Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft
File:                     TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft (raw, json)
Hash identifier:          xlfIIaHgQcPUjWGpDvFnT/ROGyY3O+ulhVF4h/pYFYs=
Subject key identifier:   3A:89:4B:61:63:93:67:BF:64:BC:D1:77:7C:80:F9:62:90:18:B4:6F
Authority key identifier: 4E:48:9F:66:15:9F:77:BB:58:D2:BB:C7:E4:FC:1D:FD:9D:DC:B0:34
Certificate issuer:       /CN=4e489f66159f77bb58d2bbc7e4fc1dfd9ddcb034
Certificate serial:       01964DECA206C2F413A33B1BAADF5203F543
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft
Manifest number:          14F6
Signing time:             Sat 19 Apr 2025 12:01:15 +0000
Manifest this update:     Sat 19 Apr 2025 12:01:15 +0000
Manifest next update:     Sun 20 Apr 2025 12:01:15 +0000
Files and hashes:         1: TkifZhWfd7tY0rvH5Pwd_Z3csDQ.crl (hash: g0SdZR+q4/IsPfhyEnxodMwCDdSAcA+gtFr2CscC5TM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:ec:a2:06:c2:f4:13:a3:3b:1b:aa:df:52:03:f5:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e489f66159f77bb58d2bbc7e4fc1dfd9ddcb034
        Validity
            Not Before: Apr 19 12:01:15 2025 GMT
            Not After : Apr 20 12:01:15 2025 GMT
        Subject: CN=3a894b61639367bf64bcd1777c80f9629018b46f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:64:f9:72:92:06:c5:c6:d0:e4:c7:dd:54:18:
                    48:b2:ba:17:48:4e:aa:e7:66:6c:bc:a6:b2:14:36:
                    eb:9b:d0:10:88:f1:c1:b6:03:8b:0b:5b:87:2b:22:
                    64:db:a4:68:55:f6:4c:0f:67:fd:46:07:84:e1:51:
                    06:4e:2b:45:3b:a9:5e:51:31:e1:ed:b8:bf:81:27:
                    69:17:cc:42:b9:d5:35:f8:44:86:82:48:d1:8f:4a:
                    27:4e:12:b6:01:60:d8:b3:84:5c:3a:53:58:6e:3a:
                    24:fe:4a:7e:09:a4:13:9d:1c:02:f6:d9:ee:97:c5:
                    95:56:7b:4b:35:77:1d:8b:6f:f1:c4:ff:b4:03:b0:
                    b8:cd:ac:64:05:65:37:5c:50:1e:63:16:41:01:cf:
                    7e:61:ed:89:c8:5c:45:1b:24:64:c1:65:20:e6:01:
                    cc:d7:77:19:9b:80:fc:17:cc:32:9f:ac:3d:8f:6b:
                    4c:ef:87:04:48:50:4f:a5:fb:0b:93:5d:a9:8d:fb:
                    64:43:8c:e8:1c:1d:d2:4d:77:c2:41:9b:46:87:2f:
                    09:e1:d8:62:56:61:a5:fe:f5:c1:23:ea:0f:ea:12:
                    7a:45:94:5b:d9:d9:8b:08:38:6c:d5:39:65:a7:1c:
                    f8:e9:ab:50:64:e6:2c:78:88:9d:3c:cd:59:4b:68:
                    fa:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:89:4B:61:63:93:67:BF:64:BC:D1:77:7C:80:F9:62:90:18:B4:6F
            X509v3 Authority Key Identifier:
