Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/8fa354-4bd5-454d-b2d8-03f604324fcf/1/TLbePNkQ87_3_4Xe1FLEMbHopSA.mft
File:                     TLbePNkQ87_3_4Xe1FLEMbHopSA.mft (raw, json)
Hash identifier:          0yI1Ii543QOmuW1VQOQIXd/ukBcWH+LZhf2QnqnIPeM=
Subject key identifier:   D2:20:93:1D:C0:CE:06:9B:21:14:16:EB:68:9D:0E:06:02:B2:F5:34
Authority key identifier: 4C:B6:DE:3C:D9:10:F3:BF:F7:FF:85:DE:D4:52:C4:31:B1:E8:A5:20
Certificate issuer:       /CN=4cb6de3cd910f3bff7ff85ded452c431b1e8a520
Certificate serial:       01987373FEE6A3E269FEC37D7E16FB893E4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TLbePNkQ87_3_4Xe1FLEMbHopSA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/8fa354-4bd5-454d-b2d8-03f604324fcf/1/TLbePNkQ87_3_4Xe1FLEMbHopSA.mft
Manifest number:          1618
Signing time:             Mon 04 Aug 2025 05:00:38 +0000
Manifest this update:     Mon 04 Aug 2025 05:00:38 +0000
Manifest next update:     Tue 05 Aug 2025 05:00:38 +0000
Files and hashes:         1: TLbePNkQ87_3_4Xe1FLEMbHopSA.crl (hash: Ip+d3HldGfPt/gDyv34Q2oo1EbZW1kurxhIIMIu9a/E=)
                          2: kE8LdGAFW614HUcjN1MoZxFokJs.roa (hash: XYMGtkKoA87TX5nzm+UQ3ylduTU9EvUGKlmdAtXqyu4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/8fa354-4bd5-454d-b2d8-03f604324fcf/1/TLbePNkQ87_3_4Xe1FLEMbHopSA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/8fa354-4bd5-454d-b2d8-03f604324fcf/1/TLbePNkQ87_3_4Xe1FLEMbHopSA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TLbePNkQ87_3_4Xe1FLEMbHopSA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:73:fe:e6:a3:e2:69:fe:c3:7d:7e:16:fb:89:3e:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4cb6de3cd910f3bff7ff85ded452c431b1e8a520
        Validity
            Not Before: Aug  4 05:00:38 2025 GMT
            Not After : Aug  5 05:00:38 2025 GMT
        Subject: CN=d220931dc0ce069b211416eb689d0e0602b2f534
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:eb:30:58:d6:e5:c9:58:5e:77:04:80:b6:c3:
                    4e:46:9d:8d:18:88:dd:e6:d2:45:ca:b7:1d:c9:03:
                    20:7e:e0:9d:87:f5:89:e6:f9:b5:08:d3:5e:9c:fc:
                    55:98:60:f7:58:1e:c8:36:6b:f6:1c:f5:63:d2:61:
                    c8:9d:cb:72:4b:dc:ff:1d:09:31:42:92:9e:a0:f4:
                    21:69:4c:3f:e9:d2:f0:ec:db:7d:ea:98:9e:42:8b:
                    e6:7a:ea:0b:87:8b:4a:21:47:db:d5:67:d4:85:66:
                    ff:28:5b:17:98:2b:00:ed:85:1b:41:f8:5e:80:a1:
                    c2:ec:be:34:05:6a:e6:62:c5:a8:5a:90:ae:9e:bc:
                    58:ff:51:6c:a5:0e:fc:eb:43:89:c6:a8:7a:98:cf:
                    cc:83:2e:32:3d:c2:b5:ab:62:85:d8:01:b8:81:8a:
                    f4:ef:94:85:79:65:ef:a9:74:a9:9c:29:0b:0e:d4:
                    a2:98:95:a1:1d:b8:c4:d7:7a:fd:8a:a8:35:18:a9:
                    83:df:b9:af:94:f3:4b:3e:81:71:4d:56:32:e0:05:
                    d8:b0:35:fd:e6:7b:32:4c:e1:0a:b5:57:21:81:14:
                    d7:85:c7:a9:f4:d2:a9:cd:1d:47:79:2f:59:4c:09:
                    ba:d0:77:65:07:9a:64:70:f3:fc:33:59:0d:86:87:
                    d2:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:20:93:1D:C0:CE:06:9B:21:14:16:EB:68:9D:0E:06:02:B2:F5:34
