Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
File:                     TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft (raw, json)
Hash identifier:          7KLPlOYm82VLT8yXNe87EOc5k5/OUAyOnKECqS4fYEA=
Subject key identifier:   BF:01:62:A9:2E:3B:8C:44:6A:C2:8C:F5:CB:08:8E:A7:21:AA:83:28
Authority key identifier: 4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB
Certificate issuer:       /CN=4d0f257f339cfb9e2754b6cc24364f0f129058db
Certificate serial:       0198744FDF932B2F2662AE010AED89A668A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
Manifest number:          1450
Signing time:             Mon 04 Aug 2025 09:00:48 +0000
Manifest this update:     Mon 04 Aug 2025 09:00:48 +0000
Manifest next update:     Tue 05 Aug 2025 09:00:48 +0000
Files and hashes:         1: TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl (hash: UXkBaZooecDZmgJexcRMnhQIwUZIth2ZSkVp0Y3lE7Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 09:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:4f:df:93:2b:2f:26:62:ae:01:0a:ed:89:a6:68:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d0f257f339cfb9e2754b6cc24364f0f129058db
        Validity
            Not Before: Aug  4 09:00:48 2025 GMT
            Not After : Aug  5 09:00:48 2025 GMT
        Subject: CN=bf0162a92e3b8c446ac28cf5cb088ea721aa8328
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:24:ad:9c:f3:08:80:06:24:5e:07:22:16:92:
                    58:d1:19:45:4f:cb:9c:63:d6:17:a3:1e:59:61:92:
                    e5:8a:8a:e1:b0:51:1a:84:7a:4b:d6:e6:c3:f0:d6:
                    d9:ea:f6:73:fc:76:88:f1:1a:c9:3a:f1:a1:65:a9:
                    27:3d:dd:c4:57:86:83:9e:fc:4a:5d:54:f1:fc:30:
                    b1:97:98:b7:7b:df:8e:d4:4d:0c:e1:da:86:d1:2b:
                    07:58:c7:09:fb:b6:91:9e:9f:5d:cc:c4:05:58:6a:
                    4a:39:0f:a4:1f:90:d2:fe:1a:ad:e7:a2:f2:99:a5:
                    d2:2f:71:6a:66:88:b7:66:53:bb:ba:76:16:01:22:
                    6a:af:95:d6:4a:05:98:05:22:e5:9c:8a:83:f8:c9:
                    c0:35:e9:d7:75:cc:80:23:d1:93:c4:e5:33:67:e1:
                    39:88:90:0b:12:f6:a0:0f:4d:e7:4a:c9:b2:a6:47:
                    46:f3:2a:2a:59:64:68:c6:9b:66:60:8e:a6:fd:70:
                    32:b8:9d:c5:57:a4:ee:95:0b:bf:1b:3f:be:ee:dc:
                    0b:7b:5a:da:22:10:28:a6:73:fe:05:a1:47:36:af:
                    da:d8:c4:f8:e2:8f:e9:0d:32:ee:35:ae:bb:92:54:
                    a1:2e:7e:03:f6:d7:44:19:ce:e3:3a:ea:49:b6:be:
                    93:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:01:62:A9:2E:3B:8C:44:6A:C2:8C:F5:CB:08:8E:A7:21:AA:83:28
            X509v3 Authority Key Identifier:
                keyid:4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:83:73:b4:70:bb:06:d8:c1:74:0e:c7:b2:2e:9a:dd:69:11:
         bf:b7:54:b0:e6:d8:0f:e7:1d:47:45:ff:2d:64:52:ca:0f:c6:
         62:c6:54:ab:77:c8:e4:0a:40:51:d4:ee:eb:f5:1f:c7:b3:ce:
         09:e1:4a:43:33:f7:4c:ec:31:d7:e4:6e:25:7e:06:d5:c3:9d:
         62:58:f3:9d:ae:a0:39:4e:71:ae:01:75:a2:99:6f:c7:1a:3b:
         b6:34:d7:f6:81:69:9c:b1:0e:e1:d9:e1:89:28:4b:68:20:00:
         64:e5:6f:18:bf:52:a1:fb:31:50:c1:ce:79:fe:e7:be:dc:84:
         0f:79:51:cb:db:04:c5:34:45:ca:33:f7:ed:60:f1:46:82:35:
         6c:5d:c7:f7:68:bc:33:37:53:cb:b9:df:f7:20:07:48:42:e2:
         dc:98:a1:6e:66:e8:b9:82:5b:32:ee:dd:b4:df:36:33:5e:c8:
         63:b4:a5:8c:15:cc:92:dc:2f:5a:ac:a2:73:4b:f8:fc:42:e6:
         81:92:9f:a8:9b:37:7e:1e:cd:be:ac:31:da:88:d0:d3:77:8a:
         70:62:ff:db:9f:78:7e:bd:71:2e:23:7e:0d:39:a3:72:12:23:
         6b:7d:a7:ed:3c:7e:6e:1b:dc:1e:a6:ae:e2:07:85:6d:11:a5:
         85:57:75:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0T9+TKy8mYq4BCu2JpmilMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMGYyNTdmMzM5Y2ZiOWUyNzU0YjZjYzI0MzY0ZjBmMTI5
MDU4ZGIwHhcNMjUwODA0MDkwMDQ4WhcNMjUwODA1MDkwMDQ4WjAzMTEwLwYDVQQD
EyhiZjAxNjJhOTJlM2I4YzQ0NmFjMjhjZjVjYjA4OGVhNzIxYWE4MzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6SStnPMIgAYkXgciFpJY0RlFT8uc
Y9YXox5ZYZLliorhsFEahHpL1ubD8NbZ6vZz/HaI8RrJOvGhZaknPd3EV4aDnvxK
XVTx/DCxl5i3e9+O1E0M4dqG0SsHWMcJ+7aRnp9dzMQFWGpKOQ+kH5DS/hqt56Ly
maXSL3FqZoi3ZlO7unYWASJqr5XWSgWYBSLlnIqD+MnANenXdcyAI9GTxOUzZ+E5
iJALEvagD03nSsmypkdG8yoqWWRoxptmYI6m/XAyuJ3FV6TulQu/Gz++7twLe1ra
IhAopnP+BaFHNq/a2MT44o/pDTLuNa67klShLn4D9tdEGc7jOupJtr6T0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL8BYqkuO4xEasKM9csIjqchqoMoMB8GA1UdIwQY
MBaAFE0PJX8znPueJ1S2zCQ2Tw8SkFjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUt
ZjNmNTgxZGZjNjQ4LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUtZjNmNTgxZGZjNjQ4
LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANYNztHC7
BtjBdA7Hsi6a3WkRv7dUsObYD+cdR0X/LWRSyg/GYsZUq3fI5ApAUdTu6/Ufx7PO
CeFKQzP3TOwx1+RuJX4G1cOdYljzna6gOU5xrgF1oplvxxo7tjTX9oFpnLEO4dnh
iShLaCAAZOVvGL9SofsxUMHOef7nvtyED3lRy9sExTRFyjP37WDxRoI1bF3H92i8
MzdTy7nf9yAHSELi3JihbmbouYJbMu7dtN82M17IY7SljBXMktwvWqyic0v4/ELm
gZKfqJs3fh7Nvqwx2ojQ03eKcGL/2594fr1xLiN+DTmjchIja32n7Tx+bhvcHqau
4geFbRGlhVd1+g==
-----END CERTIFICATE-----