Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft
File:                     tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft (raw, json)
Hash identifier:          UFsR/Aq2wpk+hT64P0V4KCKmYjj2gdq+AEiXTQng9BM=
Subject key identifier:   25:5B:A4:87:FE:94:F2:EA:76:47:72:FE:94:1C:F8:4F:C7:B1:0D:10
Authority key identifier: B6:70:71:97:E8:36:76:0C:59:2E:1E:F1:1F:1B:4C:BE:5B:FD:4D:2E
Certificate issuer:       /CN=b6707197e836760c592e1ef11f1b4cbe5bfd4d2e
Certificate serial:       0199FDD978A7A51563CAA683FA424676BF33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tnBxl-g2dgxZLh7xHxtMvlv9TS4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft
Manifest number:          0D4D
Signing time:             Sun 19 Oct 2025 19:01:51 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:51 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:51 +0000
Files and hashes:         1: tnBxl-g2dgxZLh7xHxtMvlv9TS4.crl (hash: kjpGRbidvl3pekuNy17B734hzqK33sWdozDuXepzcJ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tnBxl-g2dgxZLh7xHxtMvlv9TS4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:78:a7:a5:15:63:ca:a6:83:fa:42:46:76:bf:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6707197e836760c592e1ef11f1b4cbe5bfd4d2e
        Validity
            Not Before: Oct 19 19:01:51 2025 GMT
            Not After : Oct 20 19:01:51 2025 GMT
        Subject: CN=255ba487fe94f2ea764772fe941cf84fc7b10d10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:e8:2d:b9:85:86:73:f4:0a:b9:dd:1e:cf:42:
                    d4:01:fb:fb:61:ad:1c:2c:4e:ad:2d:dd:54:c0:db:
                    6e:1c:fa:f3:96:77:14:18:c3:9b:37:a1:ef:e0:15:
                    f7:ef:14:be:b1:2e:3f:9a:b8:7c:3e:d3:22:a8:59:
                    d4:e6:d6:b0:78:0b:0b:04:56:06:3e:84:d6:d9:82:
                    47:70:f0:69:ef:97:2e:e8:74:e4:ad:3a:23:23:ce:
                    2e:86:65:80:38:0b:a4:dc:e4:5c:04:cd:2a:b4:5e:
                    fc:99:63:4c:4a:ce:cb:4a:35:4a:89:9d:7e:dd:7e:
                    aa:9c:21:11:0e:08:20:ef:b2:4f:a5:70:a8:e4:42:
                    51:9b:09:35:4b:b8:76:bf:b0:86:04:91:ff:34:95:
                    33:8c:ac:56:06:28:e4:b8:58:09:e0:f1:57:26:11:
                    f7:58:75:49:c7:75:fa:e1:c2:3b:68:b7:28:d2:17:
                    04:a6:1d:25:db:65:f3:e7:48:2a:1f:5b:5e:96:08:
                    51:73:56:9e:98:c0:91:f3:a7:aa:e3:8b:dd:dc:71:
                    33:67:41:9a:2d:f3:60:e8:1c:4e:07:ed:08:fc:ef:
                    df:b1:18:1c:8e:6a:fb:a9:1e:d1:ba:7c:3e:87:17:
                    f4:3f:69:8a:93:22:e5:42:50:5b:b7:91:bc:ed:be:
                    35:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:5B:A4:87:FE:94:F2:EA:76:47:72:FE:94:1C:F8:4F:C7:B1:0D:10
            X509v3 Authority Key Identifier:
                keyid:B6:70:71:97:E8:36:76:0C:59:2E:1E:F1:1F:1B:4C:BE:5B:FD:4D:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tnBxl-g2dgxZLh7xHxtMvlv9TS4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:e8:eb:ee:f4:26:33:d6:3f:14:ad:2c:2d:bf:03:df:06:34:
         33:bc:e2:c3:15:d3:08:84:ca:c9:c3:5d:fa:34:28:8e:f4:94:
         ab:68:a6:67:2a:4b:85:8c:84:a7:a3:0a:90:42:a2:ac:23:f5:
         e4:37:b2:46:3b:43:54:d3:93:1d:31:68:03:91:a1:6c:cc:ef:
         d5:6c:14:00:d5:0b:f9:d8:30:76:d1:11:1f:22:29:82:4e:cc:
         2f:a9:39:76:a5:83:0f:62:22:9c:c0:9e:bb:00:ef:da:c6:ea:
         e3:e3:0c:33:10:bc:c3:a1:44:52:98:ac:fc:13:7b:70:de:4f:
         dc:82:e4:dd:cb:da:b6:28:a5:c5:94:4a:39:86:1f:fa:56:dd:
         4d:29:a0:a7:88:73:86:e5:62:f1:c7:5e:7a:10:ce:b4:94:5d:
         ce:51:64:4d:9a:ce:a7:42:8b:d7:86:1a:c9:01:2c:c8:8c:aa:
         b8:82:1d:77:77:34:36:2b:4f:57:0b:5c:a6:50:24:c1:e7:8d:
         69:34:ea:fe:42:d4:6f:7b:4b:b9:48:a0:b4:bf:dd:69:d5:fd:
         e1:0b:2a:7f:f2:2e:91:e0:f4:59:9e:02:d8:40:43:f0:af:fb:
         be:80:a3:51:4f:84:ff:ac:4c:e8:82:91:47:80:6d:b0:7b:9a:
         73:d0:42:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92XinpRVjyqaD+kJGdr8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NzA3MTk3ZTgzNjc2MGM1OTJlMWVmMTFmMWI0Y2JlNWJm
ZDRkMmUwHhcNMjUxMDE5MTkwMTUxWhcNMjUxMDIwMTkwMTUxWjAzMTEwLwYDVQQD
EygyNTViYTQ4N2ZlOTRmMmVhNzY0NzcyZmU5NDFjZjg0ZmM3YjEwZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApugtuYWGc/QKud0ez0LUAfv7Ya0c
LE6tLd1UwNtuHPrzlncUGMObN6Hv4BX37xS+sS4/mrh8PtMiqFnU5taweAsLBFYG
PoTW2YJHcPBp75cu6HTkrTojI84uhmWAOAuk3ORcBM0qtF78mWNMSs7LSjVKiZ1+
3X6qnCERDggg77JPpXCo5EJRmwk1S7h2v7CGBJH/NJUzjKxWBijkuFgJ4PFXJhH3
WHVJx3X64cI7aLco0hcEph0l22Xz50gqH1telghRc1aemMCR86eq44vd3HEzZ0Ga
LfNg6BxOB+0I/O/fsRgcjmr7qR7Runw+hxf0P2mKkyLlQlBbt5G87b41UQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCVbpIf+lPLqdkdy/pQc+E/HsQ0QMB8GA1UdIwQY
MBaAFLZwcZfoNnYMWS4e8R8bTL5b/U0uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG5CeGwtZzJkZ3haTGg3eEh4dE12bHY5VFM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84MGFjNzgtYmJlMS00MTI0LWI4Nzgt
NjY2N2ZhNTFjNDYwLzEvdG5CeGwtZzJkZ3haTGg3eEh4dE12bHY5VFM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84MGFjNzgtYmJlMS00MTI0LWI4NzgtNjY2N2ZhNTFjNDYw
LzEvdG5CeGwtZzJkZ3haTGg3eEh4dE12bHY5VFM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo+jr7vQm
M9Y/FK0sLb8D3wY0M7ziwxXTCITKycNd+jQojvSUq2imZypLhYyEp6MKkEKirCP1
5DeyRjtDVNOTHTFoA5GhbMzv1WwUANUL+dgwdtERHyIpgk7ML6k5dqWDD2IinMCe
uwDv2sbq4+MMMxC8w6FEUpis/BN7cN5P3ILk3cvatiilxZRKOYYf+lbdTSmgp4hz
huVi8cdeehDOtJRdzlFkTZrOp0KL14YayQEsyIyquIIdd3c0NitPVwtcplAkweeN
aTTq/kLUb3tLuUigtL/dadX94Qsqf/IukeD0WZ4C2EBD8K/7voCjUU+E/6xM6IKR
R4BtsHuac9BCzg==
-----END CERTIFICATE-----