Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
File:                     TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft (raw, json)
Hash identifier:          UtVR7Cqk0eElglzMub3wD6av/BMNUkaDL5v7BU2+JxA=
Subject key identifier:   7D:68:C8:3E:84:3B:8C:F6:49:85:83:AE:DB:E2:47:C5:2F:31:9E:3B
Authority key identifier: 4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB
Certificate issuer:       /CN=4d0f257f339cfb9e2754b6cc24364f0f129058db
Certificate serial:       019748FAA414357382B2CD36F4AA749761F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
Manifest number:          13B5
Signing time:             Sat 07 Jun 2025 06:01:14 +0000
Manifest this update:     Sat 07 Jun 2025 06:01:14 +0000
Manifest next update:     Sun 08 Jun 2025 06:01:14 +0000
Files and hashes:         1: TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl (hash: KstZ4ntoQ2HdjFqxiRLjv90DZD/ehiK7Nah3uHlCjkQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:a4:14:35:73:82:b2:cd:36:f4:aa:74:97:61:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d0f257f339cfb9e2754b6cc24364f0f129058db
        Validity
            Not Before: Jun  7 06:01:14 2025 GMT
            Not After : Jun  8 06:01:14 2025 GMT
        Subject: CN=7d68c83e843b8cf6498583aedbe247c52f319e3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:41:aa:b8:cc:75:2f:77:d8:66:c6:d1:9d:dc:
                    01:80:20:e7:36:a8:1d:b9:10:93:2c:6e:49:1d:f6:
                    0a:4e:45:62:8d:ed:aa:0a:c9:e8:19:70:88:cd:20:
                    69:81:08:ce:25:a7:38:a2:3f:80:f9:5c:ce:03:ed:
                    bd:cc:f7:bf:6a:f3:81:8a:8c:99:bc:f2:8f:22:a9:
                    ca:d6:2f:d6:91:80:43:0d:de:e9:b9:f9:78:f4:0f:
                    8c:d5:d3:f5:46:8b:d9:17:f8:f3:cf:13:f9:73:15:
                    29:0a:d3:6d:42:d3:d4:5b:0c:c5:19:b9:e4:53:4b:
                    93:b4:44:f8:25:6a:3e:37:bb:bb:4e:72:47:0e:d5:
                    0c:79:3f:cb:13:52:e1:85:ba:3d:21:b6:88:36:4e:
                    b2:56:73:2f:24:87:5f:65:75:c2:fd:e6:f2:c3:b2:
                    fe:9d:1e:31:db:eb:e8:6a:8d:ec:5f:65:ab:16:c5:
                    e8:80:95:12:0f:c1:57:62:dd:9e:23:14:35:c4:d5:
                    46:08:f0:c7:06:62:c6:e1:a6:f8:54:1d:ed:eb:50:
                    e9:7d:43:ee:7d:70:ee:26:12:e4:99:da:0f:da:1f:
                    cc:9a:23:65:6b:7d:45:69:e1:25:52:a8:92:ae:29:
                    68:2d:a9:b6:b5:e8:8f:77:0f:69:78:6b:db:9e:07:
                    86:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:68:C8:3E:84:3B:8C:F6:49:85:83:AE:DB:E2:47:C5:2F:31:9E:3B
            X509v3 Authority Key Identifier:
                keyid:4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:32:09:81:55:ac:18:74:18:f5:37:55:f5:e8:e5:a4:9e:d8:
         e3:17:1e:38:71:91:86:c3:2b:74:9d:23:98:0a:8b:b8:5e:f2:
         86:4e:d9:40:11:e9:a3:ef:04:fb:8f:9a:fa:56:29:97:04:5d:
         1b:23:29:7e:e9:53:d9:c2:8b:31:f2:f6:9a:f3:bc:d0:f7:20:
         42:67:71:14:72:30:ea:40:0f:e3:62:15:ec:b8:a5:fa:2c:cd:
         00:d2:a8:4c:22:51:e7:fb:75:54:ef:7a:44:43:af:f4:0b:e8:
         f1:01:5b:13:10:9a:98:4c:d1:e1:5a:3f:87:d8:3f:0d:df:d2:
         20:ef:b7:69:03:da:33:78:a9:3c:fe:e5:c1:af:ff:33:1b:51:
         f3:e8:50:f2:8a:22:aa:80:5f:9b:a8:54:0d:2e:6a:c3:e6:cc:
         79:fb:23:ef:5c:22:95:e0:c4:3b:df:a6:76:30:66:5b:0b:80:
         49:f7:c5:30:04:00:7c:c2:f9:6a:ce:3d:55:d9:6b:d1:5d:a0:
         5e:95:42:43:16:1f:a0:33:ed:94:2a:16:9f:46:6c:bd:dc:3a:
         7d:a7:f1:3d:b3:df:39:48:36:dc:e6:39:7a:ef:bc:e1:4e:4d:
         b2:85:e8:fe:5c:62:08:be:ca:3a:2c:55:fb:07:ad:53:de:46:
         99:fc:4a:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+qQUNXOCss029Kp0l2HyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMGYyNTdmMzM5Y2ZiOWUyNzU0YjZjYzI0MzY0ZjBmMTI5
MDU4ZGIwHhcNMjUwNjA3MDYwMTE0WhcNMjUwNjA4MDYwMTE0WjAzMTEwLwYDVQQD
Eyg3ZDY4YzgzZTg0M2I4Y2Y2NDk4NTgzYWVkYmUyNDdjNTJmMzE5ZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEGquMx1L3fYZsbRndwBgCDnNqgd
uRCTLG5JHfYKTkVije2qCsnoGXCIzSBpgQjOJac4oj+A+VzOA+29zPe/avOBioyZ
vPKPIqnK1i/WkYBDDd7pufl49A+M1dP1RovZF/jzzxP5cxUpCtNtQtPUWwzFGbnk
U0uTtET4JWo+N7u7TnJHDtUMeT/LE1Lhhbo9IbaINk6yVnMvJIdfZXXC/ebyw7L+
nR4x2+voao3sX2WrFsXogJUSD8FXYt2eIxQ1xNVGCPDHBmLG4ab4VB3t61DpfUPu
fXDuJhLkmdoP2h/MmiNla31FaeElUqiSriloLam2teiPdw9peGvbngeGIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH1oyD6EO4z2SYWDrtviR8UvMZ47MB8GA1UdIwQY
MBaAFE0PJX8znPueJ1S2zCQ2Tw8SkFjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUt
ZjNmNTgxZGZjNjQ4LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUtZjNmNTgxZGZjNjQ4
LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaTIJgVWs
GHQY9TdV9ejlpJ7Y4xceOHGRhsMrdJ0jmAqLuF7yhk7ZQBHpo+8E+4+a+lYplwRd
GyMpfulT2cKLMfL2mvO80PcgQmdxFHIw6kAP42IV7Lil+izNANKoTCJR5/t1VO96
REOv9Avo8QFbExCamEzR4Vo/h9g/Dd/SIO+3aQPaM3ipPP7lwa//MxtR8+hQ8ooi
qoBfm6hUDS5qw+bMefsj71wileDEO9+mdjBmWwuASffFMAQAfML5as49Vdlr0V2g
XpVCQxYfoDPtlCoWn0Zsvdw6fafxPbPfOUg23OY5eu+84U5NsoXo/lxiCL7KOixV
+wetU95GmfxKKA==
-----END CERTIFICATE-----