Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft
File:                     TzLUClO7YLhnWebsClIHMAtBr3A.mft (raw, json)
Hash identifier:          DcGMo94IRjRLbtEKxZhb34BaBol5GVmntikdbrYWUBE=
Subject key identifier:   99:25:B1:83:84:05:09:2B:31:EA:2B:17:2C:BF:B7:24:2D:08:F9:A3
Authority key identifier: 4F:32:D4:0A:53:BB:60:B8:67:59:E6:EC:0A:52:07:30:0B:41:AF:70
Certificate issuer:       /CN=4f32d40a53bb60b86759e6ec0a5207300b41af70
Certificate serial:       01976D3E7FD1A9BED8C2C5EB1BA99780624A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TzLUClO7YLhnWebsClIHMAtBr3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft
Manifest number:          158D
Signing time:             Sat 14 Jun 2025 07:01:41 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:41 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:41 +0000
Files and hashes:         1: TzLUClO7YLhnWebsClIHMAtBr3A.crl (hash: SuGGJM3KSwst9YtxzJJjMf2aarHA/VP9sEysCYCHcLg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TzLUClO7YLhnWebsClIHMAtBr3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:7f:d1:a9:be:d8:c2:c5:eb:1b:a9:97:80:62:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f32d40a53bb60b86759e6ec0a5207300b41af70
        Validity
            Not Before: Jun 14 07:01:41 2025 GMT
            Not After : Jun 15 07:01:41 2025 GMT
        Subject: CN=9925b1838405092b31ea2b172cbfb7242d08f9a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:5b:cc:e6:07:1b:e3:50:aa:e5:3f:e6:ef:7e:
                    59:cb:ab:ba:c2:42:8a:3e:c7:70:51:78:36:c9:27:
                    03:ed:89:86:11:53:86:fe:eb:cc:30:6f:c1:3f:44:
                    d7:75:f4:42:6a:8a:32:52:ed:c3:08:a5:6e:dd:aa:
                    e3:df:eb:f2:57:c5:a7:8a:e5:8b:37:b5:fa:34:e3:
                    17:a4:e6:1f:d5:82:02:fe:04:b7:10:31:96:a4:1a:
                    28:e2:f9:52:d9:75:ae:d2:b3:e2:26:18:29:96:04:
                    da:ce:d6:af:a0:0a:05:a4:a7:11:f9:af:8d:65:3a:
                    e9:bb:51:af:07:81:88:4c:73:da:52:0c:53:05:ca:
                    3d:23:9d:50:d5:3b:af:15:31:16:cf:1a:87:5e:a2:
                    b5:d9:4f:4c:88:d7:3a:de:91:8b:f9:0b:ba:ad:b6:
                    e0:a5:b6:74:38:de:42:44:7e:ef:0e:13:1e:f8:c3:
                    3f:66:0f:70:f6:4a:57:0c:ce:f4:70:e3:d1:d0:cd:
                    2e:80:f4:0e:39:5d:56:dc:b6:ea:5e:fd:5f:74:62:
                    43:67:f4:b0:63:f1:fe:11:55:dc:74:fb:4b:cf:cd:
                    eb:69:57:8f:73:4f:b7:32:1f:86:92:ee:07:cf:47:
                    7a:8b:e3:01:ee:e3:c1:d8:ff:ff:f7:e6:0d:fe:05:
                    c3:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:25:B1:83:84:05:09:2B:31:EA:2B:17:2C:BF:B7:24:2D:08:F9:A3
            X509v3 Authority Key Identifier:
                keyid:4F:32:D4:0A:53:BB:60:B8:67:59:E6:EC:0A:52:07:30:0B:41:AF:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzLUClO7YLhnWebsClIHMAtBr3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:b3:f6:a2:d5:3f:a2:28:6d:e6:56:8f:bb:e7:a3:d7:be:0e:
         10:7d:37:a8:23:01:2e:98:3c:89:10:fb:fd:5f:c8:9a:6d:ff:
         d1:6c:e4:24:17:1a:3e:9e:d1:13:f9:d6:09:9f:76:2d:1a:ec:
         b8:01:f6:f7:36:12:bd:d7:fa:81:be:45:7b:dd:49:96:fc:9f:
         5e:e3:80:d3:4b:8a:17:5a:86:12:87:d8:ec:0a:d5:26:b7:6e:
         9e:ef:2a:7e:6c:45:91:5f:9f:96:f7:46:73:40:a0:38:2f:73:
         d4:f2:22:78:88:fa:7b:0c:07:9a:5c:6f:e4:38:6c:95:f3:3e:
         35:62:4d:c9:40:b3:7c:94:cc:91:7e:e3:ca:d1:d4:9b:fa:0c:
         79:d1:9b:bf:b3:1c:88:ba:eb:c7:5e:83:a1:98:17:c4:ba:f6:
         5c:3a:60:c5:c3:ee:13:20:64:ba:3c:29:5b:65:35:dd:0d:87:
         91:d5:6d:2b:1d:bf:54:c5:1b:be:05:80:4a:6c:23:7f:3c:26:
         12:69:e2:78:2e:8e:0c:79:ae:d7:0a:31:1f:6e:9f:41:0d:a6:
         1c:9a:55:7e:e3:bf:45:34:8e:a1:d7:0e:3d:48:b0:44:b2:7a:
         b8:1f:7a:79:81:51:5f:30:83:ac:b8:9c:09:3a:ff:3d:9c:97:
         6f:63:4e:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPn/Rqb7YwsXrG6mXgGJKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMzJkNDBhNTNiYjYwYjg2NzU5ZTZlYzBhNTIwNzMwMGI0
MWFmNzAwHhcNMjUwNjE0MDcwMTQxWhcNMjUwNjE1MDcwMTQxWjAzMTEwLwYDVQQD
Eyg5OTI1YjE4Mzg0MDUwOTJiMzFlYTJiMTcyY2JmYjcyNDJkMDhmOWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVvM5gcb41Cq5T/m735Zy6u6wkKK
PsdwUXg2yScD7YmGEVOG/uvMMG/BP0TXdfRCaooyUu3DCKVu3arj3+vyV8WniuWL
N7X6NOMXpOYf1YIC/gS3EDGWpBoo4vlS2XWu0rPiJhgplgTaztavoAoFpKcR+a+N
ZTrpu1GvB4GITHPaUgxTBco9I51Q1TuvFTEWzxqHXqK12U9MiNc63pGL+Qu6rbbg
pbZ0ON5CRH7vDhMe+MM/Zg9w9kpXDM70cOPR0M0ugPQOOV1W3LbqXv1fdGJDZ/Sw
Y/H+EVXcdPtLz83raVePc0+3Mh+Gku4Hz0d6i+MB7uPB2P//9+YN/gXD+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJklsYOEBQkrMeorFyy/tyQtCPmjMB8GA1UdIwQY
MBaAFE8y1ApTu2C4Z1nm7ApSBzALQa9wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHpMVUNsTzdZTGhuV2Vic0NsSUhNQXRCcjNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9hNzVlNjMtODE0OS00OWM2LTkzOWYt
YzZiZjJmZmI3MjUzLzEvVHpMVUNsTzdZTGhuV2Vic0NsSUhNQXRCcjNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9hNzVlNjMtODE0OS00OWM2LTkzOWYtYzZiZjJmZmI3MjUz
LzEvVHpMVUNsTzdZTGhuV2Vic0NsSUhNQXRCcjNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI7P2otU/
oiht5laPu+ej174OEH03qCMBLpg8iRD7/V/Imm3/0WzkJBcaPp7RE/nWCZ92LRrs
uAH29zYSvdf6gb5Fe91JlvyfXuOA00uKF1qGEofY7ArVJrdunu8qfmxFkV+flvdG
c0CgOC9z1PIieIj6ewwHmlxv5DhslfM+NWJNyUCzfJTMkX7jytHUm/oMedGbv7Mc
iLrrx16DoZgXxLr2XDpgxcPuEyBkujwpW2U13Q2HkdVtKx2/VMUbvgWASmwjfzwm
EmnieC6ODHmu1woxH26fQQ2mHJpVfuO/RTSOodcOPUiwRLJ6uB96eYFRXzCDrLic
CTr/PZyXb2NOVQ==
-----END CERTIFICATE-----