            X509v3 Authority Key Identifier:
                keyid:4C:B6:DE:3C:D9:10:F3:BF:F7:FF:85:DE:D4:52:C4:31:B1:E8:A5:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TLbePNkQ87_3_4Xe1FLEMbHopSA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/8fa354-4bd5-454d-b2d8-03f604324fcf/1/TLbePNkQ87_3_4Xe1FLEMbHopSA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/8fa354-4bd5-454d-b2d8-03f604324fcf/1/TLbePNkQ87_3_4Xe1FLEMbHopSA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:0e:e8:72:bc:17:7b:e2:af:6d:b6:fa:f1:e3:51:5c:d2:7d:
         0d:98:bd:b2:35:c6:6b:f2:fd:70:2c:66:3c:d8:49:6c:1f:e1:
         f9:4e:96:ba:71:b4:ee:5b:91:3b:f2:9a:44:f0:7b:1e:75:2e:
         1a:a3:77:a2:e2:ca:b9:38:90:73:79:6c:c7:ea:81:de:ed:79:
         59:54:18:cb:84:c4:18:78:49:32:d5:a7:7c:59:df:b8:63:cf:
         5f:93:72:12:bb:88:dd:8b:87:4a:14:f1:b1:7a:6b:46:de:f8:
         3d:53:c4:05:ed:08:98:ec:1d:d8:1c:87:c5:8b:cf:50:a0:a2:
         5e:50:0d:e6:fd:41:65:de:41:28:ce:30:c0:d5:8a:dd:cb:6e:
         67:ed:4b:b9:b5:61:eb:b9:01:1c:ca:aa:71:52:37:0a:8f:a5:
         2b:f7:87:1c:c8:23:f9:3b:ae:9e:f0:1e:3f:43:be:2b:8e:98:
         81:a2:8e:f2:6a:dc:30:8a:e3:a6:a5:20:f8:5d:fc:4b:c2:19:
         da:4b:ca:7b:bc:80:f4:67:2e:82:7b:07:d9:3f:cd:ce:fb:38:
         8d:f1:8d:e4:80:f6:51:c3:d9:42:26:4a:aa:ad:60:58:56:14:
         79:2b:b3:fc:6e:ba:2e:87:c6:6c:fc:d8:75:f2:a5:5e:28:cd:
         34:07:25:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzc/7mo+Jp/sN9fhb7iT5MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYjZkZTNjZDkxMGYzYmZmN2ZmODVkZWQ0NTJjNDMxYjFl
OGE1MjAwHhcNMjUwODA0MDUwMDM4WhcNMjUwODA1MDUwMDM4WjAzMTEwLwYDVQQD
EyhkMjIwOTMxZGMwY2UwNjliMjExNDE2ZWI2ODlkMGUwNjAyYjJmNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5uswWNblyVhedwSAtsNORp2NGIjd
5tJFyrcdyQMgfuCdh/WJ5vm1CNNenPxVmGD3WB7INmv2HPVj0mHInctyS9z/HQkx
QpKeoPQhaUw/6dLw7Nt96pieQovmeuoLh4tKIUfb1WfUhWb/KFsXmCsA7YUbQfhe
gKHC7L40BWrmYsWoWpCunrxY/1FspQ7860OJxqh6mM/Mgy4yPcK1q2KF2AG4gYr0
75SFeWXvqXSpnCkLDtSimJWhHbjE13r9iqg1GKmD37mvlPNLPoFxTVYy4AXYsDX9
5nsyTOEKtVchgRTXhcep9NKpzR1HeS9ZTAm60HdlB5pkcPP8M1kNhofSxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNIgkx3AzgabIRQW62idDgYCsvU0MB8GA1UdIwQY
MBaAFEy23jzZEPO/9/+F3tRSxDGx6KUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVExiZVBOa1E4N18zXzRYZTFGTEVNYkhvcFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS84ZmEzNTQtNGJkNS00NTRkLWIyZDgt
MDNmNjA0MzI0ZmNmLzEvVExiZVBOa1E4N18zXzRYZTFGTEVNYkhvcFNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS84ZmEzNTQtNGJkNS00NTRkLWIyZDgtMDNmNjA0MzI0ZmNm
LzEvVExiZVBOa1E4N18zXzRYZTFGTEVNYkhvcFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlQ7ocrwX
e+Kvbbb68eNRXNJ9DZi9sjXGa/L9cCxmPNhJbB/h+U6WunG07luRO/KaRPB7HnUu
GqN3ouLKuTiQc3lsx+qB3u15WVQYy4TEGHhJMtWnfFnfuGPPX5NyEruI3YuHShTx
sXprRt74PVPEBe0ImOwd2ByHxYvPUKCiXlAN5v1BZd5BKM4wwNWK3ctuZ+1LubVh
67kBHMqqcVI3Co+lK/eHHMgj+TuunvAeP0O+K46YgaKO8mrcMIrjpqUg+F38S8IZ
2kvKe7yA9GcugnsH2T/Nzvs4jfGN5ID2UcPZQiZKqq1gWFYUeSuz/G66LofGbPzY
dfKlXijNNAcl7w==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:05:39 2025 by rpki-client