Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
File:                     TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft (raw, json)
Hash identifier:          hSghh5FacnkCrr/dLtuVlHhYjLL7NgnRAMCKD8zRj4M=
Subject key identifier:   55:AE:CA:4D:6E:A0:1B:5D:F7:27:0A:95:52:0E:97:EB:5D:F4:D6:E5
Authority key identifier: 4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC
Certificate issuer:       /CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
Certificate serial:       01974742EDE9A71D96B60C5EE72507A839C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
Manifest number:          1249
Signing time:             Fri 06 Jun 2025 22:00:57 +0000
Manifest this update:     Fri 06 Jun 2025 22:00:57 +0000
Manifest next update:     Sat 07 Jun 2025 22:00:57 +0000
Files and hashes:         1: TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl (hash: mPV7JgWqhg02jScwod0CoiWaQcMlAOep61Ik1zVPw30=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:42:ed:e9:a7:1d:96:b6:0c:5e:e7:25:07:a8:39:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
        Validity
            Not Before: Jun  6 22:00:57 2025 GMT
            Not After : Jun  7 22:00:57 2025 GMT
        Subject: CN=55aeca4d6ea01b5df7270a95520e97eb5df4d6e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:77:f9:25:7a:04:b5:6d:40:4a:26:d2:70:bc:
                    f3:0d:bf:c0:bf:86:f2:27:82:2c:3b:e8:58:dc:55:
                    1e:a3:90:66:5c:27:aa:66:81:2b:83:35:3e:1b:15:
                    79:6b:98:18:dc:19:42:5e:76:70:e7:82:2a:a0:55:
                    f4:3f:5b:8a:d5:b8:9b:2e:d3:7d:f3:29:26:ff:c3:
                    03:34:3b:f2:b8:31:86:cf:24:d2:02:a4:98:db:4e:
                    40:c1:46:5c:cf:15:67:93:d1:6a:80:9e:36:20:85:
                    dd:45:a4:e8:6e:f3:57:64:32:01:a3:cd:fc:dd:b2:
                    5b:fe:bb:a6:8e:bb:a8:ec:cc:e0:4a:66:9b:76:52:
                    37:22:fd:b3:52:21:8a:2f:dc:c0:c8:10:76:f3:79:
                    02:fd:9e:24:e2:fe:91:5d:61:4d:b9:74:56:7b:4d:
                    db:be:f0:74:44:51:1e:df:e2:86:fd:ad:31:fd:cb:
                    c1:cf:b7:5e:c2:fa:00:29:ca:1c:43:a6:f5:48:ed:
                    34:0d:74:95:e6:ac:77:07:43:3d:66:d4:08:7a:03:
                    42:d5:99:cf:eb:93:28:31:91:cf:40:a2:14:84:ae:
                    17:a3:4e:d2:78:61:7f:7a:9d:55:68:d8:42:3e:84:
                    89:ac:b4:4c:ea:1f:71:56:d8:9d:28:19:a0:55:5a:
                    32:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:AE:CA:4D:6E:A0:1B:5D:F7:27:0A:95:52:0E:97:EB:5D:F4:D6:E5
            X509v3 Authority Key Identifier:
                keyid:4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:39:e9:29:03:ae:a3:38:03:c3:b3:ef:76:f0:43:1d:f3:af:
         5b:ee:32:c8:a6:dc:19:2c:ef:93:67:c3:40:b8:f1:57:90:d0:
         97:d7:b6:11:8a:48:e7:45:47:be:1d:ae:92:34:ef:a8:be:88:
         c3:7c:28:91:df:c8:d6:d2:92:dd:2f:69:4a:54:8a:3f:d8:6c:
         bb:4a:38:ec:f2:33:25:c7:90:1a:7b:81:16:56:e4:14:f9:a8:
         9e:80:dc:8d:40:9f:f5:ea:9a:92:fd:39:cb:90:f7:37:64:ec:
         ae:4c:65:1b:bf:cb:12:30:2f:43:4d:84:fd:18:8c:9c:5b:84:
         f4:e2:19:41:95:72:a4:c0:28:1f:41:68:62:06:84:44:04:f5:
         39:9f:0b:1c:d3:f2:47:06:4d:36:92:62:d7:1a:c5:55:2f:4e:
         7b:22:41:6e:92:0d:f8:e5:4f:6d:6f:62:01:79:06:5c:1a:00:
         e5:2b:d1:e4:81:93:90:5a:5c:6b:fc:06:4e:70:80:18:ee:a8:
         68:15:75:07:f1:20:d2:6b:b4:12:f3:eb:84:b0:c8:f8:5f:55:
         d4:b6:83:ad:ae:8f:af:f2:e0:ee:94:d0:cb:06:ea:1f:b9:6b:
         3d:7d:3c:be:29:1e:02:cd:d6:c3:d5:9a:f1:71:ab:8f:3f:93:
         c2:42:87:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHQu3ppx2Wtgxe5yUHqDnGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzVkYTdlODQzZTM3YzdkYmE0ZmNhNzE4ZjQzODY1ZmQ3
Yzk4ZGMwHhcNMjUwNjA2MjIwMDU3WhcNMjUwNjA3MjIwMDU3WjAzMTEwLwYDVQQD
Eyg1NWFlY2E0ZDZlYTAxYjVkZjcyNzBhOTU1MjBlOTdlYjVkZjRkNmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXf5JXoEtW1ASibScLzzDb/Av4by
J4IsO+hY3FUeo5BmXCeqZoErgzU+GxV5a5gY3BlCXnZw54IqoFX0P1uK1bibLtN9
8ykm/8MDNDvyuDGGzyTSAqSY205AwUZczxVnk9FqgJ42IIXdRaTobvNXZDIBo838
3bJb/rumjruo7MzgSmabdlI3Iv2zUiGKL9zAyBB283kC/Z4k4v6RXWFNuXRWe03b
vvB0RFEe3+KG/a0x/cvBz7dewvoAKcocQ6b1SO00DXSV5qx3B0M9ZtQIegNC1ZnP
65MoMZHPQKIUhK4Xo07SeGF/ep1VaNhCPoSJrLRM6h9xVtidKBmgVVoyYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFWuyk1uoBtd9ycKlVIOl+td9NblMB8GA1UdIwQY
MBaAFEw12n6EPjfH26T8pxj0OGX9fJjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgt
YTY1ZTVlMzNkY2MwLzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgtYTY1ZTVlMzNkY2Mw
LzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACDnpKQOu
ozgDw7PvdvBDHfOvW+4yyKbcGSzvk2fDQLjxV5DQl9e2EYpI50VHvh2ukjTvqL6I
w3wokd/I1tKS3S9pSlSKP9hsu0o47PIzJceQGnuBFlbkFPmonoDcjUCf9eqakv05
y5D3N2TsrkxlG7/LEjAvQ02E/RiMnFuE9OIZQZVypMAoH0FoYgaERAT1OZ8LHNPy
RwZNNpJi1xrFVS9OeyJBbpIN+OVPbW9iAXkGXBoA5SvR5IGTkFpca/wGTnCAGO6o
aBV1B/Eg0mu0EvPrhLDI+F9V1LaDra6Pr/Lg7pTQywbqH7lrPX08vikeAs3Ww9Wa
8XGrjz+TwkKH6g==
-----END CERTIFICATE-----