Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
File:                     tsaaSiFb3h0yk03chd6vj9nJRHk.mft (raw, json)
Hash identifier:          Fqeh3KipyDDMtz0XUReguLeVXd1inFbTkriGoKhuHno=
Subject key identifier:   80:F2:A1:04:1C:AD:69:66:C2:95:54:5D:93:22:96:C2:A5:EC:E3:62
Authority key identifier: B6:C6:9A:4A:21:5B:DE:1D:32:93:4D:DC:85:DE:AF:8F:D9:C9:44:79
Certificate issuer:       /CN=b6c69a4a215bde1d32934ddc85deaf8fd9c94479
Certificate serial:       0198D6CD7060EAE8294FE62A3C8AEF6DEC0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
Manifest number:          0DF6
Signing time:             Sat 23 Aug 2025 12:00:44 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:44 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:44 +0000
Files and hashes:         1: tsaaSiFb3h0yk03chd6vj9nJRHk.crl (hash: iDrqr5EuM0dRSUP7oxd4wRl7kAkuFyJebK55nuYePIE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:70:60:ea:e8:29:4f:e6:2a:3c:8a:ef:6d:ec:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6c69a4a215bde1d32934ddc85deaf8fd9c94479
        Validity
            Not Before: Aug 23 12:00:44 2025 GMT
            Not After : Aug 24 12:00:44 2025 GMT
        Subject: CN=80f2a1041cad6966c295545d932296c2a5ece362
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:bf:31:ab:75:7d:71:c1:30:83:76:92:d7:d3:
                    22:3d:82:55:b9:7d:03:a1:1e:2e:97:1a:4b:cc:26:
                    e0:cb:30:ee:d6:e8:80:aa:98:e0:80:c4:43:e6:a6:
                    65:af:96:99:d0:19:73:01:fe:06:8d:7c:8c:81:4c:
                    77:b7:dd:79:ce:2e:09:69:b0:99:20:3c:42:81:e4:
                    e0:99:3b:0c:20:89:4c:c8:58:37:06:57:6f:47:eb:
                    95:93:e0:b0:a1:6b:6d:96:6e:82:44:4e:79:68:10:
                    21:e4:4c:3d:4e:a7:7a:53:39:76:64:5b:5e:52:73:
                    e5:ce:89:a9:b5:21:72:33:16:89:93:0c:bc:f1:5e:
                    89:8d:13:1b:e6:9f:49:17:e3:e2:7b:3b:14:fe:10:
                    6d:cd:ce:fd:ac:ea:d0:30:20:f2:c8:80:8b:c5:73:
                    e9:4a:af:23:07:04:42:03:20:24:df:44:9b:27:b7:
                    c9:85:79:6d:47:3b:3d:6c:75:a2:e8:df:d6:cc:00:
                    a8:a3:44:87:4c:fd:92:61:33:91:70:a5:41:e9:c8:
                    bf:71:d6:d4:8c:df:d7:d2:8f:38:54:a0:13:c1:47:
                    f9:1d:16:47:17:f4:34:48:28:a7:d2:a9:7b:08:28:
                    b5:23:e5:b3:a1:8c:bc:23:e6:42:88:0a:04:19:c6:
                    c4:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:F2:A1:04:1C:AD:69:66:C2:95:54:5D:93:22:96:C2:A5:EC:E3:62
