Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
File:                     TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft (raw, json)
Hash identifier:          RtRwDekuZwwpwKqjxBzgxoQSxQQ1h+okkU9tMhzw2gA=
Subject key identifier:   D3:BD:D0:DD:5E:50:51:51:2D:AF:B9:DE:57:DB:B9:19:C4:40:8B:9B
Authority key identifier: 4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB
Certificate issuer:       /CN=4d0f257f339cfb9e2754b6cc24364f0f129058db
Certificate serial:       01976F9A321745ED89AE9A5F162CB2C2A12C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
Manifest number:          13C9
Signing time:             Sat 14 Jun 2025 18:01:05 +0000
Manifest this update:     Sat 14 Jun 2025 18:01:05 +0000
Manifest next update:     Sun 15 Jun 2025 18:01:05 +0000
Files and hashes:         1: TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl (hash: LDZCbjD5WQB0+wp8xMVx6SUuEYVyuUk1m0Yj+32cOpU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:9a:32:17:45:ed:89:ae:9a:5f:16:2c:b2:c2:a1:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d0f257f339cfb9e2754b6cc24364f0f129058db
        Validity
            Not Before: Jun 14 18:01:05 2025 GMT
            Not After : Jun 15 18:01:05 2025 GMT
        Subject: CN=d3bdd0dd5e5051512dafb9de57dbb919c4408b9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:dd:7b:4f:56:75:70:99:f7:da:58:11:23:0b:
                    c5:95:c9:98:96:a2:7d:d2:5f:78:39:ee:75:ee:91:
                    76:4c:c4:3d:6f:23:36:f4:5b:40:fe:48:03:bd:14:
                    ea:cc:1d:43:86:b4:f1:16:cf:f6:bf:64:f5:da:4c:
                    d1:39:70:1f:8e:fe:b2:dc:09:b4:e1:30:fb:a2:45:
                    3d:02:50:66:a5:55:e2:e8:99:08:46:30:d7:b8:9e:
                    33:56:bd:d1:5b:04:ca:1f:1c:86:9d:39:e4:bd:bd:
                    1a:9a:f8:3e:6d:aa:0b:c1:42:da:df:31:5a:56:08:
                    5a:4e:56:15:c8:83:d8:3e:72:bc:84:d9:0b:80:6e:
                    e3:ac:0f:bc:01:66:25:70:4e:d9:1b:0c:fa:45:b3:
                    5f:e2:f2:1a:33:20:c6:ea:cb:f3:f1:97:ec:cd:55:
                    80:f0:19:56:1d:06:10:1a:02:57:bb:4f:d1:11:82:
                    e6:59:80:12:77:4d:54:f5:0d:57:99:be:75:e1:92:
                    ef:11:68:42:bf:75:3f:05:a6:0c:b1:03:e4:c5:f7:
                    25:a3:95:1d:b7:1f:0e:3e:64:a3:e7:56:ac:e8:ed:
                    6d:02:ee:5a:f7:2e:4f:00:22:c2:dc:43:ad:1d:f6:
                    4b:41:22:8e:b6:ed:56:b7:48:a6:8c:3a:c2:b4:a4:
                    02:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:BD:D0:DD:5E:50:51:51:2D:AF:B9:DE:57:DB:B9:19:C4:40:8B:9B
            X509v3 Authority Key Identifier:
                keyid:4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:fc:34:21:87:8d:ab:8e:b3:e1:c1:e2:39:c3:8e:17:b2:77:
         f4:d3:52:3a:3f:c6:e8:e3:6b:0f:69:5c:91:49:94:e4:7e:58:
         60:2a:4f:bf:a9:63:47:17:a7:31:b7:2b:3a:22:22:75:09:07:
         88:b6:ab:ee:58:8b:9b:e2:94:e2:3a:d0:8a:39:ef:6d:d3:1b:
         68:94:b6:07:9e:a6:f8:72:12:4d:5c:98:62:5b:fe:69:3a:f3:
         a6:fd:72:bc:ab:3a:9f:db:be:45:45:9c:f4:54:6b:75:1b:84:
         85:41:f2:22:4d:24:5b:89:13:44:ac:81:44:a7:a3:7d:c2:9c:
         3f:22:a7:e3:75:93:9c:2d:7e:b3:a6:16:13:cf:9a:05:66:6c:
         e4:08:75:92:87:22:cc:31:95:50:87:b4:18:81:5a:1b:8b:c1:
         d3:a9:48:5b:5e:52:99:e1:09:54:e7:ae:79:81:09:63:01:78:
         22:8d:b8:d3:10:fe:83:d2:54:2f:ce:de:33:d0:c8:78:1a:c7:
         f9:77:a7:cc:3f:56:ad:2c:88:1f:6f:54:d4:d2:b3:2c:eb:cc:
         4c:c3:38:c6:f4:6c:6d:52:46:a7:21:9e:da:eb:27:c2:63:62:
         ee:9f:cf:f9:15:b2:c5:b2:85:f9:e7:30:0e:da:0a:9f:38:c5:
         6c:66:e7:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvmjIXRe2JrppfFiyywqEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMGYyNTdmMzM5Y2ZiOWUyNzU0YjZjYzI0MzY0ZjBmMTI5
MDU4ZGIwHhcNMjUwNjE0MTgwMTA1WhcNMjUwNjE1MTgwMTA1WjAzMTEwLwYDVQQD
EyhkM2JkZDBkZDVlNTA1MTUxMmRhZmI5ZGU1N2RiYjkxOWM0NDA4YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs917T1Z1cJn32lgRIwvFlcmYlqJ9
0l94Oe517pF2TMQ9byM29FtA/kgDvRTqzB1DhrTxFs/2v2T12kzROXAfjv6y3Am0
4TD7okU9AlBmpVXi6JkIRjDXuJ4zVr3RWwTKHxyGnTnkvb0amvg+baoLwULa3zFa
VghaTlYVyIPYPnK8hNkLgG7jrA+8AWYlcE7ZGwz6RbNf4vIaMyDG6svz8ZfszVWA
8BlWHQYQGgJXu0/REYLmWYASd01U9Q1Xmb514ZLvEWhCv3U/BaYMsQPkxfclo5Ud
tx8OPmSj51as6O1tAu5a9y5PACLC3EOtHfZLQSKOtu1Wt0imjDrCtKQCcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNO90N1eUFFRLa+53lfbuRnEQIubMB8GA1UdIwQY
MBaAFE0PJX8znPueJ1S2zCQ2Tw8SkFjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUt
ZjNmNTgxZGZjNjQ4LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUtZjNmNTgxZGZjNjQ4
LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOfw0IYeN
q46z4cHiOcOOF7J39NNSOj/G6ONrD2lckUmU5H5YYCpPv6ljRxenMbcrOiIidQkH
iLar7liLm+KU4jrQijnvbdMbaJS2B56m+HISTVyYYlv+aTrzpv1yvKs6n9u+RUWc
9FRrdRuEhUHyIk0kW4kTRKyBRKejfcKcPyKn43WTnC1+s6YWE8+aBWZs5Ah1koci
zDGVUIe0GIFaG4vB06lIW15SmeEJVOeueYEJYwF4Io240xD+g9JUL87eM9DIeBrH
+XenzD9WrSyIH29U1NKzLOvMTMM4xvRsbVJGpyGe2usnwmNi7p/P+RWyxbKF+ecw
DtoKnzjFbGbnzQ==
-----END CERTIFICATE-----