Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
File:                     TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft (raw, json)
Hash identifier:          XGt+od3YEw2Lc1Z+w4sRQM0POEy43RFSCKcHmlI+OZs=
Subject key identifier:   1B:34:D8:86:8D:BF:1B:74:93:AB:A8:EC:73:95:C8:6C:31:0E:56:40
Authority key identifier: 4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC
Certificate issuer:       /CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
Certificate serial:       01976A05D0E2957414D7205E00C7B878DDEF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
Manifest number:          125B
Signing time:             Fri 13 Jun 2025 16:00:55 +0000
Manifest this update:     Fri 13 Jun 2025 16:00:55 +0000
Manifest next update:     Sat 14 Jun 2025 16:00:55 +0000
Files and hashes:         1: TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl (hash: LMYgwegK+0h/f7aSgEDGEF8y4h2gTRqCfaJmSiaxZ24=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6a:05:d0:e2:95:74:14:d7:20:5e:00:c7:b8:78:dd:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
        Validity
            Not Before: Jun 13 16:00:55 2025 GMT
            Not After : Jun 14 16:00:55 2025 GMT
        Subject: CN=1b34d8868dbf1b7493aba8ec7395c86c310e5640
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:4a:f7:2b:a4:de:44:dc:ea:79:60:95:ae:5f:
                    0c:1b:f2:f5:ee:13:9b:84:61:3a:3c:34:35:12:0b:
                    c5:4f:79:45:5d:6c:d1:c3:06:08:38:a2:6a:e8:91:
                    4f:c1:8a:03:db:ff:e5:bc:d1:62:27:6b:be:0a:06:
                    bc:ea:a9:df:53:f9:18:91:fc:87:b7:0b:d5:02:3e:
                    c5:d8:2e:2c:63:66:94:ec:be:d4:97:ea:ef:50:3f:
                    6d:8b:b5:90:cd:bb:09:27:3b:de:dc:28:25:57:46:
                    ab:b7:ea:c6:87:34:13:4a:6e:47:4f:83:c5:2c:1f:
                    76:a8:01:0a:e2:d9:c5:7e:99:de:23:01:d1:d4:fc:
                    79:3b:ed:c7:b7:dd:86:f4:32:d8:50:75:6d:7f:e5:
                    d6:42:14:af:94:73:28:48:dc:f4:c3:ed:b7:ca:98:
                    7f:7d:1a:8f:14:9d:73:c0:5d:04:49:0f:ad:41:da:
                    0b:05:8e:a4:c7:2e:df:35:c3:4d:ba:25:42:bb:66:
                    0a:98:cd:fa:82:cf:e6:98:a5:4b:b7:be:30:3e:a1:
                    b8:d8:d0:7d:09:72:14:f9:00:12:55:1e:1a:e3:e2:
                    47:22:5f:e4:32:49:5b:67:f7:a3:9e:52:34:ae:3b:
                    79:fe:25:41:40:fb:87:66:ee:c7:54:6d:7c:e7:6d:
                    e0:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:34:D8:86:8D:BF:1B:74:93:AB:A8:EC:73:95:C8:6C:31:0E:56:40
            X509v3 Authority Key Identifier:
                keyid:4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:9f:12:9f:68:22:86:b0:c8:97:5d:07:bd:e9:33:a3:ab:d0:
         fe:b7:61:34:ea:dc:a5:c1:9b:31:34:f6:ea:a6:32:0b:36:94:
         f2:3e:d4:12:c8:04:36:a3:2a:d8:35:cb:5b:59:61:4d:2c:c7:
         75:dc:d1:8f:71:f2:64:43:ca:b8:67:91:c9:6c:8e:22:a5:dc:
         3f:27:1f:a4:3e:18:a6:af:4a:b9:8a:b8:7f:ac:f3:26:97:bd:
         36:86:23:75:66:6d:7b:df:2a:23:b8:97:ed:75:a7:57:77:e3:
         3a:ff:ce:79:fb:f8:f8:08:98:aa:31:29:b0:a6:1c:64:1f:de:
         8d:12:09:f3:69:88:f7:98:b0:ed:64:bc:4c:bb:50:9c:c8:db:
         b4:9b:9e:5a:61:8a:48:91:ae:85:c0:66:bb:c6:3f:f1:4e:8a:
         0e:7a:ef:f1:b0:46:8f:ab:06:6d:bf:fa:c8:d0:47:39:1f:bc:
         3b:6d:16:e2:79:43:40:53:38:c3:d2:2a:8b:a9:80:04:1f:6d:
         5b:5b:35:1c:18:38:b0:81:2e:9b:48:23:19:ff:34:ff:90:9d:
         1a:89:0b:61:1e:39:61:1d:be:c5:63:46:9b:db:6f:fe:69:d0:
         f8:fe:61:2f:ea:8e:e4:65:89:ba:50:67:96:b9:65:ee:f0:60:
         32:6a:b7:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqBdDilXQU1yBeAMe4eN3vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzVkYTdlODQzZTM3YzdkYmE0ZmNhNzE4ZjQzODY1ZmQ3
Yzk4ZGMwHhcNMjUwNjEzMTYwMDU1WhcNMjUwNjE0MTYwMDU1WjAzMTEwLwYDVQQD
EygxYjM0ZDg4NjhkYmYxYjc0OTNhYmE4ZWM3Mzk1Yzg2YzMxMGU1NjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kr3K6TeRNzqeWCVrl8MG/L17hOb
hGE6PDQ1EgvFT3lFXWzRwwYIOKJq6JFPwYoD2//lvNFiJ2u+Cga86qnfU/kYkfyH
twvVAj7F2C4sY2aU7L7Ul+rvUD9ti7WQzbsJJzve3CglV0art+rGhzQTSm5HT4PF
LB92qAEK4tnFfpneIwHR1Px5O+3Ht92G9DLYUHVtf+XWQhSvlHMoSNz0w+23yph/
fRqPFJ1zwF0ESQ+tQdoLBY6kxy7fNcNNuiVCu2YKmM36gs/mmKVLt74wPqG42NB9
CXIU+QASVR4a4+JHIl/kMklbZ/ejnlI0rjt5/iVBQPuHZu7HVG18523glwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBs02IaNvxt0k6uo7HOVyGwxDlZAMB8GA1UdIwQY
MBaAFEw12n6EPjfH26T8pxj0OGX9fJjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgt
YTY1ZTVlMzNkY2MwLzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgtYTY1ZTVlMzNkY2Mw
LzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa58Sn2gi
hrDIl10Hvekzo6vQ/rdhNOrcpcGbMTT26qYyCzaU8j7UEsgENqMq2DXLW1lhTSzH
ddzRj3HyZEPKuGeRyWyOIqXcPycfpD4Ypq9KuYq4f6zzJpe9NoYjdWZte98qI7iX
7XWnV3fjOv/Oefv4+AiYqjEpsKYcZB/ejRIJ82mI95iw7WS8TLtQnMjbtJueWmGK
SJGuhcBmu8Y/8U6KDnrv8bBGj6sGbb/6yNBHOR+8O20W4nlDQFM4w9Iqi6mABB9t
W1s1HBg4sIEum0gjGf80/5CdGokLYR45YR2+xWNGm9tv/mnQ+P5hL+qO5GWJulBn
lrll7vBgMmq3gA==
-----END CERTIFICATE-----