Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/82225d-040a-4d9b-a33b-88d8234a6d3e/1/TkMMADsADTVe0WnlXYzPOTg34go.mft
File:                     TkMMADsADTVe0WnlXYzPOTg34go.mft (raw, json)
Hash identifier:          O18UXWEsUAusfZWykg4xIxlYYOOdgciPNrPdYOApZ34=
Subject key identifier:   97:33:FB:44:8E:C3:99:82:BF:14:6A:D3:9E:13:07:12:31:AF:4A:AF
Authority key identifier: 4E:43:0C:00:3B:00:0D:35:5E:D1:69:E5:5D:8C:CF:39:38:37:E2:0A
Certificate issuer:       /CN=4e430c003b000d355ed169e55d8ccf393837e20a
Certificate serial:       0197B70E9ABD477F4B712A801CF939C7B8CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TkMMADsADTVe0WnlXYzPOTg34go.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/82225d-040a-4d9b-a33b-88d8234a6d3e/1/TkMMADsADTVe0WnlXYzPOTg34go.mft
Manifest number:          0D39
Signing time:             Sat 28 Jun 2025 15:01:17 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:17 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:17 +0000
Files and hashes:         1: TkMMADsADTVe0WnlXYzPOTg34go.crl (hash: be/QjdcaYMgooHEbSVeHG9IQ0KOA/ZU/Np5YqHgv/1A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/82225d-040a-4d9b-a33b-88d8234a6d3e/1/TkMMADsADTVe0WnlXYzPOTg34go.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/82225d-040a-4d9b-a33b-88d8234a6d3e/1/TkMMADsADTVe0WnlXYzPOTg34go.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TkMMADsADTVe0WnlXYzPOTg34go.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:9a:bd:47:7f:4b:71:2a:80:1c:f9:39:c7:b8:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e430c003b000d355ed169e55d8ccf393837e20a
        Validity
            Not Before: Jun 28 15:01:17 2025 GMT
            Not After : Jun 29 15:01:17 2025 GMT
        Subject: CN=9733fb448ec39982bf146ad39e13071231af4aaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:6a:8a:46:e9:ce:37:ae:da:a8:63:53:9d:33:
                    e9:3e:db:7e:38:e6:52:92:42:a4:a0:be:4f:e4:62:
                    83:51:37:80:7e:11:e0:5e:94:53:c8:b1:32:be:89:
                    15:01:83:6a:9c:78:16:d3:38:f9:c9:24:7f:37:54:
                    86:e3:5b:3e:0a:4e:7d:72:df:1e:24:41:f6:f1:1a:
                    85:d9:b2:7b:95:ba:73:13:e3:6a:c4:bb:1c:c2:b0:
                    13:0b:7d:56:b0:a3:3e:aa:d1:54:80:4b:8a:b0:2e:
                    58:95:d5:f8:f2:e3:da:4b:a9:33:ae:d9:9a:95:32:
                    76:93:88:ac:e7:e7:35:a5:53:1d:1d:90:44:de:19:
                    30:d8:d7:91:1d:36:06:13:d4:08:85:d4:e4:04:a0:
                    fc:8a:bf:f7:d8:87:ca:37:ee:04:ba:ea:33:5b:bb:
                    cf:c4:85:2d:9d:40:4c:eb:45:ae:3a:ec:4a:73:16:
                    a4:ce:5d:2b:24:0c:a2:82:66:31:0b:ee:26:df:2e:
                    99:48:ff:c6:a1:2e:8f:dd:39:76:0d:4d:33:88:21:
                    ed:40:84:91:df:41:43:8c:eb:84:f0:ef:19:64:8c:
                    91:0a:4d:68:1d:87:65:0a:93:d9:74:d5:60:40:6e:
                    78:fa:a4:f0:43:1a:da:97:c6:90:c5:71:f9:b1:f4:
                    e8:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:33:FB:44:8E:C3:99:82:BF:14:6A:D3:9E:13:07:12:31:AF:4A:AF
