Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
File:                     tsaaSiFb3h0yk03chd6vj9nJRHk.mft (raw, json)
Hash identifier:          t574PL85jA4ipy0UVPEKFfKwo2RxncqXqwyOSQAdeQ0=
Subject key identifier:   B7:D2:43:53:F1:A8:FE:2E:83:6D:3A:FC:E9:A2:58:D6:16:B1:2D:41
Authority key identifier: B6:C6:9A:4A:21:5B:DE:1D:32:93:4D:DC:85:DE:AF:8F:D9:C9:44:79
Certificate issuer:       /CN=b6c69a4a215bde1d32934ddc85deaf8fd9c94479
Certificate serial:       01967E341DF2860C78B8473CFFB4A7BB5AD3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
Manifest number:          0CBF
Signing time:             Mon 28 Apr 2025 21:01:06 +0000
Manifest this update:     Mon 28 Apr 2025 21:01:06 +0000
Manifest next update:     Tue 29 Apr 2025 21:01:06 +0000
Files and hashes:         1: tsaaSiFb3h0yk03chd6vj9nJRHk.crl (hash: Oh6GoA53SOebtNDoVY2SUX63uPY5Sfc3rYahZC6jq4o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 21:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7e:34:1d:f2:86:0c:78:b8:47:3c:ff:b4:a7:bb:5a:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6c69a4a215bde1d32934ddc85deaf8fd9c94479
        Validity
            Not Before: Apr 28 21:01:06 2025 GMT
            Not After : Apr 29 21:01:06 2025 GMT
        Subject: CN=b7d24353f1a8fe2e836d3afce9a258d616b12d41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:76:ee:91:9b:22:1e:0a:42:ff:cd:fe:a2:7b:
                    a8:97:eb:6b:69:7b:08:fc:cd:9b:11:fb:ef:2c:f6:
                    81:1f:ee:4c:73:6c:b9:fe:e8:85:cb:b2:c2:3e:d5:
                    0d:4c:6c:84:05:3c:16:47:4b:79:0a:b6:5b:85:e8:
                    96:b0:28:87:5e:56:8a:6b:a2:f5:78:d2:0e:90:be:
                    07:4d:de:a7:51:d2:6e:4d:01:cb:36:f8:01:4a:2d:
                    d1:d2:57:d8:ab:12:f3:33:e8:be:be:31:bc:93:64:
                    94:1e:9c:37:1a:d1:d9:12:15:49:a3:98:a0:de:01:
                    39:87:ea:fe:19:bb:f7:63:b1:d0:ad:8a:c1:94:55:
                    98:1a:24:dc:12:3f:d4:06:8d:c0:39:80:be:dc:bf:
                    59:d1:c2:5b:4c:24:c1:f9:21:bb:c6:06:b2:c3:0c:
                    8a:90:1c:2f:cb:e6:a2:6b:1e:80:59:2a:22:93:06:
                    36:dc:83:8b:d2:4a:54:c2:70:b9:5f:84:37:92:6a:
                    cd:69:a7:58:e4:e0:e0:83:8e:55:7a:6b:0e:43:60:
                    a4:f2:73:8d:7d:4e:80:e6:71:8e:32:b8:10:d5:52:
                    ac:42:14:e9:69:6f:71:59:c1:4d:32:2b:0f:e4:74:
                    62:62:80:fe:5a:01:8b:2f:e4:16:f7:11:c8:c1:33:
                    03:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:D2:43:53:F1:A8:FE:2E:83:6D:3A:FC:E9:A2:58:D6:16:B1:2D:41
