Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft
File:                     tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft (raw, json)
Hash identifier:          GK4f/jktRbRPvroRbYu9W48meSSUJd1KDtEdrPZ2WDU=
Subject key identifier:   C1:74:23:BB:80:8D:2D:83:61:53:4E:D1:A5:FE:81:13:7E:5D:00:17
Authority key identifier: B4:A6:C2:07:42:82:22:F6:3F:C9:CB:A8:39:D0:DB:D9:A6:95:0B:31
Certificate issuer:       /CN=b4a6c207428222f63fc9cba839d0dbd9a6950b31
Certificate serial:       0197B6A1DB65817B5F5442F216AB1E22367A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tKbCB0KCIvY_ycuoOdDb2aaVCzE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft
Manifest number:          69
Signing time:             Sat 28 Jun 2025 13:02:29 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:29 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:29 +0000
Files and hashes:         1: tKbCB0KCIvY_ycuoOdDb2aaVCzE.crl (hash: 2YIGdq9uf79i/qwXUKN2+haGBT6I59gOCVl6o0feVjA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tKbCB0KCIvY_ycuoOdDb2aaVCzE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:db:65:81:7b:5f:54:42:f2:16:ab:1e:22:36:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4a6c207428222f63fc9cba839d0dbd9a6950b31
        Validity
            Not Before: Jun 28 13:02:29 2025 GMT
            Not After : Jun 29 13:02:29 2025 GMT
        Subject: CN=c17423bb808d2d8361534ed1a5fe81137e5d0017
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:31:1b:7e:1a:53:98:29:fc:81:4c:cd:9e:0f:
                    0b:c6:a6:a3:50:de:0e:0b:f8:28:b7:6a:56:c7:92:
                    45:c7:a9:c1:cb:b8:cd:d5:61:19:c3:e9:49:5c:34:
                    00:df:c8:51:66:7b:1a:2b:ca:50:c2:1b:e6:97:23:
                    17:b7:4d:64:48:72:dd:fc:95:6e:92:77:eb:e2:47:
                    e8:0b:6e:b8:c5:6b:ed:68:8f:0f:bc:9a:96:b9:42:
                    72:92:45:46:6b:17:1d:0b:3c:bb:70:ab:58:da:8b:
                    13:48:96:d5:fa:50:81:21:9d:3f:d8:be:4d:a3:a4:
                    04:0a:27:6b:0c:95:f2:ac:a5:59:b1:53:2b:6e:8f:
                    00:24:3d:a5:e9:45:61:99:88:ef:05:ac:eb:48:08:
                    ed:06:53:b0:18:57:1d:bc:dd:32:58:b3:91:2c:14:
                    9f:5f:75:8e:5c:fd:55:e1:19:1b:4c:34:60:04:42:
                    c9:cd:f8:bf:8a:c7:c3:8d:1a:27:f7:d5:9f:66:8d:
                    dc:c4:ed:da:f9:12:50:dc:dd:a6:e3:6a:20:2a:6b:
                    c9:8a:f3:39:8b:e2:73:3e:8e:26:38:db:67:5e:78:
                    22:f4:20:9b:38:72:e0:97:a0:38:03:80:b5:f0:cb:
                    47:51:ed:27:f3:7e:9b:67:dc:c9:40:c0:35:e4:bc:
                    b7:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:74:23:BB:80:8D:2D:83:61:53:4E:D1:A5:FE:81:13:7E:5D:00:17
            X509v3 Authority Key Identifier:
                keyid:B4:A6:C2:07:42:82:22:F6:3F:C9:CB:A8:39:D0:DB:D9:A6:95:0B:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKbCB0KCIvY_ycuoOdDb2aaVCzE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:f5:ae:db:69:e6:ef:b7:64:5a:49:ef:82:fa:3c:dc:70:59:
         ab:ba:69:95:1f:1b:19:eb:18:20:90:d7:24:bb:31:02:25:49:
         6f:42:57:1b:5f:80:b9:a4:a5:68:0f:10:5b:4b:ce:02:67:13:
         e4:dd:3b:42:01:97:22:70:9e:aa:bb:73:c1:7b:f7:93:a2:95:
         99:a7:eb:0d:5b:d2:ca:52:da:a0:87:4a:fb:2e:14:fb:4e:76:
         55:e1:9e:b9:29:79:8d:44:52:51:06:ae:9a:c0:85:24:43:78:
         8a:fa:a3:18:a7:d4:80:13:90:df:61:e0:b4:cf:1b:93:3c:a2:
         a6:58:03:d3:45:e6:88:73:34:f8:ce:c4:1e:f3:f6:74:73:3a:
         21:95:b8:67:bd:d9:84:a7:5a:9f:28:8b:f4:f2:43:4a:ae:bc:
         d4:fa:40:2c:6a:ca:f2:22:57:81:05:5c:e6:b9:4c:77:51:e0:
         d1:75:12:e7:be:65:4d:0a:f9:e8:cb:47:d4:a1:57:17:fa:2d:
         b3:a7:c7:0e:87:62:9e:1c:03:c8:b7:01:20:0c:e8:7f:5c:d6:
         94:57:ff:74:ed:90:1c:da:fc:29:fc:99:4c:82:59:d5:92:3e:
         aa:f1:c5:33:3e:07:3a:14:3a:da:e9:18:56:c2:58:3f:bb:a7:
         bf:04:4a:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2odtlgXtfVELyFqseIjZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTZjMjA3NDI4MjIyZjYzZmM5Y2JhODM5ZDBkYmQ5YTY5
NTBiMzEwHhcNMjUwNjI4MTMwMjI5WhcNMjUwNjI5MTMwMjI5WjAzMTEwLwYDVQQD
EyhjMTc0MjNiYjgwOGQyZDgzNjE1MzRlZDFhNWZlODExMzdlNWQwMDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTEbfhpTmCn8gUzNng8LxqajUN4O
C/got2pWx5JFx6nBy7jN1WEZw+lJXDQA38hRZnsaK8pQwhvmlyMXt01kSHLd/JVu
knfr4kfoC264xWvtaI8PvJqWuUJykkVGaxcdCzy7cKtY2osTSJbV+lCBIZ0/2L5N
o6QECidrDJXyrKVZsVMrbo8AJD2l6UVhmYjvBazrSAjtBlOwGFcdvN0yWLORLBSf
X3WOXP1V4RkbTDRgBELJzfi/isfDjRon99WfZo3cxO3a+RJQ3N2m42ogKmvJivM5
i+JzPo4mONtnXngi9CCbOHLgl6A4A4C18MtHUe0n836bZ9zJQMA15Ly3uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMF0I7uAjS2DYVNO0aX+gRN+XQAXMB8GA1UdIwQY
MBaAFLSmwgdCgiL2P8nLqDnQ29mmlQsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtiQ0IwS0NJdllfeWN1b09kRGIyYWFWQ3pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82NTE0MjEtMzMwMC00ODg2LWJiZTUt
ODRhYmNmYmNkZjVlLzEvdEtiQ0IwS0NJdllfeWN1b09kRGIyYWFWQ3pFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82NTE0MjEtMzMwMC00ODg2LWJiZTUtODRhYmNmYmNkZjVl
LzEvdEtiQ0IwS0NJdllfeWN1b09kRGIyYWFWQ3pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARfWu22nm
77dkWknvgvo83HBZq7pplR8bGesYIJDXJLsxAiVJb0JXG1+AuaSlaA8QW0vOAmcT
5N07QgGXInCeqrtzwXv3k6KVmafrDVvSylLaoIdK+y4U+052VeGeuSl5jURSUQau
msCFJEN4ivqjGKfUgBOQ32HgtM8bkzyiplgD00XmiHM0+M7EHvP2dHM6IZW4Z73Z
hKdanyiL9PJDSq681PpALGrK8iJXgQVc5rlMd1Hg0XUS575lTQr56MtH1KFXF/ot
s6fHDodinhwDyLcBIAzof1zWlFf/dO2QHNr8KfyZTIJZ1ZI+qvHFMz4HOhQ62ukY
VsJYP7unvwRKWA==
-----END CERTIFICATE-----