Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.mft
File:                     tbU9N1ctag--wt36NciFiLsbKSg.mft (raw, json)
Hash identifier:          RJbx2TTHAfty1TBBlJIepMvujwCChP3VH1eYIAKTfz4=
Subject key identifier:   46:ED:B6:FB:C1:E7:C6:D6:99:0D:E8:F3:E6:03:CC:BB:C2:FD:3C:A3
Authority key identifier: B5:B5:3D:37:57:2D:6A:0F:BE:C2:DD:FA:35:C8:85:88:BB:1B:29:28
Certificate issuer:       /CN=b5b53d37572d6a0fbec2ddfa35c88588bb1b2928
Certificate serial:       0197B7454F9CCF9E7E05D56889B10CB05E0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tbU9N1ctag--wt36NciFiLsbKSg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.mft
Manifest number:          0109
Signing time:             Sat 28 Jun 2025 16:01:02 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:02 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:02 +0000
Files and hashes:         1: tbU9N1ctag--wt36NciFiLsbKSg.crl (hash: w9igMC5hnV9Jw8M5b4026HyNNP+m+LvTAw6cW2GL1QA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tbU9N1ctag--wt36NciFiLsbKSg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:4f:9c:cf:9e:7e:05:d5:68:89:b1:0c:b0:5e:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5b53d37572d6a0fbec2ddfa35c88588bb1b2928
        Validity
            Not Before: Jun 28 16:01:02 2025 GMT
            Not After : Jun 29 16:01:02 2025 GMT
        Subject: CN=46edb6fbc1e7c6d6990de8f3e603ccbbc2fd3ca3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:70:7e:62:c9:05:d9:95:ae:72:15:0b:e4:89:
                    32:d5:9c:9c:8d:3d:89:8d:59:2b:b7:03:79:2b:8a:
                    6f:dd:ba:e6:24:cf:42:b0:b1:c1:1c:b0:c3:32:fa:
                    c2:04:89:21:62:ce:42:67:41:cb:10:ca:e9:b4:3b:
                    b6:ef:28:41:e8:37:88:5e:8e:88:b4:a4:d7:55:be:
                    4c:03:74:b7:0e:58:ec:10:fd:29:8e:f4:52:a5:76:
                    49:0d:0b:ee:af:60:b1:9b:9e:43:c5:3f:de:f2:99:
                    a4:88:60:09:50:4d:2f:bf:ef:dc:77:77:48:09:6b:
                    19:69:85:9b:4e:52:25:ec:a3:95:72:f6:ab:0e:2f:
                    1e:a7:f6:8f:96:d9:ae:bd:3e:fe:98:6f:f9:f7:b1:
                    44:b1:cb:89:6b:4d:b8:87:a1:31:b7:2c:f9:53:d0:
                    b6:dd:b3:c8:00:b1:69:36:ac:0b:7e:29:ef:88:9e:
                    f7:77:3e:65:7d:81:b5:db:ae:63:58:9f:c2:e7:a7:
                    44:53:bc:2f:a1:32:65:36:1d:49:2d:70:4d:6f:89:
                    ce:68:70:d1:51:7b:83:a4:a7:03:dc:60:d1:d3:df:
                    1c:98:07:45:84:bf:b6:15:97:cd:bf:fb:4b:1b:91:
                    a5:d2:d6:3a:db:f0:b2:e1:b4:64:38:19:26:8a:8a:
                    d7:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:ED:B6:FB:C1:E7:C6:D6:99:0D:E8:F3:E6:03:CC:BB:C2:FD:3C:A3
            X509v3 Authority Key Identifier:
