Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
File:                     TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft (raw, json)
Hash identifier:          1lgnAQT61yWYhtPJf5TCRHY7lYl4s03YgaE+tPRVZTE=
Subject key identifier:   1F:C4:13:62:A5:EB:E7:4E:91:48:9F:C7:17:E1:77:46:F0:1E:EA:B7
Authority key identifier: 4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD
Certificate issuer:       /CN=4d4927a141fb25b75824c6beaef0679d34fc49bd
Certificate serial:       0199228CE65EB8DFF178E8C3A7A21E26FECA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
Manifest number:          0366
Signing time:             Sun 07 Sep 2025 05:01:23 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:23 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:23 +0000
Files and hashes:         1: TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl (hash: GhSy4JAkmMzwgAoZ5mkcYz+k0zHRfnWRmNMzwoqasdw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:e6:5e:b8:df:f1:78:e8:c3:a7:a2:1e:26:fe:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d4927a141fb25b75824c6beaef0679d34fc49bd
        Validity
            Not Before: Sep  7 05:01:23 2025 GMT
            Not After : Sep  8 05:01:23 2025 GMT
        Subject: CN=1fc41362a5ebe74e91489fc717e17746f01eeab7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:62:69:f0:f5:52:60:86:c1:ed:66:ce:bc:7f:
                    7d:70:69:f6:ec:29:07:09:2d:14:ce:92:38:24:01:
                    c7:a1:90:9b:8c:28:26:86:d9:18:06:17:b1:2a:87:
                    e5:f4:48:b8:1d:5e:f4:da:23:d3:85:b4:aa:7d:3e:
                    18:3a:a1:5c:e4:6f:8a:49:25:71:e7:ae:9d:07:2f:
                    56:c0:f9:4f:dd:6c:5c:83:52:cc:ae:1d:4b:bd:dd:
                    bd:a2:e7:0c:d6:b6:5e:39:03:be:33:8d:b7:72:59:
                    e3:31:06:9a:25:aa:9b:10:bc:e1:f2:40:0b:37:03:
                    e2:62:9a:f9:04:a7:b4:2f:39:72:27:26:6d:4a:12:
                    32:86:e5:24:1e:d4:05:0c:bd:64:e0:69:45:f3:64:
                    b2:c9:90:a6:5a:52:77:e2:69:3d:b1:5e:94:50:e8:
                    6d:96:6f:2b:18:a0:7c:5f:b6:a8:5c:d2:3a:ac:8c:
                    8a:b1:da:dd:5d:84:69:fe:95:99:f4:72:26:44:62:
                    77:c5:d2:76:79:86:53:d8:c3:7e:4f:f5:a5:13:7f:
                    1a:e4:a9:c0:7c:fa:30:8b:47:31:1e:a1:eb:96:25:
                    64:a4:d5:ad:c1:c8:bd:62:77:ba:59:79:d0:e3:7e:
                    87:e2:8e:14:0f:cf:1d:0e:80:53:02:d9:07:f5:68:
                    85:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:C4:13:62:A5:EB:E7:4E:91:48:9F:C7:17:E1:77:46:F0:1E:EA:B7
            X509v3 Authority Key Identifier:
                keyid:4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:85:d4:b3:5c:12:44:33:05:26:9f:8b:e3:82:19:e9:99:75:
         26:d0:74:03:28:8d:ba:85:64:64:a5:46:26:13:30:07:8f:f8:
         f6:a3:70:40:2e:82:e8:ec:f8:f7:06:24:3c:bb:2c:da:4c:f7:
         67:cd:e9:31:d3:82:97:28:28:03:88:63:c4:db:34:04:fb:dd:
         93:d9:9a:f6:05:97:bc:f1:6f:c1:d1:33:56:fb:2a:59:dc:17:
         56:fa:b2:58:ea:68:2f:bb:ff:f0:94:24:de:51:7e:af:96:62:
         31:3c:4c:7e:d3:e4:63:9a:d8:81:0e:5b:19:1a:16:2b:37:53:
         b4:1a:8b:74:aa:71:52:fc:c1:9b:56:c9:ec:bd:74:0b:9b:dc:
         ba:cb:4e:15:97:06:59:6f:95:66:53:86:89:43:7f:77:cc:78:
         d0:64:73:fb:fc:89:74:01:75:d1:09:44:4e:ce:43:bc:12:d1:
         1f:47:c4:d7:4d:32:85:cf:6c:fa:d5:b6:fd:11:26:e8:80:2d:
         3e:03:0a:45:97:67:43:3b:2c:34:3b:2b:b7:cf:fa:dd:dd:57:
         0d:80:97:ad:9d:69:0b:f9:ef:81:99:17:5d:0f:cc:59:f9:96:
         c8:61:ed:31:4d:79:a0:82:f0:35:8c:f3:c5:74:4b:be:b5:59:
         5c:23:05:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijOZeuN/xeOjDp6IeJv7KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNDkyN2ExNDFmYjI1Yjc1ODI0YzZiZWFlZjA2NzlkMzRm
YzQ5YmQwHhcNMjUwOTA3MDUwMTIzWhcNMjUwOTA4MDUwMTIzWjAzMTEwLwYDVQQD
EygxZmM0MTM2MmE1ZWJlNzRlOTE0ODlmYzcxN2UxNzc0NmYwMWVlYWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2Jp8PVSYIbB7WbOvH99cGn27CkH
CS0UzpI4JAHHoZCbjCgmhtkYBhexKofl9Ei4HV702iPThbSqfT4YOqFc5G+KSSVx
566dBy9WwPlP3Wxcg1LMrh1Lvd29oucM1rZeOQO+M423clnjMQaaJaqbELzh8kAL
NwPiYpr5BKe0LzlyJyZtShIyhuUkHtQFDL1k4GlF82SyyZCmWlJ34mk9sV6UUOht
lm8rGKB8X7aoXNI6rIyKsdrdXYRp/pWZ9HImRGJ3xdJ2eYZT2MN+T/WlE38a5KnA
fPowi0cxHqHrliVkpNWtwci9Yne6WXnQ436H4o4UD88dDoBTAtkH9WiFuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB/EE2Kl6+dOkUifxxfhd0bwHuq3MB8GA1UdIwQY
MBaAFE1JJ6FB+yW3WCTGvq7wZ500/Em9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUt
NjgwODM3MDlhNGI1LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUtNjgwODM3MDlhNGI1
LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPoXUs1wS
RDMFJp+L44IZ6Zl1JtB0AyiNuoVkZKVGJhMwB4/49qNwQC6C6Oz49wYkPLss2kz3
Z83pMdOClygoA4hjxNs0BPvdk9ma9gWXvPFvwdEzVvsqWdwXVvqyWOpoL7v/8JQk
3lF+r5ZiMTxMftPkY5rYgQ5bGRoWKzdTtBqLdKpxUvzBm1bJ7L10C5vcustOFZcG
WW+VZlOGiUN/d8x40GRz+/yJdAF10QlETs5DvBLRH0fE100yhc9s+tW2/REm6IAt
PgMKRZdnQzssNDsrt8/63d1XDYCXrZ1pC/nvgZkXXQ/MWfmWyGHtMU15oILwNYzz
xXRLvrVZXCMF+A==
-----END CERTIFICATE-----