Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft
File:                     TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft (raw, json)
Hash identifier:          4LZypJqT5u4H8pgm5HANoeAvumEdV+vHLDgy9KT8kew=
Subject key identifier:   DB:C7:6B:2D:36:B2:0D:E3:92:0F:FB:EC:A2:62:C2:96:3C:3A:AB:B6
Authority key identifier: 4C:D7:10:B6:53:73:E0:D9:10:DA:70:63:6F:C1:43:C0:6B:A5:DD:AC
Certificate issuer:       /CN=4cd710b65373e0d910da70636fc143c06ba5ddac
Certificate serial:       0198D6CDA4160084D43AF5C737DE817B2B80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TNcQtlNz4NkQ2nBjb8FDwGul3aw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft
Manifest number:          15A0
Signing time:             Sat 23 Aug 2025 12:00:57 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:57 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:57 +0000
Files and hashes:         1: TNcQtlNz4NkQ2nBjb8FDwGul3aw.crl (hash: qR7cs44TTvCZ1QK4QCZjLBrPWiU1MlKpRrlTLRECAHE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TNcQtlNz4NkQ2nBjb8FDwGul3aw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:a4:16:00:84:d4:3a:f5:c7:37:de:81:7b:2b:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4cd710b65373e0d910da70636fc143c06ba5ddac
        Validity
            Not Before: Aug 23 12:00:57 2025 GMT
            Not After : Aug 24 12:00:57 2025 GMT
        Subject: CN=dbc76b2d36b20de3920ffbeca262c2963c3aabb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:83:af:d5:14:c6:26:e4:8c:16:fb:8c:47:1a:
                    dc:15:e0:42:98:cc:3f:8a:b3:f6:ac:cb:9c:0d:60:
                    38:5b:fc:bb:a4:25:ec:9a:1e:4e:ba:f2:f7:39:fd:
                    98:9e:44:f9:9c:6f:a3:48:61:bc:24:29:a0:7f:80:
                    64:fc:bc:9c:91:40:2f:a3:fa:1d:a1:a5:e7:04:12:
                    1d:b8:06:8b:90:65:3c:e0:b8:4d:c9:f7:07:9d:33:
                    81:72:b9:6e:e9:63:89:7d:12:2e:fa:70:f7:61:5b:
                    3f:45:d3:a8:f5:cb:3f:c6:95:92:68:c3:32:07:6f:
                    9d:ac:29:68:39:aa:25:e4:17:4d:b3:39:cf:51:d8:
                    e9:d1:56:9d:ef:1c:fc:c6:34:99:e3:fa:46:a9:d8:
                    45:e5:62:52:12:89:7a:3c:c4:cc:45:74:fe:66:3f:
                    25:02:78:3c:3c:60:29:ac:ae:79:d7:2e:9d:23:29:
                    fb:ce:de:4b:9f:73:9f:0c:86:ea:9f:68:87:c8:3b:
                    3c:dd:39:da:13:6d:a6:22:a6:20:30:a6:68:a3:2c:
                    aa:0d:fe:92:a1:4b:21:70:be:d5:68:7d:23:3c:be:
                    c3:1d:8b:52:1a:44:59:07:75:ca:64:7d:9b:44:77:
                    9d:fd:00:7d:91:fe:9b:41:1a:ee:38:c2:93:b7:1f:
                    7e:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:C7:6B:2D:36:B2:0D:E3:92:0F:FB:EC:A2:62:C2:96:3C:3A:AB:B6
            X509v3 Authority Key Identifier:
                keyid:4C:D7:10:B6:53:73:E0:D9:10:DA:70:63:6F:C1:43:C0:6B:A5:DD:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNcQtlNz4NkQ2nBjb8FDwGul3aw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:32:00:b5:38:77:7c:4c:30:6e:ea:51:e8:6e:d0:e5:7f:58:
         80:65:3b:e5:db:71:b4:fb:5f:ee:66:cd:1a:46:e2:a9:be:53:
         88:f5:8f:2b:4d:2d:75:c8:a2:83:86:fc:ea:57:56:54:65:99:
         2d:57:ed:8e:1c:69:5c:57:64:d3:74:ef:a4:82:dc:e5:74:62:
         99:fe:da:c6:ef:ce:9d:10:6c:5d:43:28:35:15:61:ea:ba:0f:
         4f:ea:e8:44:80:30:71:ab:b6:5c:6d:d2:fd:e5:21:ce:64:53:
         d7:73:35:01:a7:32:db:60:88:bf:a8:be:10:ab:12:b2:97:52:
         4d:58:63:7f:55:f7:bf:ab:46:07:ba:34:45:fb:bb:56:54:ab:
         42:69:16:ea:32:df:d3:be:26:5e:0a:c0:c7:aa:95:72:47:1f:
         1d:87:de:76:83:dd:d0:28:da:c6:b6:31:6e:99:14:c2:7b:55:
         f4:ac:03:4e:07:54:34:01:f0:16:e7:57:a0:88:3e:15:70:1c:
         ce:91:2f:9e:f9:34:a8:15:80:13:1c:70:cd:c1:e3:02:a6:d6:
         27:8b:af:a7:1d:9d:d3:60:da:f5:39:3c:cb:dc:47:d6:71:0e:
         5a:2e:9c:2e:1f:00:25:61:b8:1a:e4:d9:25:b9:6c:cd:1f:e4:
         89:5a:0f:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzaQWAITUOvXHN96BeyuAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZDcxMGI2NTM3M2UwZDkxMGRhNzA2MzZmYzE0M2MwNmJh
NWRkYWMwHhcNMjUwODIzMTIwMDU3WhcNMjUwODI0MTIwMDU3WjAzMTEwLwYDVQQD
EyhkYmM3NmIyZDM2YjIwZGUzOTIwZmZiZWNhMjYyYzI5NjNjM2FhYmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIOv1RTGJuSMFvuMRxrcFeBCmMw/
irP2rMucDWA4W/y7pCXsmh5OuvL3Of2YnkT5nG+jSGG8JCmgf4Bk/LyckUAvo/od
oaXnBBIduAaLkGU84LhNyfcHnTOBcrlu6WOJfRIu+nD3YVs/RdOo9cs/xpWSaMMy
B2+drCloOaol5BdNsznPUdjp0Vad7xz8xjSZ4/pGqdhF5WJSEol6PMTMRXT+Zj8l
Ang8PGAprK551y6dIyn7zt5Ln3OfDIbqn2iHyDs83TnaE22mIqYgMKZooyyqDf6S
oUshcL7VaH0jPL7DHYtSGkRZB3XKZH2bRHed/QB9kf6bQRruOMKTtx9+ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNvHay02sg3jkg/77KJiwpY8Oqu2MB8GA1UdIwQY
MBaAFEzXELZTc+DZENpwY2/BQ8Brpd2sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE5jUXRsTno0TmtRMm5CamI4RkR3R3VsM2F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny82ZjQwZGQtNGMwNy00MDViLWEwNDIt
ZjkyNTBkZDc5ZmU5LzEvVE5jUXRsTno0TmtRMm5CamI4RkR3R3VsM2F3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny82ZjQwZGQtNGMwNy00MDViLWEwNDItZjkyNTBkZDc5ZmU5
LzEvVE5jUXRsTno0TmtRMm5CamI4RkR3R3VsM2F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHjIAtTh3
fEwwbupR6G7Q5X9YgGU75dtxtPtf7mbNGkbiqb5TiPWPK00tdciig4b86ldWVGWZ
LVftjhxpXFdk03TvpILc5XRimf7axu/OnRBsXUMoNRVh6roPT+roRIAwcau2XG3S
/eUhzmRT13M1Aacy22CIv6i+EKsSspdSTVhjf1X3v6tGB7o0Rfu7VlSrQmkW6jLf
074mXgrAx6qVckcfHYfedoPd0CjaxrYxbpkUwntV9KwDTgdUNAHwFudXoIg+FXAc
zpEvnvk0qBWAExxwzcHjAqbWJ4uvpx2d02Da9Tk8y9xH1nEOWi6cLh8AJWG4GuTZ
JblszR/kiVoPeQ==
-----END CERTIFICATE-----