Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
File:                     TkB_fq2BapVV9HrxCQPvRcgXC4I.mft (raw, json)
Hash identifier:          KDgQD0PrR8bAtvMFfx7SXhR/jAlaf3D4fNzbZOaxauo=
Subject key identifier:   44:9E:D9:2F:32:B6:02:16:7F:92:0C:DB:72:10:B6:88:01:20:7E:96
Authority key identifier: 4E:40:7F:7E:AD:81:6A:95:55:F4:7A:F1:09:03:EF:45:C8:17:0B:82
Certificate issuer:       /CN=4e407f7ead816a9555f47af10903ef45c8170b82
Certificate serial:       0196C6158B7126E30A50F8D343862150032F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
Manifest number:          061D
Signing time:             Mon 12 May 2025 20:00:22 +0000
Manifest this update:     Mon 12 May 2025 20:00:22 +0000
Manifest next update:     Tue 13 May 2025 20:00:22 +0000
Files and hashes:         1: TkB_fq2BapVV9HrxCQPvRcgXC4I.crl (hash: lKqvP+jKu9s/cNPpVdKntu7fv9yb3Hn5HvWBoT5qMIc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c6:15:8b:71:26:e3:0a:50:f8:d3:43:86:21:50:03:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e407f7ead816a9555f47af10903ef45c8170b82
        Validity
            Not Before: May 12 20:00:22 2025 GMT
            Not After : May 13 20:00:22 2025 GMT
        Subject: CN=449ed92f32b602167f920cdb7210b68801207e96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:02:fb:19:08:5c:6b:06:25:98:61:92:0b:46:
                    da:46:cd:4c:09:a6:fd:19:b2:dd:ac:7d:5b:dd:5d:
                    ae:ea:15:f9:76:91:a2:79:52:8a:e3:34:2a:14:5a:
                    b0:5f:47:2b:fd:01:51:44:bf:01:a0:51:7c:8c:4f:
                    76:2e:07:30:39:91:65:e7:bd:7e:88:eb:e0:1a:4b:
                    8f:f5:6d:1e:25:cb:b8:0b:b9:05:6b:9c:74:d5:01:
                    8e:40:de:2d:c4:de:a5:3a:9b:01:e3:7f:ae:de:3b:
                    47:4f:d7:3d:9f:63:09:a9:72:3f:f4:e8:d8:89:dd:
                    36:e7:a0:56:4a:78:4c:3f:c9:40:53:ea:7e:56:57:
                    78:6d:05:68:5d:b3:27:d4:39:e4:29:57:57:ad:5b:
                    22:a4:bd:e4:97:68:0d:cb:0f:dd:82:3d:35:63:ab:
                    e1:c3:3b:95:33:ec:17:df:59:a1:31:4c:d5:c3:ce:
                    05:1a:ee:b6:d4:8d:de:4f:1e:d1:57:ef:23:e8:db:
                    f5:12:f9:d7:64:89:41:8f:35:4f:c9:88:d1:1c:35:
                    50:b8:88:37:08:be:23:04:b6:83:9d:de:80:de:d4:
                    be:90:50:a4:ba:60:17:ee:25:17:f3:be:36:86:63:
                    6c:50:56:af:8c:cb:a6:3c:e8:72:eb:8c:3f:bb:64:
                    6b:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:9E:D9:2F:32:B6:02:16:7F:92:0C:DB:72:10:B6:88:01:20:7E:96
