Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft
File:                     TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft (raw, json)
Hash identifier:          BzCOAIONZIy00PO6meCYSEixvl+ATKbd37LPh3Ejoto=
Subject key identifier:   32:42:01:3A:5F:AC:CB:5C:C3:48:0C:4F:E5:BA:29:A6:5B:E8:39:1B
Authority key identifier: 4E:48:9F:66:15:9F:77:BB:58:D2:BB:C7:E4:FC:1D:FD:9D:DC:B0:34
Certificate issuer:       /CN=4e489f66159f77bb58d2bbc7e4fc1dfd9ddcb034
Certificate serial:       0197470BFC8FDAD06410991A2B62636DA738
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft
Manifest number:          1577
Signing time:             Fri 06 Jun 2025 21:00:57 +0000
Manifest this update:     Fri 06 Jun 2025 21:00:57 +0000
Manifest next update:     Sat 07 Jun 2025 21:00:57 +0000
Files and hashes:         1: TkifZhWfd7tY0rvH5Pwd_Z3csDQ.crl (hash: 3CZmljwt14YZnkmtiTnun78lABmR3NQr8UB2m9CK1QQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:0b:fc:8f:da:d0:64:10:99:1a:2b:62:63:6d:a7:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e489f66159f77bb58d2bbc7e4fc1dfd9ddcb034
        Validity
            Not Before: Jun  6 21:00:57 2025 GMT
            Not After : Jun  7 21:00:57 2025 GMT
        Subject: CN=3242013a5faccb5cc3480c4fe5ba29a65be8391b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:a4:54:ef:87:5a:ca:ee:c8:57:16:46:28:c2:
                    28:54:4d:90:63:f6:2c:d5:75:02:3a:ee:18:89:ae:
                    7f:c7:9d:56:f6:ff:59:ee:4c:7b:8b:c0:b5:2c:f5:
                    23:ac:3c:47:a3:11:69:b3:3c:4a:9d:ad:6b:03:68:
                    cd:b8:d7:b8:8a:8d:a8:89:b9:cd:7f:ae:40:02:2e:
                    c3:a4:1e:51:68:7e:37:a6:aa:1f:a3:40:61:4a:ad:
                    2d:ee:62:81:de:12:87:37:2c:dc:bb:f1:5c:7b:3c:
                    47:be:19:0f:68:0e:81:d4:5c:8f:45:d6:3b:0a:bf:
                    97:0c:60:80:6e:b4:1f:aa:dc:30:f4:44:19:32:9b:
                    b2:7c:57:14:5e:f5:9c:6e:24:65:e4:1d:42:4a:1b:
                    fa:fa:5d:c9:85:84:a7:92:e7:54:05:51:fe:2b:73:
                    7e:2b:32:8f:f0:87:92:dd:ad:98:05:5d:30:3b:fb:
                    16:c4:1f:f9:9f:c2:cf:a7:d2:1c:45:74:11:ca:18:
                    b2:00:39:98:18:56:55:8c:b5:23:ff:8c:d5:e1:b5:
                    05:48:82:57:c4:17:4c:22:be:60:bd:57:f8:2a:98:
                    48:ed:2d:a9:41:83:b3:a6:02:af:c7:34:b2:06:ad:
                    4a:d5:9d:74:ad:f3:73:b6:39:94:56:63:7e:4a:8b:
                    4a:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:42:01:3A:5F:AC:CB:5C:C3:48:0C:4F:E5:BA:29:A6:5B:E8:39:1B
            X509v3 Authority Key Identifier:
