Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
File:                     tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft (raw, json)
Hash identifier:          CyUFqGsfxBXlEhSHrDwZbFrb4mKxPtJNsZEOxtneF8Y=
Subject key identifier:   39:67:00:34:31:E9:C5:D6:13:D6:62:00:10:D9:0B:81:46:6C:8D:F5
Authority key identifier: B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB
Certificate issuer:       /CN=b539831835c87c7501f6c37cb48e60a795a394bb
Certificate serial:       0197B6A0B0074323EA057F40F28EC0591230
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
Manifest number:          15B4
Signing time:             Sat 28 Jun 2025 13:01:13 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:13 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:13 +0000
Files and hashes:         1: tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl (hash: d1Mzas44G2Xabb2Lty21VqgXNNgoLwUHubqdeke6Jvk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:b0:07:43:23:ea:05:7f:40:f2:8e:c0:59:12:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b539831835c87c7501f6c37cb48e60a795a394bb
        Validity
            Not Before: Jun 28 13:01:13 2025 GMT
            Not After : Jun 29 13:01:13 2025 GMT
        Subject: CN=3967003431e9c5d613d6620010d90b81466c8df5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:fd:5e:d3:d3:e8:4e:e7:a7:af:ec:c9:67:5a:
                    27:a1:61:30:5c:c1:fd:75:25:c0:af:69:48:ca:da:
                    d8:d3:3e:89:c1:50:49:8d:0c:50:54:02:d4:74:f4:
                    b2:ad:d8:88:55:e9:f3:a9:a9:66:a1:f8:a5:13:11:
                    7c:89:b4:d9:7f:1e:74:3f:29:34:36:13:c0:02:ef:
                    f5:ef:23:2f:9b:52:13:d8:3e:99:b9:cb:a8:2e:22:
                    40:a3:95:e9:97:68:a0:cb:3a:ed:50:31:2d:01:04:
                    6d:b4:8e:32:fc:69:ef:13:4d:f2:8b:5b:b0:e3:98:
                    e2:85:19:f0:12:ea:7d:aa:fe:6d:5c:23:b4:87:6a:
                    f1:23:d6:1c:b7:44:28:ce:9d:ad:ee:55:ba:76:f7:
                    3d:81:9f:69:66:7d:cc:78:1c:01:b5:5f:f5:d9:5c:
                    4f:16:a0:bd:83:4d:77:e3:c9:8e:e4:bb:f4:e0:0e:
                    dc:2c:4c:e6:5e:62:e1:34:cd:7c:30:2f:06:b6:16:
                    7a:e8:ff:48:ba:1f:2f:84:c0:50:0b:97:37:bc:e8:
                    f9:b7:11:47:46:d4:0b:17:6c:61:4b:c1:77:8c:c3:
                    83:3d:dd:a7:08:69:a3:38:05:bb:c6:d7:38:c4:b5:
                    f2:74:83:6c:2c:51:c3:1e:17:9a:64:b6:ed:4d:8b:
                    5a:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:67:00:34:31:E9:C5:D6:13:D6:62:00:10:D9:0B:81:46:6C:8D:F5
            X509v3 Authority Key Identifier:
                keyid:B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:ad:2a:f5:fc:ac:b9:67:c5:b3:62:96:10:52:a2:b9:d7:86:
         9c:7d:23:5a:22:1e:88:ec:ca:2f:d7:2a:12:da:a0:d2:26:2d:
         34:c3:e3:10:94:3d:ac:ae:21:3c:6c:c4:1b:8c:b2:20:21:1f:
         a4:2b:e5:45:08:5d:7b:70:85:b6:0a:ac:b4:a2:32:05:05:3c:
         ca:5c:94:a6:a8:bb:87:07:c2:83:ea:6c:9b:ca:f7:c0:87:6a:
         5b:42:cf:93:a5:50:39:36:90:5d:49:64:c1:dd:93:3f:ba:c5:
         61:9b:d2:21:9e:1f:da:20:d6:f1:74:7b:bf:d6:3e:94:6c:6a:
         52:38:73:df:a4:86:91:b1:b0:60:47:8f:bd:50:7a:f3:f2:55:
         5f:ec:3e:b8:a0:4c:96:10:fa:a3:59:5f:2d:63:24:a9:04:4f:
         22:2d:27:8d:52:6b:84:11:2e:42:b6:fb:96:c0:54:a9:1d:b2:
         e2:29:b7:d1:d8:a8:b8:d9:7e:3f:e8:12:3f:f5:b2:06:74:fe:
         af:30:46:92:6f:06:10:bc:df:0a:0b:4d:f3:d3:fe:18:aa:dd:
         2b:26:5b:f7:34:06:e2:a7:32:ee:9f:05:b8:ac:e1:fb:a8:10:
         e9:bb:88:e3:21:69:b4:99:e1:23:63:0a:0d:2a:0b:1e:8b:81:
         43:7d:81:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oLAHQyPqBX9A8o7AWRIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1Mzk4MzE4MzVjODdjNzUwMWY2YzM3Y2I0OGU2MGE3OTVh
Mzk0YmIwHhcNMjUwNjI4MTMwMTEzWhcNMjUwNjI5MTMwMTEzWjAzMTEwLwYDVQQD
EygzOTY3MDAzNDMxZTljNWQ2MTNkNjYyMDAxMGQ5MGI4MTQ2NmM4ZGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoP1e09PoTuenr+zJZ1onoWEwXMH9
dSXAr2lIytrY0z6JwVBJjQxQVALUdPSyrdiIVenzqalmofilExF8ibTZfx50Pyk0
NhPAAu/17yMvm1IT2D6ZucuoLiJAo5Xpl2igyzrtUDEtAQRttI4y/GnvE03yi1uw
45jihRnwEup9qv5tXCO0h2rxI9Yct0Qozp2t7lW6dvc9gZ9pZn3MeBwBtV/12VxP
FqC9g01348mO5Lv04A7cLEzmXmLhNM18MC8GthZ66P9Iuh8vhMBQC5c3vOj5txFH
RtQLF2xhS8F3jMODPd2nCGmjOAW7xtc4xLXydINsLFHDHheaZLbtTYtavQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDlnADQx6cXWE9ZiABDZC4FGbI31MB8GA1UdIwQY
MBaAFLU5gxg1yHx1AfbDfLSOYKeVo5S7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMt
NDk1ZTE4ODcwMWI2LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMtNDk1ZTE4ODcwMWI2
LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxq0q9fys
uWfFs2KWEFKiudeGnH0jWiIeiOzKL9cqEtqg0iYtNMPjEJQ9rK4hPGzEG4yyICEf
pCvlRQhde3CFtgqstKIyBQU8ylyUpqi7hwfCg+psm8r3wIdqW0LPk6VQOTaQXUlk
wd2TP7rFYZvSIZ4f2iDW8XR7v9Y+lGxqUjhz36SGkbGwYEePvVB68/JVX+w+uKBM
lhD6o1lfLWMkqQRPIi0njVJrhBEuQrb7lsBUqR2y4im30diouNl+P+gSP/WyBnT+
rzBGkm8GELzfCgtN89P+GKrdKyZb9zQG4qcy7p8FuKzh+6gQ6buI4yFptJnhI2MK
DSoLHouBQ32BoQ==
-----END CERTIFICATE-----