            X509v3 Authority Key Identifier:
                keyid:4E:40:7F:7E:AD:81:6A:95:55:F4:7A:F1:09:03:EF:45:C8:17:0B:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:ed:4d:8b:21:c6:88:72:09:8b:93:1f:b6:67:8d:bb:2c:c3:
         c9:ce:32:c4:a8:7a:ea:ac:85:96:26:ec:8a:38:11:37:9d:7d:
         a6:7b:b7:7c:48:02:9c:a3:71:09:bf:ab:86:94:1e:4f:c7:22:
         67:5c:b9:bd:a0:f3:be:47:b6:e3:c6:25:90:1f:58:af:f7:58:
         58:40:ad:3e:72:4a:c9:d3:ed:fe:aa:7e:d8:b9:69:d7:93:97:
         b7:f3:1b:a5:b5:74:de:97:7f:ec:d5:1f:c7:80:98:6d:8d:14:
         d7:ed:99:f4:60:f5:8a:c8:dd:68:a1:47:ad:8f:f5:ce:4c:3b:
         89:68:62:fd:66:56:5f:f2:63:ec:95:47:64:9d:fd:d4:57:05:
         b8:60:5f:6b:b9:33:ea:12:c2:c8:41:2f:05:b9:a2:40:00:41:
         77:e9:b7:cf:67:ee:8b:3f:b9:f3:7e:30:69:e1:d8:0c:e8:25:
         65:f4:5c:37:a1:12:be:e1:4b:a9:7b:4c:f9:27:50:c4:bc:65:
         ac:e1:3d:e2:06:d8:7c:68:0d:a6:fa:15:cb:a8:3b:9d:05:3f:
         d1:ef:11:fa:5b:8a:08:9e:df:d0:08:81:5d:09:3c:eb:f4:c1:
         03:7e:f6:00:17:30:aa:b6:b2:31:6d:8b:f8:9a:cf:1f:a4:e1:
         e9:49:33:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbGFYtxJuMKUPjTQ4YhUAMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNDA3ZjdlYWQ4MTZhOTU1NWY0N2FmMTA5MDNlZjQ1Yzgx
NzBiODIwHhcNMjUwNTEyMjAwMDIyWhcNMjUwNTEzMjAwMDIyWjAzMTEwLwYDVQQD
Eyg0NDllZDkyZjMyYjYwMjE2N2Y5MjBjZGI3MjEwYjY4ODAxMjA3ZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQL7GQhcawYlmGGSC0baRs1MCab9
GbLdrH1b3V2u6hX5dpGieVKK4zQqFFqwX0cr/QFRRL8BoFF8jE92LgcwOZFl571+
iOvgGkuP9W0eJcu4C7kFa5x01QGOQN4txN6lOpsB43+u3jtHT9c9n2MJqXI/9OjY
id0256BWSnhMP8lAU+p+Vld4bQVoXbMn1DnkKVdXrVsipL3kl2gNyw/dgj01Y6vh
wzuVM+wX31mhMUzVw84FGu621I3eTx7RV+8j6Nv1EvnXZIlBjzVPyYjRHDVQuIg3
CL4jBLaDnd6A3tS+kFCkumAX7iUX8742hmNsUFavjMumPOhy64w/u2RrDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFESe2S8ytgIWf5IM23IQtogBIH6WMB8GA1UdIwQY
MBaAFE5Af36tgWqVVfR68QkD70XIFwuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zNTY1NTItMzEyYS00NGNlLTg2Nzct
NDA1NTA1ZmM0NjBlLzEvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zNTY1NTItMzEyYS00NGNlLTg2NzctNDA1NTA1ZmM0NjBl
LzEvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAou1NiyHG
iHIJi5MftmeNuyzDyc4yxKh66qyFlibsijgRN519pnu3fEgCnKNxCb+rhpQeT8ci
Z1y5vaDzvke248YlkB9Yr/dYWECtPnJKydPt/qp+2Llp15OXt/MbpbV03pd/7NUf
x4CYbY0U1+2Z9GD1isjdaKFHrY/1zkw7iWhi/WZWX/Jj7JVHZJ391FcFuGBfa7kz
6hLCyEEvBbmiQABBd+m3z2fuiz+5834waeHYDOglZfRcN6ESvuFLqXtM+SdQxLxl
rOE94gbYfGgNpvoVy6g7nQU/0e8R+luKCJ7f0AiBXQk86/TBA372ABcwqrayMW2L
+JrPH6Th6UkzpA==
-----END CERTIFICATE-----