Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
File:                     tNkMTfZ2phH1alrtWAmwV-msV5E.mft (raw, json)
Hash identifier:          hJNYM4iG6o7SUMr8jO06uLoFH74w1mG33j8lH16Nkjg=
Subject key identifier:   B9:79:3B:4B:A0:26:C8:EE:E3:72:CC:8A:0A:11:6B:36:BA:3F:03:EE
Authority key identifier: B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91
Certificate issuer:       /CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
Certificate serial:       0198D6CD9CF5D0A9B8A73F880BD10D8CC275
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
Manifest number:          08D1
Signing time:             Sat 23 Aug 2025 12:00:55 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:55 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:55 +0000
Files and hashes:         1: tNkMTfZ2phH1alrtWAmwV-msV5E.crl (hash: hn2Uo+wqP906kuoxxeW9tVQl2skSfJSO3tydJ9u5nmI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:9c:f5:d0:a9:b8:a7:3f:88:0b:d1:0d:8c:c2:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
        Validity
            Not Before: Aug 23 12:00:55 2025 GMT
            Not After : Aug 24 12:00:55 2025 GMT
        Subject: CN=b9793b4ba026c8eee372cc8a0a116b36ba3f03ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:4c:c9:40:6f:6f:6f:70:70:5a:b3:21:87:1c:
                    e0:9b:5a:66:9d:76:46:0a:ff:5e:2c:ef:69:68:6b:
                    4a:f1:54:69:31:4f:29:42:49:80:82:e6:61:e9:1c:
                    35:2a:64:1d:24:df:3f:b8:3e:19:2e:5a:f8:19:bd:
                    b6:f5:f9:90:9b:a4:2e:15:66:8b:a0:83:bc:01:60:
                    92:b8:b1:79:30:2e:cd:3b:1a:c8:d2:3c:d8:13:b5:
                    74:2b:e8:a7:29:48:33:0b:b3:ed:a3:c8:89:0f:a9:
                    2c:3d:ab:2a:cd:5f:f8:5f:11:61:19:af:9d:22:aa:
                    bf:55:c6:98:70:cd:bb:f8:2d:ef:55:a3:1e:7b:17:
                    b3:04:2e:7a:55:f4:9e:0d:e0:b9:16:44:53:ac:4e:
                    fd:4c:f1:8d:f7:ae:a2:ab:70:8f:3a:3d:4d:d3:13:
                    bb:38:3e:ab:2e:b3:bd:91:53:ca:e3:db:44:6e:b9:
                    c5:53:3f:8f:81:bb:8a:53:ae:28:4b:ea:a7:e9:71:
                    42:ab:cb:eb:fc:2a:80:9c:fd:6d:31:94:f6:fd:5f:
                    a0:70:c6:7d:7f:6d:70:a4:82:41:d9:1a:07:4b:e7:
                    29:58:97:48:3a:13:13:6f:bd:68:96:f4:53:a4:c4:
                    db:cc:f5:8a:ca:82:7e:9b:86:0f:6d:d7:cc:ef:90:
                    66:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:79:3B:4B:A0:26:C8:EE:E3:72:CC:8A:0A:11:6B:36:BA:3F:03:EE
            X509v3 Authority Key Identifier:
                keyid:B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:ea:72:58:87:d4:60:6b:bf:6d:b5:ec:35:cb:1c:86:5a:81:
         7e:33:a6:9b:a6:bd:69:aa:5e:c2:38:f7:dc:18:bf:12:02:96:
         8c:48:64:7b:cf:9a:51:66:8d:d4:ff:a8:ce:05:4f:02:05:b4:
         23:d3:41:0b:96:19:2b:7b:f9:1e:8d:43:78:93:2f:a9:25:85:
         f7:91:0e:54:d0:a2:9c:6d:4a:f2:ec:d1:53:01:81:1e:c2:6e:
         4f:41:fa:79:62:0a:16:fb:57:64:c4:cf:aa:3b:1b:dc:7e:f1:
         51:24:c0:c3:ee:9e:85:40:7f:80:21:f2:13:28:c0:12:96:ae:
         e6:96:d5:f7:cd:88:8d:d0:72:f3:ad:77:ce:e7:9b:2b:2a:46:
         3c:0d:a7:56:3f:0b:3e:93:a9:b9:cf:bf:c7:ce:9f:a8:27:d4:
         39:7e:61:63:81:5e:cb:b9:c6:03:b7:82:43:1d:e7:ba:0c:0a:
         9a:c9:f5:fd:16:f2:3f:23:33:57:fc:e1:cd:0f:0c:10:63:19:
         e0:f9:5c:0f:3e:6b:af:2e:36:e0:72:29:27:b3:56:d1:cd:30:
         3c:c8:64:a6:41:bd:4f:8e:8c:d2:8f:1d:c7:88:2d:25:c9:a3:
         fa:a9:8d:a9:94:f3:4e:80:8f:eb:a4:b2:d0:5b:03:18:ec:2b:
         ff:4b:03:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzZz10Km4pz+IC9ENjMJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZDkwYzRkZjY3NmE2MTFmNTZhNWFlZDU4MDliMDU3ZTlh
YzU3OTEwHhcNMjUwODIzMTIwMDU1WhcNMjUwODI0MTIwMDU1WjAzMTEwLwYDVQQD
EyhiOTc5M2I0YmEwMjZjOGVlZTM3MmNjOGEwYTExNmIzNmJhM2YwM2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kzJQG9vb3BwWrMhhxzgm1pmnXZG
Cv9eLO9paGtK8VRpMU8pQkmAguZh6Rw1KmQdJN8/uD4ZLlr4Gb229fmQm6QuFWaL
oIO8AWCSuLF5MC7NOxrI0jzYE7V0K+inKUgzC7Pto8iJD6ksPasqzV/4XxFhGa+d
Iqq/VcaYcM27+C3vVaMeexezBC56VfSeDeC5FkRTrE79TPGN966iq3CPOj1N0xO7
OD6rLrO9kVPK49tEbrnFUz+PgbuKU64oS+qn6XFCq8vr/CqAnP1tMZT2/V+gcMZ9
f21wpIJB2RoHS+cpWJdIOhMTb71olvRTpMTbzPWKyoJ+m4YPbdfM75BmWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLl5O0ugJsju43LMigoRaza6PwPuMB8GA1UdIwQY
MBaAFLTZDE32dqYR9Wpa7VgJsFfprFeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTIt
NDM1ZTU3ZmNjZGM5LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTItNDM1ZTU3ZmNjZGM5
LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMupyWIfU
YGu/bbXsNcschlqBfjOmm6a9aapewjj33Bi/EgKWjEhke8+aUWaN1P+ozgVPAgW0
I9NBC5YZK3v5Ho1DeJMvqSWF95EOVNCinG1K8uzRUwGBHsJuT0H6eWIKFvtXZMTP
qjsb3H7xUSTAw+6ehUB/gCHyEyjAEpau5pbV982IjdBy8613zuebKypGPA2nVj8L
PpOpuc+/x86fqCfUOX5hY4Fey7nGA7eCQx3nugwKmsn1/RbyPyMzV/zhzQ8MEGMZ
4PlcDz5rry424HIpJ7NW0c0wPMhkpkG9T46M0o8dx4gtJcmj+qmNqZTzToCP66Sy
0FsDGOwr/0sDkA==
-----END CERTIFICATE-----