                keyid:4E:48:9F:66:15:9F:77:BB:58:D2:BB:C7:E4:FC:1D:FD:9D:DC:B0:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:ec:9a:43:e7:a4:f5:00:82:98:11:63:dd:58:01:74:44:bc:
         8d:c5:38:59:30:89:19:91:d2:4a:08:62:55:66:e2:06:9d:5e:
         9d:f4:55:6a:b5:d7:7c:cd:99:98:c1:ed:bf:5d:d6:b1:bb:c0:
         73:1e:42:d7:f2:a1:98:24:d3:c3:7d:3c:4e:23:3f:16:cf:10:
         cd:52:05:3e:08:47:04:9f:39:b9:c6:63:35:23:a5:ca:86:91:
         79:72:57:c9:83:4a:e7:6d:14:ce:b1:99:9d:be:45:4a:b8:a4:
         59:7e:91:61:b3:94:1d:32:2c:f6:ff:82:d3:81:24:85:1f:2b:
         40:8d:e9:77:5b:36:66:e0:4c:62:21:7d:6f:c4:44:9d:3f:19:
         2a:cc:ed:75:07:bc:7d:d7:4a:0c:f1:9a:b0:97:77:ec:c3:e6:
         43:a2:dc:17:8b:68:fb:39:39:b0:cb:d3:cf:29:63:c2:f5:7a:
         68:77:8e:62:5a:0c:7f:23:f5:aa:f9:6a:d8:18:62:21:1e:4c:
         3b:13:9f:3e:39:c3:38:b5:62:c5:ef:f6:ff:64:a6:69:d3:11:
         e5:67:4d:17:0b:4e:ba:95:c6:a2:f4:4f:ca:ef:1a:d9:35:dd:
         9c:84:11:db:a8:22:1b:fd:6d:f3:e8:8e:97:70:3b:0f:31:be:
         15:c4:9c:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZN7KIGwvQTozsbqt9SA/VDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNDg5ZjY2MTU5Zjc3YmI1OGQyYmJjN2U0ZmMxZGZkOWRk
Y2IwMzQwHhcNMjUwNDE5MTIwMTE1WhcNMjUwNDIwMTIwMTE1WjAzMTEwLwYDVQQD
EygzYTg5NGI2MTYzOTM2N2JmNjRiY2QxNzc3YzgwZjk2MjkwMThiNDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmT5cpIGxcbQ5MfdVBhIsroXSE6q
52ZsvKayFDbrm9AQiPHBtgOLC1uHKyJk26RoVfZMD2f9RgeE4VEGTitFO6leUTHh
7bi/gSdpF8xCudU1+ESGgkjRj0onThK2AWDYs4RcOlNYbjok/kp+CaQTnRwC9tnu
l8WVVntLNXcdi2/xxP+0A7C4zaxkBWU3XFAeYxZBAc9+Ye2JyFxFGyRkwWUg5gHM
13cZm4D8F8wyn6w9j2tM74cESFBPpfsLk12pjftkQ4zoHB3STXfCQZtGhy8J4dhi
VmGl/vXBI+oP6hJ6RZRb2dmLCDhs1Tllpxz46atQZOYseIidPM1ZS2j6PwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDqJS2Fjk2e/ZLzRd3yA+WKQGLRvMB8GA1UdIwQY
MBaAFE5In2YVn3e7WNK7x+T8Hf2d3LA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGtpZlpoV2ZkN3RZMHJ2SDVQd2RfWjNjc0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hNTgxOTctZWIwOS00NDE1LWE2MWQt
YWJkNjFhYTgyNDI2LzEvVGtpZlpoV2ZkN3RZMHJ2SDVQd2RfWjNjc0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hNTgxOTctZWIwOS00NDE1LWE2MWQtYWJkNjFhYTgyNDI2
LzEvVGtpZlpoV2ZkN3RZMHJ2SDVQd2RfWjNjc0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAweyaQ+ek
9QCCmBFj3VgBdES8jcU4WTCJGZHSSghiVWbiBp1enfRVarXXfM2ZmMHtv13WsbvA
cx5C1/KhmCTTw308TiM/Fs8QzVIFPghHBJ85ucZjNSOlyoaReXJXyYNK520UzrGZ
nb5FSrikWX6RYbOUHTIs9v+C04EkhR8rQI3pd1s2ZuBMYiF9b8REnT8ZKsztdQe8
fddKDPGasJd37MPmQ6LcF4to+zk5sMvTzyljwvV6aHeOYloMfyP1qvlq2BhiIR5M
OxOfPjnDOLVixe/2/2SmadMR5WdNFwtOupXGovRPyu8a2TXdnIQR26giG/1t8+iO
l3A7DzG+FcScBw==
-----END CERTIFICATE-----