Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
File:                     tWpL1vXr8vf_2ajRzZparN5iKFw.mft (raw, json)
Hash identifier:          JvCliLT48N4PeuzaMX0K2+GNcEonXwII3nfrmtwLy6U=
Subject key identifier:   9B:7B:85:DD:A3:58:75:53:F4:C2:17:B3:9E:95:02:63:FA:FD:49:52
Authority key identifier: B5:6A:4B:D6:F5:EB:F2:F7:FF:D9:A8:D1:CD:9A:5A:AC:DE:62:28:5C
Certificate issuer:       /CN=b56a4bd6f5ebf2f7ffd9a8d1cd9a5aacde62285c
Certificate serial:       0199FC8F22EB9306BD36D4185C512C172A92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
Manifest number:          089C
Signing time:             Sun 19 Oct 2025 13:01:02 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:02 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:02 +0000
Files and hashes:         1: tWpL1vXr8vf_2ajRzZparN5iKFw.crl (hash: JmpMtc2dMsLj4mobtiZJtgFk/IZCvlGqd0DLNeTcJ1w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:22:eb:93:06:bd:36:d4:18:5c:51:2c:17:2a:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b56a4bd6f5ebf2f7ffd9a8d1cd9a5aacde62285c
        Validity
            Not Before: Oct 19 13:01:02 2025 GMT
            Not After : Oct 20 13:01:02 2025 GMT
        Subject: CN=9b7b85dda3587553f4c217b39e950263fafd4952
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:9c:a5:70:26:4a:b6:1a:fa:72:ca:86:c0:64:
                    55:83:3f:7b:a9:7a:0d:49:33:50:af:cf:2c:75:b0:
                    a5:d7:fb:0f:02:b5:cd:ff:31:54:b6:c9:d5:99:31:
                    1a:19:a4:d3:8f:df:d4:fc:81:ca:fb:81:5c:77:95:
                    a8:7f:9e:6a:67:93:63:54:ed:ea:11:b9:fe:64:c2:
                    7d:a0:2c:12:2b:b9:87:cf:c4:ed:29:e0:38:5a:73:
                    72:09:5b:54:33:09:6e:2b:9c:b3:ee:cb:0e:df:f3:
                    86:43:fb:0e:49:e8:dd:68:6a:5a:28:54:df:6b:73:
                    9b:68:9e:77:41:61:de:e0:a1:a8:92:8c:a5:a4:24:
                    c8:d9:4f:46:1d:08:82:35:1e:42:02:98:da:fa:5c:
                    90:9b:59:df:90:12:81:d2:84:0c:41:e5:e6:5d:06:
                    66:13:7f:a0:da:5d:0d:b6:92:2b:57:d2:93:bb:f4:
                    a8:23:a9:1a:f7:77:73:a3:25:84:c6:10:d3:0e:f1:
                    b9:40:67:ae:20:d6:1f:17:72:cf:32:a8:32:d4:46:
                    11:8c:4f:78:bf:2d:1c:b3:85:2d:03:65:f0:8f:b7:
                    12:fc:60:74:79:c8:0a:c3:74:09:20:90:b7:eb:3e:
                    46:70:53:84:8d:9f:1c:83:b7:d3:ec:a1:75:ab:3b:
                    64:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:7B:85:DD:A3:58:75:53:F4:C2:17:B3:9E:95:02:63:FA:FD:49:52
