Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
File:                     TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft (raw, json)
Hash identifier:          9vpXkBiU5leFFmE3y+TqjIdGijfQfNyedacDyKCloig=
Subject key identifier:   0A:37:CB:69:9A:B9:34:1B:01:FD:7C:16:78:D2:0D:FD:3C:7E:2A:C3
Authority key identifier: 4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC
Certificate issuer:       /CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
Certificate serial:       01992255EC7494B85644060DA245B1AAF57E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
Manifest number:          133F
Signing time:             Sun 07 Sep 2025 04:01:20 +0000
Manifest this update:     Sun 07 Sep 2025 04:01:20 +0000
Manifest next update:     Mon 08 Sep 2025 04:01:20 +0000
Files and hashes:         1: TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl (hash: g4TKXMucHiDyyWwiFAdQSkXA2JsrUDDQnc8lAfiDXT0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:ec:74:94:b8:56:44:06:0d:a2:45:b1:aa:f5:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
        Validity
            Not Before: Sep  7 04:01:20 2025 GMT
            Not After : Sep  8 04:01:20 2025 GMT
        Subject: CN=0a37cb699ab9341b01fd7c1678d20dfd3c7e2ac3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:1e:6d:6e:d0:1e:70:d0:b2:f7:55:2a:70:bb:
                    b3:29:b5:03:3d:38:e3:9a:74:f9:57:7c:0d:ea:57:
                    de:c6:95:2f:32:3e:ed:4a:70:c7:c0:18:1b:05:f4:
                    44:7b:da:e1:c3:5b:ac:a6:4a:04:ce:60:b7:d0:be:
                    66:65:eb:59:e8:db:61:11:11:31:1e:87:a8:74:e6:
                    18:27:d7:0b:b1:9e:1a:40:15:ee:5e:19:d6:f7:f3:
                    f1:66:6c:31:94:63:e9:cd:79:6f:3f:83:2d:42:a0:
                    d8:b8:24:11:b2:7c:23:f8:50:f6:1b:9b:c6:fb:84:
                    47:b4:67:3a:68:54:cf:1e:ac:86:a5:48:f8:d8:f3:
                    f5:e3:c5:c4:d7:bc:7b:41:7d:f8:f0:01:2c:be:9a:
                    91:2f:9d:1d:03:2a:ec:e9:9f:5d:aa:2b:73:6d:9d:
                    92:69:92:82:5a:2f:01:1f:02:50:e5:28:5b:7a:f1:
                    05:6a:b1:3a:88:07:25:16:34:31:d4:1f:4b:82:e0:
                    26:d9:94:d8:38:4c:d6:24:f6:a2:42:9d:dc:e3:28:
                    47:31:26:df:d2:c5:b8:1f:f1:76:e1:a7:e2:ed:71:
                    33:8a:b6:fb:43:85:2e:d6:54:58:9f:2a:9e:bb:6a:
                    93:cd:ef:4a:94:53:06:71:58:db:84:a6:d9:c1:83:
                    6c:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:37:CB:69:9A:B9:34:1B:01:FD:7C:16:78:D2:0D:FD:3C:7E:2A:C3
            X509v3 Authority Key Identifier:
                keyid:4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:08:2f:0c:7c:cf:7d:17:0b:a5:0d:3f:2a:0e:a0:a0:fa:d5:
         ba:57:e1:f0:88:61:ac:c3:88:41:06:1e:06:7b:8d:41:77:d4:
         0e:95:d4:7c:74:36:bd:69:e3:1e:74:5e:e4:c8:7c:d9:32:28:
         64:2b:dc:57:0a:c3:1e:20:ea:24:53:65:cf:e1:c6:4d:d6:f5:
         48:e3:b4:ce:99:d0:1d:04:62:d5:21:a4:15:43:95:81:34:33:
         4e:a6:3e:16:43:9e:2a:56:21:15:b7:e1:56:c7:5f:84:8f:5f:
         b5:da:fc:03:27:af:3c:83:91:ab:56:99:97:58:f6:9e:98:c8:
         0f:6f:af:08:1e:2f:53:e3:dd:a8:d4:cb:63:ee:f4:e2:9d:2f:
         3c:8b:cf:03:8d:74:72:f8:1d:86:c4:d0:73:f9:48:90:de:ce:
         55:ab:70:fc:a8:e4:48:00:7b:7a:5a:c6:d8:93:f3:6d:12:b0:
         2d:39:eb:7b:05:92:eb:6a:c9:12:30:6f:70:70:2f:3a:ed:b2:
         ee:63:e5:7b:49:ff:17:ac:8a:f8:db:b5:8d:f2:e1:c9:35:bd:
         6f:c8:8b:9b:24:d2:34:7e:10:fb:08:fb:21:ff:a7:22:87:68:
         71:bc:21:a7:a2:e3:35:78:6b:a4:83:8f:b0:13:66:8f:15:e4:
         30:5b:06:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVex0lLhWRAYNokWxqvV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzVkYTdlODQzZTM3YzdkYmE0ZmNhNzE4ZjQzODY1ZmQ3
Yzk4ZGMwHhcNMjUwOTA3MDQwMTIwWhcNMjUwOTA4MDQwMTIwWjAzMTEwLwYDVQQD
EygwYTM3Y2I2OTlhYjkzNDFiMDFmZDdjMTY3OGQyMGRmZDNjN2UyYWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8R5tbtAecNCy91UqcLuzKbUDPTjj
mnT5V3wN6lfexpUvMj7tSnDHwBgbBfREe9rhw1uspkoEzmC30L5mZetZ6NthEREx
HoeodOYYJ9cLsZ4aQBXuXhnW9/PxZmwxlGPpzXlvP4MtQqDYuCQRsnwj+FD2G5vG
+4RHtGc6aFTPHqyGpUj42PP148XE17x7QX348AEsvpqRL50dAyrs6Z9dqitzbZ2S
aZKCWi8BHwJQ5ShbevEFarE6iAclFjQx1B9LguAm2ZTYOEzWJPaiQp3c4yhHMSbf
0sW4H/F24afi7XEzirb7Q4Uu1lRYnyqeu2qTze9KlFMGcVjbhKbZwYNs7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAo3y2mauTQbAf18FnjSDf08firDMB8GA1UdIwQY
MBaAFEw12n6EPjfH26T8pxj0OGX9fJjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgt
YTY1ZTVlMzNkY2MwLzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgtYTY1ZTVlMzNkY2Mw
LzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARQgvDHzP
fRcLpQ0/Kg6goPrVulfh8IhhrMOIQQYeBnuNQXfUDpXUfHQ2vWnjHnRe5Mh82TIo
ZCvcVwrDHiDqJFNlz+HGTdb1SOO0zpnQHQRi1SGkFUOVgTQzTqY+FkOeKlYhFbfh
VsdfhI9ftdr8AyevPIORq1aZl1j2npjID2+vCB4vU+PdqNTLY+704p0vPIvPA410
cvgdhsTQc/lIkN7OVatw/KjkSAB7elrG2JPzbRKwLTnrewWS62rJEjBvcHAvOu2y
7mPle0n/F6yK+Nu1jfLhyTW9b8iLmyTSNH4Q+wj7If+nIodocbwhp6LjNXhrpIOP
sBNmjxXkMFsGpw==
-----END CERTIFICATE-----