Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/fb93ea-6163-47ec-8bdc-63d90e664822/1/T_TbtnXuCOi72XQHoafv2RkZ5zg.mft
File:                     T_TbtnXuCOi72XQHoafv2RkZ5zg.mft (raw, json)
Hash identifier:          I4DZWjDk+P1iqm5h/65veL1GJFiDDCfy/IGXT03wGPY=
Subject key identifier:   42:31:99:60:DC:99:AE:03:E3:EB:F3:DE:16:11:86:BC:CC:D0:D3:B0
Authority key identifier: 4F:F4:DB:B6:75:EE:08:E8:BB:D9:74:07:A1:A7:EF:D9:19:19:E7:38
Certificate issuer:       /CN=4ff4dbb675ee08e8bbd97407a1a7efd91919e738
Certificate serial:       019510C6EC9F5151E6383AC29EF31A0A6229
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T_TbtnXuCOi72XQHoafv2RkZ5zg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/fb93ea-6163-47ec-8bdc-63d90e664822/1/T_TbtnXuCOi72XQHoafv2RkZ5zg.mft
Manifest number:          0D6C
Signing time:             Sun 16 Feb 2025 22:00:26 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:26 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:26 +0000
Files and hashes:         1: T_TbtnXuCOi72XQHoafv2RkZ5zg.crl (hash: hdeM02ITw70TBWuwb+6KQNszjnZUj71zIuSjx5QilAA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/fb93ea-6163-47ec-8bdc-63d90e664822/1/T_TbtnXuCOi72XQHoafv2RkZ5zg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/fb93ea-6163-47ec-8bdc-63d90e664822/1/T_TbtnXuCOi72XQHoafv2RkZ5zg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T_TbtnXuCOi72XQHoafv2RkZ5zg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c6:ec:9f:51:51:e6:38:3a:c2:9e:f3:1a:0a:62:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ff4dbb675ee08e8bbd97407a1a7efd91919e738
        Validity
            Not Before: Feb 16 22:00:26 2025 GMT
            Not After : Feb 17 22:00:26 2025 GMT
        Subject: CN=42319960dc99ae03e3ebf3de161186bcccd0d3b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:1e:ef:5e:ab:f6:61:c6:2e:fe:d2:3a:58:89:
                    48:a5:e8:28:d7:ab:9a:33:0b:ae:36:d6:a8:e4:7f:
                    b9:5b:6c:30:f1:29:40:48:a5:46:ef:e5:d7:c0:13:
                    3e:e8:5a:c2:72:a6:70:c2:03:24:f9:7e:46:4f:76:
                    77:45:a6:fb:49:21:ff:7f:1e:a1:a0:a4:f9:cb:9e:
                    38:fe:5e:0f:74:50:01:cd:f3:65:74:ae:c7:42:c8:
                    5b:fe:45:78:26:aa:c2:5a:f9:0f:50:45:63:35:c8:
                    37:fe:06:16:46:70:86:30:2a:97:dc:a8:bd:3a:61:
                    e2:c8:ed:3d:eb:66:43:7c:71:2d:54:ab:be:22:08:
                    ac:d9:95:7d:c1:e0:2a:2a:2a:99:2b:2b:0b:8f:3d:
                    22:67:4b:58:cc:ec:61:d3:cb:91:47:60:b8:21:b4:
                    15:f1:68:d7:21:16:38:df:df:f9:b2:f8:35:8f:60:
                    4d:bc:9e:59:61:f3:78:a5:8e:cb:45:07:fd:b9:ac:
                    b0:ee:52:76:21:6f:e3:40:7a:0c:21:06:3f:48:e3:
                    4b:92:a9:87:26:8c:cf:3a:7e:52:8b:a1:ca:10:04:
                    c6:32:5a:34:19:c2:48:e6:df:7f:3d:b0:a6:e5:54:
                    00:23:b2:d3:8f:b8:2d:e2:95:db:25:c6:b8:d7:81:
                    67:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:31:99:60:DC:99:AE:03:E3:EB:F3:DE:16:11:86:BC:CC:D0:D3:B0
