Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
File:                     tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft (raw, json)
Hash identifier:          pjDLRAaetEN3zXMwS4MIH9Ery488e5qqdS9bYKZow8o=
Subject key identifier:   5D:BA:DA:EB:15:AB:D9:B5:66:E6:83:43:79:57:CC:E2:88:14:CF:C1
Authority key identifier: B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA
Certificate issuer:       /CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa
Certificate serial:       0198D65FFE661A55C6CEC31D36ECD3EBCFC0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 10:01:11 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:11 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:11 +0000
Files and hashes:         1: tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl (hash: Ovdn5qByPfaYsUwat2oTmcXnMtOr4u/z/FBQs4vb2/U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:fe:66:1a:55:c6:ce:c3:1d:36:ec:d3:eb:cf:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa
        Validity
            Not Before: Aug 23 10:01:11 2025 GMT
            Not After : Aug 24 10:01:11 2025 GMT
        Subject: CN=5dbadaeb15abd9b566e683437957cce28814cfc1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:5e:e6:c0:52:38:9e:82:10:2e:f6:b5:45:06:
                    bd:25:c3:c5:4f:7c:e6:5d:7c:37:5e:e5:c2:02:7f:
                    22:f9:95:5c:32:48:83:5b:21:a2:d7:14:55:59:92:
                    5c:73:04:f6:cf:f1:59:89:d7:ed:5c:7f:f0:85:5f:
                    b0:57:46:2e:09:aa:1e:f5:de:eb:36:bd:21:08:7c:
                    ab:f7:0f:d0:cc:16:52:71:4b:20:01:a6:b6:a5:8b:
                    2e:2e:80:2c:4c:86:2d:0d:c8:23:79:71:ac:8a:08:
                    48:f1:4c:9d:e7:73:8e:09:d4:4e:d4:cd:86:a8:95:
                    74:57:75:53:0f:98:f6:5d:7a:13:38:1d:53:a2:06:
                    bb:bd:41:df:3c:3d:c2:64:7c:b8:fe:d5:d2:79:49:
                    a5:00:c0:40:51:ad:0d:34:9c:9d:00:1a:16:77:09:
                    51:93:09:93:8a:a9:b0:86:fb:62:51:6f:8c:73:ac:
                    01:dc:e9:21:f2:13:67:d3:dc:94:72:1e:3c:5c:df:
                    61:f4:67:55:37:8e:12:42:61:7b:54:85:27:4e:e6:
                    17:87:d1:30:48:7c:df:2f:be:86:00:14:0a:59:ec:
                    c0:f4:f6:c5:46:ec:a4:86:7b:11:ac:e2:80:7a:c1:
                    5a:04:72:e9:75:b8:7b:bb:b0:f2:94:5a:64:db:cf:
                    c0:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:BA:DA:EB:15:AB:D9:B5:66:E6:83:43:79:57:CC:E2:88:14:CF:C1
            X509v3 Authority Key Identifier:
                keyid:B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:0c:02:d0:e1:f5:a5:96:e1:48:09:39:b0:f9:cd:43:c0:a6:
         c6:53:c9:5d:7e:a2:17:cd:25:0c:bf:71:8e:33:8b:10:78:45:
         63:14:33:85:2b:71:3b:c8:3f:4a:19:ee:e7:87:1c:54:16:0b:
         5c:d6:9e:25:0c:91:c6:09:7d:07:b5:41:57:95:b0:78:9b:ef:
         0e:88:06:c3:1d:3b:b4:49:d2:a9:6f:c1:51:c7:a7:c3:96:4a:
         6b:f1:df:67:e9:cb:a4:2d:cd:5b:42:56:56:52:79:72:b2:44:
         57:4e:34:21:56:be:ac:a0:a8:9d:10:e9:df:11:bb:25:e0:a6:
         e8:bc:67:e9:ce:c8:66:42:24:c1:bd:8d:c4:8a:cd:2b:e0:c3:
         d8:b8:1d:d0:d8:22:c9:8d:aa:06:af:f9:9f:ce:4a:c3:03:8a:
         35:46:4d:fe:69:72:96:b8:cd:50:31:0f:bd:c5:2d:80:c9:14:
         45:68:db:11:47:16:ae:32:40:9d:4c:ea:00:f8:bc:59:53:79:
         bc:11:34:c2:f5:8d:08:b3:8f:96:5c:50:e9:49:10:e1:9f:40:
         ed:64:75:5f:81:d5:f0:c2:43:bd:6b:a2:30:67:5e:d7:a8:84:
         eb:f1:e2:65:c9:6f:22:a5:75:dd:36:0c:ab:64:ee:b8:18:30:
         db:63:8b:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX/5mGlXGzsMdNuzT68/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3M2Q4OGQ3NDY4YWY2MDFhZjE0YzVlMWVkOTAzYzRmMzZj
YWY1ZmEwHhcNMjUwODIzMTAwMTExWhcNMjUwODI0MTAwMTExWjAzMTEwLwYDVQQD
Eyg1ZGJhZGFlYjE1YWJkOWI1NjZlNjgzNDM3OTU3Y2NlMjg4MTRjZmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnF7mwFI4noIQLva1RQa9JcPFT3zm
XXw3XuXCAn8i+ZVcMkiDWyGi1xRVWZJccwT2z/FZidftXH/whV+wV0YuCaoe9d7r
Nr0hCHyr9w/QzBZScUsgAaa2pYsuLoAsTIYtDcgjeXGsighI8Uyd53OOCdRO1M2G
qJV0V3VTD5j2XXoTOB1Toga7vUHfPD3CZHy4/tXSeUmlAMBAUa0NNJydABoWdwlR
kwmTiqmwhvtiUW+Mc6wB3Okh8hNn09yUch48XN9h9GdVN44SQmF7VIUnTuYXh9Ew
SHzfL76GABQKWezA9PbFRuykhnsRrOKAesFaBHLpdbh7u7DylFpk28/AGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF262usVq9m1ZuaDQ3lXzOKIFM/BMB8GA1UdIwQY
MBaAFLc9iNdGivYBrxTF4e2QPE82yvX6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAt
MGYyYjU0MGVjYTA4LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAtMGYyYjU0MGVjYTA4
LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsAwC0OH1
pZbhSAk5sPnNQ8CmxlPJXX6iF80lDL9xjjOLEHhFYxQzhStxO8g/Shnu54ccVBYL
XNaeJQyRxgl9B7VBV5WweJvvDogGwx07tEnSqW/BUcenw5ZKa/HfZ+nLpC3NW0JW
VlJ5crJEV040IVa+rKConRDp3xG7JeCm6Lxn6c7IZkIkwb2NxIrNK+DD2Lgd0Ngi
yY2qBq/5n85KwwOKNUZN/mlylrjNUDEPvcUtgMkURWjbEUcWrjJAnUzqAPi8WVN5
vBE0wvWNCLOPllxQ6UkQ4Z9A7WR1X4HV8MJDvWuiMGde16iE6/HiZclvIqV13TYM
q2TuuBgw22OLmQ==
-----END CERTIFICATE-----