Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/0196f1-4339-4bdc-8034-2eb2f2ed3029/1/_TSxP72Tgd-Exofwa80HTkp1WAM.mft
File:                     _TSxP72Tgd-Exofwa80HTkp1WAM.mft (raw, json)
Hash identifier:          H0nMrGM4fP2eOywPP7tWoqzZoc0ZA2mS/jVJJKLyDT0=
Subject key identifier:   60:AE:2F:E5:65:8C:DD:43:AE:BB:6E:E4:05:40:94:32:D0:1B:A0:BE
Authority key identifier: FD:34:B1:3F:BD:93:81:DF:84:C6:87:F0:6B:CD:07:4E:4A:75:58:03
Certificate issuer:       /CN=fd34b13fbd9381df84c687f06bcd074e4a755803
Certificate serial:       0197B74599D37EF8D19006AE3AF6F9DD1470
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_TSxP72Tgd-Exofwa80HTkp1WAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/0196f1-4339-4bdc-8034-2eb2f2ed3029/1/_TSxP72Tgd-Exofwa80HTkp1WAM.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 16:01:21 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:21 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:21 +0000
Files and hashes:         1: _TSxP72Tgd-Exofwa80HTkp1WAM.crl (hash: bjT0Ks+F62OPPPDZOxva3EzwNGq3jhYqqauobaetbp8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/0196f1-4339-4bdc-8034-2eb2f2ed3029/1/_TSxP72Tgd-Exofwa80HTkp1WAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/0196f1-4339-4bdc-8034-2eb2f2ed3029/1/_TSxP72Tgd-Exofwa80HTkp1WAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_TSxP72Tgd-Exofwa80HTkp1WAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:99:d3:7e:f8:d1:90:06:ae:3a:f6:f9:dd:14:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd34b13fbd9381df84c687f06bcd074e4a755803
        Validity
            Not Before: Jun 28 16:01:21 2025 GMT
            Not After : Jun 29 16:01:21 2025 GMT
        Subject: CN=60ae2fe5658cdd43aebb6ee405409432d01ba0be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:b6:2c:d2:0e:1f:cd:01:05:8e:d1:77:e4:43:
                    e5:7c:56:95:c2:05:d7:c2:78:1a:7e:a6:a0:d9:7a:
                    e2:83:36:06:df:5c:ac:2d:74:90:15:09:04:b9:43:
                    01:99:ab:a0:1a:5e:57:da:7d:67:37:0b:99:08:67:
                    b2:b2:3e:61:69:ca:31:7b:1e:e1:37:fe:e9:34:db:
                    99:37:d7:25:b3:01:d7:af:10:7f:37:60:60:b6:29:
                    ad:fa:c5:15:aa:df:f6:cf:fd:88:91:f2:84:86:9d:
                    1f:98:65:11:03:91:c4:d7:4a:81:a5:18:d7:47:01:
                    9e:e3:a7:68:d8:2c:15:c5:cd:a2:63:95:cf:a4:d7:
                    9f:41:3a:6e:28:11:ec:81:a8:51:79:46:86:c1:b0:
                    43:10:23:d0:d2:00:b5:14:e8:b0:ce:3b:ed:fc:2f:
                    84:7c:80:d1:14:4e:40:86:01:b6:05:13:fd:52:6d:
                    f3:02:75:08:17:c3:f1:d4:4c:81:39:e2:89:bd:65:
                    72:8b:d1:19:81:d6:60:36:4f:e7:59:31:86:50:3f:
                    aa:fb:ed:b9:20:68:3a:b8:ee:87:94:2d:09:89:3b:
                    2c:9f:82:e4:80:ae:f9:9c:2d:d8:8b:96:5c:d7:c2:
                    f8:b7:26:2e:6f:62:50:e7:ba:91:f0:26:10:e0:2b:
                    98:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:AE:2F:E5:65:8C:DD:43:AE:BB:6E:E4:05:40:94:32:D0:1B:A0:BE
