Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
File:                     tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft (raw, json)
Hash identifier:          VObbL8qpa2SJ70If+p008DXCquO9keMJy8mPwbVzhGQ=
Subject key identifier:   69:19:CE:36:67:8C:F6:6E:73:B2:9E:FA:D6:92:D2:0C:67:42:EF:D9
Authority key identifier: B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA
Certificate issuer:       /CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa
Certificate serial:       0197BA7E290B107EA211E53403BC7D702E01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
Manifest number:          15B3
Signing time:             Sun 29 Jun 2025 07:01:59 +0000
Manifest this update:     Sun 29 Jun 2025 07:01:59 +0000
Manifest next update:     Mon 30 Jun 2025 07:01:59 +0000
Files and hashes:         1: tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl (hash: nAkjll2fZMRxzDB1qy9uuBtSLEejbUWwtDLi65/woNI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:7e:29:0b:10:7e:a2:11:e5:34:03:bc:7d:70:2e:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa
        Validity
            Not Before: Jun 29 07:01:59 2025 GMT
            Not After : Jun 30 07:01:59 2025 GMT
        Subject: CN=6919ce36678cf66e73b29efad692d20c6742efd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:23:73:de:06:db:af:36:03:7d:72:0a:ff:36:
                    b4:40:1f:b0:b7:1e:7d:3a:35:4d:5e:93:90:30:56:
                    60:95:d2:17:5d:59:39:01:33:9b:dd:a3:7a:d8:74:
                    e5:c1:8c:18:ea:e8:75:3e:af:eb:42:fe:c5:37:41:
                    8f:95:cb:4c:c5:af:20:a9:dc:2b:0d:84:4e:8b:8c:
                    e4:c3:b1:df:99:7a:2b:5c:c5:8f:0c:d5:1c:09:dd:
                    ef:0b:6d:87:35:63:dd:30:f1:ba:b3:2b:2a:81:a3:
                    0a:da:b2:57:ba:d8:7b:7d:8b:4b:57:2a:9d:69:ac:
                    7b:6e:ca:ed:bf:0b:05:2a:24:50:5d:37:79:75:70:
                    77:0f:49:f1:56:a1:64:4d:7c:4b:a4:16:77:ab:ec:
                    e4:3b:3e:f8:50:1c:74:a4:11:76:0e:0d:1a:5d:b4:
                    e7:39:4c:83:96:a7:f6:b9:33:97:5f:31:6c:9e:67:
                    16:9b:e6:25:79:f4:21:74:17:63:ca:45:e5:8e:ff:
                    a8:ea:e7:1d:4b:d1:1f:cb:59:ea:3a:cf:7c:fa:f1:
                    47:02:f2:03:2b:ee:8c:86:f2:ec:bb:bf:8a:01:7a:
                    a9:48:2a:fe:71:16:13:2d:fc:78:c9:d8:33:5c:f8:
                    d0:59:6a:65:11:c6:8e:43:63:23:56:6c:05:e6:4d:
                    9d:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:19:CE:36:67:8C:F6:6E:73:B2:9E:FA:D6:92:D2:0C:67:42:EF:D9
            X509v3 Authority Key Identifier:
                keyid:B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:de:7b:5b:58:24:12:6a:56:a6:fa:44:1c:38:fc:11:19:31:
         a9:9e:59:3a:43:37:c7:99:f3:66:49:55:47:ff:60:c5:87:85:
         5f:75:7f:ef:d1:3e:9a:7f:94:aa:d4:55:e6:06:83:fa:57:2a:
         1a:53:c5:fd:54:d8:ea:cf:b7:07:cb:29:0c:12:ef:01:28:d0:
         2f:56:2a:18:b1:87:6c:0e:d2:d9:fc:e7:bd:ec:40:f0:44:e3:
         2b:a8:91:ad:ae:77:9b:f3:f0:79:c1:51:1b:4d:8c:9d:d4:9f:
         53:af:48:6f:5e:20:ad:1f:d2:d1:58:0d:db:5f:6f:4f:48:df:
         53:74:90:ab:88:33:7b:26:39:02:75:3a:f4:d9:c1:1a:1e:4a:
         f5:b9:26:4e:31:4e:3f:07:ec:5e:aa:aa:0d:b0:fa:e0:d9:45:
         2d:7e:59:5c:48:c7:46:c4:0d:f3:02:4c:95:37:67:08:f8:8b:
         c8:fe:8d:80:06:a2:22:49:b4:d8:fb:de:66:08:a8:85:d0:67:
         97:f9:77:64:40:e2:16:ee:f7:6f:eb:2f:a8:24:90:0b:f3:01:
         79:96:36:f0:f6:54:a2:e9:d6:f6:ac:06:18:f2:ce:3a:05:ff:
         9e:82:c0:f4:67:42:7b:00:4b:b8:79:04:25:69:bf:ec:ef:7c:
         c9:df:88:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6fikLEH6iEeU0A7x9cC4BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3M2Q4OGQ3NDY4YWY2MDFhZjE0YzVlMWVkOTAzYzRmMzZj
YWY1ZmEwHhcNMjUwNjI5MDcwMTU5WhcNMjUwNjMwMDcwMTU5WjAzMTEwLwYDVQQD
Eyg2OTE5Y2UzNjY3OGNmNjZlNzNiMjllZmFkNjkyZDIwYzY3NDJlZmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiNz3gbbrzYDfXIK/za0QB+wtx59
OjVNXpOQMFZgldIXXVk5ATOb3aN62HTlwYwY6uh1Pq/rQv7FN0GPlctMxa8gqdwr
DYROi4zkw7HfmXorXMWPDNUcCd3vC22HNWPdMPG6sysqgaMK2rJXuth7fYtLVyqd
aax7bsrtvwsFKiRQXTd5dXB3D0nxVqFkTXxLpBZ3q+zkOz74UBx0pBF2Dg0aXbTn
OUyDlqf2uTOXXzFsnmcWm+YlefQhdBdjykXljv+o6ucdS9Efy1nqOs98+vFHAvID
K+6MhvLsu7+KAXqpSCr+cRYTLfx4ydgzXPjQWWplEcaOQ2MjVmwF5k2dgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGkZzjZnjPZuc7Ke+taS0gxnQu/ZMB8GA1UdIwQY
MBaAFLc9iNdGivYBrxTF4e2QPE82yvX6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAt
MGYyYjU0MGVjYTA4LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAtMGYyYjU0MGVjYTA4
LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGt57W1gk
EmpWpvpEHDj8ERkxqZ5ZOkM3x5nzZklVR/9gxYeFX3V/79E+mn+UqtRV5gaD+lcq
GlPF/VTY6s+3B8spDBLvASjQL1YqGLGHbA7S2fznvexA8ETjK6iRra53m/PwecFR
G02MndSfU69Ib14grR/S0VgN219vT0jfU3SQq4gzeyY5AnU69NnBGh5K9bkmTjFO
PwfsXqqqDbD64NlFLX5ZXEjHRsQN8wJMlTdnCPiLyP6NgAaiIkm02PveZgiohdBn
l/l3ZEDiFu73b+svqCSQC/MBeZY28PZUounW9qwGGPLOOgX/noLA9GdCewBLuHkE
JWm/7O98yd+IDg==
-----END CERTIFICATE-----