Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
File:                     tZXiFxdovJspQknw46U1kBecUu4.mft (raw, json)
Hash identifier:          CozkhAph1pI0NYnX8B3rjur8f1wX72tPKRl4E3nnX4w=
Subject key identifier:   88:EF:F2:7F:B3:FB:EF:EE:27:F6:F3:B8:B6:FA:0D:4E:A4:12:12:2C
Authority key identifier: B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE
Certificate issuer:       /CN=b595e2171768bc9b294249f0e3a53590179c52ee
Certificate serial:       0198D660095F362F4B4D573D1FC0DE9D2B14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
Manifest number:          164B
Signing time:             Sat 23 Aug 2025 10:01:14 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:14 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:14 +0000
Files and hashes:         1: tZXiFxdovJspQknw46U1kBecUu4.crl (hash: QwBNCMcEazJ1kHiDh0TbClCDYMtSPbtaZGDyInrDjLM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:09:5f:36:2f:4b:4d:57:3d:1f:c0:de:9d:2b:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b595e2171768bc9b294249f0e3a53590179c52ee
        Validity
            Not Before: Aug 23 10:01:14 2025 GMT
            Not After : Aug 24 10:01:14 2025 GMT
        Subject: CN=88eff27fb3fbefee27f6f3b8b6fa0d4ea412122c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:ca:82:f4:33:8a:d6:32:08:26:fb:03:bb:94:
                    17:d1:a5:ba:66:86:09:77:fe:49:43:1c:45:03:1f:
                    17:09:88:d2:c6:d0:dd:e8:8a:1b:d5:27:1b:db:39:
                    33:f4:92:87:84:b5:a2:73:11:d2:91:d7:24:c9:0d:
                    07:fd:d5:0e:ad:d3:c5:76:41:64:7f:51:83:a9:ef:
                    3c:13:ad:60:2f:57:49:0d:8f:a0:b2:48:8b:56:8d:
                    ca:f2:b9:cc:45:ab:d5:d0:9c:40:71:be:2b:ea:ab:
                    35:cc:e2:66:1b:d1:f2:73:98:18:47:79:b8:d5:22:
                    64:1a:95:c1:48:2c:7b:12:96:63:84:d6:b6:54:0d:
                    31:21:78:75:3b:87:cd:a8:78:ab:7b:c8:95:f0:85:
                    c8:3e:1a:3b:7f:a3:b3:eb:d0:37:7d:0b:78:d2:8c:
                    4c:5a:24:54:98:ca:a8:4c:f6:2b:c2:f8:a1:ba:fb:
                    cd:fb:f7:81:5f:b5:91:76:25:d7:db:53:05:d1:0f:
                    ba:59:dc:43:33:79:cd:e7:fc:07:f3:b2:68:e1:9f:
                    35:3f:73:71:8c:aa:44:81:84:01:86:e4:43:bd:2a:
                    41:0b:89:75:e9:42:47:9a:a8:1b:05:0a:78:b8:fa:
                    05:e7:a0:6c:ee:1c:c5:c0:e0:1f:e7:35:cc:30:f6:
                    a9:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:EF:F2:7F:B3:FB:EF:EE:27:F6:F3:B8:B6:FA:0D:4E:A4:12:12:2C
            X509v3 Authority Key Identifier:
                keyid:B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:0a:85:fe:13:53:46:a4:b7:45:70:de:fe:ae:be:2a:e0:80:
         7d:89:13:2c:c3:58:5d:76:dd:6c:72:b5:58:8f:31:49:2e:1c:
         87:34:e8:9a:ed:23:17:2c:c2:dd:d6:d0:ef:0f:54:ac:69:50:
         29:d2:44:6b:dc:db:5f:be:e0:39:98:47:0a:1c:3f:21:e2:bd:
         b4:ae:ac:f2:ea:6c:06:af:ba:23:d6:95:43:5d:1a:17:4c:ca:
         6f:be:11:33:4f:28:55:07:3c:4a:39:bf:f9:36:4b:24:1c:69:
         a4:4e:9e:d5:05:05:f6:d8:8e:e3:56:39:b9:66:00:24:18:5d:
         5a:19:6a:86:03:db:ae:cd:d4:fa:1b:49:07:c7:8b:4c:58:9b:
         91:13:af:2d:f8:9b:91:d0:6f:3b:7c:d0:45:96:bf:f2:60:31:
         81:2f:8f:5a:29:d9:d9:f9:75:aa:a4:1c:a2:bf:d4:00:30:86:
         1d:72:bc:f3:49:86:e7:d5:5c:08:25:bd:d6:b2:b3:ea:33:64:
         73:5b:cb:d4:9e:b6:47:e7:22:55:ee:7b:c6:c8:55:46:33:49:
         03:86:67:ce:30:63:e9:8b:e1:6d:ab:b2:04:16:0a:57:d0:30:
         ed:e7:6a:5e:b7:8b:5c:ff:4e:1d:a5:85:7e:f2:7c:07:e1:58:
         70:b9:cb:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYAlfNi9LTVc9H8DenSsUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OTVlMjE3MTc2OGJjOWIyOTQyNDlmMGUzYTUzNTkwMTc5
YzUyZWUwHhcNMjUwODIzMTAwMTE0WhcNMjUwODI0MTAwMTE0WjAzMTEwLwYDVQQD
Eyg4OGVmZjI3ZmIzZmJlZmVlMjdmNmYzYjhiNmZhMGQ0ZWE0MTIxMjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosqC9DOK1jIIJvsDu5QX0aW6ZoYJ
d/5JQxxFAx8XCYjSxtDd6Iob1Scb2zkz9JKHhLWicxHSkdckyQ0H/dUOrdPFdkFk
f1GDqe88E61gL1dJDY+gskiLVo3K8rnMRavV0JxAcb4r6qs1zOJmG9Hyc5gYR3m4
1SJkGpXBSCx7EpZjhNa2VA0xIXh1O4fNqHire8iV8IXIPho7f6Oz69A3fQt40oxM
WiRUmMqoTPYrwvihuvvN+/eBX7WRdiXX21MF0Q+6WdxDM3nN5/wH87Jo4Z81P3Nx
jKpEgYQBhuRDvSpBC4l16UJHmqgbBQp4uPoF56Bs7hzFwOAf5zXMMPapNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIjv8n+z++/uJ/bzuLb6DU6kEhIsMB8GA1UdIwQY
MBaAFLWV4hcXaLybKUJJ8OOlNZAXnFLuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEt
NjBiNGFjZTAwNGI1LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEtNjBiNGFjZTAwNGI1
LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlQqF/hNT
RqS3RXDe/q6+KuCAfYkTLMNYXXbdbHK1WI8xSS4chzTomu0jFyzC3dbQ7w9UrGlQ
KdJEa9zbX77gOZhHChw/IeK9tK6s8upsBq+6I9aVQ10aF0zKb74RM08oVQc8Sjm/
+TZLJBxppE6e1QUF9tiO41Y5uWYAJBhdWhlqhgPbrs3U+htJB8eLTFibkROvLfib
kdBvO3zQRZa/8mAxgS+PWinZ2fl1qqQcor/UADCGHXK880mG59VcCCW91rKz6jNk
c1vL1J62R+ciVe57xshVRjNJA4ZnzjBj6YvhbauyBBYKV9Aw7edqXreLXP9OHaWF
fvJ8B+FYcLnLRA==
-----END CERTIFICATE-----