                keyid:B5:B5:3D:37:57:2D:6A:0F:BE:C2:DD:FA:35:C8:85:88:BB:1B:29:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbU9N1ctag--wt36NciFiLsbKSg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:71:05:c3:7b:cf:32:f0:fc:e4:81:37:d7:07:3b:11:29:3e:
         af:0b:4a:1a:d1:9d:13:2d:8f:34:76:ec:ff:6c:00:87:2b:b1:
         7e:e4:d4:09:9f:0f:3f:4b:0a:02:74:19:67:e4:65:ef:79:0c:
         e2:14:2a:5f:32:e7:be:a8:c2:ae:62:a0:df:a7:a5:13:a7:0b:
         a2:83:53:9d:2c:19:72:f5:c7:61:cb:71:6c:b8:dd:8e:93:a2:
         de:89:fe:67:55:de:d4:1c:d9:1e:bd:f9:f5:dd:54:0a:bd:4d:
         ad:71:5a:c2:44:2b:4c:29:4e:e5:2d:9a:cd:77:87:cd:51:88:
         68:0d:41:1f:c0:f4:3f:d6:40:08:80:2a:d1:be:ad:14:20:84:
         16:f6:4b:28:a4:b7:26:00:b8:1f:62:ae:49:96:ca:a0:6d:b5:
         55:1b:0d:16:90:3a:0f:d8:d6:1d:aa:80:f0:02:34:0b:48:72:
         7b:24:e7:62:62:00:2b:08:68:5e:d8:f4:18:43:4c:d4:75:70:
         fb:e0:88:63:f9:4b:5b:ae:87:9a:04:46:97:20:0c:b7:fa:94:
         b4:7e:19:3c:46:78:a9:9f:86:58:41:0c:e2:ee:39:eb:0c:87:
         af:88:10:5f:2b:3d:01:e2:28:39:1a:f6:6c:98:64:f1:c4:0b:
         95:06:65:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RU+cz55+BdVoibEMsF4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjUzZDM3NTcyZDZhMGZiZWMyZGRmYTM1Yzg4NTg4YmIx
YjI5MjgwHhcNMjUwNjI4MTYwMTAyWhcNMjUwNjI5MTYwMTAyWjAzMTEwLwYDVQQD
Eyg0NmVkYjZmYmMxZTdjNmQ2OTkwZGU4ZjNlNjAzY2NiYmMyZmQzY2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHB+YskF2ZWuchUL5Iky1ZycjT2J
jVkrtwN5K4pv3brmJM9CsLHBHLDDMvrCBIkhYs5CZ0HLEMrptDu27yhB6DeIXo6I
tKTXVb5MA3S3DljsEP0pjvRSpXZJDQvur2Cxm55DxT/e8pmkiGAJUE0vv+/cd3dI
CWsZaYWbTlIl7KOVcvarDi8ep/aPltmuvT7+mG/597FEscuJa024h6Extyz5U9C2
3bPIALFpNqwLfinviJ73dz5lfYG1265jWJ/C56dEU7wvoTJlNh1JLXBNb4nOaHDR
UXuDpKcD3GDR098cmAdFhL+2FZfNv/tLG5Gl0tY62/Cy4bRkOBkmiorXlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEbttvvB58bWmQ3o8+YDzLvC/TyjMB8GA1UdIwQY
MBaAFLW1PTdXLWoPvsLd+jXIhYi7GykoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJVOU4xY3RhZy0td3QzNk5jaUZpTHNiS1NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9iODI4ZmItNzM3Yy00NzhlLThhOWYt
YjljMTE2Zjc1ZGYxLzEvdGJVOU4xY3RhZy0td3QzNk5jaUZpTHNiS1NnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9iODI4ZmItNzM3Yy00NzhlLThhOWYtYjljMTE2Zjc1ZGYx
LzEvdGJVOU4xY3RhZy0td3QzNk5jaUZpTHNiS1NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc3EFw3vP
MvD85IE31wc7ESk+rwtKGtGdEy2PNHbs/2wAhyuxfuTUCZ8PP0sKAnQZZ+Rl73kM
4hQqXzLnvqjCrmKg36elE6cLooNTnSwZcvXHYctxbLjdjpOi3on+Z1Xe1BzZHr35
9d1UCr1NrXFawkQrTClO5S2azXeHzVGIaA1BH8D0P9ZACIAq0b6tFCCEFvZLKKS3
JgC4H2KuSZbKoG21VRsNFpA6D9jWHaqA8AI0C0hyeyTnYmIAKwhoXtj0GENM1HVw
++CIY/lLW66HmgRGlyAMt/qUtH4ZPEZ4qZ+GWEEM4u456wyHr4gQXys9AeIoORr2
bJhk8cQLlQZlcg==
-----END CERTIFICATE-----