Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
File:                     tsaaSiFb3h0yk03chd6vj9nJRHk.mft (raw, json)
Hash identifier:          4H62UnkYvCq9Asng6z/+t9vhKm3AsHs8sI/mqo+jELA=
Subject key identifier:   C5:6D:FB:74:68:0E:95:07:AB:B8:4A:25:DB:C7:3E:C9:59:D7:D4:F1
Authority key identifier: B6:C6:9A:4A:21:5B:DE:1D:32:93:4D:DC:85:DE:AF:8F:D9:C9:44:79
Certificate issuer:       /CN=b6c69a4a215bde1d32934ddc85deaf8fd9c94479
Certificate serial:       01976F9A38BB22B0D3EC0F9B78B1BB9E45A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
Manifest number:          0D3C
Signing time:             Sat 14 Jun 2025 18:01:07 +0000
Manifest this update:     Sat 14 Jun 2025 18:01:07 +0000
Manifest next update:     Sun 15 Jun 2025 18:01:07 +0000
Files and hashes:         1: tsaaSiFb3h0yk03chd6vj9nJRHk.crl (hash: Et+z6ZUSOsJZVhdX4M71N3BkE3Ln+R7wyJor18+u0NM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 18:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:9a:38:bb:22:b0:d3:ec:0f:9b:78:b1:bb:9e:45:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6c69a4a215bde1d32934ddc85deaf8fd9c94479
        Validity
            Not Before: Jun 14 18:01:07 2025 GMT
            Not After : Jun 15 18:01:07 2025 GMT
        Subject: CN=c56dfb74680e9507abb84a25dbc73ec959d7d4f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:8c:2d:e9:f9:a3:a0:85:41:fb:ef:05:bf:7f:
                    0a:cb:45:40:3d:8c:16:0e:a1:b2:71:02:e2:bd:19:
                    02:a0:56:4f:86:fc:10:2a:3d:83:7f:57:ea:6b:42:
                    59:e0:64:4d:91:b8:6b:f8:14:f1:c7:de:15:ac:25:
                    10:fc:75:a5:4e:7d:9e:3f:90:35:a7:0e:c8:51:2b:
                    40:32:3e:e3:5a:0a:02:e9:95:d6:f5:7d:38:0b:e7:
                    29:03:9f:32:15:f2:b7:c4:71:9b:91:f6:72:85:88:
                    cc:d9:bd:a2:da:ca:56:82:41:92:fd:b7:ba:21:6e:
                    94:4f:60:f0:41:e9:8a:d1:c0:2a:71:b8:22:44:1f:
                    e7:d2:92:e9:73:6c:47:ec:d9:22:b4:03:60:5e:75:
                    c6:1d:5e:e1:6d:4d:fd:31:ac:a0:d7:11:7f:5b:d3:
                    a7:cf:28:31:e6:71:eb:30:54:02:2e:79:1a:61:71:
                    19:a0:bc:03:17:ac:92:23:0a:7a:7f:2f:47:58:5b:
                    27:51:43:e6:49:86:18:1a:d7:ea:5a:51:8a:5d:c8:
                    98:4d:78:7d:12:59:ce:0d:4d:d7:f2:50:df:fa:79:
                    95:7e:d3:c0:b3:84:a1:7b:6e:4e:1e:0e:24:f7:f9:
                    9f:bc:f2:b4:1d:c1:5a:11:d0:a9:84:3c:0c:a8:ca:
                    b9:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:6D:FB:74:68:0E:95:07:AB:B8:4A:25:DB:C7:3E:C9:59:D7:D4:F1
