Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/8fa354-4bd5-454d-b2d8-03f604324fcf/1/TLbePNkQ87_3_4Xe1FLEMbHopSA.mft
File:                     TLbePNkQ87_3_4Xe1FLEMbHopSA.mft (raw, json)
Hash identifier:          1fOUsiCJkVMheyVXT9e19C373KuOQWm3kboI+0MMX4g=
Subject key identifier:   F7:94:75:14:90:ED:1F:D2:37:DA:D6:3E:93:5B:24:78:DD:55:99:0F
Authority key identifier: 4C:B6:DE:3C:D9:10:F3:BF:F7:FF:85:DE:D4:52:C4:31:B1:E8:A5:20
Certificate issuer:       /CN=4cb6de3cd910f3bff7ff85ded452c431b1e8a520
Certificate serial:       01977A544BD472DFDE97492DCAACA41F1A37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TLbePNkQ87_3_4Xe1FLEMbHopSA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/8fa354-4bd5-454d-b2d8-03f604324fcf/1/TLbePNkQ87_3_4Xe1FLEMbHopSA.mft
Manifest number:          1597
Signing time:             Mon 16 Jun 2025 20:00:34 +0000
Manifest this update:     Mon 16 Jun 2025 20:00:34 +0000
Manifest next update:     Tue 17 Jun 2025 20:00:34 +0000
Files and hashes:         1: TLbePNkQ87_3_4Xe1FLEMbHopSA.crl (hash: U1YyNIepaPhtgYqkmI5LhapWq1Icrrssavxtf/Sp/ZI=)
                          2: kE8LdGAFW614HUcjN1MoZxFokJs.roa (hash: XYMGtkKoA87TX5nzm+UQ3ylduTU9EvUGKlmdAtXqyu4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/8fa354-4bd5-454d-b2d8-03f604324fcf/1/TLbePNkQ87_3_4Xe1FLEMbHopSA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/8fa354-4bd5-454d-b2d8-03f604324fcf/1/TLbePNkQ87_3_4Xe1FLEMbHopSA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TLbePNkQ87_3_4Xe1FLEMbHopSA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 20:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7a:54:4b:d4:72:df:de:97:49:2d:ca:ac:a4:1f:1a:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4cb6de3cd910f3bff7ff85ded452c431b1e8a520
        Validity
            Not Before: Jun 16 20:00:34 2025 GMT
            Not After : Jun 17 20:00:34 2025 GMT
        Subject: CN=f794751490ed1fd237dad63e935b2478dd55990f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:39:65:b7:0f:5c:fd:4f:57:49:55:db:fa:2c:
                    91:86:1d:dd:ef:e0:55:67:c6:a7:05:bd:85:b0:18:
                    fc:70:98:3d:59:fa:13:70:3b:19:20:d2:f0:7a:bc:
                    d1:7e:f0:be:ea:38:f2:13:07:d5:d1:e6:ae:f1:55:
                    a5:30:1a:23:a2:b2:96:a7:bc:51:ec:7d:9d:24:33:
                    47:ad:07:21:80:85:c9:fc:29:3d:f2:91:9e:27:bf:
                    ae:49:09:28:05:c3:af:fd:bf:05:39:ad:21:a8:bb:
                    00:a0:9f:46:38:d4:f9:b3:09:b0:4c:88:66:b2:bf:
                    43:eb:df:af:0d:3a:2a:4f:68:94:0b:1b:14:bb:e7:
                    f4:94:43:aa:0e:c3:05:35:6b:f8:a6:89:96:78:c9:
                    2b:ec:cf:dc:5a:c5:4d:42:1f:c9:2c:36:15:fd:45:
                    03:00:bb:1c:04:86:5b:13:d2:f3:0e:b7:58:2b:30:
                    ef:c4:52:7f:b7:8d:ff:20:8c:fe:60:08:f0:2b:47:
                    0c:e1:3d:c3:2e:65:c0:5c:04:cf:21:0d:4d:98:65:
                    ad:4d:87:00:40:eb:bd:fc:32:f5:ae:a0:20:9e:19:
                    a4:20:c6:49:a8:da:ba:f9:e5:39:cf:78:11:82:06:
                    42:67:48:d0:ba:8a:89:21:c3:ba:68:18:ec:c7:ab:
                    4f:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:94:75:14:90:ED:1F:D2:37:DA:D6:3E:93:5B:24:78:DD:55:99:0F
            X509v3 Authority Key Identifier:
                keyid:4C:B6:DE:3C:D9:10:F3:BF:F7:FF:85:DE:D4:52:C4:31:B1:E8:A5:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TLbePNkQ87_3_4Xe1FLEMbHopSA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/8fa354-4bd5-454d-b2d8-03f604324fcf/1/TLbePNkQ87_3_4Xe1FLEMbHopSA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/8fa354-4bd5-454d-b2d8-03f604324fcf/1/TLbePNkQ87_3_4Xe1FLEMbHopSA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:38:3e:65:41:ae:84:6a:01:3a:52:2a:e4:0b:f1:9a:0a:61:
         4b:40:9e:18:13:31:ec:e4:6f:86:b3:21:a6:e2:5c:a3:3d:07:
         99:4a:1f:c6:80:bc:8f:81:56:c4:a3:48:4c:15:cf:91:f8:be:
         c3:3e:e4:47:d3:b2:4f:96:e5:2b:b9:2d:cc:31:8c:a9:21:0c:
         21:6a:6c:32:d3:80:5a:46:81:e8:d0:20:a6:e7:79:3e:d1:48:
         57:87:f9:a4:92:c0:34:0d:7a:13:ba:f0:e9:92:58:e2:6a:3f:
         4f:ec:92:bc:46:74:ae:39:41:66:e9:d7:0e:c8:59:02:c4:bf:
         98:dc:7d:08:51:11:aa:3d:c5:a9:db:98:ee:ff:6b:6d:e2:58:
         2a:83:c3:40:b1:12:ac:46:d4:c7:da:6d:80:91:08:8b:87:34:
         66:9d:10:20:08:ae:cb:f2:ca:3a:8c:b0:7a:55:fd:82:7f:05:
         7b:bb:d3:b7:9a:ef:94:8b:9b:54:f2:09:37:d2:28:54:13:99:
         54:ad:50:b9:c0:c9:0c:ed:6b:d5:d3:7c:f4:a9:94:7b:d4:55:
         47:4d:2d:e8:b5:75:aa:43:c6:e3:cb:f4:28:1b:2b:7e:27:e7:
         b8:b1:0d:d6:8e:d9:00:0d:97:c7:1c:ef:bb:8b:18:7c:81:2a:
         3f:e5:92:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd6VEvUct/el0ktyqykHxo3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYjZkZTNjZDkxMGYzYmZmN2ZmODVkZWQ0NTJjNDMxYjFl
OGE1MjAwHhcNMjUwNjE2MjAwMDM0WhcNMjUwNjE3MjAwMDM0WjAzMTEwLwYDVQQD
EyhmNzk0NzUxNDkwZWQxZmQyMzdkYWQ2M2U5MzViMjQ3OGRkNTU5OTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTlltw9c/U9XSVXb+iyRhh3d7+BV
Z8anBb2FsBj8cJg9WfoTcDsZINLwerzRfvC+6jjyEwfV0eau8VWlMBojorKWp7xR
7H2dJDNHrQchgIXJ/Ck98pGeJ7+uSQkoBcOv/b8FOa0hqLsAoJ9GONT5swmwTIhm
sr9D69+vDToqT2iUCxsUu+f0lEOqDsMFNWv4pomWeMkr7M/cWsVNQh/JLDYV/UUD
ALscBIZbE9LzDrdYKzDvxFJ/t43/IIz+YAjwK0cM4T3DLmXAXATPIQ1NmGWtTYcA
QOu9/DL1rqAgnhmkIMZJqNq6+eU5z3gRggZCZ0jQuoqJIcO6aBjsx6tPWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPeUdRSQ7R/SN9rWPpNbJHjdVZkPMB8GA1UdIwQY
MBaAFEy23jzZEPO/9/+F3tRSxDGx6KUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVExiZVBOa1E4N18zXzRYZTFGTEVNYkhvcFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS84ZmEzNTQtNGJkNS00NTRkLWIyZDgt
MDNmNjA0MzI0ZmNmLzEvVExiZVBOa1E4N18zXzRYZTFGTEVNYkhvcFNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS84ZmEzNTQtNGJkNS00NTRkLWIyZDgtMDNmNjA0MzI0ZmNm
LzEvVExiZVBOa1E4N18zXzRYZTFGTEVNYkhvcFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkTg+ZUGu
hGoBOlIq5AvxmgphS0CeGBMx7ORvhrMhpuJcoz0HmUofxoC8j4FWxKNITBXPkfi+
wz7kR9OyT5blK7ktzDGMqSEMIWpsMtOAWkaB6NAgpud5PtFIV4f5pJLANA16E7rw
6ZJY4mo/T+ySvEZ0rjlBZunXDshZAsS/mNx9CFERqj3FqduY7v9rbeJYKoPDQLES
rEbUx9ptgJEIi4c0Zp0QIAiuy/LKOoywelX9gn8Fe7vTt5rvlIubVPIJN9IoVBOZ
VK1QucDJDO1r1dN89KmUe9RVR00t6LV1qkPG48v0KBsrfifnuLEN1o7ZAA2Xxxzv
u4sYfIEqP+WSLA==
-----END CERTIFICATE-----
Generated at Tue Jun 17 03:25:24 2025 by rpki-client