Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
File:                     tZXiFxdovJspQknw46U1kBecUu4.mft (raw, json)
Hash identifier:          M6GXJwCXaaKIIUvpTbVqdKNkwDacLeyYl4vt/PPWH78=
Subject key identifier:   58:0D:3F:26:72:6E:EB:43:01:40:05:65:63:AF:B1:96:A1:EA:71:E3
Authority key identifier: B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE
Certificate issuer:       /CN=b595e2171768bc9b294249f0e3a53590179c52ee
Certificate serial:       0199FDD916F22CB9D909E48944288463414E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
Manifest number:          16E4
Signing time:             Sun 19 Oct 2025 19:01:26 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:26 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:26 +0000
Files and hashes:         1: tZXiFxdovJspQknw46U1kBecUu4.crl (hash: fFW/4hT3VKxGL4EZdLJLxEJJuI5KJMOnmeX3RGNDQ9w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:16:f2:2c:b9:d9:09:e4:89:44:28:84:63:41:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b595e2171768bc9b294249f0e3a53590179c52ee
        Validity
            Not Before: Oct 19 19:01:26 2025 GMT
            Not After : Oct 20 19:01:26 2025 GMT
        Subject: CN=580d3f26726eeb430140056563afb196a1ea71e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:cb:fa:61:63:d7:76:10:ea:99:1c:76:c2:62:
                    c9:8f:1c:f9:4f:f1:a7:17:7d:29:68:6b:1a:7b:18:
                    a0:6c:83:88:0f:6e:a3:3d:e7:2d:d0:de:16:a6:74:
                    83:73:c9:17:ef:00:a1:85:86:cf:15:6f:86:6b:0a:
                    b6:25:9f:ac:fe:91:df:a9:5a:a6:68:81:4f:35:20:
                    37:c1:a9:14:c6:3a:c2:32:51:7c:b8:3f:76:55:af:
                    80:b0:22:79:85:93:5b:e0:06:5e:4b:14:b9:17:4a:
                    2d:3b:82:4e:f7:a3:23:3d:15:6d:09:bd:3e:e4:ea:
                    48:90:ad:d3:2b:d5:cd:8b:b8:51:99:5f:ae:68:24:
                    57:2e:23:f1:90:e9:24:7e:e3:1d:f9:16:9e:13:47:
                    f5:91:e6:c4:0c:71:69:3c:02:85:b2:e1:a7:d7:8a:
                    43:b4:09:a1:7b:f7:56:f8:a6:66:f4:56:33:f5:e2:
                    74:db:15:92:19:7e:89:3f:6e:a0:6f:f1:a7:2c:24:
                    65:ff:85:32:4c:75:ec:d8:0c:a3:f3:44:28:71:2f:
                    84:c8:73:da:5b:40:f8:53:b6:df:88:b9:09:89:52:
                    0d:bc:d5:9d:12:a6:3d:6d:68:85:54:64:10:de:ac:
                    cd:f1:10:bb:23:e2:16:9b:07:5d:59:d3:c6:d6:cc:
                    e5:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:0D:3F:26:72:6E:EB:43:01:40:05:65:63:AF:B1:96:A1:EA:71:E3
            X509v3 Authority Key Identifier:
                keyid:B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:e4:36:ea:49:ed:a0:70:70:3d:20:c5:8d:03:e0:e6:c5:86:
         98:5d:0f:8d:45:fc:8b:ac:49:41:ed:37:59:65:a2:ba:0b:6f:
         53:1e:fb:0d:73:1c:5d:e0:fa:3d:85:ed:3c:f9:15:84:0a:c9:
         f4:74:48:11:31:09:01:a0:5f:3b:58:41:00:55:ff:c2:28:ed:
         b0:8b:ef:a4:b7:65:0e:8e:0f:e5:03:d3:f3:15:bc:6e:bb:4c:
         8a:27:70:34:b2:cc:8d:36:0b:ff:44:69:f4:c3:73:14:4a:4b:
         de:32:2d:4d:a4:86:5a:af:96:55:83:f9:04:18:31:d4:4d:bc:
         8a:c3:b3:24:9a:57:b8:e1:1e:99:e3:fe:52:50:c5:33:df:5e:
         b3:68:cd:50:45:b4:a0:1d:69:75:ab:c0:c4:60:11:ee:55:0e:
         99:36:36:86:bf:3d:83:32:74:df:e7:17:9c:c6:c9:f4:69:54:
         99:88:31:8f:a1:a8:d9:8d:9a:88:75:dc:ef:98:f7:4b:b3:9f:
         ae:0e:64:7f:2e:3d:ac:18:72:9e:eb:7a:a9:bf:67:a4:93:7c:
         b9:63:dd:df:d3:84:91:4e:15:5e:fc:02:46:8c:82:59:6e:98:
         ca:99:3d:db:d2:d1:db:97:36:cd:bc:d8:e2:e9:40:18:d0:32:
         96:c5:a3:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92RbyLLnZCeSJRCiEY0FOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OTVlMjE3MTc2OGJjOWIyOTQyNDlmMGUzYTUzNTkwMTc5
YzUyZWUwHhcNMjUxMDE5MTkwMTI2WhcNMjUxMDIwMTkwMTI2WjAzMTEwLwYDVQQD
Eyg1ODBkM2YyNjcyNmVlYjQzMDE0MDA1NjU2M2FmYjE5NmExZWE3MWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMv6YWPXdhDqmRx2wmLJjxz5T/Gn
F30paGsaexigbIOID26jPect0N4WpnSDc8kX7wChhYbPFW+Gawq2JZ+s/pHfqVqm
aIFPNSA3wakUxjrCMlF8uD92Va+AsCJ5hZNb4AZeSxS5F0otO4JO96MjPRVtCb0+
5OpIkK3TK9XNi7hRmV+uaCRXLiPxkOkkfuMd+RaeE0f1kebEDHFpPAKFsuGn14pD
tAmhe/dW+KZm9FYz9eJ02xWSGX6JP26gb/GnLCRl/4UyTHXs2Ayj80QocS+EyHPa
W0D4U7bfiLkJiVINvNWdEqY9bWiFVGQQ3qzN8RC7I+IWmwddWdPG1szlfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFgNPyZybutDAUAFZWOvsZah6nHjMB8GA1UdIwQY
MBaAFLWV4hcXaLybKUJJ8OOlNZAXnFLuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEt
NjBiNGFjZTAwNGI1LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEtNjBiNGFjZTAwNGI1
LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVeQ26knt
oHBwPSDFjQPg5sWGmF0PjUX8i6xJQe03WWWiugtvUx77DXMcXeD6PYXtPPkVhArJ
9HRIETEJAaBfO1hBAFX/wijtsIvvpLdlDo4P5QPT8xW8brtMiidwNLLMjTYL/0Rp
9MNzFEpL3jItTaSGWq+WVYP5BBgx1E28isOzJJpXuOEemeP+UlDFM99es2jNUEW0
oB1pdavAxGAR7lUOmTY2hr89gzJ03+cXnMbJ9GlUmYgxj6Go2Y2aiHXc75j3S7Of
rg5kfy49rBhynut6qb9npJN8uWPd39OEkU4VXvwCRoyCWW6Yypk929LR25c2zbzY
4ulAGNAylsWjLQ==
-----END CERTIFICATE-----