Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
File:                     tsaaSiFb3h0yk03chd6vj9nJRHk.mft (raw, json)
Hash identifier:          WActurH+BxWLVRE01OIFqdmmyTsWHTLOahAI0b5ukkU=
Subject key identifier:   26:F9:6C:B3:C4:A5:55:10:63:C3:72:70:8E:45:9A:18:C8:16:35:E5
Authority key identifier: B6:C6:9A:4A:21:5B:DE:1D:32:93:4D:DC:85:DE:AF:8F:D9:C9:44:79
Certificate issuer:       /CN=b6c69a4a215bde1d32934ddc85deaf8fd9c94479
Certificate serial:       019A04118C66ABDB4744921460CAAE37A032
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
Manifest number:          0E92
Signing time:             Tue 21 Oct 2025 00:00:50 +0000
Manifest this update:     Tue 21 Oct 2025 00:00:50 +0000
Manifest next update:     Wed 22 Oct 2025 00:00:50 +0000
Files and hashes:         1: tsaaSiFb3h0yk03chd6vj9nJRHk.crl (hash: FV9TTPwtbA9z9F4hFAlPN6DjgmILRiKjJ1JN0ZGNgw4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 22:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:04:11:8c:66:ab:db:47:44:92:14:60:ca:ae:37:a0:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6c69a4a215bde1d32934ddc85deaf8fd9c94479
        Validity
            Not Before: Oct 21 00:00:50 2025 GMT
            Not After : Oct 22 00:00:50 2025 GMT
        Subject: CN=26f96cb3c4a5551063c372708e459a18c81635e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:03:54:6f:9d:0e:e6:d9:fa:24:8b:86:6b:f2:
                    a8:f4:ee:74:73:4d:be:42:68:37:19:a5:5a:9b:7e:
                    23:5e:9c:d1:11:7f:27:0d:d1:39:d9:d4:ee:c5:54:
                    ce:8d:86:e2:d6:83:4a:94:2d:0b:3b:ab:bb:48:b1:
                    cc:76:52:71:19:4a:7e:0b:4c:63:74:00:f4:02:db:
                    3f:57:07:c0:54:1c:45:70:a5:16:19:ff:76:24:9e:
                    11:23:0c:9a:e7:60:3b:84:d5:93:53:a1:d0:47:2e:
                    47:4f:24:e6:91:08:e4:30:66:0a:e3:0b:12:ae:c5:
                    d2:df:67:54:80:ce:56:c3:5e:d7:cf:e9:99:c8:d5:
                    84:92:44:9a:ef:bf:d8:43:6e:09:c8:40:6c:43:6a:
                    b7:5d:2c:de:e6:b9:a0:08:32:1f:a2:8a:91:b6:ec:
                    a8:d5:09:ec:84:e9:a3:38:79:e4:70:d9:c4:d6:27:
                    0d:c1:00:87:ea:05:f9:55:4b:56:32:76:0b:72:e0:
                    ac:90:16:51:1c:f3:f7:32:db:5e:28:37:60:6c:23:
                    f1:05:7f:c3:2e:17:9f:64:03:a3:c3:6d:8e:9a:4f:
                    e2:f0:ef:d0:0d:74:04:d9:80:20:4e:e7:e1:f6:ef:
                    80:4f:06:7c:3e:2a:c7:a1:33:0e:a7:0a:fd:4b:06:
                    f5:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:F9:6C:B3:C4:A5:55:10:63:C3:72:70:8E:45:9A:18:C8:16:35:E5
