Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.mft
File:                     tbU9N1ctag--wt36NciFiLsbKSg.mft (raw, json)
Hash identifier:          j9XaFJJP37l+CFtVusqOyr/15nn+dhqvbHgi1DfOnAQ=
Subject key identifier:   F4:E4:31:7A:D3:C6:49:2A:81:95:A8:E0:FB:B2:A3:52:09:FB:0C:8E
Authority key identifier: B5:B5:3D:37:57:2D:6A:0F:BE:C2:DD:FA:35:C8:85:88:BB:1B:29:28
Certificate issuer:       /CN=b5b53d37572d6a0fbec2ddfa35c88588bb1b2928
Certificate serial:       0198D515DDFF7A193C4A996D41FC1D8F25C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tbU9N1ctag--wt36NciFiLsbKSg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.mft
Manifest number:          019D
Signing time:             Sat 23 Aug 2025 04:00:36 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:36 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:36 +0000
Files and hashes:         1: tbU9N1ctag--wt36NciFiLsbKSg.crl (hash: gTG9Me8xp5NjmQhI24dD902iQ7qtwSotH/lYFWgAqBs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tbU9N1ctag--wt36NciFiLsbKSg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:dd:ff:7a:19:3c:4a:99:6d:41:fc:1d:8f:25:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5b53d37572d6a0fbec2ddfa35c88588bb1b2928
        Validity
            Not Before: Aug 23 04:00:36 2025 GMT
            Not After : Aug 24 04:00:36 2025 GMT
        Subject: CN=f4e4317ad3c6492a8195a8e0fbb2a35209fb0c8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:96:9b:9d:24:8f:93:1f:9b:de:7f:ca:9b:1c:
                    32:40:8b:c9:56:4a:6e:ad:7e:d2:21:9f:45:c5:ab:
                    7d:e1:f7:8c:a8:98:fb:59:a5:f9:9a:47:0e:6d:2a:
                    2d:ea:4b:20:26:ed:09:37:e0:c7:6d:df:c9:59:ad:
                    38:ec:ee:af:6c:67:a7:3d:c4:d5:f4:77:60:54:71:
                    47:cd:e8:56:bc:38:39:43:ac:e2:33:5c:bd:45:bc:
                    c1:85:d2:a2:ea:7f:27:db:78:06:08:f9:13:42:8b:
                    46:c0:fe:ac:88:6e:12:55:50:35:e2:0b:7a:4f:66:
                    e9:07:60:90:f9:e5:73:a7:25:f0:62:25:30:29:12:
                    70:1b:11:94:1a:bc:f3:51:f5:b9:10:df:f3:f3:fe:
                    42:02:7e:ba:a3:2b:72:c4:36:8e:85:15:5c:bf:1d:
                    d8:51:0b:81:92:b6:11:b2:98:47:39:99:ac:56:4d:
                    d6:28:3e:9e:c6:8b:d6:e1:f7:cb:96:75:d1:23:26:
                    c0:fb:0f:4b:95:0f:12:1d:1d:b4:62:a1:fb:f5:27:
                    d6:4b:e4:5b:69:09:03:0a:99:f1:f7:5c:a9:09:06:
                    4f:c4:75:16:b8:c1:71:3c:1b:39:ab:e2:b7:a8:34:
                    4e:2e:2e:8b:2b:5e:a5:28:a9:cd:61:2d:a4:60:ff:
                    4f:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:E4:31:7A:D3:C6:49:2A:81:95:A8:E0:FB:B2:A3:52:09:FB:0C:8E
            X509v3 Authority Key Identifier:
                keyid:B5:B5:3D:37:57:2D:6A:0F:BE:C2:DD:FA:35:C8:85:88:BB:1B:29:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbU9N1ctag--wt36NciFiLsbKSg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/b828fb-737c-478e-8a9f-b9c116f75df1/1/tbU9N1ctag--wt36NciFiLsbKSg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:93:0e:5f:e4:05:b1:0e:a4:e2:f8:93:d7:ab:e9:20:8e:a8:
         05:01:83:68:85:28:3e:9e:d8:67:cc:b0:81:9a:15:87:d6:d2:
         ab:70:42:87:da:ba:01:c4:1c:83:b6:c8:15:5f:12:18:3d:02:
         c3:43:22:40:08:8f:ef:18:91:78:bc:99:2c:2c:2b:df:72:35:
         cb:f3:5e:45:71:11:ce:c7:97:a0:a1:41:31:87:cd:a3:8e:3b:
         48:e3:72:69:df:69:25:4a:fa:ce:70:b8:a7:7a:61:38:e4:d8:
         3b:79:21:61:61:49:aa:04:aa:20:69:bd:4a:73:57:3e:d5:16:
         9b:02:54:8f:1f:44:32:b4:85:6c:bc:f3:04:48:25:4d:f6:a8:
         2a:6f:28:81:81:c6:1f:93:a9:bf:8f:eb:8f:2a:ff:22:78:6b:
         a2:1b:9f:52:84:97:9f:33:d1:0f:bc:15:85:bc:1b:6c:29:25:
         b0:04:80:d9:8a:61:82:d4:86:ae:74:8c:a5:9f:62:39:eb:35:
         07:63:1b:83:f3:09:b5:42:7e:7f:f6:f9:a0:d6:26:ff:67:8e:
         91:83:5c:4e:6d:5a:b3:72:6d:a8:fa:05:b5:0c:fb:8b:a0:11:
         b0:58:b4:0f:6c:c9:02:ee:25:06:cb:f7:9b:3b:56:26:97:90:
         21:62:04:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFd3/ehk8SpltQfwdjyXBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjUzZDM3NTcyZDZhMGZiZWMyZGRmYTM1Yzg4NTg4YmIx
YjI5MjgwHhcNMjUwODIzMDQwMDM2WhcNMjUwODI0MDQwMDM2WjAzMTEwLwYDVQQD
EyhmNGU0MzE3YWQzYzY0OTJhODE5NWE4ZTBmYmIyYTM1MjA5ZmIwYzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JabnSSPkx+b3n/KmxwyQIvJVkpu
rX7SIZ9Fxat94feMqJj7WaX5mkcObSot6ksgJu0JN+DHbd/JWa047O6vbGenPcTV
9HdgVHFHzehWvDg5Q6ziM1y9RbzBhdKi6n8n23gGCPkTQotGwP6siG4SVVA14gt6
T2bpB2CQ+eVzpyXwYiUwKRJwGxGUGrzzUfW5EN/z8/5CAn66oytyxDaOhRVcvx3Y
UQuBkrYRsphHOZmsVk3WKD6exovW4ffLlnXRIybA+w9LlQ8SHR20YqH79SfWS+Rb
aQkDCpnx91ypCQZPxHUWuMFxPBs5q+K3qDROLi6LK16lKKnNYS2kYP9PbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPTkMXrTxkkqgZWo4Puyo1IJ+wyOMB8GA1UdIwQY
MBaAFLW1PTdXLWoPvsLd+jXIhYi7GykoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJVOU4xY3RhZy0td3QzNk5jaUZpTHNiS1NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9iODI4ZmItNzM3Yy00NzhlLThhOWYt
YjljMTE2Zjc1ZGYxLzEvdGJVOU4xY3RhZy0td3QzNk5jaUZpTHNiS1NnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9iODI4ZmItNzM3Yy00NzhlLThhOWYtYjljMTE2Zjc1ZGYx
LzEvdGJVOU4xY3RhZy0td3QzNk5jaUZpTHNiS1NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ5MOX+QF
sQ6k4viT16vpII6oBQGDaIUoPp7YZ8ywgZoVh9bSq3BCh9q6AcQcg7bIFV8SGD0C
w0MiQAiP7xiReLyZLCwr33I1y/NeRXERzseXoKFBMYfNo447SONyad9pJUr6znC4
p3phOOTYO3khYWFJqgSqIGm9SnNXPtUWmwJUjx9EMrSFbLzzBEglTfaoKm8ogYHG
H5Opv4/rjyr/InhrohufUoSXnzPRD7wVhbwbbCklsASA2YphgtSGrnSMpZ9iOes1
B2Mbg/MJtUJ+f/b5oNYm/2eOkYNcTm1as3JtqPoFtQz7i6ARsFi0D2zJAu4lBsv3
mztWJpeQIWIE2w==
-----END CERTIFICATE-----