            X509v3 Authority Key Identifier:
                keyid:4E:43:0C:00:3B:00:0D:35:5E:D1:69:E5:5D:8C:CF:39:38:37:E2:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkMMADsADTVe0WnlXYzPOTg34go.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/82225d-040a-4d9b-a33b-88d8234a6d3e/1/TkMMADsADTVe0WnlXYzPOTg34go.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/82225d-040a-4d9b-a33b-88d8234a6d3e/1/TkMMADsADTVe0WnlXYzPOTg34go.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:10:76:c8:6f:80:f3:b1:d9:43:27:20:f9:c9:b3:81:c4:07:
         85:f4:2a:6e:20:2c:4d:21:ee:35:62:bc:7e:6c:57:09:33:78:
         f3:9d:72:35:13:2b:da:28:ec:1b:91:e9:4b:89:4f:fe:fb:c4:
         60:50:21:b3:f9:d6:6f:e4:3b:6b:2f:11:20:b8:dd:72:ce:a3:
         76:02:6a:da:f3:e1:25:19:d1:79:b4:42:12:4b:07:c0:c2:01:
         39:e3:78:c3:27:fd:2a:9e:2e:10:f1:d2:bb:0d:50:69:6e:de:
         33:60:b2:84:9e:48:b9:02:78:95:e9:fe:de:e6:dd:64:8c:f3:
         16:3b:5c:72:2f:38:11:13:b6:6a:99:f4:2b:e5:fd:a1:5a:64:
         b5:8d:69:f4:e7:73:2f:d5:74:cd:78:39:eb:bb:e4:d1:59:73:
         06:b0:15:76:a3:b7:22:ba:4d:99:0c:cd:2e:c0:1e:de:0b:f8:
         21:44:da:70:8f:50:d4:e3:8c:0a:06:36:8e:6a:a2:a7:ee:4e:
         9b:5a:05:63:96:1b:d3:f4:44:81:ff:70:46:b8:dc:3d:82:bc:
         2f:d4:96:b4:42:40:b9:49:99:c9:44:42:2e:81:6d:c5:4e:66:
         a1:df:c4:a3:a1:2a:7d:de:d5:f4:2d:82:3e:fe:3c:49:e5:2e:
         4d:f7:c6:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Dpq9R39LcSqAHPk5x7jNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNDMwYzAwM2IwMDBkMzU1ZWQxNjllNTVkOGNjZjM5Mzgz
N2UyMGEwHhcNMjUwNjI4MTUwMTE3WhcNMjUwNjI5MTUwMTE3WjAzMTEwLwYDVQQD
Eyg5NzMzZmI0NDhlYzM5OTgyYmYxNDZhZDM5ZTEzMDcxMjMxYWY0YWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWqKRunON67aqGNTnTPpPtt+OOZS
kkKkoL5P5GKDUTeAfhHgXpRTyLEyvokVAYNqnHgW0zj5ySR/N1SG41s+Ck59ct8e
JEH28RqF2bJ7lbpzE+NqxLscwrATC31WsKM+qtFUgEuKsC5YldX48uPaS6kzrtma
lTJ2k4is5+c1pVMdHZBE3hkw2NeRHTYGE9QIhdTkBKD8ir/32IfKN+4EuuozW7vP
xIUtnUBM60WuOuxKcxakzl0rJAyigmYxC+4m3y6ZSP/GoS6P3Tl2DU0ziCHtQISR
30FDjOuE8O8ZZIyRCk1oHYdlCpPZdNVgQG54+qTwQxral8aQxXH5sfToBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJcz+0SOw5mCvxRq054TBxIxr0qvMB8GA1UdIwQY
MBaAFE5DDAA7AA01XtFp5V2Mzzk4N+IKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGtNTUFEc0FEVFZlMFdubFhZelBPVGczNGdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS84MjIyNWQtMDQwYS00ZDliLWEzM2It
ODhkODIzNGE2ZDNlLzEvVGtNTUFEc0FEVFZlMFdubFhZelBPVGczNGdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS84MjIyNWQtMDQwYS00ZDliLWEzM2ItODhkODIzNGE2ZDNl
LzEvVGtNTUFEc0FEVFZlMFdubFhZelBPVGczNGdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcBB2yG+A
87HZQycg+cmzgcQHhfQqbiAsTSHuNWK8fmxXCTN4851yNRMr2ijsG5HpS4lP/vvE
YFAhs/nWb+Q7ay8RILjdcs6jdgJq2vPhJRnRebRCEksHwMIBOeN4wyf9Kp4uEPHS
uw1QaW7eM2CyhJ5IuQJ4len+3ubdZIzzFjtcci84ERO2apn0K+X9oVpktY1p9Odz
L9V0zXg567vk0VlzBrAVdqO3IrpNmQzNLsAe3gv4IUTacI9Q1OOMCgY2jmqip+5O
m1oFY5Yb0/REgf9wRrjcPYK8L9SWtEJAuUmZyURCLoFtxU5mod/Eo6Eqfd7V9C2C
Pv48SeUuTffG1w==
-----END CERTIFICATE-----