                keyid:4E:48:9F:66:15:9F:77:BB:58:D2:BB:C7:E4:FC:1D:FD:9D:DC:B0:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:2a:10:42:18:73:5d:91:cf:57:0e:ef:dc:71:60:27:4f:c2:
         4c:6c:ba:c1:57:75:c3:65:98:2f:ac:67:1b:af:c1:ba:be:f7:
         51:ee:76:3d:46:1f:8f:33:eb:05:87:14:8f:9e:9b:eb:5b:91:
         79:be:31:ac:b2:15:7d:eb:ea:de:0a:49:89:70:f4:f8:76:a2:
         2c:82:4c:59:d2:a8:18:28:58:88:c0:7d:09:74:3b:de:11:7c:
         9f:f5:1c:d4:12:6e:67:b4:91:04:c8:3b:be:80:a9:91:d5:72:
         8b:88:2e:96:80:45:e2:8d:f6:83:93:41:f2:41:e9:73:88:93:
         0b:aa:4a:a6:b0:a2:58:07:c9:87:0a:32:8d:7d:ec:e8:fe:8d:
         e1:91:05:d9:04:06:db:bd:89:58:17:5a:3d:e0:a0:ef:6d:92:
         58:34:a4:26:ea:3d:ce:a3:bd:9f:00:51:1b:07:fb:3f:0b:a6:
         f1:05:11:67:f0:71:49:ef:3e:bf:f3:7f:32:1b:61:34:a3:84:
         c6:f8:14:6a:9c:f6:b1:c0:b0:97:48:fb:de:f9:00:87:8c:46:
         6a:dc:60:57:c8:5a:9d:7b:0a:ab:2d:31:a3:0a:53:fe:b3:95:
         24:3c:1b:8a:6f:e0:e5:78:60:ca:b9:2a:3d:f8:92:5a:2a:d0:
         7c:11:04:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHC/yP2tBkEJkaK2Jjbac4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNDg5ZjY2MTU5Zjc3YmI1OGQyYmJjN2U0ZmMxZGZkOWRk
Y2IwMzQwHhcNMjUwNjA2MjEwMDU3WhcNMjUwNjA3MjEwMDU3WjAzMTEwLwYDVQQD
EygzMjQyMDEzYTVmYWNjYjVjYzM0ODBjNGZlNWJhMjlhNjViZTgzOTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KRU74dayu7IVxZGKMIoVE2QY/Ys
1XUCOu4Yia5/x51W9v9Z7kx7i8C1LPUjrDxHoxFpszxKna1rA2jNuNe4io2oibnN
f65AAi7DpB5RaH43pqofo0BhSq0t7mKB3hKHNyzcu/FcezxHvhkPaA6B1FyPRdY7
Cr+XDGCAbrQfqtww9EQZMpuyfFcUXvWcbiRl5B1CShv6+l3JhYSnkudUBVH+K3N+
KzKP8IeS3a2YBV0wO/sWxB/5n8LPp9IcRXQRyhiyADmYGFZVjLUj/4zV4bUFSIJX
xBdMIr5gvVf4KphI7S2pQYOzpgKvxzSyBq1K1Z10rfNztjmUVmN+SotKRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJCATpfrMtcw0gMT+W6KaZb6DkbMB8GA1UdIwQY
MBaAFE5In2YVn3e7WNK7x+T8Hf2d3LA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGtpZlpoV2ZkN3RZMHJ2SDVQd2RfWjNjc0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hNTgxOTctZWIwOS00NDE1LWE2MWQt
YWJkNjFhYTgyNDI2LzEvVGtpZlpoV2ZkN3RZMHJ2SDVQd2RfWjNjc0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hNTgxOTctZWIwOS00NDE1LWE2MWQtYWJkNjFhYTgyNDI2
LzEvVGtpZlpoV2ZkN3RZMHJ2SDVQd2RfWjNjc0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgioQQhhz
XZHPVw7v3HFgJ0/CTGy6wVd1w2WYL6xnG6/Bur73Ue52PUYfjzPrBYcUj56b61uR
eb4xrLIVfevq3gpJiXD0+HaiLIJMWdKoGChYiMB9CXQ73hF8n/Uc1BJuZ7SRBMg7
voCpkdVyi4guloBF4o32g5NB8kHpc4iTC6pKprCiWAfJhwoyjX3s6P6N4ZEF2QQG
272JWBdaPeCg722SWDSkJuo9zqO9nwBRGwf7Pwum8QURZ/BxSe8+v/N/MhthNKOE
xvgUapz2scCwl0j73vkAh4xGatxgV8hanXsKqy0xowpT/rOVJDwbim/g5Xhgyrkq
PfiSWirQfBEEDw==
-----END CERTIFICATE-----