Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
File:                     TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft (raw, json)
Hash identifier:          oOw0o4S6G9ACg98tyyjowsi9n9i+XSMwVO65R4Bc77U=
Subject key identifier:   B3:39:C7:13:45:54:CF:B4:0F:25:86:84:F4:E9:5D:53:D5:E0:18:BE
Authority key identifier: 4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD
Certificate issuer:       /CN=4d4927a141fb25b75824c6beaef0679d34fc49bd
Certificate serial:       0198D54E716E3C1EBB6912AF54B629C542BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
Manifest number:          033E
Signing time:             Sat 23 Aug 2025 05:02:24 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:24 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:24 +0000
Files and hashes:         1: TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl (hash: BKjEhFezcfWc965EESPwAoqiKFx5F5eeUoYOnHg3D7c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:71:6e:3c:1e:bb:69:12:af:54:b6:29:c5:42:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d4927a141fb25b75824c6beaef0679d34fc49bd
        Validity
            Not Before: Aug 23 05:02:24 2025 GMT
            Not After : Aug 24 05:02:24 2025 GMT
        Subject: CN=b339c7134554cfb40f258684f4e95d53d5e018be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c1:b5:0d:72:d2:63:03:74:14:8f:aa:60:6a:
                    19:c2:c1:10:4b:d1:c6:16:d8:ce:3b:44:f5:0e:d0:
                    1c:3f:b2:e1:14:15:13:e5:71:18:0d:eb:5e:37:f8:
                    63:20:d6:d6:56:a9:7c:8d:5b:c2:99:c3:89:4b:16:
                    a0:38:d2:53:9b:df:52:d8:f5:16:17:5f:96:64:e2:
                    3d:29:02:02:f6:ec:16:84:5a:4c:c8:90:6b:b7:6b:
                    14:b6:75:88:07:3a:a9:3d:90:cd:4a:68:2b:c9:bc:
                    1c:fa:9b:36:dd:aa:35:e8:99:a0:74:b1:42:7e:ce:
                    33:50:08:f4:b7:f8:7d:4e:c9:0a:d3:78:74:3f:bb:
                    4c:16:a7:59:db:d7:a4:c6:69:02:72:cd:db:d0:2f:
                    28:9a:41:59:1b:2f:5d:21:41:6b:13:bd:f1:7a:31:
                    ee:2b:c2:15:45:c7:b9:45:66:d7:39:ff:51:5c:87:
                    9f:0d:a7:28:35:fb:53:b2:97:4d:39:f1:5d:d3:e3:
                    f1:a7:0d:b3:06:d0:c3:34:b6:19:99:10:24:d9:74:
                    13:cc:f4:22:f7:3d:aa:cc:fe:5c:88:d7:3b:23:1c:
                    5b:47:7a:69:78:03:c1:93:86:3a:89:4c:9f:88:16:
                    f1:2b:bb:fb:6d:20:13:73:51:42:23:33:20:89:da:
                    cf:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:39:C7:13:45:54:CF:B4:0F:25:86:84:F4:E9:5D:53:D5:E0:18:BE
            X509v3 Authority Key Identifier:
                keyid:4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:b4:4f:91:09:a9:d4:00:cd:05:d7:73:ce:49:46:59:fa:f1:
         ab:61:eb:43:0f:2a:65:74:c0:e6:58:ca:61:c1:71:74:db:42:
         ac:18:3a:29:4f:9f:c3:55:c6:89:05:f2:a6:65:64:72:5b:56:
         f0:17:84:42:ce:f8:32:e5:d6:48:a5:78:27:6e:19:ed:cb:0b:
         c2:b9:6c:cb:49:74:24:36:05:8d:99:2e:d7:bc:8b:5b:38:61:
         40:3a:04:f5:63:af:a9:19:97:5a:2a:3b:5b:a8:f7:3e:bc:77:
         d3:75:bc:88:d1:f4:5c:e6:a2:83:db:08:10:f3:86:11:95:12:
         e7:c0:b6:f4:a9:4d:cd:7f:e3:2a:88:af:6d:44:a8:99:0a:34:
         af:7d:23:41:d4:8c:9e:a2:8e:7f:c7:f8:66:71:0d:79:ea:01:
         2a:1e:17:7f:8d:e8:0f:95:b3:85:45:7e:dc:15:8d:8d:a1:42:
         e4:0a:8b:0b:50:33:7d:58:9a:f3:09:4e:6b:a7:4e:47:bb:7f:
         16:37:56:03:9f:3a:17:07:1f:ac:89:08:5c:66:b0:2a:cb:ca:
         cf:76:b0:63:48:d3:19:a9:53:b8:95:18:f0:07:0b:90:83:d8:
         d9:b4:a9:da:1c:69:63:1c:a6:d1:01:9a:35:42:80:52:34:d8:
         b3:8f:9a:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTnFuPB67aRKvVLYpxUK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNDkyN2ExNDFmYjI1Yjc1ODI0YzZiZWFlZjA2NzlkMzRm
YzQ5YmQwHhcNMjUwODIzMDUwMjI0WhcNMjUwODI0MDUwMjI0WjAzMTEwLwYDVQQD
EyhiMzM5YzcxMzQ1NTRjZmI0MGYyNTg2ODRmNGU5NWQ1M2Q1ZTAxOGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcG1DXLSYwN0FI+qYGoZwsEQS9HG
FtjOO0T1DtAcP7LhFBUT5XEYDeteN/hjINbWVql8jVvCmcOJSxagONJTm99S2PUW
F1+WZOI9KQIC9uwWhFpMyJBrt2sUtnWIBzqpPZDNSmgrybwc+ps23ao16JmgdLFC
fs4zUAj0t/h9TskK03h0P7tMFqdZ29ekxmkCcs3b0C8omkFZGy9dIUFrE73xejHu
K8IVRce5RWbXOf9RXIefDacoNftTspdNOfFd0+Pxpw2zBtDDNLYZmRAk2XQTzPQi
9z2qzP5ciNc7IxxbR3ppeAPBk4Y6iUyfiBbxK7v7bSATc1FCIzMgidrPPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLM5xxNFVM+0DyWGhPTpXVPV4Bi+MB8GA1UdIwQY
MBaAFE1JJ6FB+yW3WCTGvq7wZ500/Em9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUt
NjgwODM3MDlhNGI1LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUtNjgwODM3MDlhNGI1
LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGLRPkQmp
1ADNBddzzklGWfrxq2HrQw8qZXTA5ljKYcFxdNtCrBg6KU+fw1XGiQXypmVkcltW
8BeEQs74MuXWSKV4J24Z7csLwrlsy0l0JDYFjZku17yLWzhhQDoE9WOvqRmXWio7
W6j3Prx303W8iNH0XOaig9sIEPOGEZUS58C29KlNzX/jKoivbUSomQo0r30jQdSM
nqKOf8f4ZnENeeoBKh4Xf43oD5WzhUV+3BWNjaFC5AqLC1AzfVia8wlOa6dOR7t/
FjdWA586FwcfrIkIXGawKsvKz3awY0jTGalTuJUY8AcLkIPY2bSp2hxpYxym0QGa
NUKAUjTYs4+awQ==
-----END CERTIFICATE-----