Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft
File:                     TnxZtb-73klP0T13jm8i3adJYsE.mft (raw, json)
Hash identifier:          GwestzHisVkKwfbilkQYVRPCRINUwgwfAExlVkNquMc=
Subject key identifier:   82:CF:0A:55:DE:DC:3E:6B:F1:3C:27:E0:D8:93:08:03:AB:87:1A:5C
Authority key identifier: 4E:7C:59:B5:BF:BB:DE:49:4F:D1:3D:77:8E:6F:22:DD:A7:49:62:C1
Certificate issuer:       /CN=4e7c59b5bfbbde494fd13d778e6f22dda74962c1
Certificate serial:       0199239FB2D3F746E4BF6A120C5A7C70B641
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TnxZtb-73klP0T13jm8i3adJYsE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft
Manifest number:          09B4
Signing time:             Sun 07 Sep 2025 10:01:32 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:32 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:32 +0000
Files and hashes:         1: TnxZtb-73klP0T13jm8i3adJYsE.crl (hash: RU3+XZHCamq/iF6n/E1nfdVOwDIEe+rmRcEDPB3/n2M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TnxZtb-73klP0T13jm8i3adJYsE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:b2:d3:f7:46:e4:bf:6a:12:0c:5a:7c:70:b6:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e7c59b5bfbbde494fd13d778e6f22dda74962c1
        Validity
            Not Before: Sep  7 10:01:32 2025 GMT
            Not After : Sep  8 10:01:32 2025 GMT
        Subject: CN=82cf0a55dedc3e6bf13c27e0d8930803ab871a5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:42:73:63:f0:99:d6:de:b5:f7:bc:ed:8c:81:
                    26:0a:54:c6:4e:e2:c0:b9:f1:4e:af:1b:3b:c5:cd:
                    48:33:cc:e1:fe:d1:1d:c8:a3:64:91:f7:3b:9d:3a:
                    ba:55:6f:e2:be:5f:f3:94:a8:2b:8b:54:c0:26:f6:
                    3d:97:7e:d8:b5:a8:12:7e:d5:10:8f:b7:f3:52:ae:
                    48:f1:8d:a5:b6:e0:16:fc:84:69:e8:4e:d6:a3:88:
                    98:06:e5:d5:94:87:25:52:02:54:e0:69:de:21:16:
                    dd:b5:b5:66:6d:9a:53:06:52:b4:6a:42:63:35:92:
                    4e:74:9b:ff:cc:98:22:f9:7e:15:e4:eb:51:49:b1:
                    ab:6d:8d:9e:3e:09:60:a0:9b:64:a8:ba:9e:20:96:
                    e5:53:01:63:1e:32:62:d7:2e:c0:05:f6:db:6a:df:
                    60:58:0e:d1:5a:51:e8:af:30:e3:1a:b9:b4:96:5a:
                    d5:17:8a:d7:0b:46:3c:56:93:ab:84:7a:ec:99:42:
                    f8:84:4a:86:e7:5f:7a:0d:74:6b:ea:1c:38:f6:fb:
                    18:40:0d:2d:9e:da:12:1f:a8:fd:45:da:f1:26:ed:
                    cb:61:6c:d6:78:8b:76:b7:70:53:bc:5e:b4:69:02:
                    8c:23:f1:b7:3b:d8:e2:3d:94:ad:3f:87:1e:b9:d8:
                    d7:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:CF:0A:55:DE:DC:3E:6B:F1:3C:27:E0:D8:93:08:03:AB:87:1A:5C
            X509v3 Authority Key Identifier:
                keyid:4E:7C:59:B5:BF:BB:DE:49:4F:D1:3D:77:8E:6F:22:DD:A7:49:62:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TnxZtb-73klP0T13jm8i3adJYsE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:4b:fd:a3:69:ad:30:00:cb:74:df:50:32:d8:e6:76:70:f2:
         b5:26:56:33:98:3a:62:f6:be:1e:0b:d7:30:4a:6e:5e:9f:f5:
         89:2f:ca:e9:05:2e:eb:31:11:11:9a:89:89:5d:cf:bb:95:f0:
         f5:92:eb:49:2b:4d:a4:59:a7:14:1d:df:20:56:d3:54:14:ec:
         d1:e9:fa:ca:fe:c8:be:0b:b2:0e:74:e9:03:f0:b4:eb:a3:f1:
         27:28:ca:4f:5a:33:b5:14:c8:fb:9d:b6:a3:06:b7:48:8d:57:
         ae:f6:8f:b4:08:40:db:73:c5:84:45:23:d8:4d:6b:b7:36:f3:
         ba:bd:41:16:0a:d3:32:b6:8e:e7:90:5d:46:ff:00:1a:b1:de:
         32:13:7e:3c:48:62:86:33:4b:f4:6f:dc:66:2e:2c:be:79:5a:
         ca:5a:77:50:d0:c2:62:3c:31:cf:74:83:cd:ab:3a:bc:b6:ab:
         4e:51:f3:6d:4c:90:0e:dc:dd:3c:6e:f5:0a:dc:87:87:8b:05:
         fe:7c:2c:11:da:45:b7:d6:94:da:2c:8b:12:a1:c7:31:f6:c2:
         21:59:00:ad:bf:b8:bf:c2:8c:d9:91:95:88:e1:0c:94:5b:a2:
         3e:30:17:d2:b8:53:ab:81:8c:7e:ff:c2:7e:80:8a:06:82:89:
         54:e7:ee:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn7LT90bkv2oSDFp8cLZBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlN2M1OWI1YmZiYmRlNDk0ZmQxM2Q3NzhlNmYyMmRkYTc0
OTYyYzEwHhcNMjUwOTA3MTAwMTMyWhcNMjUwOTA4MTAwMTMyWjAzMTEwLwYDVQQD
Eyg4MmNmMGE1NWRlZGMzZTZiZjEzYzI3ZTBkODkzMDgwM2FiODcxYTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEJzY/CZ1t6197ztjIEmClTGTuLA
ufFOrxs7xc1IM8zh/tEdyKNkkfc7nTq6VW/ivl/zlKgri1TAJvY9l37YtagSftUQ
j7fzUq5I8Y2ltuAW/IRp6E7Wo4iYBuXVlIclUgJU4GneIRbdtbVmbZpTBlK0akJj
NZJOdJv/zJgi+X4V5OtRSbGrbY2ePglgoJtkqLqeIJblUwFjHjJi1y7ABfbbat9g
WA7RWlHorzDjGrm0llrVF4rXC0Y8VpOrhHrsmUL4hEqG5196DXRr6hw49vsYQA0t
ntoSH6j9RdrxJu3LYWzWeIt2t3BTvF60aQKMI/G3O9jiPZStP4ceudjXyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFILPClXe3D5r8Twn4NiTCAOrhxpcMB8GA1UdIwQY
MBaAFE58WbW/u95JT9E9d45vIt2nSWLBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG54WnRiLTcza2xQMFQxM2ptOGkzYWRKWXNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mMzA2MDItNWZhMi00YWI4LTk5ZTct
YzA3ZjZjNWEwYWE3LzEvVG54WnRiLTcza2xQMFQxM2ptOGkzYWRKWXNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mMzA2MDItNWZhMi00YWI4LTk5ZTctYzA3ZjZjNWEwYWE3
LzEvVG54WnRiLTcza2xQMFQxM2ptOGkzYWRKWXNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH0v9o2mt
MADLdN9QMtjmdnDytSZWM5g6Yva+HgvXMEpuXp/1iS/K6QUu6zEREZqJiV3Pu5Xw
9ZLrSStNpFmnFB3fIFbTVBTs0en6yv7IvguyDnTpA/C066PxJyjKT1oztRTI+522
owa3SI1XrvaPtAhA23PFhEUj2E1rtzbzur1BFgrTMraO55BdRv8AGrHeMhN+PEhi
hjNL9G/cZi4svnlaylp3UNDCYjwxz3SDzas6vLarTlHzbUyQDtzdPG71CtyHh4sF
/nwsEdpFt9aU2iyLEqHHMfbCIVkArb+4v8KM2ZGViOEMlFuiPjAX0rhTq4GMfv/C
foCKBoKJVOfutQ==
-----END CERTIFICATE-----