Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
File:                     TYEGKSpQrK_qaBfLoczmd6J34OE.mft (raw, json)
Hash identifier:          tZNtjNQXG8QqADVt4j/KWXcEhnmk1NZAteHjs57hHT4=
Subject key identifier:   5A:B3:CC:9B:AB:52:94:F1:50:3A:C5:6A:82:4D:FE:14:78:5C:0E:A2
Authority key identifier: 4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1
Certificate issuer:       /CN=4d8106292a50acafea6817cba1cce677a277e0e1
Certificate serial:       0197B7B3633627ED6F312DDB41501A8C3739
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
Manifest number:          0429
Signing time:             Sat 28 Jun 2025 18:01:16 +0000
Manifest this update:     Sat 28 Jun 2025 18:01:16 +0000
Manifest next update:     Sun 29 Jun 2025 18:01:16 +0000
Files and hashes:         1: TYEGKSpQrK_qaBfLoczmd6J34OE.crl (hash: RQfQGAlDxypFKHY+JTjXz9HNVMdi7PJuhKvYUrxq8I0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b3:63:36:27:ed:6f:31:2d:db:41:50:1a:8c:37:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d8106292a50acafea6817cba1cce677a277e0e1
        Validity
            Not Before: Jun 28 18:01:16 2025 GMT
            Not After : Jun 29 18:01:16 2025 GMT
        Subject: CN=5ab3cc9bab5294f1503ac56a824dfe14785c0ea2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:0c:44:9c:68:4d:08:fc:29:39:01:ae:d7:03:
                    7d:25:77:16:7b:c5:97:24:ba:49:4c:90:33:2c:f9:
                    c6:e8:f8:66:c6:6a:f5:00:30:43:91:e1:0b:37:3b:
                    5c:32:f9:f7:0e:4e:f2:0c:d7:ca:2a:dd:3d:f9:8f:
                    04:37:9b:4d:14:a4:6b:eb:b8:8f:bc:7a:e7:9c:ce:
                    7a:bc:7c:24:8b:6b:79:94:68:f7:ac:2e:c2:df:89:
                    eb:37:b9:c6:a1:be:6f:19:a8:41:b3:84:7e:6c:37:
                    d5:d0:a6:02:02:c6:9c:8a:bd:7e:61:30:76:c5:3a:
                    e9:fa:73:5c:b0:b2:c0:85:76:89:e6:ef:89:46:4b:
                    5e:82:82:60:31:e5:d5:0c:79:ed:80:07:21:0f:e1:
                    0f:35:a0:49:3e:1f:d8:00:2a:a8:95:90:49:06:f7:
                    31:03:69:f0:d7:c3:2f:8d:40:b6:4e:0f:8d:ae:74:
                    f7:97:0b:e8:10:da:13:1f:21:d8:c0:8c:a1:51:36:
                    1e:3b:0e:4f:d6:15:53:eb:1c:88:a0:c0:50:c2:44:
                    23:61:e1:dc:44:d9:27:53:55:67:f8:d1:2a:1e:e0:
                    d3:de:9f:76:fd:48:c2:7b:52:2a:3f:20:5f:9d:5d:
                    47:c2:3e:bc:3f:0a:14:ee:a3:51:56:c5:cf:b3:87:
                    a5:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:B3:CC:9B:AB:52:94:F1:50:3A:C5:6A:82:4D:FE:14:78:5C:0E:A2
            X509v3 Authority Key Identifier:
                keyid:4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:b1:a9:18:6e:55:52:54:8e:9a:b6:e0:0a:c7:25:12:cf:63:
         75:05:ff:1a:2d:5e:43:39:ef:97:88:02:9a:cc:c8:6f:16:63:
         14:37:fb:dc:c3:95:5a:fb:73:a8:0e:c8:65:45:7b:18:d6:6f:
         c8:20:54:a4:a1:79:46:50:7a:27:1c:32:02:b3:39:8a:ce:4f:
         21:b4:8e:6d:2d:b5:93:cd:b1:91:19:ad:2d:f0:dd:e0:9f:45:
         09:35:a1:c2:e3:97:d6:50:19:e9:26:d2:07:63:47:20:fb:d9:
         b3:63:26:65:7b:50:4e:88:24:c4:ae:2a:7b:a7:0c:0c:29:cc:
         00:05:2e:15:61:94:11:6b:fb:3c:a1:66:26:65:6e:f8:0a:04:
         8f:2f:ed:0d:cf:32:4a:b6:f6:bb:f9:3e:9a:8a:ee:79:0b:6f:
         8b:eb:9e:45:c9:d0:00:c2:94:d3:d7:13:96:6d:82:78:d3:7c:
         cd:3e:3b:f7:15:d8:cc:89:a2:3a:46:93:71:11:20:cc:a2:e5:
         30:ee:c3:ab:41:5b:63:5e:59:8d:42:49:04:7a:29:db:d6:d6:
         71:d9:56:9c:4f:0b:2e:8f:ce:a2:c8:20:f4:e2:1c:02:56:01:
         4e:12:6a:11:14:fa:84:e5:7f:e4:27:75:0d:7a:45:a6:12:cd:
         b7:c1:e2:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3s2M2J+1vMS3bQVAajDc5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkODEwNjI5MmE1MGFjYWZlYTY4MTdjYmExY2NlNjc3YTI3
N2UwZTEwHhcNMjUwNjI4MTgwMTE2WhcNMjUwNjI5MTgwMTE2WjAzMTEwLwYDVQQD
Eyg1YWIzY2M5YmFiNTI5NGYxNTAzYWM1NmE4MjRkZmUxNDc4NWMwZWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQxEnGhNCPwpOQGu1wN9JXcWe8WX
JLpJTJAzLPnG6Phmxmr1ADBDkeELNztcMvn3Dk7yDNfKKt09+Y8EN5tNFKRr67iP
vHrnnM56vHwki2t5lGj3rC7C34nrN7nGob5vGahBs4R+bDfV0KYCAsacir1+YTB2
xTrp+nNcsLLAhXaJ5u+JRktegoJgMeXVDHntgAchD+EPNaBJPh/YACqolZBJBvcx
A2nw18MvjUC2Tg+NrnT3lwvoENoTHyHYwIyhUTYeOw5P1hVT6xyIoMBQwkQjYeHc
RNknU1Vn+NEqHuDT3p92/UjCe1IqPyBfnV1Hwj68PwoU7qNRVsXPs4elBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFqzzJurUpTxUDrFaoJN/hR4XA6iMB8GA1UdIwQY
MBaAFE2BBikqUKyv6mgXy6HM5neid+DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDct
M2E1YjM2OTY4MTdkLzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDctM2E1YjM2OTY4MTdk
LzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbrGpGG5V
UlSOmrbgCsclEs9jdQX/Gi1eQznvl4gCmszIbxZjFDf73MOVWvtzqA7IZUV7GNZv
yCBUpKF5RlB6JxwyArM5is5PIbSObS21k82xkRmtLfDd4J9FCTWhwuOX1lAZ6SbS
B2NHIPvZs2MmZXtQTogkxK4qe6cMDCnMAAUuFWGUEWv7PKFmJmVu+AoEjy/tDc8y
Srb2u/k+morueQtvi+ueRcnQAMKU09cTlm2CeNN8zT479xXYzImiOkaTcREgzKLl
MO7Dq0FbY15ZjUJJBHop29bWcdlWnE8LLo/Oosgg9OIcAlYBThJqERT6hOV/5Cd1
DXpFphLNt8HiQQ==
-----END CERTIFICATE-----