Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
File:                     tsaaSiFb3h0yk03chd6vj9nJRHk.mft (raw, json)
Hash identifier:          CM8PVQtojsBCjG+b3UiatKRFexy/yEwIbu9lK6V2LHY=
Subject key identifier:   1D:EF:95:A1:12:D0:42:50:16:B5:E1:AB:AF:09:B9:8E:9B:7C:FF:81
Authority key identifier: B6:C6:9A:4A:21:5B:DE:1D:32:93:4D:DC:85:DE:AF:8F:D9:C9:44:79
Certificate issuer:       /CN=b6c69a4a215bde1d32934ddc85deaf8fd9c94479
Certificate serial:       0196AE7B59E2AFDBFB51023E6B3D17CD3652
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
Manifest number:          0CD8
Signing time:             Thu 08 May 2025 06:00:41 +0000
Manifest this update:     Thu 08 May 2025 06:00:41 +0000
Manifest next update:     Fri 09 May 2025 06:00:41 +0000
Files and hashes:         1: tsaaSiFb3h0yk03chd6vj9nJRHk.crl (hash: Us+UkLHEjgcajFEspyrnoJub8JTQM5DpSpHd2jDRt2A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 06:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ae:7b:59:e2:af:db:fb:51:02:3e:6b:3d:17:cd:36:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6c69a4a215bde1d32934ddc85deaf8fd9c94479
        Validity
            Not Before: May  8 06:00:41 2025 GMT
            Not After : May  9 06:00:41 2025 GMT
        Subject: CN=1def95a112d0425016b5e1abaf09b98e9b7cff81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:d8:a8:c2:69:d6:55:b4:2d:1d:df:e7:61:48:
                    3d:68:75:f4:1e:74:78:91:23:8b:f0:7a:3a:bf:3a:
                    f1:9d:0c:70:3d:08:ca:96:d1:c5:df:51:e4:12:1a:
                    4a:4f:2f:3e:6c:3e:6c:5f:27:b0:24:2b:cd:49:f2:
                    8a:d9:96:91:6e:78:aa:00:f8:fe:91:ae:a2:88:2a:
                    a3:a6:a7:04:94:79:f2:8a:07:ad:74:f2:2d:4f:c3:
                    3d:e9:5f:42:c8:5c:6e:94:be:13:54:5c:60:1e:92:
                    9e:06:a4:1e:66:97:23:6f:fb:18:0f:b5:92:56:d0:
                    4a:ce:27:e1:96:02:a0:ae:5a:63:78:ac:dd:bf:d5:
                    9c:4e:f3:6d:b4:05:32:d7:1d:8f:b2:44:c6:bf:e1:
                    c6:d4:42:95:47:42:b4:cc:c3:32:c3:22:bc:d5:00:
                    8f:ed:d7:9d:b0:67:13:fb:b7:0c:93:52:8e:e6:cb:
                    45:1b:8a:c9:65:94:ec:ab:bc:fd:e2:1c:71:88:d2:
                    17:4d:74:4e:26:5f:22:02:09:ed:77:e9:ae:39:50:
                    cc:14:df:79:d2:3b:f6:e5:46:32:d0:fc:94:f7:3c:
                    53:55:8e:57:4e:a9:b3:ab:93:6b:71:8f:12:46:09:
                    59:b7:62:60:58:c7:04:bb:18:d2:7b:98:bb:94:91:
                    15:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:EF:95:A1:12:D0:42:50:16:B5:E1:AB:AF:09:B9:8E:9B:7C:FF:81