            X509v3 Authority Key Identifier:
                keyid:B6:C6:9A:4A:21:5B:DE:1D:32:93:4D:DC:85:DE:AF:8F:D9:C9:44:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:5d:fd:13:f4:35:6b:75:4e:93:74:82:5a:7f:72:95:90:b8:
         81:2f:3a:4c:ea:2b:41:d6:7e:ca:50:5d:99:4f:78:48:fd:77:
         c2:68:aa:ac:6e:dc:61:54:3b:2b:4b:c3:1f:65:e2:0e:ce:0d:
         c6:9b:d6:14:3e:05:0b:fb:8f:52:4a:89:bc:58:6b:70:ff:2c:
         45:1d:e3:2e:7b:cb:68:a6:8b:eb:60:6a:b9:72:99:57:2d:cb:
         df:10:12:02:dc:49:2f:2e:c0:c8:8c:79:97:26:84:74:9b:f3:
         8d:b3:64:b1:fc:8e:ae:48:6a:34:b7:3d:e0:c3:a2:78:0f:69:
         e5:ba:91:2a:67:47:b5:e1:d7:1e:e3:c6:e2:b3:0f:f9:ec:15:
         fb:bd:bb:df:88:f4:70:48:74:28:83:99:ff:97:38:b8:d6:52:
         00:b6:74:ef:82:99:ac:e7:7b:ce:2d:95:03:38:d0:00:a9:ec:
         4f:19:ff:6e:6f:c8:70:ff:d4:22:a9:4d:fa:2e:79:34:5b:28:
         f6:38:f2:4f:3d:d6:8f:c1:be:7f:0a:75:5b:23:4d:eb:54:ee:
         9e:02:cf:82:fc:a0:77:66:fd:7f:e7:bd:62:1c:72:7c:5c:14:
         e5:72:16:e4:f4:fe:81:31:e2:f8:80:c4:34:28:55:39:76:d8:
         a7:46:35:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvmji7IrDT7A+beLG7nkWiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YzY5YTRhMjE1YmRlMWQzMjkzNGRkYzg1ZGVhZjhmZDlj
OTQ0NzkwHhcNMjUwNjE0MTgwMTA3WhcNMjUwNjE1MTgwMTA3WjAzMTEwLwYDVQQD
EyhjNTZkZmI3NDY4MGU5NTA3YWJiODRhMjVkYmM3M2VjOTU5ZDdkNGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4wt6fmjoIVB++8Fv38Ky0VAPYwW
DqGycQLivRkCoFZPhvwQKj2Df1fqa0JZ4GRNkbhr+BTxx94VrCUQ/HWlTn2eP5A1
pw7IUStAMj7jWgoC6ZXW9X04C+cpA58yFfK3xHGbkfZyhYjM2b2i2spWgkGS/be6
IW6UT2DwQemK0cAqcbgiRB/n0pLpc2xH7NkitANgXnXGHV7hbU39Mayg1xF/W9On
zygx5nHrMFQCLnkaYXEZoLwDF6ySIwp6fy9HWFsnUUPmSYYYGtfqWlGKXciYTXh9
ElnODU3X8lDf+nmVftPAs4She25OHg4k9/mfvPK0HcFaEdCphDwMqMq5zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMVt+3RoDpUHq7hKJdvHPslZ19TxMB8GA1UdIwQY
MBaAFLbGmkohW94dMpNN3IXer4/ZyUR5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81NzdhN2ItNWRjYy00M2E3LWE4OWMt
ZTNiYzZiNDk5ZTdiLzEvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81NzdhN2ItNWRjYy00M2E3LWE4OWMtZTNiYzZiNDk5ZTdi
LzEvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfV39E/Q1
a3VOk3SCWn9ylZC4gS86TOorQdZ+ylBdmU94SP13wmiqrG7cYVQ7K0vDH2XiDs4N
xpvWFD4FC/uPUkqJvFhrcP8sRR3jLnvLaKaL62BquXKZVy3L3xASAtxJLy7AyIx5
lyaEdJvzjbNksfyOrkhqNLc94MOieA9p5bqRKmdHteHXHuPG4rMP+ewV+72734j0
cEh0KIOZ/5c4uNZSALZ074KZrOd7zi2VAzjQAKnsTxn/bm/IcP/UIqlN+i55NFso
9jjyTz3Wj8G+fwp1WyNN61TungLPgvygd2b9f+e9YhxyfFwU5XIW5PT+gTHi+IDE
NChVOXbYp0Y1rQ==
-----END CERTIFICATE-----