Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
File:                     TYEGKSpQrK_qaBfLoczmd6J34OE.mft (raw, json)
Hash identifier:          0wlFhYt7IrliSStbr7dDNl+Tdwp+q7TEwnct6XXn/fg=
Subject key identifier:   44:47:E2:32:9D:8B:1D:88:A5:61:80:1F:3C:C2:39:BD:85:9A:F4:B9
Authority key identifier: 4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1
Certificate issuer:       /CN=4d8106292a50acafea6817cba1cce677a277e0e1
Certificate serial:       019A00D9FB85E898C1BFA0AAAEA90FAFFAE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
Manifest number:          0558
Signing time:             Mon 20 Oct 2025 09:01:16 +0000
Manifest this update:     Mon 20 Oct 2025 09:01:16 +0000
Manifest next update:     Tue 21 Oct 2025 09:01:16 +0000
Files and hashes:         1: TYEGKSpQrK_qaBfLoczmd6J34OE.crl (hash: oDWw3fyb8IHDM6l0jE8DSYbIu8nj6H1LABQcbLm2LBw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 09:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:d9:fb:85:e8:98:c1:bf:a0:aa:ae:a9:0f:af:fa:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d8106292a50acafea6817cba1cce677a277e0e1
        Validity
            Not Before: Oct 20 09:01:16 2025 GMT
            Not After : Oct 21 09:01:16 2025 GMT
        Subject: CN=4447e2329d8b1d88a561801f3cc239bd859af4b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:02:cb:51:1a:3c:d0:38:bf:9d:9e:a5:20:72:
                    bf:f1:27:5c:9b:d8:b7:ee:3b:d9:23:d7:04:64:72:
                    99:2a:2e:41:3f:0e:ef:f8:45:b0:53:69:28:ad:a2:
                    38:43:0a:50:de:17:29:33:89:40:a7:b4:46:17:d4:
                    e0:82:1e:43:68:4c:3f:0e:77:bd:b6:8a:24:93:bd:
                    d2:60:b0:65:dd:b3:51:22:ef:ba:97:10:22:3e:d0:
                    a1:0a:59:8c:01:b5:8a:54:0b:41:d0:64:c5:aa:bc:
                    25:b2:45:06:65:45:f2:7f:d0:05:e4:5a:f2:67:09:
                    d2:58:39:86:c7:53:1a:86:72:6a:57:9b:36:fc:b8:
                    2a:a8:ab:30:85:be:f3:c5:c8:03:6d:d7:3c:8e:2e:
                    b9:75:cf:a6:b0:05:42:7f:0b:7e:b8:18:7b:db:67:
                    63:0d:26:cf:04:67:8d:22:bd:b3:e9:56:aa:24:44:
                    e2:16:be:0a:64:a4:43:26:22:5e:04:6b:09:09:46:
                    de:f0:79:d4:6b:15:8f:38:90:5c:2b:ed:30:a4:af:
                    3f:30:a3:56:a4:4f:0c:3e:af:5b:0a:30:1c:44:eb:
                    c8:e1:46:4e:2f:f3:01:6b:ea:ed:d4:2f:bb:48:02:
                    39:d7:ee:ec:cf:2e:8b:c6:90:61:db:cd:a5:2f:f4:
                    2f:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:47:E2:32:9D:8B:1D:88:A5:61:80:1F:3C:C2:39:BD:85:9A:F4:B9
            X509v3 Authority Key Identifier:
                keyid:4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:b4:3c:2c:e8:c0:73:76:88:3b:92:66:86:0d:b3:e4:8b:af:
         7e:8a:d6:54:3b:06:53:b4:44:c7:2e:15:78:52:be:82:67:53:
         54:7e:a0:a0:48:13:31:98:b3:1b:c7:9a:4b:18:80:6e:52:b9:
         db:02:cf:5e:d1:53:3a:91:d2:e1:73:ef:5e:77:c9:0f:6c:77:
         d7:5f:bc:b3:66:73:7b:11:d8:52:ca:04:ec:08:35:c8:99:7a:
         91:a6:49:65:85:fc:0f:8c:9f:dc:27:32:ef:ad:58:54:ab:aa:
         49:c9:09:88:3e:41:14:62:7f:27:b7:71:d1:cc:a9:be:10:86:
         b1:5b:ae:f0:12:27:f3:8e:a4:46:1b:ee:38:45:c6:eb:64:6e:
         71:55:41:e2:78:fa:35:ff:62:3f:58:fe:a5:81:ce:bb:aa:43:
         f1:7e:ca:8a:8b:eb:25:93:7c:c6:d8:6a:73:20:63:5d:d6:5f:
         15:6a:bc:58:da:12:83:3b:3f:b6:50:cb:fe:41:20:6b:91:bc:
         43:ee:c3:69:a8:9c:2e:32:d6:b6:8c:26:36:53:31:5c:2d:b2:
         41:12:d5:f4:59:99:b0:18:2a:cb:39:cb:a0:a9:81:01:30:6d:
         0f:d8:3b:0e:7c:4c:cd:4a:37:11:f2:5b:4c:1b:8c:a9:8a:3d:
         ba:1c:6b:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoA2fuF6JjBv6CqrqkPr/rgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkODEwNjI5MmE1MGFjYWZlYTY4MTdjYmExY2NlNjc3YTI3
N2UwZTEwHhcNMjUxMDIwMDkwMTE2WhcNMjUxMDIxMDkwMTE2WjAzMTEwLwYDVQQD
Eyg0NDQ3ZTIzMjlkOGIxZDg4YTU2MTgwMWYzY2MyMzliZDg1OWFmNGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQLLURo80Di/nZ6lIHK/8Sdcm9i3
7jvZI9cEZHKZKi5BPw7v+EWwU2koraI4QwpQ3hcpM4lAp7RGF9Tggh5DaEw/Dne9
tookk73SYLBl3bNRIu+6lxAiPtChClmMAbWKVAtB0GTFqrwlskUGZUXyf9AF5Fry
ZwnSWDmGx1MahnJqV5s2/LgqqKswhb7zxcgDbdc8ji65dc+msAVCfwt+uBh722dj
DSbPBGeNIr2z6VaqJETiFr4KZKRDJiJeBGsJCUbe8HnUaxWPOJBcK+0wpK8/MKNW
pE8MPq9bCjAcROvI4UZOL/MBa+rt1C+7SAI51+7szy6LxpBh282lL/QvAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFERH4jKdix2IpWGAHzzCOb2FmvS5MB8GA1UdIwQY
MBaAFE2BBikqUKyv6mgXy6HM5neid+DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDct
M2E1YjM2OTY4MTdkLzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDctM2E1YjM2OTY4MTdk
LzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVbQ8LOjA
c3aIO5Jmhg2z5IuvforWVDsGU7RExy4VeFK+gmdTVH6goEgTMZizG8eaSxiAblK5
2wLPXtFTOpHS4XPvXnfJD2x311+8s2ZzexHYUsoE7Ag1yJl6kaZJZYX8D4yf3Ccy
761YVKuqSckJiD5BFGJ/J7dx0cypvhCGsVuu8BIn846kRhvuOEXG62RucVVB4nj6
Nf9iP1j+pYHOu6pD8X7KiovrJZN8xthqcyBjXdZfFWq8WNoSgzs/tlDL/kEga5G8
Q+7DaaicLjLWtowmNlMxXC2yQRLV9FmZsBgqyznLoKmBATBtD9g7DnxMzUo3EfJb
TBuMqYo9uhxrLw==
-----END CERTIFICATE-----