Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
File:                     tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft (raw, json)
Hash identifier:          RP3Mtof0MX/etMQsa90lnet4aKO9iZY36ITIs6WUXKU=
Subject key identifier:   E0:BE:45:B5:F7:AF:FD:90:39:D7:47:86:23:7D:C1:CE:44:18:C5:44
Authority key identifier: B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB
Certificate issuer:       /CN=b539831835c87c7501f6c37cb48e60a795a394bb
Certificate serial:       0198D4727A9EA236DF9C1F9B45C8F74F4B87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
Manifest number:          1648
Signing time:             Sat 23 Aug 2025 01:02:08 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:08 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:08 +0000
Files and hashes:         1: tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl (hash: DvxPTjf9orp4yl/IR1I+qPtcpvV6kVj9luZGnI5UUXA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:7a:9e:a2:36:df:9c:1f:9b:45:c8:f7:4f:4b:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b539831835c87c7501f6c37cb48e60a795a394bb
        Validity
            Not Before: Aug 23 01:02:08 2025 GMT
            Not After : Aug 24 01:02:08 2025 GMT
        Subject: CN=e0be45b5f7affd9039d74786237dc1ce4418c544
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:b1:58:29:31:7f:6b:ba:56:f7:fb:2b:d6:32:
                    12:34:fd:81:47:f1:22:bd:6d:43:5b:0d:04:96:65:
                    c7:a4:2d:0f:5d:30:3f:51:2d:e0:4d:8c:c6:74:5a:
                    8d:77:0c:15:bf:81:ea:df:53:43:22:33:f2:e2:ef:
                    6e:e8:33:cb:62:88:0e:80:5a:84:5a:de:cf:57:d3:
                    14:45:7f:91:32:a3:cd:29:9b:6b:f7:64:cb:72:53:
                    9a:94:3e:7c:59:19:b3:f6:6a:38:48:77:11:73:80:
                    0e:0b:da:46:1a:f3:00:26:92:c3:15:e2:c7:c1:1d:
                    37:2d:af:af:2a:c6:8a:27:46:63:ef:38:4b:7f:0d:
                    3b:ee:8e:b6:eb:35:6a:cb:46:48:3c:94:78:27:33:
                    2f:ba:74:c0:6c:6c:5f:2c:39:21:c9:1e:68:86:dc:
                    51:8e:4f:09:49:cd:02:2b:49:44:11:1d:8b:66:76:
                    52:d5:fb:e9:66:33:2d:75:d6:f8:57:16:9a:0a:d8:
                    37:50:8c:da:76:74:78:55:12:b3:82:e1:70:a9:72:
                    0a:8f:c2:54:bc:8e:4d:c0:3b:01:ac:d0:cb:17:c3:
                    57:4c:32:00:15:a3:b3:52:e7:fd:e9:0f:9d:95:5c:
                    1a:8a:13:aa:d5:e3:0b:c7:77:45:db:1e:a9:6b:a5:
                    66:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:BE:45:B5:F7:AF:FD:90:39:D7:47:86:23:7D:C1:CE:44:18:C5:44
            X509v3 Authority Key Identifier:
                keyid:B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:b9:5f:91:5f:49:e5:5e:aa:3c:36:88:85:48:32:57:38:be:
         bd:a7:20:c0:2c:6a:80:d2:71:00:58:be:c6:64:45:7b:a9:1e:
         2e:9e:e8:7a:2f:cc:2b:c3:c6:9d:e1:3a:e0:d1:e0:e0:14:15:
         57:5a:9d:ba:63:3b:12:c7:03:f0:3a:c0:9f:f0:ff:1e:21:83:
         07:f0:52:83:16:c1:df:c7:d8:48:a7:76:88:cf:02:af:13:2a:
         e5:3a:53:9a:49:30:08:b6:2d:fd:67:b9:24:2d:b7:f6:b5:78:
         cd:f8:c3:b9:bd:4b:8c:31:9c:ce:2c:ae:77:91:e4:1d:31:f1:
         e1:76:ed:49:67:1f:7d:4a:f1:c5:ba:4f:84:16:42:c7:e2:d6:
         a8:ac:f6:23:c3:99:46:4a:43:e2:9a:49:7d:c1:1b:0e:20:55:
         49:58:9f:4a:db:4e:17:b8:08:47:9d:c8:f2:10:c7:ef:55:2d:
         bb:e9:32:b7:01:0c:6f:6c:f4:c2:5c:3a:66:e7:76:0f:9c:26:
         73:5c:4e:72:d0:a1:2d:28:08:0f:18:65:2e:26:5d:97:f7:25:
         1f:ee:90:80:94:a0:2b:2c:24:6a:3f:39:0d:6a:cb:4e:8b:c6:
         7d:0d:f7:4c:5d:f6:28:c2:05:92:18:c4:48:8b:d7:7c:e9:e9:
         c7:45:5f:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcnqeojbfnB+bRcj3T0uHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1Mzk4MzE4MzVjODdjNzUwMWY2YzM3Y2I0OGU2MGE3OTVh
Mzk0YmIwHhcNMjUwODIzMDEwMjA4WhcNMjUwODI0MDEwMjA4WjAzMTEwLwYDVQQD
EyhlMGJlNDViNWY3YWZmZDkwMzlkNzQ3ODYyMzdkYzFjZTQ0MThjNTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprFYKTF/a7pW9/sr1jISNP2BR/Ei
vW1DWw0ElmXHpC0PXTA/US3gTYzGdFqNdwwVv4Hq31NDIjPy4u9u6DPLYogOgFqE
Wt7PV9MURX+RMqPNKZtr92TLclOalD58WRmz9mo4SHcRc4AOC9pGGvMAJpLDFeLH
wR03La+vKsaKJ0Zj7zhLfw077o626zVqy0ZIPJR4JzMvunTAbGxfLDkhyR5ohtxR
jk8JSc0CK0lEER2LZnZS1fvpZjMtddb4VxaaCtg3UIzadnR4VRKzguFwqXIKj8JU
vI5NwDsBrNDLF8NXTDIAFaOzUuf96Q+dlVwaihOq1eMLx3dF2x6pa6VmWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOC+RbX3r/2QOddHhiN9wc5EGMVEMB8GA1UdIwQY
MBaAFLU5gxg1yHx1AfbDfLSOYKeVo5S7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMt
NDk1ZTE4ODcwMWI2LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMtNDk1ZTE4ODcwMWI2
LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASLlfkV9J
5V6qPDaIhUgyVzi+vacgwCxqgNJxAFi+xmRFe6keLp7oei/MK8PGneE64NHg4BQV
V1qdumM7EscD8DrAn/D/HiGDB/BSgxbB38fYSKd2iM8CrxMq5TpTmkkwCLYt/We5
JC239rV4zfjDub1LjDGcziyud5HkHTHx4XbtSWcffUrxxbpPhBZCx+LWqKz2I8OZ
RkpD4ppJfcEbDiBVSVifSttOF7gIR53I8hDH71Utu+kytwEMb2z0wlw6Zud2D5wm
c1xOctChLSgIDxhlLiZdl/clH+6QgJSgKywkaj85DWrLTovGfQ33TF32KMIFkhjE
SIvXfOnpx0VfTg==
-----END CERTIFICATE-----