Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft
File:                     tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft (raw, json)
Hash identifier:          KNL743w08be4oS0//d7MKnuJcG/6N7cEZ3ktfNTynFo=
Subject key identifier:   3D:F5:22:6D:F7:46:21:E5:84:6F:AC:CC:A7:5C:DE:AD:E4:7A:8B:9E
Authority key identifier: B5:94:EB:B6:74:8F:DC:12:12:7C:3F:92:7E:7F:B9:B1:AF:89:26:2C
Certificate issuer:       /CN=b594ebb6748fdc12127c3f927e7fb9b1af89262c
Certificate serial:       0196876EA341EE973FB931428F7B5DD23F43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft
Manifest number:          1515
Signing time:             Wed 30 Apr 2025 16:01:36 +0000
Manifest this update:     Wed 30 Apr 2025 16:01:36 +0000
Manifest next update:     Thu 01 May 2025 16:01:36 +0000
Files and hashes:         1: tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl (hash: op8c23qgdw6jCglgf3gZlztck1vkZ4l8nNAlnX6UROs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 16:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:87:6e:a3:41:ee:97:3f:b9:31:42:8f:7b:5d:d2:3f:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b594ebb6748fdc12127c3f927e7fb9b1af89262c
        Validity
            Not Before: Apr 30 16:01:36 2025 GMT
            Not After : May  1 16:01:36 2025 GMT
        Subject: CN=3df5226df74621e5846faccca75cdeade47a8b9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:45:a7:d8:fa:5f:d8:60:be:9f:6e:15:70:97:
                    8f:1e:55:8b:4e:61:fb:88:81:93:0f:26:f9:ba:cd:
                    af:16:fb:a1:31:60:ad:79:fb:2d:f1:e4:14:d4:31:
                    d8:22:5e:fe:73:26:45:fa:c8:63:09:78:90:2a:4b:
                    c3:9d:74:c0:1c:20:b3:5b:f5:ae:87:0c:2d:55:e9:
                    42:39:d9:68:c8:6a:a0:2c:46:39:ab:62:fb:b1:6f:
                    c3:f8:de:91:6d:ea:26:c5:5f:67:d8:14:8d:43:cb:
                    18:cb:c3:75:48:a8:ca:72:b8:3b:2b:47:a0:47:84:
                    12:f0:cd:08:bc:55:bb:85:78:f0:7a:3a:92:4b:6f:
                    88:7c:57:f4:c4:e4:2a:44:f8:4d:d6:48:12:73:d3:
                    ec:8c:cb:8d:cb:31:62:03:2a:88:e0:69:72:44:a8:
                    7d:3c:8b:0a:c7:8f:5b:78:6d:a6:45:f0:46:8b:e6:
                    47:a2:b5:a7:06:ee:ba:b3:ae:85:51:2e:e3:b5:be:
                    53:02:87:2c:d9:27:e4:70:bc:1b:73:2f:d4:3c:39:
                    a8:60:6b:c8:10:3c:7e:eb:77:8f:0c:80:c5:17:a1:
                    b8:8f:91:f1:c9:3b:67:48:2f:67:59:a7:a4:27:ca:
                    36:2c:5c:e7:cc:69:f4:b2:78:57:40:e4:6d:65:b8:
                    c4:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:F5:22:6D:F7:46:21:E5:84:6F:AC:CC:A7:5C:DE:AD:E4:7A:8B:9E