            X509v3 Authority Key Identifier:
                keyid:B6:C6:9A:4A:21:5B:DE:1D:32:93:4D:DC:85:DE:AF:8F:D9:C9:44:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:e7:6b:76:8b:88:5d:a6:a8:49:b3:cc:ea:b9:e5:f5:f6:f4:
         5b:d8:8d:a4:99:9a:18:41:8b:98:40:e8:da:42:bb:df:a1:53:
         68:fa:27:cc:a7:94:65:aa:bc:c6:b9:cd:b7:af:7b:cd:85:36:
         c3:55:5d:09:46:74:2c:fb:b0:63:19:96:1b:4a:d9:7d:05:5e:
         72:b2:99:3c:28:e6:63:01:f2:59:38:a3:7f:cc:3a:1d:12:6c:
         2f:97:d3:23:05:33:16:3f:53:3b:5d:a7:71:44:6c:9b:57:50:
         9c:c1:83:d3:80:bd:18:71:9b:67:82:ae:4f:95:af:30:a4:45:
         d6:be:44:f1:d8:f4:b7:b1:7f:4c:c2:3e:1f:4e:c7:48:52:2e:
         93:52:a3:5d:04:da:c8:45:e3:3f:a8:f5:0f:59:d8:98:f5:c4:
         08:f8:a8:39:66:5f:cb:a4:59:32:26:45:69:d4:da:2c:71:6a:
         5c:e2:0a:da:35:f8:3d:05:be:b8:8e:bd:e8:8e:ae:ae:3a:48:
         1a:16:7e:44:d8:49:ec:02:98:48:a2:0f:cb:12:f2:ee:00:af:
         0f:cf:6c:15:cf:37:bb:ea:b1:44:a4:85:f7:1f:92:fe:8a:57:
         23:a3:fb:34:93:4c:72:3e:3c:7e:e3:c5:61:ef:15:67:14:aa:
         d2:6e:89:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaue1nir9v7UQI+az0XzTZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YzY5YTRhMjE1YmRlMWQzMjkzNGRkYzg1ZGVhZjhmZDlj
OTQ0NzkwHhcNMjUwNTA4MDYwMDQxWhcNMjUwNTA5MDYwMDQxWjAzMTEwLwYDVQQD
EygxZGVmOTVhMTEyZDA0MjUwMTZiNWUxYWJhZjA5Yjk4ZTliN2NmZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytiowmnWVbQtHd/nYUg9aHX0HnR4
kSOL8Ho6vzrxnQxwPQjKltHF31HkEhpKTy8+bD5sXyewJCvNSfKK2ZaRbniqAPj+
ka6iiCqjpqcElHnyigetdPItT8M96V9CyFxulL4TVFxgHpKeBqQeZpcjb/sYD7WS
VtBKzifhlgKgrlpjeKzdv9WcTvNttAUy1x2PskTGv+HG1EKVR0K0zMMywyK81QCP
7dedsGcT+7cMk1KO5stFG4rJZZTsq7z94hxxiNIXTXROJl8iAgntd+muOVDMFN95
0jv25UYy0PyU9zxTVY5XTqmzq5NrcY8SRglZt2JgWMcEuxjSe5i7lJEVtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB3vlaES0EJQFrXhq68JuY6bfP+BMB8GA1UdIwQY
MBaAFLbGmkohW94dMpNN3IXer4/ZyUR5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81NzdhN2ItNWRjYy00M2E3LWE4OWMt
ZTNiYzZiNDk5ZTdiLzEvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81NzdhN2ItNWRjYy00M2E3LWE4OWMtZTNiYzZiNDk5ZTdi
LzEvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAudrdouI
XaaoSbPM6rnl9fb0W9iNpJmaGEGLmEDo2kK736FTaPonzKeUZaq8xrnNt697zYU2
w1VdCUZ0LPuwYxmWG0rZfQVecrKZPCjmYwHyWTijf8w6HRJsL5fTIwUzFj9TO12n
cURsm1dQnMGD04C9GHGbZ4KuT5WvMKRF1r5E8dj0t7F/TMI+H07HSFIuk1KjXQTa
yEXjP6j1D1nYmPXECPioOWZfy6RZMiZFadTaLHFqXOIK2jX4PQW+uI696I6urjpI
GhZ+RNhJ7AKYSKIPyxLy7gCvD89sFc83u+qxRKSF9x+S/opXI6P7NJNMcj48fuPF
Ye8VZxSq0m6Jrw==
-----END CERTIFICATE-----