            X509v3 Authority Key Identifier:
                keyid:B6:C6:9A:4A:21:5B:DE:1D:32:93:4D:DC:85:DE:AF:8F:D9:C9:44:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:cc:ff:5b:12:77:3b:14:e8:b9:01:8c:15:28:09:91:3f:28:
         fa:79:d8:1a:b1:8d:a9:09:3c:d9:00:d0:6c:47:41:2b:10:59:
         12:5e:b8:6f:cd:25:5d:f0:7b:d2:c0:32:7a:4a:45:2a:d0:35:
         0c:db:c7:2c:48:38:c5:4b:6c:1e:99:72:be:4a:39:8e:87:10:
         0b:08:75:f3:77:52:4e:41:22:b6:23:8b:4c:c1:db:dc:27:12:
         90:43:b9:f6:bc:d9:47:ee:d9:96:a5:50:a4:3d:2d:70:3f:6c:
         4d:db:ad:3a:17:e6:59:98:34:33:2a:60:8d:e1:13:34:24:f2:
         d6:8f:93:03:d0:64:f1:8d:24:1d:11:28:63:e5:9f:1a:38:ac:
         17:b6:6e:d4:0a:bd:a0:48:ec:b3:63:13:c4:90:4f:a3:20:ee:
         1e:81:32:f7:f8:6f:a4:07:eb:59:02:19:c6:db:42:a6:1e:67:
         22:c7:7b:80:85:fe:43:b9:af:b0:0f:23:4f:a0:9c:46:d3:d5:
         f5:3a:1f:85:4f:df:88:03:5e:21:88:bf:4c:86:f2:e3:86:70:
         fd:ae:67:a2:ea:53:2d:03:cd:60:f3:1e:ec:66:22:51:b0:77:
         d8:db:99:7f:59:fd:0c:6a:8c:e0:c3:ca:78:b4:5a:3a:e7:d9:
         7e:e6:7f:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzXBg6ugpT+YqPIrvbewOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YzY5YTRhMjE1YmRlMWQzMjkzNGRkYzg1ZGVhZjhmZDlj
OTQ0NzkwHhcNMjUwODIzMTIwMDQ0WhcNMjUwODI0MTIwMDQ0WjAzMTEwLwYDVQQD
Eyg4MGYyYTEwNDFjYWQ2OTY2YzI5NTU0NWQ5MzIyOTZjMmE1ZWNlMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAub8xq3V9ccEwg3aS19MiPYJVuX0D
oR4ulxpLzCbgyzDu1uiAqpjggMRD5qZlr5aZ0BlzAf4GjXyMgUx3t915zi4JabCZ
IDxCgeTgmTsMIIlMyFg3BldvR+uVk+CwoWttlm6CRE55aBAh5Ew9Tqd6Uzl2ZFte
UnPlzomptSFyMxaJkwy88V6JjRMb5p9JF+PiezsU/hBtzc79rOrQMCDyyICLxXPp
Sq8jBwRCAyAk30SbJ7fJhXltRzs9bHWi6N/WzACoo0SHTP2SYTORcKVB6ci/cdbU
jN/X0o84VKATwUf5HRZHF/Q0SCin0ql7CCi1I+WzoYy8I+ZCiAoEGcbEzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIDyoQQcrWlmwpVUXZMilsKl7ONiMB8GA1UdIwQY
MBaAFLbGmkohW94dMpNN3IXer4/ZyUR5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81NzdhN2ItNWRjYy00M2E3LWE4OWMt
ZTNiYzZiNDk5ZTdiLzEvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81NzdhN2ItNWRjYy00M2E3LWE4OWMtZTNiYzZiNDk5ZTdi
LzEvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXMz/WxJ3
OxTouQGMFSgJkT8o+nnYGrGNqQk82QDQbEdBKxBZEl64b80lXfB70sAyekpFKtA1
DNvHLEg4xUtsHplyvko5jocQCwh183dSTkEitiOLTMHb3CcSkEO59rzZR+7ZlqVQ
pD0tcD9sTdutOhfmWZg0MypgjeETNCTy1o+TA9Bk8Y0kHREoY+WfGjisF7Zu1Aq9
oEjss2MTxJBPoyDuHoEy9/hvpAfrWQIZxttCph5nIsd7gIX+Q7mvsA8jT6CcRtPV
9TofhU/fiANeIYi/TIby44Zw/a5noupTLQPNYPMe7GYiUbB32NuZf1n9DGqM4MPK
eLRaOufZfuZ/Gg==
-----END CERTIFICATE-----