Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft
File:                     tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft (raw, json)
Hash identifier:          CcFR5K9svLzxuQR/iP8ebcZ9xo5HQgYPu0vSNIkuBVw=
Subject key identifier:   D0:6E:5A:5F:AF:E2:BE:4A:B8:33:6E:AE:16:20:21:CE:7B:FF:AE:3E
Authority key identifier: B6:70:71:97:E8:36:76:0C:59:2E:1E:F1:1F:1B:4C:BE:5B:FD:4D:2E
Certificate issuer:       /CN=b6707197e836760c592e1ef11f1b4cbe5bfd4d2e
Certificate serial:       0196BB92FFC6EE0C6DCF2F2E8C50839329C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tnBxl-g2dgxZLh7xHxtMvlv9TS4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft
Manifest number:          0B9D
Signing time:             Sat 10 May 2025 19:01:35 +0000
Manifest this update:     Sat 10 May 2025 19:01:35 +0000
Manifest next update:     Sun 11 May 2025 19:01:35 +0000
Files and hashes:         1: tnBxl-g2dgxZLh7xHxtMvlv9TS4.crl (hash: 38KsbDj2ZdxPX6KR5IpP/d4FAod6iFlYiyKi3KnLoFI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tnBxl-g2dgxZLh7xHxtMvlv9TS4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 19:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:92:ff:c6:ee:0c:6d:cf:2f:2e:8c:50:83:93:29:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6707197e836760c592e1ef11f1b4cbe5bfd4d2e
        Validity
            Not Before: May 10 19:01:35 2025 GMT
            Not After : May 11 19:01:35 2025 GMT
        Subject: CN=d06e5a5fafe2be4ab8336eae162021ce7bffae3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:65:eb:61:c1:29:cc:96:72:a9:ea:ed:b3:03:
                    40:44:38:fa:eb:01:9c:c8:26:87:41:68:a5:44:32:
                    49:e7:f4:56:95:e5:2c:e0:98:78:74:12:7b:db:b1:
                    8d:d1:72:dc:5e:7d:a0:43:a3:8e:9e:00:db:1b:26:
                    ed:2f:ab:42:dd:e8:37:fb:0d:fb:67:b4:d5:21:ef:
                    e6:f7:b9:77:10:bb:99:0b:77:48:a9:50:e1:d8:ed:
                    2e:70:d6:ef:5a:4a:66:d5:8d:27:f4:55:71:0b:04:
                    15:17:2f:a9:57:36:40:9e:5b:3c:c8:62:e8:c7:e2:
                    0c:fc:96:77:9c:f6:0e:4e:e4:8f:fe:94:65:e4:5d:
                    7d:c7:5d:58:2b:47:dc:f8:81:70:33:d9:9b:8f:d6:
                    df:78:ad:99:af:bd:5e:62:bb:b7:b2:b8:fa:67:19:
                    96:4c:fd:d1:27:39:89:97:c9:ae:e2:69:5c:7c:a8:
                    77:b5:cd:6a:5c:44:84:f1:b2:3e:0c:fb:02:99:b6:
                    97:18:10:2f:8f:e6:c2:87:84:ca:af:54:4a:e4:01:
                    f6:c9:92:55:05:3c:c7:47:64:59:30:d9:6b:30:1c:
                    90:a5:d8:58:78:18:55:72:7f:42:b2:72:3a:77:35:
                    64:bd:11:01:41:15:c4:53:e9:df:4b:62:6d:49:f6:
                    fa:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:6E:5A:5F:AF:E2:BE:4A:B8:33:6E:AE:16:20:21:CE:7B:FF:AE:3E