            X509v3 Authority Key Identifier:
                keyid:B6:C6:9A:4A:21:5B:DE:1D:32:93:4D:DC:85:DE:AF:8F:D9:C9:44:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:79:71:8c:27:84:50:e4:e7:35:13:14:f2:9e:1c:9a:40:b7:
         68:e0:21:ad:18:b8:55:0e:ee:06:10:b7:bc:78:00:00:cb:92:
         0b:6f:f8:72:58:1a:c6:67:57:b3:f6:34:86:d6:a8:ac:de:18:
         f6:a3:41:25:e6:64:79:2a:95:6e:91:23:0f:d7:7c:2b:ed:7d:
         f1:64:16:4a:6b:9f:1f:fe:8f:14:5f:59:3d:57:04:28:10:4c:
         c4:6e:3c:64:d8:e3:55:7a:fd:ba:55:38:28:05:82:7c:05:b8:
         79:af:97:98:39:9c:c4:34:2a:9f:b1:79:87:18:e1:dc:d3:1b:
         40:8c:63:a2:3b:80:63:10:27:16:b1:df:df:8f:67:f4:cc:79:
         0d:3d:d8:99:2f:27:78:f8:f2:13:8d:8c:97:ba:6c:95:c5:19:
         7f:4d:e1:57:b1:3b:c3:e7:ec:5b:23:16:55:a8:ef:1b:55:c4:
         6f:fa:a6:c9:ac:47:d9:db:10:63:87:0c:17:3f:3c:e0:96:88:
         a9:d6:53:9a:55:12:71:49:c9:a3:07:84:18:3f:7d:16:7d:ef:
         b8:c2:d4:94:df:47:0d:fe:07:ca:86:40:79:95:15:8a:3c:ff:
         9f:0e:f9:cc:04:f5:06:d4:50:fb:3e:b4:83:e6:81:40:a4:e9:
         a2:ed:cf:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoEEYxmq9tHRJIUYMquN6AyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YzY5YTRhMjE1YmRlMWQzMjkzNGRkYzg1ZGVhZjhmZDlj
OTQ0NzkwHhcNMjUxMDIxMDAwMDUwWhcNMjUxMDIyMDAwMDUwWjAzMTEwLwYDVQQD
EygyNmY5NmNiM2M0YTU1NTEwNjNjMzcyNzA4ZTQ1OWExOGM4MTYzNWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywNUb50O5tn6JIuGa/Ko9O50c02+
Qmg3GaVam34jXpzREX8nDdE52dTuxVTOjYbi1oNKlC0LO6u7SLHMdlJxGUp+C0xj
dAD0Ats/VwfAVBxFcKUWGf92JJ4RIwya52A7hNWTU6HQRy5HTyTmkQjkMGYK4wsS
rsXS32dUgM5Ww17Xz+mZyNWEkkSa77/YQ24JyEBsQ2q3XSze5rmgCDIfooqRtuyo
1QnshOmjOHnkcNnE1icNwQCH6gX5VUtWMnYLcuCskBZRHPP3MtteKDdgbCPxBX/D
LhefZAOjw22Omk/i8O/QDXQE2YAgTufh9u+ATwZ8PirHoTMOpwr9Swb1fwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCb5bLPEpVUQY8NycI5FmhjIFjXlMB8GA1UdIwQY
MBaAFLbGmkohW94dMpNN3IXer4/ZyUR5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81NzdhN2ItNWRjYy00M2E3LWE4OWMt
ZTNiYzZiNDk5ZTdiLzEvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81NzdhN2ItNWRjYy00M2E3LWE4OWMtZTNiYzZiNDk5ZTdi
LzEvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbXlxjCeE
UOTnNRMU8p4cmkC3aOAhrRi4VQ7uBhC3vHgAAMuSC2/4clgaxmdXs/Y0htaorN4Y
9qNBJeZkeSqVbpEjD9d8K+198WQWSmufH/6PFF9ZPVcEKBBMxG48ZNjjVXr9ulU4
KAWCfAW4ea+XmDmcxDQqn7F5hxjh3NMbQIxjojuAYxAnFrHf349n9Mx5DT3YmS8n
ePjyE42Ml7pslcUZf03hV7E7w+fsWyMWVajvG1XEb/qmyaxH2dsQY4cMFz884JaI
qdZTmlUScUnJoweEGD99Fn3vuMLUlN9HDf4HyoZAeZUVijz/nw75zAT1BtRQ+z60
g+aBQKTpou3P8w==
-----END CERTIFICATE-----