Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft
File:                     tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft (raw, json)
Hash identifier:          mwhs0O1lrAMGCcoJeDsjuf5k0mcGFxx8FEw7SoKrxbo=
Subject key identifier:   A7:98:5C:70:3C:78:9B:D1:1B:D3:CB:1F:DB:CC:C1:88:D4:73:70:4B
Authority key identifier: B4:A6:C2:07:42:82:22:F6:3F:C9:CB:A8:39:D0:DB:D9:A6:95:0B:31
Certificate issuer:       /CN=b4a6c207428222f63fc9cba839d0dbd9a6950b31
Certificate serial:       0198D65FB1A066412733D0344750027F8D7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tKbCB0KCIvY_ycuoOdDb2aaVCzE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft
Manifest number:          FE
Signing time:             Sat 23 Aug 2025 10:00:52 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:52 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:52 +0000
Files and hashes:         1: tKbCB0KCIvY_ycuoOdDb2aaVCzE.crl (hash: Q+NOSnGmaevbTFZVHTRKcWmS6B6V8izQaJw5QuyTIKc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tKbCB0KCIvY_ycuoOdDb2aaVCzE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:b1:a0:66:41:27:33:d0:34:47:50:02:7f:8d:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4a6c207428222f63fc9cba839d0dbd9a6950b31
        Validity
            Not Before: Aug 23 10:00:52 2025 GMT
            Not After : Aug 24 10:00:52 2025 GMT
        Subject: CN=a7985c703c789bd11bd3cb1fdbccc188d473704b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:aa:a6:02:ba:0c:c0:41:7d:5b:0b:35:70:b1:
                    0e:23:8e:c5:a4:e5:50:df:ea:90:5b:c2:1e:37:cb:
                    cb:6f:fc:bf:31:3c:60:9b:a2:35:31:02:05:07:41:
                    db:98:9c:80:38:42:ee:bc:61:38:ea:11:cc:0a:7f:
                    e2:e5:dd:1d:7e:3d:e6:04:a0:14:d6:3e:06:53:51:
                    a7:1f:82:65:ff:e1:c8:a2:52:a3:6d:65:08:8b:d2:
                    d8:f4:bb:61:24:76:e4:af:da:b8:36:a7:03:fd:a8:
                    71:c9:ca:bf:1c:b0:17:ed:76:d9:e3:79:70:0f:cc:
                    b0:6c:31:f4:ee:6b:a0:3e:0a:8f:37:9c:2e:02:66:
                    01:a9:e2:97:61:c5:a8:fc:9a:de:b0:2b:af:a5:fd:
                    7e:f6:ee:46:fa:51:87:96:b9:62:a2:06:e1:f7:b4:
                    12:06:ff:e4:93:99:5e:8a:e6:f4:a8:2b:f4:65:bf:
                    1b:31:21:f9:0c:e7:32:91:2d:d3:18:d3:20:cc:7a:
                    7e:9e:19:a0:2a:70:a8:57:04:2a:a5:ce:9a:4c:97:
                    e9:1b:af:ca:a1:b5:f2:c5:eb:08:06:bf:89:7a:40:
                    84:b1:c0:7b:9d:a1:57:9d:79:08:da:a4:65:bc:db:
                    f5:08:71:70:40:af:03:cf:f5:7b:ae:78:da:03:80:
                    e3:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:98:5C:70:3C:78:9B:D1:1B:D3:CB:1F:DB:CC:C1:88:D4:73:70:4B
            X509v3 Authority Key Identifier:
                keyid:B4:A6:C2:07:42:82:22:F6:3F:C9:CB:A8:39:D0:DB:D9:A6:95:0B:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKbCB0KCIvY_ycuoOdDb2aaVCzE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:eb:5c:32:78:9e:ed:01:a2:d1:f5:55:bf:ae:00:e5:f1:da:
         a3:b3:f3:6c:51:8f:46:91:52:9c:27:7c:7d:6d:72:30:61:4f:
         a2:ac:b5:73:e7:19:9a:d2:dc:6c:40:fb:25:d0:91:22:b1:97:
         dd:c5:8c:9b:78:9c:b3:54:11:29:b4:4d:bd:79:f9:39:ca:45:
         d1:05:05:78:d4:22:76:70:1c:b0:06:02:1b:03:fd:30:84:7e:
         9b:e6:9e:c5:6c:df:32:74:61:b1:65:c8:37:df:6e:76:ef:9f:
         3f:7f:7b:00:4f:82:d7:c5:52:c1:25:bd:87:b6:b0:5c:2b:24:
         f1:eb:ad:78:a3:b5:6d:46:97:f0:5a:08:56:f0:15:67:cd:7e:
         9f:66:7a:05:70:0d:99:c6:bf:6f:80:ba:e8:11:da:37:50:27:
         aa:6a:27:d3:54:43:e5:72:ef:b2:85:c4:f9:14:85:1c:c3:7c:
         20:e4:13:9f:41:2b:48:f9:2b:e1:88:b4:7c:c9:5c:ae:ac:b6:
         0d:17:9c:14:bd:43:24:8c:32:8f:58:06:db:65:4f:34:c5:9c:
         02:d7:ee:82:2f:7f:c3:e3:f9:90:59:95:37:95:33:d7:d8:0b:
         9a:c6:bd:48:48:1c:18:4c:66:e8:d8:d2:fb:d3:84:41:ab:c3:
         2c:05:7f:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX7GgZkEnM9A0R1ACf416MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTZjMjA3NDI4MjIyZjYzZmM5Y2JhODM5ZDBkYmQ5YTY5
NTBiMzEwHhcNMjUwODIzMTAwMDUyWhcNMjUwODI0MTAwMDUyWjAzMTEwLwYDVQQD
EyhhNzk4NWM3MDNjNzg5YmQxMWJkM2NiMWZkYmNjYzE4OGQ0NzM3MDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaqmAroMwEF9Wws1cLEOI47FpOVQ
3+qQW8IeN8vLb/y/MTxgm6I1MQIFB0HbmJyAOELuvGE46hHMCn/i5d0dfj3mBKAU
1j4GU1GnH4Jl/+HIolKjbWUIi9LY9LthJHbkr9q4NqcD/ahxycq/HLAX7XbZ43lw
D8ywbDH07mugPgqPN5wuAmYBqeKXYcWo/JresCuvpf1+9u5G+lGHlrliogbh97QS
Bv/kk5leiub0qCv0Zb8bMSH5DOcykS3TGNMgzHp+nhmgKnCoVwQqpc6aTJfpG6/K
obXyxesIBr+JekCEscB7naFXnXkI2qRlvNv1CHFwQK8Dz/V7rnjaA4DjHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKeYXHA8eJvRG9PLH9vMwYjUc3BLMB8GA1UdIwQY
MBaAFLSmwgdCgiL2P8nLqDnQ29mmlQsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtiQ0IwS0NJdllfeWN1b09kRGIyYWFWQ3pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82NTE0MjEtMzMwMC00ODg2LWJiZTUt
ODRhYmNmYmNkZjVlLzEvdEtiQ0IwS0NJdllfeWN1b09kRGIyYWFWQ3pFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82NTE0MjEtMzMwMC00ODg2LWJiZTUtODRhYmNmYmNkZjVl
LzEvdEtiQ0IwS0NJdllfeWN1b09kRGIyYWFWQ3pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbetcMnie
7QGi0fVVv64A5fHao7PzbFGPRpFSnCd8fW1yMGFPoqy1c+cZmtLcbED7JdCRIrGX
3cWMm3ics1QRKbRNvXn5OcpF0QUFeNQidnAcsAYCGwP9MIR+m+aexWzfMnRhsWXI
N99udu+fP397AE+C18VSwSW9h7awXCsk8euteKO1bUaX8FoIVvAVZ81+n2Z6BXAN
mca/b4C66BHaN1Anqmon01RD5XLvsoXE+RSFHMN8IOQTn0ErSPkr4Yi0fMlcrqy2
DRecFL1DJIwyj1gG22VPNMWcAtfugi9/w+P5kFmVN5Uz19gLmsa9SEgcGExm6NjS
+9OEQavDLAV/Pg==
-----END CERTIFICATE-----