            X509v3 Authority Key Identifier:
                keyid:B6:70:71:97:E8:36:76:0C:59:2E:1E:F1:1F:1B:4C:BE:5B:FD:4D:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tnBxl-g2dgxZLh7xHxtMvlv9TS4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:04:68:85:1f:b9:22:fc:02:9e:ae:d2:42:ff:1c:b0:1c:56:
         3f:6f:07:ff:a3:85:8a:a1:fa:82:09:62:89:74:43:27:d6:fe:
         8e:7d:ee:fc:58:54:ec:b4:f6:ff:da:51:fc:a7:2f:f0:8d:10:
         7d:53:d4:44:05:7f:ac:3a:52:f8:3e:cc:14:4f:0c:8b:72:39:
         ba:5e:ac:be:50:4b:85:52:fe:33:be:6b:04:3b:1b:53:59:3a:
         bc:ef:e7:f0:ec:b3:d1:4d:50:9e:84:67:bd:47:3b:f2:72:cb:
         52:74:52:3e:74:a5:f8:1d:34:af:f4:68:16:f4:a2:96:7a:68:
         0d:02:f5:6c:86:bf:51:2a:e0:3b:bb:aa:6a:9d:fb:ef:22:26:
         51:66:2f:86:e0:8b:81:01:94:5c:0e:c5:38:19:45:b8:22:f3:
         95:bf:df:66:4b:92:17:39:c4:b3:ec:bd:8a:c4:b0:33:a3:1d:
         53:02:11:37:78:6e:e7:0b:fb:20:4f:aa:b6:2d:f7:58:73:54:
         be:ad:d1:86:25:35:e6:7e:65:3d:3f:ac:98:83:7a:89:d3:61:
         1b:e0:76:a9:40:f1:3d:12:62:40:0e:66:81:0a:0e:46:5f:28:
         08:4e:78:69:ec:28:6c:77:06:51:eb:0c:f6:8f:f3:01:37:cf:
         07:1e:72:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7kv/G7gxtzy8ujFCDkynCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NzA3MTk3ZTgzNjc2MGM1OTJlMWVmMTFmMWI0Y2JlNWJm
ZDRkMmUwHhcNMjUwNTEwMTkwMTM1WhcNMjUwNTExMTkwMTM1WjAzMTEwLwYDVQQD
EyhkMDZlNWE1ZmFmZTJiZTRhYjgzMzZlYWUxNjIwMjFjZTdiZmZhZTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA62XrYcEpzJZyqertswNARDj66wGc
yCaHQWilRDJJ5/RWleUs4Jh4dBJ727GN0XLcXn2gQ6OOngDbGybtL6tC3eg3+w37
Z7TVIe/m97l3ELuZC3dIqVDh2O0ucNbvWkpm1Y0n9FVxCwQVFy+pVzZAnls8yGLo
x+IM/JZ3nPYOTuSP/pRl5F19x11YK0fc+IFwM9mbj9bfeK2Zr71eYru3srj6ZxmW
TP3RJzmJl8mu4mlcfKh3tc1qXESE8bI+DPsCmbaXGBAvj+bCh4TKr1RK5AH2yZJV
BTzHR2RZMNlrMByQpdhYeBhVcn9CsnI6dzVkvREBQRXEU+nfS2JtSfb6owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBuWl+v4r5KuDNurhYgIc57/64+MB8GA1UdIwQY
MBaAFLZwcZfoNnYMWS4e8R8bTL5b/U0uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG5CeGwtZzJkZ3haTGg3eEh4dE12bHY5VFM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84MGFjNzgtYmJlMS00MTI0LWI4Nzgt
NjY2N2ZhNTFjNDYwLzEvdG5CeGwtZzJkZ3haTGg3eEh4dE12bHY5VFM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84MGFjNzgtYmJlMS00MTI0LWI4NzgtNjY2N2ZhNTFjNDYw
LzEvdG5CeGwtZzJkZ3haTGg3eEh4dE12bHY5VFM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjwRohR+5
IvwCnq7SQv8csBxWP28H/6OFiqH6ggliiXRDJ9b+jn3u/FhU7LT2/9pR/Kcv8I0Q
fVPURAV/rDpS+D7MFE8Mi3I5ul6svlBLhVL+M75rBDsbU1k6vO/n8Oyz0U1QnoRn
vUc78nLLUnRSPnSl+B00r/RoFvSilnpoDQL1bIa/USrgO7uqap377yImUWYvhuCL
gQGUXA7FOBlFuCLzlb/fZkuSFznEs+y9isSwM6MdUwIRN3hu5wv7IE+qti33WHNU
vq3RhiU15n5lPT+smIN6idNhG+B2qUDxPRJiQA5mgQoORl8oCE54aewobHcGUesM
9o/zATfPBx5yDw==
-----END CERTIFICATE-----