Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
File:                     TkB_fq2BapVV9HrxCQPvRcgXC4I.mft (raw, json)
Hash identifier:          3vxspjrSUQwEmfN7Sfwh82goVzoYqrn6fgPKJxLEuUg=
Subject key identifier:   BD:3E:94:63:5F:81:4E:D6:44:9B:B9:5E:2D:F3:60:0C:10:7B:CB:E7
Authority key identifier: 4E:40:7F:7E:AD:81:6A:95:55:F4:7A:F1:09:03:EF:45:C8:17:0B:82
Certificate issuer:       /CN=4e407f7ead816a9555f47af10903ef45c8170b82
Certificate serial:       0197B77C6CB4C41F1B7A4F7AFAE4FC72BFA3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
Manifest number:          069A
Signing time:             Sat 28 Jun 2025 17:01:14 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:14 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:14 +0000
Files and hashes:         1: TkB_fq2BapVV9HrxCQPvRcgXC4I.crl (hash: 75wmHBIeHB6EiirMPyw/Mk6//ONcCU/U1Bs58RKcpak=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:6c:b4:c4:1f:1b:7a:4f:7a:fa:e4:fc:72:bf:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e407f7ead816a9555f47af10903ef45c8170b82
        Validity
            Not Before: Jun 28 17:01:14 2025 GMT
            Not After : Jun 29 17:01:14 2025 GMT
        Subject: CN=bd3e94635f814ed6449bb95e2df3600c107bcbe7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:4d:e7:8f:a7:01:da:fd:1c:60:22:80:2b:23:
                    a5:0b:2a:36:c0:a2:48:76:ba:90:dc:17:18:5d:17:
                    61:9f:90:fa:0c:75:49:47:7a:f8:eb:c2:87:fd:8d:
                    d4:8c:a9:bf:9f:e4:55:70:e0:10:86:58:4a:87:8b:
                    01:46:81:b4:d4:1d:06:11:3e:79:f5:01:68:85:d6:
                    ed:b7:eb:f7:96:a0:50:d7:22:bd:8b:ee:7b:34:4e:
                    94:20:ae:04:7d:12:2e:94:b5:79:13:7c:41:22:ca:
                    98:22:a7:d9:05:b7:5b:28:8a:33:71:68:e8:de:47:
                    79:41:1a:37:59:8d:01:a6:1f:79:69:26:7c:32:5f:
                    a3:99:62:7b:fa:7e:e1:81:d1:9c:1f:8f:17:52:94:
                    2d:e3:c5:90:11:38:1c:a6:db:3f:aa:1c:2f:18:4e:
                    b3:96:ed:e0:58:07:1f:71:9d:d2:54:dd:23:42:3d:
                    35:14:a4:80:52:0e:af:49:8e:8e:f2:d9:9f:00:83:
                    03:a3:fb:f9:bd:2f:f3:8b:fe:74:94:86:10:59:d2:
                    ce:67:21:b0:e5:2e:c0:39:ca:99:11:cb:92:55:8a:
                    46:c1:b9:94:39:7c:96:36:d5:36:a0:72:68:61:da:
                    06:33:12:61:28:75:3d:c6:87:32:30:1b:09:81:72:
                    a8:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:3E:94:63:5F:81:4E:D6:44:9B:B9:5E:2D:F3:60:0C:10:7B:CB:E7
