vLGOPUDDBlpWz36ydGraJAjbzm/TDWc4J1HCC13mlOSkSFLWywH/wZxxhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLzXzOSK208EhxRCBroDINpvFrkPMB8GA1UdIwQY
MBaAFE/027Z17gjou9l0B6Gn79kZGec4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVF9UYnRuWHVDT2k3MlhRSG9hZnYyUmtaNXpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mYjkzZWEtNjE2My00N2VjLThiZGMt
NjNkOTBlNjY0ODIyLzEvVF9UYnRuWHVDT2k3MlhRSG9hZnYyUmtaNXpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mYjkzZWEtNjE2My00N2VjLThiZGMtNjNkOTBlNjY0ODIy
LzEvVF9UYnRuWHVDT2k3MlhRSG9hZnYyUmtaNXpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApOj6cl10
f2FODk/aGCOhkJkt8U2NqNDSpNNJapt7xtBfGNTcpvFKUtfumY74XAb5pWgENRdF
3dC8xN9tvwbqGj7+iUIJSOGKNgmH4PtuOtPzWroii28xFKsMiRZ0c/kHu2iqhW35
0dO5mMyRwS+XN+YUjL+LNULCtSc7M1Iy0n2kehyXyx2coaezkCYTMCzVTMk60x/P
Eiteha4dpSRbwSvAOYMGfMJaBIW7hyujb1eLKyOiQrwt3ptSe3HEu/LfE67HcIgG
I7nINvpbTT3W1hurTuU7nBqFx9Rq33XsY3kkPPn05AqFXljQTWLblVsQS8kexqAJ
WdWO+s9ot+wUxQ==
-----END CERTIFICATE-----