Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
File:                     TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft (raw, json)
Hash identifier:          EB8jm+R1UD89KP8OYaOhyKTdRK9cDjLju7qUc/8tAy4=
Subject key identifier:   DD:2F:F1:E3:CC:56:51:0C:DA:E5:3E:5E:84:34:C6:10:79:F9:62:63
Authority key identifier: 4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC
Certificate issuer:       /CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
Certificate serial:       0196C201E44EF0AAA07A400C4D45B8CD3BF2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
Manifest number:          1204
Signing time:             Mon 12 May 2025 01:00:25 +0000
Manifest this update:     Mon 12 May 2025 01:00:25 +0000
Manifest next update:     Tue 13 May 2025 01:00:25 +0000
Files and hashes:         1: TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl (hash: XeeWUFKD42JxoTrgM34aDomCdanK+tWqRpUUnMYtsmE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c2:01:e4:4e:f0:aa:a0:7a:40:0c:4d:45:b8:cd:3b:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
        Validity
            Not Before: May 12 01:00:25 2025 GMT
            Not After : May 13 01:00:25 2025 GMT
        Subject: CN=dd2ff1e3cc56510cdae53e5e8434c61079f96263
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:51:62:b8:4e:76:fb:01:ee:64:c5:02:91:78:
                    23:58:8f:9b:0f:01:d2:c8:74:71:0a:f6:51:fd:49:
                    b0:c7:5c:10:34:b7:85:fb:09:63:90:2a:6a:a6:28:
                    d6:4c:9b:64:a9:c0:83:a0:eb:18:b7:54:69:26:42:
                    92:c2:37:3c:78:aa:4b:de:2d:f2:02:4b:df:92:c9:
                    fb:5f:fa:be:82:32:e6:5a:3b:15:d3:7c:82:42:0d:
                    19:9a:9e:ab:27:01:fe:00:01:a1:68:63:6b:bc:28:
                    81:c0:1b:f6:24:9f:04:22:f1:26:4b:0f:65:d2:62:
                    1e:10:35:74:01:a6:a0:20:50:29:7c:39:6e:f8:0d:
                    a0:4a:df:1f:4d:d3:5c:6b:fe:6c:bf:19:ed:30:6d:
                    9d:cb:fa:7e:aa:81:9a:f3:e4:8a:c9:a9:fd:72:4d:
                    d4:9d:81:95:2e:42:90:10:43:81:ae:4b:a2:8f:30:
                    e1:28:69:e7:29:3a:ee:db:6a:09:9e:f5:70:76:ca:
                    7e:3b:c2:cf:da:64:42:ed:87:b2:64:27:0d:64:ce:
                    5e:dc:42:40:4d:7e:89:a0:26:47:e4:0d:c0:cc:5e:
                    d2:80:a5:cf:40:09:2c:64:96:d5:9c:e4:0f:1c:7f:
                    86:08:06:2f:36:e6:82:b4:c8:74:c7:9b:76:e2:74:
                    22:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:2F:F1:E3:CC:56:51:0C:DA:E5:3E:5E:84:34:C6:10:79:F9:62:63
            X509v3 Authority Key Identifier:
                keyid:4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:6a:80:75:a7:97:68:ef:1f:61:95:93:e9:68:76:5b:e5:bb:
         46:ac:e0:5f:ac:85:a3:d6:a9:7e:c4:2c:f0:02:38:64:fb:bb:
         f4:bb:7a:dc:df:0c:77:c8:b8:ef:3d:aa:33:ec:97:a0:05:17:
         d7:67:18:a1:e7:c2:3e:13:e2:8e:82:b9:e3:57:43:ee:6a:b0:
         db:8b:57:03:6a:79:d7:12:b5:a3:d4:53:15:ce:ee:32:ba:8f:
         43:25:18:b2:b9:39:33:77:a6:99:26:57:11:a7:7b:0e:8a:2b:
         24:97:21:47:c2:2b:eb:ab:00:d2:ec:dd:45:30:51:47:d8:d4:
         ea:68:6d:96:25:64:87:a8:7e:07:2a:b6:ef:a8:29:e5:d6:c2:
         3a:d7:b1:d4:f8:46:76:9b:71:1e:1d:b4:3b:2f:3c:96:58:80:
         48:d3:ce:f8:69:d7:54:d7:e6:66:8c:14:a5:c3:ca:51:9e:6f:
         da:05:df:e1:d1:c1:82:2a:f0:c3:08:fb:89:3d:dd:ce:02:de:
         7c:fa:aa:95:c6:b8:66:79:62:03:ae:ca:26:0f:01:09:95:76:
         73:c4:84:69:1d:f7:df:a6:c7:0c:fb:cb:6a:96:76:14:94:ed:
         27:53:88:86:42:06:07:af:71:54:20:43:e3:f2:c3:a7:f7:a7:
         09:80:5c:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbCAeRO8KqgekAMTUW4zTvyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzVkYTdlODQzZTM3YzdkYmE0ZmNhNzE4ZjQzODY1ZmQ3
Yzk4ZGMwHhcNMjUwNTEyMDEwMDI1WhcNMjUwNTEzMDEwMDI1WjAzMTEwLwYDVQQD
EyhkZDJmZjFlM2NjNTY1MTBjZGFlNTNlNWU4NDM0YzYxMDc5Zjk2MjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lFiuE52+wHuZMUCkXgjWI+bDwHS
yHRxCvZR/Umwx1wQNLeF+wljkCpqpijWTJtkqcCDoOsYt1RpJkKSwjc8eKpL3i3y
Akvfksn7X/q+gjLmWjsV03yCQg0Zmp6rJwH+AAGhaGNrvCiBwBv2JJ8EIvEmSw9l
0mIeEDV0AaagIFApfDlu+A2gSt8fTdNca/5svxntMG2dy/p+qoGa8+SKyan9ck3U
nYGVLkKQEEOBrkuijzDhKGnnKTru22oJnvVwdsp+O8LP2mRC7YeyZCcNZM5e3EJA
TX6JoCZH5A3AzF7SgKXPQAksZJbVnOQPHH+GCAYvNuaCtMh0x5t24nQiHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN0v8ePMVlEM2uU+XoQ0xhB5+WJjMB8GA1UdIwQY
MBaAFEw12n6EPjfH26T8pxj0OGX9fJjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgt
YTY1ZTVlMzNkY2MwLzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgtYTY1ZTVlMzNkY2Mw
LzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF2qAdaeX
aO8fYZWT6Wh2W+W7RqzgX6yFo9apfsQs8AI4ZPu79Lt63N8Md8i47z2qM+yXoAUX
12cYoefCPhPijoK541dD7mqw24tXA2p51xK1o9RTFc7uMrqPQyUYsrk5M3emmSZX
Ead7DoorJJchR8Ir66sA0uzdRTBRR9jU6mhtliVkh6h+Byq276gp5dbCOtex1PhG
dptxHh20Oy88lliASNPO+GnXVNfmZowUpcPKUZ5v2gXf4dHBgirwwwj7iT3dzgLe
fPqqlca4ZnliA67KJg8BCZV2c8SEaR3336bHDPvLapZ2FJTtJ1OIhkIGB69xVCBD
4/LDp/enCYBc1w==
-----END CERTIFICATE-----