            X509v3 Authority Key Identifier:
                keyid:B5:6A:4B:D6:F5:EB:F2:F7:FF:D9:A8:D1:CD:9A:5A:AC:DE:62:28:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:37:27:69:cb:d0:cc:27:1d:12:4b:c1:95:be:7e:a4:78:e7:
         a4:f6:ff:42:27:c5:b9:50:32:69:94:bc:aa:e8:d9:ee:71:74:
         a5:59:10:c3:89:36:64:07:86:7b:38:6d:f4:28:98:9b:c5:e5:
         59:79:53:68:47:78:88:49:e1:92:29:57:d3:ad:e8:80:0a:88:
         3a:04:79:ee:28:b8:af:ac:14:49:53:27:47:0e:c8:c4:3b:3c:
         37:2b:c7:50:84:75:ec:93:de:0e:34:db:90:5c:54:a5:70:3b:
         b4:bb:6f:fc:2e:ac:f1:28:f8:f4:e8:5b:48:80:79:aa:b4:80:
         e4:68:69:3f:37:5a:b3:82:8f:6e:03:91:ad:1e:d5:99:be:54:
         58:b5:54:bd:5f:96:5a:55:9a:dd:4e:fc:d9:47:0a:74:0b:ef:
         b9:69:d5:74:28:f5:3e:8d:89:96:71:c1:3c:77:6f:eb:58:fd:
         85:69:c7:a0:88:e9:44:e2:75:73:0d:c5:72:1a:9d:a3:16:dc:
         b7:1c:fb:7b:e7:91:3d:49:e3:48:40:aa:51:11:2d:81:42:d7:
         6a:70:59:c7:d0:7b:5c:2a:e4:e4:73:2a:40:0a:f1:85:5c:47:
         1b:f9:20:9b:0e:fe:10:bc:b8:6a:4b:4d:29:c5:02:b7:0c:2b:
         64:5c:57:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8jyLrkwa9NtQYXFEsFyqSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NmE0YmQ2ZjVlYmYyZjdmZmQ5YThkMWNkOWE1YWFjZGU2
MjI4NWMwHhcNMjUxMDE5MTMwMTAyWhcNMjUxMDIwMTMwMTAyWjAzMTEwLwYDVQQD
Eyg5YjdiODVkZGEzNTg3NTUzZjRjMjE3YjM5ZTk1MDI2M2ZhZmQ0OTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpylcCZKthr6csqGwGRVgz97qXoN
STNQr88sdbCl1/sPArXN/zFUtsnVmTEaGaTTj9/U/IHK+4Fcd5Wof55qZ5NjVO3q
Ebn+ZMJ9oCwSK7mHz8TtKeA4WnNyCVtUMwluK5yz7ssO3/OGQ/sOSejdaGpaKFTf
a3ObaJ53QWHe4KGokoylpCTI2U9GHQiCNR5CApja+lyQm1nfkBKB0oQMQeXmXQZm
E3+g2l0NtpIrV9KTu/SoI6ka93dzoyWExhDTDvG5QGeuINYfF3LPMqgy1EYRjE94
vy0cs4UtA2Xwj7cS/GB0ecgKw3QJIJC36z5GcFOEjZ8cg7fT7KF1qztk3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJt7hd2jWHVT9MIXs56VAmP6/UlSMB8GA1UdIwQY
MBaAFLVqS9b16/L3/9mo0c2aWqzeYihcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kZGU3MzYtMjczMC00YmZlLWE1YjMt
MDgyZTExMzYzZjBhLzEvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kZGU3MzYtMjczMC00YmZlLWE1YjMtMDgyZTExMzYzZjBh
LzEvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANDcnacvQ
zCcdEkvBlb5+pHjnpPb/QifFuVAyaZS8qujZ7nF0pVkQw4k2ZAeGezht9CiYm8Xl
WXlTaEd4iEnhkilX063ogAqIOgR57ii4r6wUSVMnRw7IxDs8NyvHUIR17JPeDjTb
kFxUpXA7tLtv/C6s8Sj49OhbSIB5qrSA5GhpPzdas4KPbgORrR7Vmb5UWLVUvV+W
WlWa3U782UcKdAvvuWnVdCj1Po2JlnHBPHdv61j9hWnHoIjpROJ1cw3Fchqdoxbc
txz7e+eRPUnjSECqUREtgULXanBZx9B7XCrk5HMqQArxhVxHG/kgmw7+ELy4aktN
KcUCtwwrZFxXfw==
-----END CERTIFICATE-----