Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
File:                     TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft (raw, json)
Hash identifier:          I4QTluuvmMZvcOZoUVzLSH2jO3u6Ju01iMf58NRLn/k=
Subject key identifier:   A8:10:4F:DE:4E:8B:2B:F1:3F:FD:D1:D7:69:57:B0:0A:1A:86:F3:21
Authority key identifier: 4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC
Certificate issuer:       /CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
Certificate serial:       0197B7451E745BEAB50A32D5020B25A0FBAD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
Manifest number:          1283
Signing time:             Sat 28 Jun 2025 16:00:49 +0000
Manifest this update:     Sat 28 Jun 2025 16:00:49 +0000
Manifest next update:     Sun 29 Jun 2025 16:00:49 +0000
Files and hashes:         1: TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl (hash: ANUROvVNAT/lBpGIvNYIyV4EKPaLYVMRcm8psbpM9Uo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:1e:74:5b:ea:b5:0a:32:d5:02:0b:25:a0:fb:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
        Validity
            Not Before: Jun 28 16:00:49 2025 GMT
            Not After : Jun 29 16:00:49 2025 GMT
        Subject: CN=a8104fde4e8b2bf13ffdd1d76957b00a1a86f321
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:7d:62:d5:76:83:c3:d4:40:5e:80:e5:76:eb:
                    d5:56:d4:58:07:52:b5:4a:d3:2f:13:84:97:fe:4a:
                    79:e2:96:e3:47:0c:10:14:bc:3c:44:28:c8:95:7f:
                    73:b7:3d:41:31:22:b5:8c:bd:d2:9f:a2:75:56:e2:
                    60:05:02:35:3d:ea:6f:68:61:8d:aa:59:72:c7:8e:
                    bc:56:c7:2c:b4:9e:7d:ad:76:e8:78:42:72:66:98:
                    f6:ea:9f:79:b7:b5:cb:59:48:63:8b:c4:26:a1:3c:
                    4a:9b:be:e5:c6:e4:f7:79:56:a7:ec:42:52:36:bf:
                    68:73:66:f7:fc:02:80:25:4a:19:d0:91:4b:b2:da:
                    59:43:94:0c:8d:e3:7a:d9:22:76:b2:39:e7:54:89:
                    56:f4:7d:10:86:d6:97:32:04:84:03:98:7d:86:51:
                    c7:f7:cd:4c:c1:e1:ff:a7:83:2a:0a:fb:e7:2d:f7:
                    ce:e6:58:95:7a:09:77:f6:f0:21:72:8e:af:4c:38:
                    52:2e:a0:e0:ff:69:ef:74:e2:14:92:09:44:15:5b:
                    d6:90:f2:12:6c:05:71:f3:c0:2a:0e:ba:30:c1:49:
                    84:77:06:2a:85:61:96:20:39:cf:20:90:66:6b:30:
                    42:77:a0:19:a7:29:f0:ee:2c:f3:f0:ae:41:0e:fd:
                    24:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:10:4F:DE:4E:8B:2B:F1:3F:FD:D1:D7:69:57:B0:0A:1A:86:F3:21
            X509v3 Authority Key Identifier:
                keyid:4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:19:e6:68:18:0e:b0:7c:e1:92:fc:db:6c:84:59:25:37:36:
         81:8e:d3:f9:df:e4:c9:8f:13:c7:e7:c9:64:37:4f:dc:c8:e4:
         6a:57:36:38:78:b0:d6:26:4f:0d:72:d4:ae:3e:82:cd:5e:f3:
         79:9a:82:d5:2b:6d:b3:65:00:ce:67:36:ea:d7:ea:c9:cb:3d:
         cc:20:99:d8:81:72:eb:f6:79:d6:6c:7d:49:a7:50:ce:36:91:
         ae:b6:67:a2:9e:31:28:23:40:1f:e5:7b:fa:64:e2:88:d6:ff:
         23:b7:4f:72:cb:02:40:04:af:4b:50:76:bb:4c:a8:75:46:fd:
         e4:83:c5:1e:06:7a:21:84:8c:02:98:ac:03:f9:c3:08:37:26:
         2f:2e:3e:6a:40:84:f3:4d:1a:da:bd:18:9b:bd:36:35:97:9a:
         c1:90:be:9c:3b:76:5c:06:4e:d3:e2:98:7b:99:2e:f3:0a:ff:
         71:f9:64:5b:2d:e5:7f:d3:97:58:8e:b4:55:14:87:8a:44:f8:
         bc:28:8b:2e:5f:98:ed:b3:e7:1a:91:6e:0d:6d:2a:a7:e6:9f:
         56:49:5a:f0:4d:3f:c2:1f:47:af:97:1f:d4:11:6a:b2:c7:02:
         e3:db:9d:41:0b:41:9b:72:9d:3d:88:f1:7f:dd:4a:d8:a4:37:
         07:55:f4:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RR50W+q1CjLVAgsloPutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzVkYTdlODQzZTM3YzdkYmE0ZmNhNzE4ZjQzODY1ZmQ3
Yzk4ZGMwHhcNMjUwNjI4MTYwMDQ5WhcNMjUwNjI5MTYwMDQ5WjAzMTEwLwYDVQQD
EyhhODEwNGZkZTRlOGIyYmYxM2ZmZGQxZDc2OTU3YjAwYTFhODZmMzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6H1i1XaDw9RAXoDlduvVVtRYB1K1
StMvE4SX/kp54pbjRwwQFLw8RCjIlX9ztz1BMSK1jL3Sn6J1VuJgBQI1PepvaGGN
qllyx468VscstJ59rXboeEJyZpj26p95t7XLWUhji8QmoTxKm77lxuT3eVan7EJS
Nr9oc2b3/AKAJUoZ0JFLstpZQ5QMjeN62SJ2sjnnVIlW9H0QhtaXMgSEA5h9hlHH
981MweH/p4MqCvvnLffO5liVegl39vAhco6vTDhSLqDg/2nvdOIUkglEFVvWkPIS
bAVx88AqDrowwUmEdwYqhWGWIDnPIJBmazBCd6AZpynw7izz8K5BDv0kcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKgQT95OiyvxP/3R12lXsAoahvMhMB8GA1UdIwQY
MBaAFEw12n6EPjfH26T8pxj0OGX9fJjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgt
YTY1ZTVlMzNkY2MwLzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgtYTY1ZTVlMzNkY2Mw
LzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALBnmaBgO
sHzhkvzbbIRZJTc2gY7T+d/kyY8Tx+fJZDdP3Mjkalc2OHiw1iZPDXLUrj6CzV7z
eZqC1Stts2UAzmc26tfqycs9zCCZ2IFy6/Z51mx9SadQzjaRrrZnop4xKCNAH+V7
+mTiiNb/I7dPcssCQASvS1B2u0yodUb95IPFHgZ6IYSMApisA/nDCDcmLy4+akCE
800a2r0Ym702NZeawZC+nDt2XAZO0+KYe5ku8wr/cflkWy3lf9OXWI60VRSHikT4
vCiLLl+Y7bPnGpFuDW0qp+afVkla8E0/wh9Hr5cf1BFqsscC49udQQtBm3KdPYjx
f91K2KQ3B1X0Ww==
-----END CERTIFICATE-----