            X509v3 Authority Key Identifier:
                keyid:4E:40:7F:7E:AD:81:6A:95:55:F4:7A:F1:09:03:EF:45:C8:17:0B:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:68:16:36:62:61:d4:46:74:09:e1:10:89:83:99:92:8d:2a:
         fe:57:fa:94:54:7a:2d:9c:2d:47:16:82:7a:21:95:a2:50:cb:
         71:49:40:9f:71:22:4f:67:55:9c:02:1b:fb:ef:0c:99:36:b3:
         13:91:2b:76:21:c4:f1:54:33:52:35:43:69:a3:a3:16:27:82:
         c5:e3:be:80:d3:70:7d:f1:08:b6:45:8b:83:8f:d7:22:b6:f5:
         bd:ed:39:c2:09:1b:5f:a6:b5:d0:b0:af:8a:f9:a2:81:40:ec:
         24:fa:36:28:b3:1e:66:98:fd:eb:3b:d4:a5:d8:74:b5:91:35:
         70:53:40:a9:15:2f:fb:9a:48:91:cb:57:83:5a:45:c9:3d:3a:
         15:a0:8d:4e:67:c4:a4:4e:79:26:73:54:fd:73:58:98:c7:1e:
         94:a4:ae:0d:d5:e9:64:a3:11:70:71:3e:8f:05:a2:e0:cf:a1:
         55:a0:75:e0:61:ca:38:c4:17:e1:39:00:d3:b3:12:16:43:08:
         7f:cc:67:21:41:1b:6c:47:4d:d5:73:dc:80:25:e1:3e:a0:7e:
         df:f2:06:2e:e5:9a:bf:39:d5:18:3a:c7:d5:dc:32:51:60:b0:
         7f:3c:28:58:b2:81:b0:78:fd:eb:d3:b7:0a:59:d0:6d:fb:4f:
         a2:5b:f9:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fGy0xB8bek96+uT8cr+jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNDA3ZjdlYWQ4MTZhOTU1NWY0N2FmMTA5MDNlZjQ1Yzgx
NzBiODIwHhcNMjUwNjI4MTcwMTE0WhcNMjUwNjI5MTcwMTE0WjAzMTEwLwYDVQQD
EyhiZDNlOTQ2MzVmODE0ZWQ2NDQ5YmI5NWUyZGYzNjAwYzEwN2JjYmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxE3nj6cB2v0cYCKAKyOlCyo2wKJI
drqQ3BcYXRdhn5D6DHVJR3r468KH/Y3UjKm/n+RVcOAQhlhKh4sBRoG01B0GET55
9QFohdbtt+v3lqBQ1yK9i+57NE6UIK4EfRIulLV5E3xBIsqYIqfZBbdbKIozcWjo
3kd5QRo3WY0Bph95aSZ8Ml+jmWJ7+n7hgdGcH48XUpQt48WQETgcpts/qhwvGE6z
lu3gWAcfcZ3SVN0jQj01FKSAUg6vSY6O8tmfAIMDo/v5vS/zi/50lIYQWdLOZyGw
5S7AOcqZEcuSVYpGwbmUOXyWNtU2oHJoYdoGMxJhKHU9xocyMBsJgXKoZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL0+lGNfgU7WRJu5Xi3zYAwQe8vnMB8GA1UdIwQY
MBaAFE5Af36tgWqVVfR68QkD70XIFwuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zNTY1NTItMzEyYS00NGNlLTg2Nzct
NDA1NTA1ZmM0NjBlLzEvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zNTY1NTItMzEyYS00NGNlLTg2NzctNDA1NTA1ZmM0NjBl
LzEvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG2gWNmJh
1EZ0CeEQiYOZko0q/lf6lFR6LZwtRxaCeiGVolDLcUlAn3EiT2dVnAIb++8MmTaz
E5ErdiHE8VQzUjVDaaOjFieCxeO+gNNwffEItkWLg4/XIrb1ve05wgkbX6a10LCv
ivmigUDsJPo2KLMeZpj96zvUpdh0tZE1cFNAqRUv+5pIkctXg1pFyT06FaCNTmfE
pE55JnNU/XNYmMcelKSuDdXpZKMRcHE+jwWi4M+hVaB14GHKOMQX4TkA07MSFkMI
f8xnIUEbbEdN1XPcgCXhPqB+3/IGLuWavznVGDrH1dwyUWCwfzwoWLKBsHj969O3
ClnQbftPolv5Ow==
-----END CERTIFICATE-----