Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
File:                     TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft (raw, json)
Hash identifier:          gQZj5zYnkh2Lgpu72L4obNlefgCoqb5ZGj6IirGuvjQ=
Subject key identifier:   B3:09:CC:62:63:28:73:2E:07:53:3C:7B:92:34:A0:D7:81:11:D1:57
Authority key identifier: 4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC
Certificate issuer:       /CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
Certificate serial:       019676B0DB3AC999266ADEDEF7076803229F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
Manifest number:          11DD
Signing time:             Sun 27 Apr 2025 10:00:23 +0000
Manifest this update:     Sun 27 Apr 2025 10:00:23 +0000
Manifest next update:     Mon 28 Apr 2025 10:00:23 +0000
Files and hashes:         1: TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl (hash: MM91cmrZlLpdWDVr6mpc+3HndYV0B8Gqt0da87L7JFI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 10:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:b0:db:3a:c9:99:26:6a:de:de:f7:07:68:03:22:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
        Validity
            Not Before: Apr 27 10:00:23 2025 GMT
            Not After : Apr 28 10:00:23 2025 GMT
        Subject: CN=b309cc626328732e07533c7b9234a0d78111d157
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:af:8f:58:a4:1d:e0:ed:f1:8b:78:96:9a:f5:
                    15:11:72:64:90:db:97:3d:b4:12:08:85:aa:df:64:
                    43:fb:1b:53:32:95:8d:a3:fa:36:1f:c1:72:6a:ba:
                    a3:59:e1:46:e9:03:e4:a2:a0:ce:68:fc:d8:ee:b2:
                    ed:f4:98:68:91:fd:23:d7:6e:37:8b:c9:2d:18:09:
                    e9:dd:c7:41:8a:cd:cc:97:a2:3c:03:4f:0f:b0:64:
                    f2:1f:e9:55:a3:57:90:37:35:84:4d:34:2f:16:46:
                    06:d4:46:5c:12:89:c5:7b:b7:19:cf:6e:62:dc:22:
                    f0:ec:7b:45:5e:b1:c6:fa:fc:c6:e6:50:a2:c1:8a:
                    b4:ad:ac:80:79:47:8d:53:6d:81:7b:41:c4:e8:b4:
                    73:36:8d:32:d8:65:d5:6a:79:be:76:d4:20:0c:3e:
                    d2:79:4f:98:74:60:69:de:e5:f2:ac:b6:64:84:1b:
                    6c:f1:51:d2:64:55:f4:be:1d:4c:48:c5:f8:c8:ba:
                    c6:9b:d3:24:18:17:5e:d0:9a:8a:6e:9d:84:75:f2:
                    60:4c:a5:92:68:6d:84:f8:df:ba:15:5a:37:10:d6:
                    bc:f4:00:cb:91:ac:49:1b:b2:4a:98:22:54:ce:80:
                    02:20:04:e7:38:52:d3:ea:15:e2:41:0c:47:c2:8b:
                    52:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:09:CC:62:63:28:73:2E:07:53:3C:7B:92:34:A0:D7:81:11:D1:57
            X509v3 Authority Key Identifier:
                keyid:4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:cf:94:b5:0b:c4:94:d4:3c:c4:bd:9b:95:b8:56:f8:39:11:
         77:6c:b6:8a:c2:f3:cb:d8:6d:08:51:b9:a8:09:db:27:95:65:
         5f:ee:76:99:d7:68:13:f7:ff:2f:87:55:5d:2a:a1:99:56:73:
         a4:3b:42:91:5a:2d:13:5b:c7:d4:03:fa:96:aa:c7:5a:b9:61:
         9a:47:2f:39:ad:de:ae:81:6a:94:38:e1:c0:6c:9a:d2:6a:95:
         2e:f8:08:15:59:7a:b7:27:a6:b1:ea:e5:cc:f9:0b:d5:d5:df:
         a5:ad:8b:1e:cf:aa:6e:14:0d:dc:f9:69:1c:a9:3e:af:f1:a1:
         1c:3e:47:0e:64:1c:50:6b:7b:ce:4c:27:08:92:ee:e4:71:53:
         ca:2e:01:e8:ff:66:c0:5f:94:cc:54:c0:48:56:59:9f:60:40:
         86:84:4c:e6:e7:88:72:6a:e5:23:a2:2f:fe:9e:cb:f7:b5:d2:
         ed:e9:09:38:bf:b7:98:64:cf:16:88:16:42:18:61:05:13:b4:
         de:ec:d9:1c:3f:f8:a7:91:7e:1a:00:2c:3e:c0:b8:04:ae:fc:
         e6:12:4c:9d:52:87:c8:da:41:8e:b4:e5:fd:31:c6:91:83:2b:
         a5:bb:c6:62:b7:18:52:c3:da:ae:89:a5:4b:07:9b:15:c1:75:
         bd:e2:3e:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2sNs6yZkmat7e9wdoAyKfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzVkYTdlODQzZTM3YzdkYmE0ZmNhNzE4ZjQzODY1ZmQ3
Yzk4ZGMwHhcNMjUwNDI3MTAwMDIzWhcNMjUwNDI4MTAwMDIzWjAzMTEwLwYDVQQD
EyhiMzA5Y2M2MjYzMjg3MzJlMDc1MzNjN2I5MjM0YTBkNzgxMTFkMTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsa+PWKQd4O3xi3iWmvUVEXJkkNuX
PbQSCIWq32RD+xtTMpWNo/o2H8FyarqjWeFG6QPkoqDOaPzY7rLt9Jhokf0j1243
i8ktGAnp3cdBis3Ml6I8A08PsGTyH+lVo1eQNzWETTQvFkYG1EZcEonFe7cZz25i
3CLw7HtFXrHG+vzG5lCiwYq0rayAeUeNU22Be0HE6LRzNo0y2GXVanm+dtQgDD7S
eU+YdGBp3uXyrLZkhBts8VHSZFX0vh1MSMX4yLrGm9MkGBde0JqKbp2EdfJgTKWS
aG2E+N+6FVo3ENa89ADLkaxJG7JKmCJUzoACIATnOFLT6hXiQQxHwotSewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLMJzGJjKHMuB1M8e5I0oNeBEdFXMB8GA1UdIwQY
MBaAFEw12n6EPjfH26T8pxj0OGX9fJjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgt
YTY1ZTVlMzNkY2MwLzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgtYTY1ZTVlMzNkY2Mw
LzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXs+UtQvE
lNQ8xL2blbhW+DkRd2y2isLzy9htCFG5qAnbJ5VlX+52mddoE/f/L4dVXSqhmVZz
pDtCkVotE1vH1AP6lqrHWrlhmkcvOa3eroFqlDjhwGya0mqVLvgIFVl6tyemserl
zPkL1dXfpa2LHs+qbhQN3PlpHKk+r/GhHD5HDmQcUGt7zkwnCJLu5HFTyi4B6P9m
wF+UzFTASFZZn2BAhoRM5ueIcmrlI6Iv/p7L97XS7ekJOL+3mGTPFogWQhhhBRO0
3uzZHD/4p5F+GgAsPsC4BK785hJMnVKHyNpBjrTl/THGkYMrpbvGYrcYUsParoml
SwebFcF1veI+9g==
-----END CERTIFICATE-----