Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
File:                     TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft (raw, json)
Hash identifier:          RV1+aIzHOzd2g+LxDXgOMafkSeqoDIGdbRRXgy53fgQ=
Subject key identifier:   3A:B0:C0:0E:28:BA:17:D0:33:D8:F6:82:61:75:AB:59:D3:BA:CA:9A
Authority key identifier: 4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD
Certificate issuer:       /CN=4d4927a141fb25b75824c6beaef0679d34fc49bd
Certificate serial:       0197B77CC18A5D63DDE34186846E4ECDB382
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
Manifest number:          02AA
Signing time:             Sat 28 Jun 2025 17:01:35 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:35 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:35 +0000
Files and hashes:         1: TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl (hash: knzAmbEXGPgWBl4Et3e95sDOePLdlIrlz+UJ46EP5AQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:c1:8a:5d:63:dd:e3:41:86:84:6e:4e:cd:b3:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d4927a141fb25b75824c6beaef0679d34fc49bd
        Validity
            Not Before: Jun 28 17:01:35 2025 GMT
            Not After : Jun 29 17:01:35 2025 GMT
        Subject: CN=3ab0c00e28ba17d033d8f6826175ab59d3baca9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:2f:5b:04:69:89:2a:62:93:6b:e4:b1:55:e5:
                    21:c0:70:f8:fa:2a:e2:ce:d0:18:23:cb:df:49:d1:
                    89:2f:38:04:a5:9a:32:35:21:17:81:96:3a:ca:77:
                    9c:a9:e7:4e:aa:eb:32:96:8e:f4:4f:89:2c:99:de:
                    e4:17:a0:60:f3:4a:d4:69:d3:34:86:7d:a9:25:3a:
                    4c:d2:50:7f:ef:71:5c:e0:5d:c4:7d:42:11:d3:b5:
                    a7:74:4b:36:ba:d1:c6:4a:65:46:85:5c:f3:93:4b:
                    47:78:86:42:db:b4:57:ed:bd:3c:33:36:1d:09:83:
                    f1:eb:c1:fd:05:00:05:21:45:71:77:67:76:bd:26:
                    a9:71:30:5e:3b:cc:13:89:c7:0a:9e:bc:07:2f:ab:
                    70:46:c0:11:dd:0b:e0:57:84:9b:5d:3f:c7:8b:5f:
                    d1:bc:83:18:b2:e0:1c:ee:ff:81:14:b9:56:9c:f5:
                    08:2c:48:83:6e:62:47:d6:61:cc:3d:49:00:08:65:
                    fd:09:6b:9f:c0:95:0f:15:15:06:f7:5e:9b:76:b0:
                    2a:a8:73:af:97:7c:51:cb:11:da:74:d1:f0:75:f3:
                    b8:d7:10:c5:71:8a:e9:78:50:b6:2e:4f:c6:20:d1:
                    86:ee:1a:d1:54:66:96:e0:28:c6:01:59:01:57:3e:
                    a4:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:B0:C0:0E:28:BA:17:D0:33:D8:F6:82:61:75:AB:59:D3:BA:CA:9A
            X509v3 Authority Key Identifier:
                keyid:4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:37:a3:7a:e0:64:b5:b4:a1:d2:4f:1c:e3:87:c6:6e:ed:00:
         27:8b:94:57:b4:b1:31:d8:7c:5f:46:5d:2d:70:aa:ec:75:6b:
         4e:bc:9e:02:3c:9e:2f:14:ad:ef:cc:54:2f:36:ed:1d:34:70:
         49:7e:c5:28:ce:37:6d:58:4f:13:f6:b0:e5:eb:27:11:a5:6c:
         c3:7d:1f:77:66:18:52:e9:31:01:33:49:da:80:f0:dc:bd:b4:
         c5:91:84:b9:f0:7e:b8:df:dc:d2:e4:e8:4e:e2:bc:d2:f1:bb:
         89:6c:52:29:6a:52:70:be:3c:e2:f9:3d:fa:17:a1:bd:03:2a:
         7c:00:d4:8c:1c:80:51:2f:bb:61:2c:53:2c:34:7f:23:32:fb:
         a3:73:69:12:81:75:e1:bf:83:b2:8b:b7:f1:cf:71:45:84:0f:
         6a:e4:86:f4:b1:a9:99:fb:90:a1:6e:a2:0a:6b:7b:a0:ed:a5:
         da:d8:5e:c7:1d:bb:d3:04:bc:9b:03:e2:6e:11:43:c4:49:1d:
         f9:6d:a4:26:e5:8f:08:6a:de:97:01:ee:4c:df:00:90:47:32:
         cd:9f:42:ff:05:b0:d8:dd:27:ff:20:27:56:3f:be:b3:9f:6d:
         fa:2d:63:7d:86:79:ea:e9:10:ce:b3:8b:a1:82:e4:ce:fe:d8:
         28:4f:32:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fMGKXWPd40GGhG5OzbOCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNDkyN2ExNDFmYjI1Yjc1ODI0YzZiZWFlZjA2NzlkMzRm
YzQ5YmQwHhcNMjUwNjI4MTcwMTM1WhcNMjUwNjI5MTcwMTM1WjAzMTEwLwYDVQQD
EygzYWIwYzAwZTI4YmExN2QwMzNkOGY2ODI2MTc1YWI1OWQzYmFjYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnC9bBGmJKmKTa+SxVeUhwHD4+iri
ztAYI8vfSdGJLzgEpZoyNSEXgZY6ynecqedOqusylo70T4ksmd7kF6Bg80rUadM0
hn2pJTpM0lB/73Fc4F3EfUIR07WndEs2utHGSmVGhVzzk0tHeIZC27RX7b08MzYd
CYPx68H9BQAFIUVxd2d2vSapcTBeO8wTiccKnrwHL6twRsAR3QvgV4SbXT/Hi1/R
vIMYsuAc7v+BFLlWnPUILEiDbmJH1mHMPUkACGX9CWufwJUPFRUG916bdrAqqHOv
l3xRyxHadNHwdfO41xDFcYrpeFC2Lk/GINGG7hrRVGaW4CjGAVkBVz6kdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDqwwA4ouhfQM9j2gmF1q1nTusqaMB8GA1UdIwQY
MBaAFE1JJ6FB+yW3WCTGvq7wZ500/Em9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUt
NjgwODM3MDlhNGI1LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUtNjgwODM3MDlhNGI1
LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjzejeuBk
tbSh0k8c44fGbu0AJ4uUV7SxMdh8X0ZdLXCq7HVrTryeAjyeLxSt78xULzbtHTRw
SX7FKM43bVhPE/aw5esnEaVsw30fd2YYUukxATNJ2oDw3L20xZGEufB+uN/c0uTo
TuK80vG7iWxSKWpScL484vk9+hehvQMqfADUjByAUS+7YSxTLDR/IzL7o3NpEoF1
4b+Dsou38c9xRYQPauSG9LGpmfuQoW6iCmt7oO2l2thexx270wS8mwPibhFDxEkd
+W2kJuWPCGrelwHuTN8AkEcyzZ9C/wWw2N0n/yAnVj++s59t+i1jfYZ56ukQzrOL
oYLkzv7YKE8yxA==
-----END CERTIFICATE-----