Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
File:                     TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft (raw, json)
Hash identifier:          AlVJlDU4yIaUsRn+MYJGqlwgiUlId4S223+tpXtMvt8=
Subject key identifier:   B4:A2:2D:78:30:55:8E:B4:D5:2B:D7:20:18:9B:6A:D8:E0:69:49:3D
Authority key identifier: 4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC
Certificate issuer:       /CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
Certificate serial:       0196124561A0C15A4EF3B18D80B84D5A56E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
Manifest number:          11A9
Signing time:             Mon 07 Apr 2025 22:00:58 +0000
Manifest this update:     Mon 07 Apr 2025 22:00:58 +0000
Manifest next update:     Tue 08 Apr 2025 22:00:58 +0000
Files and hashes:         1: TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl (hash: NDKFl6MxFesThxNLF0op5hydNnbgQHP1pjepXWqiYgA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 14:28:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:12:45:61:a0:c1:5a:4e:f3:b1:8d:80:b8:4d:5a:56:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
        Validity
            Not Before: Apr  7 22:00:58 2025 GMT
            Not After : Apr  8 22:00:58 2025 GMT
        Subject: CN=b4a22d7830558eb4d52bd720189b6ad8e069493d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:6c:ee:bb:bd:8b:94:43:59:5f:e8:0f:83:f4:
                    71:22:6a:f0:cd:bc:3b:f5:8e:b1:a1:86:50:b9:00:
                    ea:c0:fd:cf:22:5a:5b:97:1d:31:e2:46:7a:45:60:
                    b9:da:b6:92:aa:f4:e5:b5:d6:06:b5:fb:07:02:ee:
                    d9:98:10:26:3a:67:a2:6a:48:6a:9b:98:53:d0:19:
                    f8:e9:99:87:68:4f:98:fd:85:84:34:12:43:12:56:
                    2d:74:e3:23:0e:e7:23:05:0d:1b:84:19:9f:12:02:
                    88:86:4b:34:b7:eb:84:a2:1a:60:54:5e:73:8e:d6:
                    63:02:0f:92:70:67:d8:95:0c:2c:5c:03:1d:84:cd:
                    c3:d4:fa:d2:8f:e5:38:c5:14:9a:79:e0:7b:81:29:
                    b9:20:5c:7d:1c:4a:10:fb:d6:d0:f4:bd:f0:8c:c3:
                    39:9d:9b:37:9f:f3:5d:db:4b:39:11:0e:3a:03:41:
                    f3:6e:b7:69:82:17:9d:e7:a3:4b:0f:e2:36:f0:4e:
                    0b:d4:ba:93:21:b2:2d:9a:b6:36:7d:0b:38:8f:4d:
                    64:7b:0a:ec:38:31:a2:89:ff:05:d5:7e:bd:f3:b0:
                    bf:18:ad:b1:63:69:66:27:fd:c0:38:05:b4:f4:09:
                    5b:94:85:9b:96:12:b7:3c:25:dd:95:1d:4d:04:da:
                    36:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:A2:2D:78:30:55:8E:B4:D5:2B:D7:20:18:9B:6A:D8:E0:69:49:3D
            X509v3 Authority Key Identifier:
                keyid:4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:73:22:6a:18:f4:56:a9:32:c4:5b:5b:2c:d7:14:4b:09:4b:
         4d:48:56:ed:79:56:8a:a0:3a:c0:7d:4d:22:5b:60:4f:94:81:
         37:54:d0:b7:71:94:2b:5c:9d:40:85:8b:ab:46:a9:11:db:73:
         aa:72:a9:a8:0c:c2:1d:82:28:dd:e5:49:c2:ca:68:38:d3:08:
         db:76:e9:c6:d1:11:4c:0a:9f:ed:16:08:c9:38:79:3e:48:c7:
         7a:32:10:16:d8:02:be:77:ab:45:7d:8d:b7:93:0f:f1:ec:4f:
         76:18:0b:6a:e2:9a:ad:e7:4b:f1:0f:ec:ab:eb:76:3b:b8:4b:
         6a:b1:ff:12:22:c5:b7:9f:44:2f:2e:1d:50:05:47:1d:54:0f:
         c2:0e:3b:c9:93:9c:cd:e5:91:92:9a:ca:33:68:bf:ee:3d:bb:
         90:ae:32:15:e9:fe:29:e9:c5:8e:93:72:ae:a2:cd:5d:ad:b6:
         97:ae:fb:3c:04:3c:5e:e2:56:35:91:11:6d:73:c6:ba:b4:ad:
         85:97:18:38:6a:e2:5d:ad:c7:80:74:4c:73:12:57:35:59:49:
         b6:33:ca:c7:2c:64:bb:62:04:52:3e:11:ec:a3:8f:88:c6:15:
         4f:a5:19:31:27:46:a0:42:73:02:06:d6:e9:28:4f:d1:ca:0b:
         bd:0f:7e:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYSRWGgwVpO87GNgLhNWlbjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzVkYTdlODQzZTM3YzdkYmE0ZmNhNzE4ZjQzODY1ZmQ3
Yzk4ZGMwHhcNMjUwNDA3MjIwMDU4WhcNMjUwNDA4MjIwMDU4WjAzMTEwLwYDVQQD
EyhiNGEyMmQ3ODMwNTU4ZWI0ZDUyYmQ3MjAxODliNmFkOGUwNjk0OTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWzuu72LlENZX+gPg/RxImrwzbw7
9Y6xoYZQuQDqwP3PIlpblx0x4kZ6RWC52raSqvTltdYGtfsHAu7ZmBAmOmeiakhq
m5hT0Bn46ZmHaE+Y/YWENBJDElYtdOMjDucjBQ0bhBmfEgKIhks0t+uEohpgVF5z
jtZjAg+ScGfYlQwsXAMdhM3D1PrSj+U4xRSaeeB7gSm5IFx9HEoQ+9bQ9L3wjMM5
nZs3n/Nd20s5EQ46A0Hzbrdpghed56NLD+I28E4L1LqTIbItmrY2fQs4j01kewrs
ODGiif8F1X6987C/GK2xY2lmJ/3AOAW09AlblIWblhK3PCXdlR1NBNo2dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLSiLXgwVY601SvXIBibatjgaUk9MB8GA1UdIwQY
MBaAFEw12n6EPjfH26T8pxj0OGX9fJjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgt
YTY1ZTVlMzNkY2MwLzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgtYTY1ZTVlMzNkY2Mw
LzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMXMiahj0
VqkyxFtbLNcUSwlLTUhW7XlWiqA6wH1NIltgT5SBN1TQt3GUK1ydQIWLq0apEdtz
qnKpqAzCHYIo3eVJwspoONMI23bpxtERTAqf7RYIyTh5PkjHejIQFtgCvnerRX2N
t5MP8exPdhgLauKaredL8Q/sq+t2O7hLarH/EiLFt59ELy4dUAVHHVQPwg47yZOc
zeWRkprKM2i/7j27kK4yFen+KenFjpNyrqLNXa22l677PAQ8XuJWNZERbXPGurSt
hZcYOGriXa3HgHRMcxJXNVlJtjPKxyxku2IEUj4R7KOPiMYVT6UZMSdGoEJzAgbW
6ShP0coLvQ9+vg==
-----END CERTIFICATE-----