Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
File:                     TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft (raw, json)
Hash identifier:          4AHo6KKJPBL6SQQueopC3U4NQxCMxAnbsaA/Z8qmzzM=
Subject key identifier:   A5:12:A5:B2:7F:BB:D5:58:ED:3C:EF:B1:55:7F:3C:B9:D0:BC:25:F7
Authority key identifier: 4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC
Certificate issuer:       /CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
Certificate serial:       01987C40D9993D6B6F71B48D661A579B8CBD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
Manifest number:          12E9
Signing time:             Tue 05 Aug 2025 22:01:21 +0000
Manifest this update:     Tue 05 Aug 2025 22:01:21 +0000
Manifest next update:     Wed 06 Aug 2025 22:01:21 +0000
Files and hashes:         1: TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl (hash: 7skdFKmK1F4ONny2e+8GBxTnagtegfPtpzel95sUCH4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 17:44:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7c:40:d9:99:3d:6b:6f:71:b4:8d:66:1a:57:9b:8c:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
        Validity
            Not Before: Aug  5 22:01:21 2025 GMT
            Not After : Aug  6 22:01:21 2025 GMT
        Subject: CN=a512a5b27fbbd558ed3cefb1557f3cb9d0bc25f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:b5:55:37:bb:b4:80:03:3b:53:7b:27:44:95:
                    7b:35:c9:45:9f:7f:82:16:d3:d3:13:59:c5:01:6b:
                    5b:f2:9e:de:f0:5b:1d:04:b4:2c:a2:73:cb:7e:36:
                    97:6f:9d:5d:03:05:45:a7:ad:1a:4b:2d:3f:2b:c0:
                    f5:e1:42:02:fd:20:cf:49:32:13:eb:59:c4:e0:64:
                    68:ba:21:f8:1e:48:07:2e:20:a6:5b:ba:35:f9:fb:
                    85:89:f3:63:5b:3a:76:f6:48:f8:b2:16:a2:a3:d7:
                    1c:35:e4:26:35:12:cf:11:61:c6:94:dc:4b:59:7a:
                    76:48:50:54:96:03:7d:0f:22:94:be:9d:71:b0:8e:
                    a6:13:90:97:55:2c:e9:15:2f:6b:b1:76:1a:18:10:
                    b6:17:e4:b4:23:5a:e4:46:7c:75:05:f9:e2:3f:30:
                    64:34:cb:8d:90:70:8a:1c:38:47:ce:f3:a8:5c:36:
                    d6:9a:ba:f9:c7:d0:ad:87:2e:ac:aa:33:56:24:e7:
                    c6:26:2c:ec:43:4c:b7:89:c0:9a:c7:c9:c6:9a:a8:
                    31:08:2e:f3:2e:22:1f:f1:82:e3:34:de:20:04:a3:
                    a1:a0:45:ac:2a:67:6f:b1:7d:70:10:67:65:3b:eb:
                    14:ec:e5:e2:70:bb:68:53:a3:65:61:76:08:e8:52:
                    13:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:12:A5:B2:7F:BB:D5:58:ED:3C:EF:B1:55:7F:3C:B9:D0:BC:25:F7
            X509v3 Authority Key Identifier:
                keyid:4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:bf:ef:17:62:cd:82:a9:a9:14:62:14:36:c8:9c:7b:3c:6e:
         c5:d7:02:ef:b2:3f:6c:c6:b5:3c:11:6c:dd:7f:8f:27:30:74:
         8d:ad:3d:64:b9:0b:d3:d4:35:38:15:2b:5a:2c:fd:60:02:56:
         e1:88:b5:70:ce:c7:80:0a:40:4f:af:3f:3f:f7:a3:0c:9c:06:
         f1:e6:f7:54:91:c1:7d:25:c5:81:a5:c4:1a:5f:73:9a:6c:c8:
         35:35:9f:e6:f6:17:7b:01:20:ba:5d:34:52:cb:6e:57:81:f9:
         4b:a0:73:5c:1a:37:62:68:4c:d5:04:e3:4a:aa:9d:4e:e0:ab:
         40:08:cf:f0:bc:fc:cb:f4:a4:79:1c:03:da:21:d9:9a:8d:8e:
         e2:62:24:05:c1:92:c5:66:e9:c2:4a:44:48:c7:90:94:2b:c8:
         4b:5c:15:96:85:6d:87:b4:fc:42:b0:0a:b3:73:a7:90:d9:e5:
         11:b4:8a:0b:3c:60:9d:8c:0d:f6:fa:38:71:aa:2f:72:71:0e:
         fd:25:8a:6e:cc:af:21:f0:b8:4f:92:1d:15:75:3a:b6:1e:42:
         77:23:1e:59:2c:71:de:e3:9f:d7:fc:d7:d8:55:e5:db:07:58:
         03:58:f2:e4:fb:c5:82:5f:c2:b2:a1:16:d9:e3:7e:07:dd:88:
         e4:41:9b:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh8QNmZPWtvcbSNZhpXm4y9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzVkYTdlODQzZTM3YzdkYmE0ZmNhNzE4ZjQzODY1ZmQ3
Yzk4ZGMwHhcNMjUwODA1MjIwMTIxWhcNMjUwODA2MjIwMTIxWjAzMTEwLwYDVQQD
EyhhNTEyYTViMjdmYmJkNTU4ZWQzY2VmYjE1NTdmM2NiOWQwYmMyNWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrVVN7u0gAM7U3snRJV7NclFn3+C
FtPTE1nFAWtb8p7e8FsdBLQsonPLfjaXb51dAwVFp60aSy0/K8D14UIC/SDPSTIT
61nE4GRouiH4HkgHLiCmW7o1+fuFifNjWzp29kj4shaio9ccNeQmNRLPEWHGlNxL
WXp2SFBUlgN9DyKUvp1xsI6mE5CXVSzpFS9rsXYaGBC2F+S0I1rkRnx1BfniPzBk
NMuNkHCKHDhHzvOoXDbWmrr5x9Cthy6sqjNWJOfGJizsQ0y3icCax8nGmqgxCC7z
LiIf8YLjNN4gBKOhoEWsKmdvsX1wEGdlO+sU7OXicLtoU6NlYXYI6FIT/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKUSpbJ/u9VY7TzvsVV/PLnQvCX3MB8GA1UdIwQY
MBaAFEw12n6EPjfH26T8pxj0OGX9fJjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgt
YTY1ZTVlMzNkY2MwLzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgtYTY1ZTVlMzNkY2Mw
LzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoL/vF2LN
gqmpFGIUNsicezxuxdcC77I/bMa1PBFs3X+PJzB0ja09ZLkL09Q1OBUrWiz9YAJW
4Yi1cM7HgApAT68/P/ejDJwG8eb3VJHBfSXFgaXEGl9zmmzINTWf5vYXewEgul00
UstuV4H5S6BzXBo3YmhM1QTjSqqdTuCrQAjP8Lz8y/SkeRwD2iHZmo2O4mIkBcGS
xWbpwkpESMeQlCvIS1wVloVth7T8QrAKs3OnkNnlEbSKCzxgnYwN9vo4caovcnEO
/SWKbsyvIfC4T5IdFXU6th5CdyMeWSxx3uOf1/zX2FXl2wdYA1jy5PvFgl/CsqEW
2eN+B92I5EGbqQ==
-----END CERTIFICATE-----
Generated at Wed Aug 6 00:51:50 2025 by rpki-client