Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft
File:                     tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft (raw, json)
Hash identifier:          30USrjLBWgcs5n2xEocV2mXMnKeKFBAQYIcPujcw78E=
Subject key identifier:   BF:A3:DC:8B:7E:98:69:2B:1E:99:98:49:D1:5C:E8:11:8B:CE:33:86
Authority key identifier: B6:70:71:97:E8:36:76:0C:59:2E:1E:F1:1F:1B:4C:BE:5B:FD:4D:2E
Certificate issuer:       /CN=b6707197e836760c592e1ef11f1b4cbe5bfd4d2e
Certificate serial:       0198D6609FCD9D48B5E187893F6499C78728
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tnBxl-g2dgxZLh7xHxtMvlv9TS4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft
Manifest number:          0CB4
Signing time:             Sat 23 Aug 2025 10:01:53 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:53 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:53 +0000
Files and hashes:         1: tnBxl-g2dgxZLh7xHxtMvlv9TS4.crl (hash: INI6s7fMD4oDw3VATcIPwekxHhss4bT+6f76xvWexhE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tnBxl-g2dgxZLh7xHxtMvlv9TS4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:9f:cd:9d:48:b5:e1:87:89:3f:64:99:c7:87:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6707197e836760c592e1ef11f1b4cbe5bfd4d2e
        Validity
            Not Before: Aug 23 10:01:53 2025 GMT
            Not After : Aug 24 10:01:53 2025 GMT
        Subject: CN=bfa3dc8b7e98692b1e999849d15ce8118bce3386
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:42:c1:1d:48:39:6a:6c:a0:e3:7b:14:ce:dd:
                    0f:24:4f:11:de:66:30:8c:59:ce:ed:c8:f7:2a:cb:
                    e4:6e:bf:84:d2:37:c0:1f:0f:fa:92:7c:03:7f:85:
                    c0:bd:99:c9:7d:70:a4:e1:cc:33:5c:32:3a:b0:6d:
                    fd:f0:40:64:61:8b:46:93:d7:4a:c1:2d:69:4b:a3:
                    c4:11:cc:dd:44:e9:39:60:d4:6e:62:ad:2c:ea:df:
                    01:86:93:cb:90:48:ba:80:45:53:6c:92:be:13:2a:
                    63:65:79:64:84:fc:09:cb:df:af:29:cc:2e:81:b6:
                    9d:8a:4d:84:03:29:07:86:8a:27:7c:f6:6a:3b:40:
                    25:a4:ed:15:e9:1c:b4:c3:ed:0b:26:a5:14:dd:bc:
                    19:43:9c:72:32:a6:e7:28:f4:5a:24:6a:96:ae:cf:
                    1d:cc:8c:5a:1a:8d:c6:ba:4e:f1:dc:64:e5:cf:0b:
                    86:e9:ec:53:c5:75:9d:9b:75:af:11:41:54:27:e1:
                    98:47:80:d8:bf:33:87:81:47:92:df:c9:d4:72:b6:
                    a0:4c:4d:b9:fc:61:3e:cd:4e:9d:23:f9:1c:de:fe:
                    46:a2:10:41:e0:62:b3:eb:22:f0:c3:31:b2:22:cd:
                    5b:9a:13:d9:c1:5e:1f:53:2a:27:a0:84:e3:29:2f:
                    6a:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:A3:DC:8B:7E:98:69:2B:1E:99:98:49:D1:5C:E8:11:8B:CE:33:86
            X509v3 Authority Key Identifier:
                keyid:B6:70:71:97:E8:36:76:0C:59:2E:1E:F1:1F:1B:4C:BE:5B:FD:4D:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tnBxl-g2dgxZLh7xHxtMvlv9TS4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:b5:99:f2:b2:f2:85:c8:7b:02:47:1e:13:8e:b2:b6:07:ae:
         26:a8:a4:22:ba:62:c6:58:3a:d2:40:1b:bb:1f:fd:5d:6a:1c:
         fa:85:02:92:0d:ac:b0:62:36:10:a3:6f:2a:25:4d:e8:8b:c7:
         a1:1c:8b:a0:ff:68:34:6b:7d:53:03:26:82:a9:83:7b:d2:c4:
         40:06:77:1e:dd:f2:1a:34:8e:ce:2c:7a:b4:a1:d9:ff:23:72:
         d8:a4:11:70:22:ae:b6:ed:68:4d:c3:a4:d3:bc:a9:a6:dd:2d:
         83:6d:bd:ac:c1:a8:12:be:6f:32:fc:a7:42:44:3d:a7:be:27:
         c8:da:ba:37:a6:b2:12:1a:ad:03:27:04:ae:07:40:67:1f:aa:
         cc:c3:b3:aa:d9:b6:6e:b2:55:fe:01:b7:20:3a:d9:35:ba:90:
         93:33:f0:5c:ef:27:b7:67:af:64:ac:78:c0:3b:9a:5d:a8:d5:
         6b:18:b0:d6:0f:94:1d:b1:60:9a:1e:47:ba:e3:c0:fc:a0:eb:
         4d:13:40:32:ad:3d:e5:be:d7:7f:e9:9c:94:2d:4f:7b:1e:2d:
         56:f5:23:d7:e5:64:88:a0:b7:94:f7:c3:eb:7d:cc:72:b5:0e:
         9e:fc:78:45:80:1c:51:fa:c6:11:d5:cd:de:a4:c8:d8:d4:d7:
         d3:6f:7a:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYJ/NnUi14YeJP2SZx4coMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NzA3MTk3ZTgzNjc2MGM1OTJlMWVmMTFmMWI0Y2JlNWJm
ZDRkMmUwHhcNMjUwODIzMTAwMTUzWhcNMjUwODI0MTAwMTUzWjAzMTEwLwYDVQQD
EyhiZmEzZGM4YjdlOTg2OTJiMWU5OTk4NDlkMTVjZTgxMThiY2UzMzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnULBHUg5amyg43sUzt0PJE8R3mYw
jFnO7cj3Ksvkbr+E0jfAHw/6knwDf4XAvZnJfXCk4cwzXDI6sG398EBkYYtGk9dK
wS1pS6PEEczdROk5YNRuYq0s6t8BhpPLkEi6gEVTbJK+EypjZXlkhPwJy9+vKcwu
gbadik2EAykHhoonfPZqO0AlpO0V6Ry0w+0LJqUU3bwZQ5xyMqbnKPRaJGqWrs8d
zIxaGo3Guk7x3GTlzwuG6exTxXWdm3WvEUFUJ+GYR4DYvzOHgUeS38nUcragTE25
/GE+zU6dI/kc3v5GohBB4GKz6yLwwzGyIs1bmhPZwV4fUyonoITjKS9qtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+j3It+mGkrHpmYSdFc6BGLzjOGMB8GA1UdIwQY
MBaAFLZwcZfoNnYMWS4e8R8bTL5b/U0uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG5CeGwtZzJkZ3haTGg3eEh4dE12bHY5VFM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84MGFjNzgtYmJlMS00MTI0LWI4Nzgt
NjY2N2ZhNTFjNDYwLzEvdG5CeGwtZzJkZ3haTGg3eEh4dE12bHY5VFM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84MGFjNzgtYmJlMS00MTI0LWI4NzgtNjY2N2ZhNTFjNDYw
LzEvdG5CeGwtZzJkZ3haTGg3eEh4dE12bHY5VFM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALbWZ8rLy
hch7AkceE46ytgeuJqikIrpixlg60kAbux/9XWoc+oUCkg2ssGI2EKNvKiVN6IvH
oRyLoP9oNGt9UwMmgqmDe9LEQAZ3Ht3yGjSOzix6tKHZ/yNy2KQRcCKutu1oTcOk
07yppt0tg229rMGoEr5vMvynQkQ9p74nyNq6N6ayEhqtAycErgdAZx+qzMOzqtm2
brJV/gG3IDrZNbqQkzPwXO8nt2evZKx4wDuaXajVaxiw1g+UHbFgmh5HuuPA/KDr
TRNAMq095b7Xf+mclC1Pex4tVvUj1+VkiKC3lPfD633McrUOnvx4RYAcUfrGEdXN
3qTI2NTX02961w==
-----END CERTIFICATE-----