Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.mft
File:                     tbU9N1ctag--wt36NciFiLsbKSg.mft (raw, json)
Hash identifier:          7duEbDBSYez6fzTnY/5wkWstrTfi+QZp77uatYY4FzU=
Subject key identifier:   FA:8B:21:A1:CE:19:9F:94:18:8B:87:C5:4A:1A:DF:06:DB:1B:41:A8
Authority key identifier: B5:B5:3D:37:57:2D:6A:0F:BE:C2:DD:FA:35:C8:85:88:BB:1B:29:28
Certificate issuer:       /CN=b5b53d37572d6a0fbec2ddfa35c88588bb1b2928
Certificate serial:       0196C201E6905D07BA3555AEDB112F548392
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tbU9N1ctag--wt36NciFiLsbKSg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.mft
Manifest number:          8A
Signing time:             Mon 12 May 2025 01:00:26 +0000
Manifest this update:     Mon 12 May 2025 01:00:26 +0000
Manifest next update:     Tue 13 May 2025 01:00:26 +0000
Files and hashes:         1: tbU9N1ctag--wt36NciFiLsbKSg.crl (hash: ZNpzeIFWt2+lXzcw3fqExCUzDL9YIGfh8Fb4YwVNcaM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tbU9N1ctag--wt36NciFiLsbKSg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c2:01:e6:90:5d:07:ba:35:55:ae:db:11:2f:54:83:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5b53d37572d6a0fbec2ddfa35c88588bb1b2928
        Validity
            Not Before: May 12 01:00:26 2025 GMT
            Not After : May 13 01:00:26 2025 GMT
        Subject: CN=fa8b21a1ce199f94188b87c54a1adf06db1b41a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:41:44:f2:ef:0f:5d:53:e7:2a:95:5d:50:21:
                    55:6c:69:12:b7:8f:d3:32:f8:0a:c8:43:31:ea:d7:
                    a1:1f:42:88:2f:25:56:64:07:8e:54:fa:7c:08:ba:
                    9b:c7:5b:3c:73:b2:46:c3:c4:d9:51:79:ff:e9:97:
                    c8:f5:1e:9a:a0:86:a1:64:d8:c2:cc:91:75:d4:f9:
                    a2:5b:d6:f7:a8:06:0f:9f:92:c9:02:d6:d3:aa:7d:
                    a4:2e:e2:22:3c:05:d7:08:89:8e:71:8e:d4:ee:f0:
                    eb:02:a6:66:0a:d7:23:f1:e2:e7:8e:72:d5:36:80:
                    e8:47:af:cf:12:12:a4:cf:42:a3:af:7c:cd:bd:14:
                    34:f1:d0:ec:c0:35:d4:dd:07:a9:e3:3c:bc:82:7c:
                    6c:5a:71:6e:58:12:99:85:70:2d:f7:d0:c2:bc:30:
                    be:6f:74:d9:f3:34:06:8a:05:e3:71:f5:e4:db:af:
                    ea:12:dd:c2:6c:3d:75:09:4f:9e:b4:ac:3f:71:21:
                    e0:e2:71:e6:5c:57:f9:18:f1:4a:dd:0e:e7:91:81:
                    45:77:28:51:56:6a:ef:ac:87:a6:15:ff:fb:e4:89:
                    b0:11:c3:70:f1:0b:76:ca:b4:99:73:04:06:be:d6:
                    0b:bf:83:a6:5d:25:fb:30:0c:c8:19:c2:76:5a:7b:
                    c3:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:8B:21:A1:CE:19:9F:94:18:8B:87:C5:4A:1A:DF:06:DB:1B:41:A8
            X509v3 Authority Key Identifier:
                keyid:B5:B5:3D:37:57:2D:6A:0F:BE:C2:DD:FA:35:C8:85:88:BB:1B:29:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbU9N1ctag--wt36NciFiLsbKSg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:f2:d3:48:4a:01:73:a5:6f:9e:59:db:0c:30:9e:63:54:24:
         d5:4d:91:f3:3e:f5:4f:15:e6:af:82:3f:4e:d8:34:64:3a:80:
         2d:52:60:8e:b4:7f:2a:1d:40:53:be:16:5f:ef:6e:39:fd:3e:
         f3:c6:21:fe:94:68:b3:a0:32:1a:9e:b5:6a:73:0a:a0:fb:3f:
         4a:8f:8a:f1:99:22:0e:ba:33:dc:3a:e1:c3:04:1d:93:0a:6c:
         bd:d6:3b:01:2a:bb:5a:87:1b:d6:0f:c1:0d:29:23:72:57:c9:
         16:be:92:24:4e:b5:2f:67:fa:13:b4:5e:ff:ae:09:fb:15:a2:
         13:74:36:83:a0:56:d4:db:09:5f:21:1f:56:5a:7d:7a:8c:c4:
         ec:a5:f6:34:78:6d:31:3a:1a:42:be:42:5a:4b:ac:61:72:7e:
         d3:7b:2c:27:cd:a2:08:a9:3c:ff:c3:d8:fc:9d:fc:95:1f:fa:
         2e:63:e8:d6:55:38:25:7f:91:4e:14:0d:8e:b8:a1:27:14:71:
         62:b9:9f:5a:85:18:80:7b:b7:d6:04:60:2e:11:7e:6e:98:87:
         1a:dd:58:df:92:bf:55:c7:52:87:7e:f5:7e:b6:52:23:a5:d3:
         bb:09:fd:64:54:74:1e:0c:12:54:51:86:73:23:dc:72:04:23:
         5f:28:26:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbCAeaQXQe6NVWu2xEvVIOSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjUzZDM3NTcyZDZhMGZiZWMyZGRmYTM1Yzg4NTg4YmIx
YjI5MjgwHhcNMjUwNTEyMDEwMDI2WhcNMjUwNTEzMDEwMDI2WjAzMTEwLwYDVQQD
EyhmYThiMjFhMWNlMTk5Zjk0MTg4Yjg3YzU0YTFhZGYwNmRiMWI0MWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0FE8u8PXVPnKpVdUCFVbGkSt4/T
MvgKyEMx6tehH0KILyVWZAeOVPp8CLqbx1s8c7JGw8TZUXn/6ZfI9R6aoIahZNjC
zJF11PmiW9b3qAYPn5LJAtbTqn2kLuIiPAXXCImOcY7U7vDrAqZmCtcj8eLnjnLV
NoDoR6/PEhKkz0Kjr3zNvRQ08dDswDXU3Qep4zy8gnxsWnFuWBKZhXAt99DCvDC+
b3TZ8zQGigXjcfXk26/qEt3CbD11CU+etKw/cSHg4nHmXFf5GPFK3Q7nkYFFdyhR
VmrvrIemFf/75ImwEcNw8Qt2yrSZcwQGvtYLv4OmXSX7MAzIGcJ2WnvDsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqLIaHOGZ+UGIuHxUoa3wbbG0GoMB8GA1UdIwQY
MBaAFLW1PTdXLWoPvsLd+jXIhYi7GykoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJVOU4xY3RhZy0td3QzNk5jaUZpTHNiS1NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9iODI4ZmItNzM3Yy00NzhlLThhOWYt
YjljMTE2Zjc1ZGYxLzEvdGJVOU4xY3RhZy0td3QzNk5jaUZpTHNiS1NnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9iODI4ZmItNzM3Yy00NzhlLThhOWYtYjljMTE2Zjc1ZGYx
LzEvdGJVOU4xY3RhZy0td3QzNk5jaUZpTHNiS1NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYPLTSEoB
c6VvnlnbDDCeY1Qk1U2R8z71TxXmr4I/Ttg0ZDqALVJgjrR/Kh1AU74WX+9uOf0+
88Yh/pRos6AyGp61anMKoPs/So+K8ZkiDroz3DrhwwQdkwpsvdY7ASq7Wocb1g/B
DSkjclfJFr6SJE61L2f6E7Re/64J+xWiE3Q2g6BW1NsJXyEfVlp9eozE7KX2NHht
MToaQr5CWkusYXJ+03ssJ82iCKk8/8PY/J38lR/6LmPo1lU4JX+RThQNjrihJxRx
YrmfWoUYgHu31gRgLhF+bpiHGt1Y35K/VcdSh371frZSI6XTuwn9ZFR0HgwSVFGG
cyPccgQjXygmpw==
-----END CERTIFICATE-----