            X509v3 Authority Key Identifier:
                keyid:4F:F4:DB:B6:75:EE:08:E8:BB:D9:74:07:A1:A7:EF:D9:19:19:E7:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T_TbtnXuCOi72XQHoafv2RkZ5zg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fb93ea-6163-47ec-8bdc-63d90e664822/1/T_TbtnXuCOi72XQHoafv2RkZ5zg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fb93ea-6163-47ec-8bdc-63d90e664822/1/T_TbtnXuCOi72XQHoafv2RkZ5zg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:a9:12:53:af:81:45:1a:cc:b5:1c:1a:03:30:ef:0a:59:38:
         f8:5c:6a:06:f0:1b:f2:e3:a3:c3:04:14:f3:7c:8e:3a:c6:4a:
         4d:c4:2c:c2:3c:d3:79:4b:8a:1d:4d:48:58:cc:4f:50:4e:3d:
         19:17:5b:43:40:c9:00:95:30:a4:19:c4:39:aa:ea:f6:12:ad:
         54:00:1b:0f:b3:bc:0b:b1:06:b0:c0:9a:67:4f:27:63:48:ff:
         74:19:98:67:11:b9:ce:07:44:4d:b0:35:60:f0:a4:41:f4:d6:
         c7:95:3c:da:39:fd:95:d4:82:c5:01:89:aa:31:ab:bd:31:40:
         72:35:09:1f:9c:61:91:fd:7a:f9:7a:0a:e4:ec:0c:72:b0:d5:
         a0:50:25:ca:d8:1f:a9:c7:52:d1:80:01:d3:b7:3d:e1:09:58:
         c5:e5:92:c2:b8:26:02:ad:a8:7e:ac:18:03:d6:f3:36:34:95:
         8b:b1:8f:ca:72:4a:f2:2f:51:31:38:0d:74:17:ab:f9:0c:22:
         04:e7:c6:ae:19:da:17:92:c3:80:36:aa:64:ef:ce:60:6e:f0:
         3a:8a:0a:fb:dc:03:ed:7f:e6:a7:56:74:2a:ff:01:e5:05:65:
         76:74:1a:7b:99:f3:f1:40:0d:ab:7b:d1:e4:29:1b:f5:31:31:
         54:ff:28:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxuyfUVHmODrCnvMaCmIpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmZjRkYmI2NzVlZTA4ZThiYmQ5NzQwN2ExYTdlZmQ5MTkx
OWU3MzgwHhcNMjUwMjE2MjIwMDI2WhcNMjUwMjE3MjIwMDI2WjAzMTEwLwYDVQQD
Eyg0MjMxOTk2MGRjOTlhZTAzZTNlYmYzZGUxNjExODZiY2NjZDBkM2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB7vXqv2YcYu/tI6WIlIpego16ua
MwuuNtao5H+5W2ww8SlASKVG7+XXwBM+6FrCcqZwwgMk+X5GT3Z3Rab7SSH/fx6h
oKT5y544/l4PdFABzfNldK7HQshb/kV4JqrCWvkPUEVjNcg3/gYWRnCGMCqX3Ki9
OmHiyO0962ZDfHEtVKu+Igis2ZV9weAqKiqZKysLjz0iZ0tYzOxh08uRR2C4IbQV
8WjXIRY439/5svg1j2BNvJ5ZYfN4pY7LRQf9uayw7lJ2IW/jQHoMIQY/SONLkqmH
JozPOn5Si6HKEATGMlo0GcJI5t9/PbCm5VQAI7LTj7gt4pXbJca414FnuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEIxmWDcma4D4+vz3hYRhrzM0NOwMB8GA1UdIwQY
MBaAFE/027Z17gjou9l0B6Gn79kZGec4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVF9UYnRuWHVDT2k3MlhRSG9hZnYyUmtaNXpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mYjkzZWEtNjE2My00N2VjLThiZGMt
NjNkOTBlNjY0ODIyLzEvVF9UYnRuWHVDT2k3MlhRSG9hZnYyUmtaNXpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mYjkzZWEtNjE2My00N2VjLThiZGMtNjNkOTBlNjY0ODIy
LzEvVF9UYnRuWHVDT2k3MlhRSG9hZnYyUmtaNXpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIakSU6+B
RRrMtRwaAzDvClk4+FxqBvAb8uOjwwQU83yOOsZKTcQswjzTeUuKHU1IWMxPUE49
GRdbQ0DJAJUwpBnEOarq9hKtVAAbD7O8C7EGsMCaZ08nY0j/dBmYZxG5zgdETbA1
YPCkQfTWx5U82jn9ldSCxQGJqjGrvTFAcjUJH5xhkf16+XoK5OwMcrDVoFAlytgf
qcdS0YAB07c94QlYxeWSwrgmAq2ofqwYA9bzNjSVi7GPynJK8i9RMTgNdBer+Qwi
BOfGrhnaF5LDgDaqZO/OYG7wOooK+9wD7X/mp1Z0Kv8B5QVldnQae5nz8UANq3vR
5Ckb9TExVP8o2w==
-----END CERTIFICATE-----