            X509v3 Authority Key Identifier:
                keyid:B5:94:EB:B6:74:8F:DC:12:12:7C:3F:92:7E:7F:B9:B1:AF:89:26:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:6b:1b:a7:af:fd:be:77:5a:e8:26:32:9b:a7:fa:35:23:e8:
         48:f2:89:52:95:d6:3f:3c:5c:53:3a:51:78:10:d4:a8:b6:63:
         37:fc:23:73:ba:c3:a1:b0:74:3a:ae:94:21:e4:a3:fd:ba:19:
         2f:a2:2a:24:db:9c:02:1c:e8:94:bd:d1:04:52:1b:9b:18:8b:
         c4:c2:38:08:af:54:a6:0c:c3:c1:fc:45:4d:59:80:c8:a8:cc:
         98:a6:c6:11:f3:dc:d3:5d:39:8d:7b:38:59:72:f2:d9:80:ec:
         8f:d1:10:a6:3a:3b:30:87:b8:9b:de:2f:be:95:6b:14:99:4c:
         87:7a:17:72:43:e8:93:5c:6a:1e:dd:5f:19:06:9e:f2:85:2c:
         c6:f8:de:41:1b:50:de:8a:89:11:f6:d2:25:e6:a5:eb:ea:3c:
         28:21:ea:b4:2d:23:ac:24:e3:ef:4a:cf:13:0f:f5:0f:88:3b:
         35:1d:df:83:d1:a5:93:0a:e9:74:a6:ec:ac:33:9e:11:7c:06:
         13:42:fe:36:57:0f:60:b1:52:bc:99:8a:56:59:37:54:34:27:
         3d:64:b6:46:76:5a:19:3e:53:97:46:30:0f:75:40:05:f7:4a:
         c1:ec:53:50:d5:20:4c:b6:2f:31:e5:7e:3d:d9:de:74:42:03:
         4d:d6:ba:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaHbqNB7pc/uTFCj3td0j9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OTRlYmI2NzQ4ZmRjMTIxMjdjM2Y5MjdlN2ZiOWIxYWY4
OTI2MmMwHhcNMjUwNDMwMTYwMTM2WhcNMjUwNTAxMTYwMTM2WjAzMTEwLwYDVQQD
EygzZGY1MjI2ZGY3NDYyMWU1ODQ2ZmFjY2NhNzVjZGVhZGU0N2E4YjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEWn2Ppf2GC+n24VcJePHlWLTmH7
iIGTDyb5us2vFvuhMWCtefst8eQU1DHYIl7+cyZF+shjCXiQKkvDnXTAHCCzW/Wu
hwwtVelCOdloyGqgLEY5q2L7sW/D+N6RbeomxV9n2BSNQ8sYy8N1SKjKcrg7K0eg
R4QS8M0IvFW7hXjwejqSS2+IfFf0xOQqRPhN1kgSc9PsjMuNyzFiAyqI4GlyRKh9
PIsKx49beG2mRfBGi+ZHorWnBu66s66FUS7jtb5TAocs2SfkcLwbcy/UPDmoYGvI
EDx+63ePDIDFF6G4j5HxyTtnSC9nWaekJ8o2LFznzGn0snhXQORtZbjEuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD31Im33RiHlhG+szKdc3q3keoueMB8GA1UdIwQY
MBaAFLWU67Z0j9wSEnw/kn5/ubGviSYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84YWEwODEtMzk2OS00MzJjLTk4ZDAt
ODIxOTM2YjMxNTE4LzEvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84YWEwODEtMzk2OS00MzJjLTk4ZDAtODIxOTM2YjMxNTE4
LzEvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATGsbp6/9
vnda6CYym6f6NSPoSPKJUpXWPzxcUzpReBDUqLZjN/wjc7rDobB0Oq6UIeSj/boZ
L6IqJNucAhzolL3RBFIbmxiLxMI4CK9UpgzDwfxFTVmAyKjMmKbGEfPc0105jXs4
WXLy2YDsj9EQpjo7MIe4m94vvpVrFJlMh3oXckPok1xqHt1fGQae8oUsxvjeQRtQ
3oqJEfbSJeal6+o8KCHqtC0jrCTj70rPEw/1D4g7NR3fg9GlkwrpdKbsrDOeEXwG
E0L+NlcPYLFSvJmKVlk3VDQnPWS2RnZaGT5Tl0YwD3VABfdKwexTUNUgTLYvMeV+
PdnedEIDTda6pw==
-----END CERTIFICATE-----