Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
File:                     mTFQMIBh3NrF2EZc-ITGejuxkVk.mft (raw, json)
Hash identifier:          fUdTZsc22lqOitaaeQc8NynLmABtI2PzrtTW8UvaUyw=
Subject key identifier:   13:B9:B3:4E:FD:B1:0F:E4:95:01:69:37:40:99:A8:E2:DF:AB:4E:19
Authority key identifier: 99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59
Certificate issuer:       /CN=993150308061dcdac5d8465cf884c67a3bb19159
Certificate serial:       0198D5BBAC1183949BC4F4F0B32DEC71E882
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
Manifest number:          073E
Signing time:             Sat 23 Aug 2025 07:01:42 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:42 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:42 +0000
Files and hashes:         1: mTFQMIBh3NrF2EZc-ITGejuxkVk.crl (hash: n2zM9+FsDlLnXSVw2ZDNp0kBV7n84OyFhKm+Z0wYOt8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:ac:11:83:94:9b:c4:f4:f0:b3:2d:ec:71:e8:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=993150308061dcdac5d8465cf884c67a3bb19159
        Validity
            Not Before: Aug 23 07:01:42 2025 GMT
            Not After : Aug 24 07:01:42 2025 GMT
        Subject: CN=13b9b34efdb10fe4950169374099a8e2dfab4e19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:0b:ba:05:8e:b9:ab:d7:35:61:e0:c0:54:b1:
                    f2:a6:7d:45:ca:cf:74:21:dd:cf:94:b3:fe:e5:88:
                    01:b5:d6:e7:e4:d6:80:46:83:5c:4f:a7:c2:81:73:
                    ec:26:07:e9:09:d2:8b:67:03:28:69:80:4f:66:fb:
                    8a:8e:c6:8c:a2:b0:9d:af:96:65:a2:74:d3:8d:48:
                    d2:8d:3e:fc:20:76:b9:68:b4:ec:ce:83:36:ef:b8:
                    50:46:87:5d:86:74:cc:83:8a:fb:e6:a1:94:b7:99:
                    bd:5a:76:12:48:81:56:0c:a5:5c:db:02:93:ac:24:
                    14:56:4f:9a:90:17:96:6b:7d:20:b7:4b:d7:c3:05:
                    52:80:cb:19:58:d6:d3:b1:87:11:4a:04:f6:e4:4e:
                    80:18:0f:b1:7f:2e:ae:fe:a3:b9:66:6a:da:ac:07:
                    7a:f5:ef:0a:a7:8e:1e:ef:7d:8f:e4:1f:a5:b0:5e:
                    d2:38:b2:43:1d:7b:62:9b:95:75:cf:33:02:1b:84:
                    7c:f0:32:71:57:da:86:f6:79:63:48:f5:0a:6e:8f:
                    5f:1f:07:3a:01:73:e6:e6:18:49:ba:c7:ef:46:4d:
                    62:21:83:4a:05:f7:47:4e:6b:4d:af:84:e2:40:17:
                    39:d3:88:fc:ae:7b:03:a2:a8:a0:98:ee:10:f6:da:
                    da:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:B9:B3:4E:FD:B1:0F:E4:95:01:69:37:40:99:A8:E2:DF:AB:4E:19
            X509v3 Authority Key Identifier:
                keyid:99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:77:1a:25:53:4e:78:bc:e1:f9:80:76:97:c4:e8:d4:06:24:
         de:d5:77:e1:7a:56:5f:2d:7e:74:f8:af:ed:77:a7:b8:5e:41:
         51:14:04:7a:31:ab:68:22:10:43:53:d1:6f:c1:d1:28:5d:e2:
         ee:3a:ce:cd:64:77:cb:7b:d8:51:e8:53:e1:c6:2a:da:09:36:
         b2:4e:31:e2:00:d6:99:a4:a2:43:b8:2f:76:9a:61:d2:23:78:
         33:64:be:df:7a:c4:2a:67:89:c6:90:a0:07:19:83:12:99:35:
         35:fc:1d:4e:cd:ca:94:63:74:12:fe:93:e0:85:05:6c:44:38:
         03:2e:a2:0c:86:f7:83:e6:49:12:db:56:9d:36:d5:7a:fc:f4:
         ec:cb:4d:c4:de:d1:cb:6c:02:5b:9d:60:49:6b:1f:21:0f:b0:
         9f:f2:98:18:1b:3e:fc:38:0a:d1:35:ee:0d:34:e1:b8:38:9a:
         bd:57:7f:d2:54:a1:18:64:69:21:99:ed:58:1a:1d:05:02:4b:
         c2:f5:ba:07:2c:8f:6a:df:6c:60:de:8c:8a:a6:60:4d:ca:b5:
         2b:23:69:ac:17:b3:36:c7:c1:e9:0a:ae:a7:f1:7e:a6:38:cc:
         df:f7:c6:84:1c:76:73:e1:f0:05:3b:be:43:61:09:cb:33:1c:
         64:6a:8e:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu6wRg5SbxPTwsy3sceiCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MzE1MDMwODA2MWRjZGFjNWQ4NDY1Y2Y4ODRjNjdhM2Ji
MTkxNTkwHhcNMjUwODIzMDcwMTQyWhcNMjUwODI0MDcwMTQyWjAzMTEwLwYDVQQD
EygxM2I5YjM0ZWZkYjEwZmU0OTUwMTY5Mzc0MDk5YThlMmRmYWI0ZTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQu6BY65q9c1YeDAVLHypn1Fys90
Id3PlLP+5YgBtdbn5NaARoNcT6fCgXPsJgfpCdKLZwMoaYBPZvuKjsaMorCdr5Zl
onTTjUjSjT78IHa5aLTszoM277hQRoddhnTMg4r75qGUt5m9WnYSSIFWDKVc2wKT
rCQUVk+akBeWa30gt0vXwwVSgMsZWNbTsYcRSgT25E6AGA+xfy6u/qO5ZmrarAd6
9e8Kp44e732P5B+lsF7SOLJDHXtim5V1zzMCG4R88DJxV9qG9nljSPUKbo9fHwc6
AXPm5hhJusfvRk1iIYNKBfdHTmtNr4TiQBc504j8rnsDoqigmO4Q9trazwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBO5s079sQ/klQFpN0CZqOLfq04ZMB8GA1UdIwQY
MBaAFJkxUDCAYdzaxdhGXPiExno7sZFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMt
NTJiMjMwZWNhY2FlLzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMtNTJiMjMwZWNhY2Fl
LzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATncaJVNO
eLzh+YB2l8To1AYk3tV34XpWXy1+dPiv7XenuF5BURQEejGraCIQQ1PRb8HRKF3i
7jrOzWR3y3vYUehT4cYq2gk2sk4x4gDWmaSiQ7gvdpph0iN4M2S+33rEKmeJxpCg
BxmDEpk1NfwdTs3KlGN0Ev6T4IUFbEQ4Ay6iDIb3g+ZJEttWnTbVevz07MtNxN7R
y2wCW51gSWsfIQ+wn/KYGBs+/DgK0TXuDTThuDiavVd/0lShGGRpIZntWBodBQJL
wvW6ByyPat9sYN6MiqZgTcq1KyNprBezNsfB6Qqup/F+pjjM3/fGhBx2c+HwBTu+
Q2EJyzMcZGqOlg==
-----END CERTIFICATE-----