Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.mft
File:                     tbU9N1ctag--wt36NciFiLsbKSg.mft (raw, json)
Hash identifier:          rYZgqdsLAV6GAtEC6EqT+BIjI3v9Sn1G0PzeZF1Wltc=
Subject key identifier:   D7:6A:30:3D:73:E0:55:AD:45:5A:B4:CC:B4:A9:51:F6:52:B6:0E:68
Authority key identifier: B5:B5:3D:37:57:2D:6A:0F:BE:C2:DD:FA:35:C8:85:88:BB:1B:29:28
Certificate issuer:       /CN=b5b53d37572d6a0fbec2ddfa35c88588bb1b2928
Certificate serial:       0199FAA11FCD2A5125B3BBF3BEDCA65BEEB7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tbU9N1ctag--wt36NciFiLsbKSg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.mft
Manifest number:          0235
Signing time:             Sun 19 Oct 2025 04:01:27 +0000
Manifest this update:     Sun 19 Oct 2025 04:01:27 +0000
Manifest next update:     Mon 20 Oct 2025 04:01:27 +0000
Files and hashes:         1: tbU9N1ctag--wt36NciFiLsbKSg.crl (hash: zA2k/xjk3vXx48wFSE8DfT7vO/V6nxXab4z2tVgLwts=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tbU9N1ctag--wt36NciFiLsbKSg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 04:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:a1:1f:cd:2a:51:25:b3:bb:f3:be:dc:a6:5b:ee:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5b53d37572d6a0fbec2ddfa35c88588bb1b2928
        Validity
            Not Before: Oct 19 04:01:27 2025 GMT
            Not After : Oct 20 04:01:27 2025 GMT
        Subject: CN=d76a303d73e055ad455ab4ccb4a951f652b60e68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:db:dc:6c:19:a8:e8:4c:59:e4:2a:7d:14:89:
                    f8:30:2d:71:56:ef:c3:8d:9e:2e:65:23:6d:60:1e:
                    4f:26:48:5a:73:b0:77:7d:33:98:f9:f5:29:2c:94:
                    f1:75:57:18:36:97:78:d9:4c:ec:48:d2:b0:31:8a:
                    76:22:17:b5:b1:19:4e:d7:7c:45:08:9d:fb:97:c3:
                    66:17:a3:d8:82:44:3e:be:bb:a0:a5:6d:4f:1c:41:
                    98:f0:a7:86:d0:a2:ac:25:82:7a:a2:be:e1:f2:7c:
                    1f:60:95:6a:dc:10:7e:9b:96:e2:54:15:54:9c:62:
                    d3:de:ee:9c:e3:16:3e:8a:2a:f6:ac:8a:d1:fb:05:
                    80:e5:77:dc:c7:6f:df:01:e2:2b:6a:eb:84:4d:cc:
                    fa:40:38:0f:ae:8c:a8:04:69:8a:ea:f9:60:af:23:
                    11:74:ca:0e:b2:49:de:7c:0f:9c:4b:f6:26:2f:68:
                    87:f5:db:a6:39:ce:11:df:af:49:01:7c:a6:28:a3:
                    ac:10:bb:79:13:7a:7c:98:8e:69:32:43:c2:70:bf:
                    70:1e:67:0b:3f:b6:ab:f9:5e:25:3d:80:85:0c:99:
                    c9:10:48:e0:f2:6a:62:6f:39:ef:f8:76:72:7c:e5:
                    47:88:46:16:8b:0a:61:2a:1a:29:73:37:ec:17:05:
                    96:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:6A:30:3D:73:E0:55:AD:45:5A:B4:CC:B4:A9:51:F6:52:B6:0E:68
            X509v3 Authority Key Identifier:
                keyid:B5:B5:3D:37:57:2D:6A:0F:BE:C2:DD:FA:35:C8:85:88:BB:1B:29:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbU9N1ctag--wt36NciFiLsbKSg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:3f:aa:57:05:00:26:17:9a:b9:a7:82:a1:0d:a5:e9:6d:8c:
         de:d5:1f:6a:f4:15:1a:c1:6c:f7:33:08:54:36:c7:ee:89:b4:
         0a:06:a5:8a:91:a3:84:42:48:87:b4:6e:71:43:7e:24:fc:66:
         43:e5:aa:2d:9b:63:75:88:3d:15:46:55:0b:2f:8d:83:b8:2f:
         23:15:25:d6:f0:2e:4b:7d:f1:dc:7d:0b:4a:bf:93:28:32:01:
         76:f1:84:07:5e:e3:ba:21:34:10:b6:04:23:db:32:50:a3:9d:
         9b:04:1b:6b:37:41:2d:39:c4:1c:40:26:4d:18:21:57:d9:11:
         20:fb:57:fa:1d:89:57:e4:af:df:13:13:aa:4b:5c:75:05:21:
         45:57:49:63:cb:08:74:0c:4a:2d:84:4b:f0:8a:40:ad:ad:c8:
         18:81:77:4e:45:06:b9:34:fc:53:d0:79:ae:34:49:23:e8:3a:
         77:db:d3:df:fb:b5:7d:e4:5f:bd:0c:b9:d5:65:50:a9:8d:1b:
         52:9c:38:13:6b:4e:6e:7b:67:83:b4:d1:c2:8a:ff:06:90:64:
         8c:bd:65:9b:94:72:4c:8b:c1:ba:21:c4:04:a8:30:2d:3a:68:
         54:82:cf:03:25:32:5f:81:9d:26:c6:9c:5f:5e:ee:c9:13:f5:
         b1:58:59:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6oR/NKlEls7vzvtymW+63MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjUzZDM3NTcyZDZhMGZiZWMyZGRmYTM1Yzg4NTg4YmIx
YjI5MjgwHhcNMjUxMDE5MDQwMTI3WhcNMjUxMDIwMDQwMTI3WjAzMTEwLwYDVQQD
EyhkNzZhMzAzZDczZTA1NWFkNDU1YWI0Y2NiNGE5NTFmNjUyYjYwZTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdvcbBmo6ExZ5Cp9FIn4MC1xVu/D
jZ4uZSNtYB5PJkhac7B3fTOY+fUpLJTxdVcYNpd42UzsSNKwMYp2Ihe1sRlO13xF
CJ37l8NmF6PYgkQ+vrugpW1PHEGY8KeG0KKsJYJ6or7h8nwfYJVq3BB+m5biVBVU
nGLT3u6c4xY+iir2rIrR+wWA5Xfcx2/fAeIrauuETcz6QDgProyoBGmK6vlgryMR
dMoOsknefA+cS/YmL2iH9dumOc4R369JAXymKKOsELt5E3p8mI5pMkPCcL9wHmcL
P7ar+V4lPYCFDJnJEEjg8mpibznv+HZyfOVHiEYWiwphKhopczfsFwWWxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNdqMD1z4FWtRVq0zLSpUfZStg5oMB8GA1UdIwQY
MBaAFLW1PTdXLWoPvsLd+jXIhYi7GykoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJVOU4xY3RhZy0td3QzNk5jaUZpTHNiS1NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9iODI4ZmItNzM3Yy00NzhlLThhOWYt
YjljMTE2Zjc1ZGYxLzEvdGJVOU4xY3RhZy0td3QzNk5jaUZpTHNiS1NnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9iODI4ZmItNzM3Yy00NzhlLThhOWYtYjljMTE2Zjc1ZGYx
LzEvdGJVOU4xY3RhZy0td3QzNk5jaUZpTHNiS1NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvT+qVwUA
JheauaeCoQ2l6W2M3tUfavQVGsFs9zMIVDbH7om0CgalipGjhEJIh7RucUN+JPxm
Q+WqLZtjdYg9FUZVCy+Ng7gvIxUl1vAuS33x3H0LSr+TKDIBdvGEB17juiE0ELYE
I9syUKOdmwQbazdBLTnEHEAmTRghV9kRIPtX+h2JV+Sv3xMTqktcdQUhRVdJY8sI
dAxKLYRL8IpAra3IGIF3TkUGuTT8U9B5rjRJI+g6d9vT3/u1feRfvQy51WVQqY0b
Upw4E2tObntng7TRwor/BpBkjL1lm5RyTIvBuiHEBKgwLTpoVILPAyUyX4GdJsac
X17uyRP1sVhZCA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:06:46 2025 by rpki-client