            X509v3 Authority Key Identifier:
                keyid:FD:34:B1:3F:BD:93:81:DF:84:C6:87:F0:6B:CD:07:4E:4A:75:58:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TSxP72Tgd-Exofwa80HTkp1WAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/0196f1-4339-4bdc-8034-2eb2f2ed3029/1/_TSxP72Tgd-Exofwa80HTkp1WAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/0196f1-4339-4bdc-8034-2eb2f2ed3029/1/_TSxP72Tgd-Exofwa80HTkp1WAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:42:15:8f:75:21:48:f2:d1:c4:0c:03:06:00:f7:e4:57:85:
         f2:df:4a:a4:d1:52:ae:82:3a:65:16:a3:69:12:5b:15:ff:81:
         a2:12:28:9d:03:b5:a6:39:59:2d:72:a7:96:85:6b:1d:b6:d7:
         db:14:5c:a8:ba:42:ff:39:c9:8c:e6:71:d3:7a:2c:93:c2:43:
         04:d2:0d:d6:a5:3e:06:0c:a9:c5:e6:8c:57:d5:e5:f6:37:e7:
         13:9a:8c:66:77:96:78:74:3b:01:ef:8b:53:79:aa:54:fe:f3:
         8d:96:86:de:7b:29:4d:1c:c2:a6:be:08:4c:b1:60:c9:7b:9d:
         7d:95:c1:eb:ff:4d:b8:01:bc:75:d2:f4:b0:fd:e3:59:d0:fd:
         51:9b:c9:ad:b5:6d:a0:45:18:d4:0e:d0:04:b5:ac:a3:8b:54:
         f4:3d:e6:6a:f3:d3:ed:d6:55:ad:7e:4f:af:c6:55:46:3d:0a:
         be:fb:67:b2:95:d7:60:34:2e:5a:27:a4:1c:ce:e7:7a:d9:bb:
         04:b8:2b:12:76:79:97:90:04:b6:13:46:21:95:14:c8:83:08:
         cc:a1:61:d8:f8:bd:2e:78:3f:50:8c:83:52:62:ec:18:d7:33:
         65:f7:d4:28:53:ab:52:c4:a9:c2:25:ff:7d:47:a5:9e:78:f1:
         4b:29:86:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RZnTfvjRkAauOvb53RRwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzRiMTNmYmQ5MzgxZGY4NGM2ODdmMDZiY2QwNzRlNGE3
NTU4MDMwHhcNMjUwNjI4MTYwMTIxWhcNMjUwNjI5MTYwMTIxWjAzMTEwLwYDVQQD
Eyg2MGFlMmZlNTY1OGNkZDQzYWViYjZlZTQwNTQwOTQzMmQwMWJhMGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7Ys0g4fzQEFjtF35EPlfFaVwgXX
wngafqag2XrigzYG31ysLXSQFQkEuUMBmaugGl5X2n1nNwuZCGeysj5hacoxex7h
N/7pNNuZN9clswHXrxB/N2Bgtimt+sUVqt/2z/2IkfKEhp0fmGURA5HE10qBpRjX
RwGe46do2CwVxc2iY5XPpNefQTpuKBHsgahReUaGwbBDECPQ0gC1FOiwzjvt/C+E
fIDRFE5AhgG2BRP9Um3zAnUIF8Px1EyBOeKJvWVyi9EZgdZgNk/nWTGGUD+q++25
IGg6uO6HlC0JiTssn4LkgK75nC3Yi5Zc18L4tyYub2JQ57qR8CYQ4CuYyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGCuL+VljN1Drrtu5AVAlDLQG6C+MB8GA1UdIwQY
MBaAFP00sT+9k4HfhMaH8GvNB05KdVgDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RTeFA3MlRnZC1FeG9md2E4MEhUa3AxV0FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8wMTk2ZjEtNDMzOS00YmRjLTgwMzQt
MmViMmYyZWQzMDI5LzEvX1RTeFA3MlRnZC1FeG9md2E4MEhUa3AxV0FNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8wMTk2ZjEtNDMzOS00YmRjLTgwMzQtMmViMmYyZWQzMDI5
LzEvX1RTeFA3MlRnZC1FeG9md2E4MEhUa3AxV0FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASkIVj3Uh
SPLRxAwDBgD35FeF8t9KpNFSroI6ZRajaRJbFf+BohIonQO1pjlZLXKnloVrHbbX
2xRcqLpC/znJjOZx03osk8JDBNIN1qU+BgypxeaMV9Xl9jfnE5qMZneWeHQ7Ae+L
U3mqVP7zjZaG3nspTRzCpr4ITLFgyXudfZXB6/9NuAG8ddL0sP3jWdD9UZvJrbVt
oEUY1A7QBLWso4tU9D3mavPT7dZVrX5Pr8ZVRj0KvvtnspXXYDQuWiekHM7netm7
BLgrEnZ5l5AEthNGIZUUyIMIzKFh2Pi9Lng/UIyDUmLsGNczZffUKFOrUsSpwiX/
fUelnnjxSymGfA==
-----END CERTIFICATE-----