            X509v3 Authority Key Identifier:
                keyid:B6:C6:9A:4A:21:5B:DE:1D:32:93:4D:DC:85:DE:AF:8F:D9:C9:44:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:1f:f5:d4:3b:69:9b:48:3d:c9:c9:53:c6:07:e1:5c:5f:85:
         5a:ff:d1:86:a7:9c:09:65:c9:43:44:c8:b9:09:00:8c:54:08:
         e0:c1:98:66:e0:94:59:96:f7:bb:82:1c:d6:ea:71:76:33:5f:
         86:cb:9c:bf:f3:a4:be:67:b6:f4:2d:31:a8:2f:e9:5a:31:41:
         4a:42:b7:a5:75:3a:ee:89:1e:1f:76:22:83:54:8c:5c:ea:74:
         f6:0e:3e:8e:0e:65:27:f5:f4:ea:de:25:34:a6:8a:d8:0b:a8:
         e8:dc:29:c6:b3:59:ec:da:21:13:db:05:b0:2a:53:f0:c4:d0:
         6f:12:b3:51:20:41:52:84:67:74:54:a1:c7:ce:9d:ed:e4:9a:
         90:55:93:b0:5e:fa:f6:a3:a9:3a:0b:9e:0b:d7:92:50:b6:e9:
         ea:94:87:4e:cc:f1:3a:d1:dd:97:7e:9b:64:a0:e4:6e:63:81:
         3f:48:f7:84:d5:1f:33:39:ec:b2:f4:95:19:d1:c9:af:e9:e1:
         e3:3d:3f:55:09:fd:63:76:3d:5c:40:38:1a:e4:4e:c1:67:c0:
         12:35:26:d0:2e:f1:a6:f8:d2:1b:a1:3a:7e:1c:1d:8c:b4:7b:
         53:29:ea:c7:81:db:db:de:09:f5:24:55:c3:63:93:4d:53:e2:
         04:3e:b3:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ+NB3yhgx4uEc8/7Snu1rTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YzY5YTRhMjE1YmRlMWQzMjkzNGRkYzg1ZGVhZjhmZDlj
OTQ0NzkwHhcNMjUwNDI4MjEwMTA2WhcNMjUwNDI5MjEwMTA2WjAzMTEwLwYDVQQD
EyhiN2QyNDM1M2YxYThmZTJlODM2ZDNhZmNlOWEyNThkNjE2YjEyZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynbukZsiHgpC/83+onuol+traXsI
/M2bEfvvLPaBH+5Mc2y5/uiFy7LCPtUNTGyEBTwWR0t5CrZbheiWsCiHXlaKa6L1
eNIOkL4HTd6nUdJuTQHLNvgBSi3R0lfYqxLzM+i+vjG8k2SUHpw3GtHZEhVJo5ig
3gE5h+r+Gbv3Y7HQrYrBlFWYGiTcEj/UBo3AOYC+3L9Z0cJbTCTB+SG7xgaywwyK
kBwvy+aiax6AWSoikwY23IOL0kpUwnC5X4Q3kmrNaadY5ODgg45VemsOQ2Ck8nON
fU6A5nGOMrgQ1VKsQhTpaW9xWcFNMisP5HRiYoD+WgGLL+QW9xHIwTMDEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLfSQ1PxqP4ug206/OmiWNYWsS1BMB8GA1UdIwQY
MBaAFLbGmkohW94dMpNN3IXer4/ZyUR5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81NzdhN2ItNWRjYy00M2E3LWE4OWMt
ZTNiYzZiNDk5ZTdiLzEvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81NzdhN2ItNWRjYy00M2E3LWE4OWMtZTNiYzZiNDk5ZTdi
LzEvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACB/11Dtp
m0g9yclTxgfhXF+FWv/RhqecCWXJQ0TIuQkAjFQI4MGYZuCUWZb3u4Ic1upxdjNf
hsucv/Okvme29C0xqC/pWjFBSkK3pXU67okeH3Yig1SMXOp09g4+jg5lJ/X06t4l
NKaK2Auo6NwpxrNZ7NohE9sFsCpT8MTQbxKzUSBBUoRndFShx86d7eSakFWTsF76
9qOpOgueC9eSULbp6pSHTszxOtHdl36bZKDkbmOBP0j3hNUfMznssvSVGdHJr+nh
4z0/VQn9Y3Y9XEA4GuROwWfAEjUm0C7xpvjSG6E6fhwdjLR7Uynqx4Hb294J9SRV
w2OTTVPiBD6zgg==
-----END CERTIFICATE-----