Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft
File:                     tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft (raw, json)
Hash identifier:          SzQ0GWAI9oKk8xVfi2vlcn+w7yu/8IguXyfYFhT1sNs=
Subject key identifier:   7A:F2:A4:D8:64:DA:DD:CB:D4:00:B9:97:30:83:46:6C:CE:E6:1E:61
Authority key identifier: B4:A6:C2:07:42:82:22:F6:3F:C9:CB:A8:39:D0:DB:D9:A6:95:0B:31
Certificate issuer:       /CN=b4a6c207428222f63fc9cba839d0dbd9a6950b31
Certificate serial:       0199FFC8343C6BEF633D214A3FBE909CABA8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tKbCB0KCIvY_ycuoOdDb2aaVCzE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft
Manifest number:          0198
Signing time:             Mon 20 Oct 2025 04:02:14 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:14 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:14 +0000
Files and hashes:         1: tKbCB0KCIvY_ycuoOdDb2aaVCzE.crl (hash: IORH1E/ZFZhLNVijOf3/KlCyIvrB9ckoVO9LJfJghbY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tKbCB0KCIvY_ycuoOdDb2aaVCzE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:34:3c:6b:ef:63:3d:21:4a:3f:be:90:9c:ab:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4a6c207428222f63fc9cba839d0dbd9a6950b31
        Validity
            Not Before: Oct 20 04:02:14 2025 GMT
            Not After : Oct 21 04:02:14 2025 GMT
        Subject: CN=7af2a4d864daddcbd400b9973083466ccee61e61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:54:a7:65:93:32:75:93:61:bd:a9:a5:5d:2a:
                    41:fc:dc:1d:81:73:32:7c:c9:e3:8d:06:b2:49:da:
                    c8:1a:f7:77:73:a8:7b:b0:1e:7e:e1:f0:03:a8:81:
                    f7:86:d0:d2:19:fa:73:38:aa:c8:bb:33:81:0a:7f:
                    01:30:cd:87:c9:ff:2c:d5:b0:54:9c:d2:35:c4:d5:
                    71:4d:29:09:39:22:cb:66:40:dc:4b:59:ea:86:66:
                    1d:ec:7b:c1:0e:dd:5c:53:98:5f:cf:7b:4b:7d:85:
                    6b:c6:dc:bb:8f:cc:fc:fb:4a:ea:22:c7:86:df:70:
                    f7:f8:a3:ec:c0:cd:e7:cf:1d:b3:e3:71:0c:23:58:
                    15:18:9c:27:48:64:67:3f:2c:fe:dc:94:11:11:a8:
                    4f:13:0b:39:d2:26:0b:82:77:a5:26:c2:12:34:fe:
                    b5:5e:34:bd:00:1c:be:aa:16:96:5f:7f:ac:4a:ea:
                    a1:b1:4b:59:ec:c8:ea:28:56:b2:77:69:c9:ed:ec:
                    5f:4a:12:c1:55:7e:73:cf:7d:57:71:bb:50:f4:a3:
                    0a:f8:d3:d6:d9:f3:85:d0:00:89:83:56:e0:fd:42:
                    a2:20:e0:65:51:7c:86:79:6e:ec:ee:8a:23:f2:b9:
                    6d:67:aa:16:fa:fc:c7:6e:b1:0c:8b:19:22:f0:5f:
                    45:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:F2:A4:D8:64:DA:DD:CB:D4:00:B9:97:30:83:46:6C:CE:E6:1E:61
            X509v3 Authority Key Identifier:
                keyid:B4:A6:C2:07:42:82:22:F6:3F:C9:CB:A8:39:D0:DB:D9:A6:95:0B:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKbCB0KCIvY_ycuoOdDb2aaVCzE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:15:c5:20:2f:df:58:bd:50:0e:e5:02:43:32:3a:fd:d1:51:
         dc:d6:1a:32:e9:bd:a2:46:bb:06:08:c8:12:ca:32:2a:b4:35:
         ca:7a:a4:96:93:3c:98:45:28:6a:ea:1f:74:de:08:93:39:a1:
         29:db:b8:ab:d3:e2:82:39:fb:18:cd:cb:b2:cd:4a:7f:da:41:
         12:00:8f:fe:5d:2c:6b:3b:26:91:a0:1f:52:7b:c1:90:25:00:
         70:1f:8b:44:52:0b:f9:53:bf:cb:38:f1:4b:3c:7a:ea:68:a1:
         98:e7:8f:9f:3d:60:f9:a7:8d:29:57:d1:a9:30:6f:8e:7d:70:
         70:d7:5c:3a:a8:a5:64:20:d8:f0:61:bf:f0:10:15:e3:4e:b3:
         b7:1b:2e:a1:c4:4f:ac:4b:21:0d:c4:d5:93:97:31:1d:95:bd:
         99:7a:46:58:f7:8f:1a:10:bd:94:c6:71:4d:af:de:d3:be:4c:
         f1:9b:6b:c1:20:bb:68:8f:56:e0:80:73:6f:dc:d6:4e:d8:27:
         2d:08:af:bf:2f:10:69:87:fb:41:db:3d:5e:fa:75:74:e6:75:
         22:e0:9e:43:4e:17:a3:62:54:d2:89:5d:22:c0:da:61:60:29:
         9c:3f:f0:31:11:89:e1:de:99:b9:5c:ac:c0:c7:9b:c5:42:71:
         11:35:e7:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yDQ8a+9jPSFKP76QnKuoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTZjMjA3NDI4MjIyZjYzZmM5Y2JhODM5ZDBkYmQ5YTY5
NTBiMzEwHhcNMjUxMDIwMDQwMjE0WhcNMjUxMDIxMDQwMjE0WjAzMTEwLwYDVQQD
Eyg3YWYyYTRkODY0ZGFkZGNiZDQwMGI5OTczMDgzNDY2Y2NlZTYxZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11SnZZMydZNhvamlXSpB/NwdgXMy
fMnjjQaySdrIGvd3c6h7sB5+4fADqIH3htDSGfpzOKrIuzOBCn8BMM2Hyf8s1bBU
nNI1xNVxTSkJOSLLZkDcS1nqhmYd7HvBDt1cU5hfz3tLfYVrxty7j8z8+0rqIseG
33D3+KPswM3nzx2z43EMI1gVGJwnSGRnPyz+3JQREahPEws50iYLgnelJsISNP61
XjS9ABy+qhaWX3+sSuqhsUtZ7MjqKFayd2nJ7exfShLBVX5zz31XcbtQ9KMK+NPW
2fOF0ACJg1bg/UKiIOBlUXyGeW7s7ooj8rltZ6oW+vzHbrEMixki8F9FCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrypNhk2t3L1AC5lzCDRmzO5h5hMB8GA1UdIwQY
MBaAFLSmwgdCgiL2P8nLqDnQ29mmlQsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtiQ0IwS0NJdllfeWN1b09kRGIyYWFWQ3pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82NTE0MjEtMzMwMC00ODg2LWJiZTUt
ODRhYmNmYmNkZjVlLzEvdEtiQ0IwS0NJdllfeWN1b09kRGIyYWFWQ3pFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82NTE0MjEtMzMwMC00ODg2LWJiZTUtODRhYmNmYmNkZjVl
LzEvdEtiQ0IwS0NJdllfeWN1b09kRGIyYWFWQ3pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABRXFIC/f
WL1QDuUCQzI6/dFR3NYaMum9oka7BgjIEsoyKrQ1ynqklpM8mEUoauofdN4Ikzmh
Kdu4q9Pigjn7GM3Lss1Kf9pBEgCP/l0sazsmkaAfUnvBkCUAcB+LRFIL+VO/yzjx
Szx66mihmOePnz1g+aeNKVfRqTBvjn1wcNdcOqilZCDY8GG/8BAV406ztxsuocRP
rEshDcTVk5cxHZW9mXpGWPePGhC9lMZxTa/e075M8ZtrwSC7aI9W4IBzb9zWTtgn
LQivvy8QaYf7Qds9Xvp1dOZ1IuCeQ04Xo2JU0oldIsDaYWApnD/wMRGJ4d6ZuVys
wMebxUJxETXnnA==
-----END CERTIFICATE-----