Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft
File:                     TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft (raw, json)
Hash identifier:          3hDz0Ac1JGTcQAnqsPIkMj+sSjvuFvZEZ4NySYmtpHI=
Subject key identifier:   B4:A1:62:BD:2D:29:CF:A4:75:58:5B:9C:F2:5C:1D:F8:97:FD:BB:43
Authority key identifier: 4E:91:16:2B:B0:D9:B5:51:BF:5F:7B:1C:15:EE:31:5A:51:A6:77:F4
Certificate issuer:       /CN=4e91162bb0d9b551bf5f7b1c15ee315a51a677f4
Certificate serial:       0198D54EA9A488A7A9364404A3AFC9C7937F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft
Manifest number:          0BBC
Signing time:             Sat 23 Aug 2025 05:02:38 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:38 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:38 +0000
Files and hashes:         1: TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl (hash: haVDyD2J30m2EQV9U23De3dzswL7cncpu65mZfBNclQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:a9:a4:88:a7:a9:36:44:04:a3:af:c9:c7:93:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e91162bb0d9b551bf5f7b1c15ee315a51a677f4
        Validity
            Not Before: Aug 23 05:02:38 2025 GMT
            Not After : Aug 24 05:02:38 2025 GMT
        Subject: CN=b4a162bd2d29cfa475585b9cf25c1df897fdbb43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:5c:88:33:5d:d6:c9:0b:93:42:02:ef:79:b6:
                    cb:7f:85:39:2c:95:10:1f:88:06:39:80:5c:3c:0b:
                    66:37:c6:7f:f5:10:f4:97:d2:bf:cd:39:a4:3e:5e:
                    8d:8d:b9:64:06:fa:31:af:a7:0b:c2:0a:fd:27:16:
                    a6:1f:41:ab:97:0c:71:50:16:63:7d:e3:3f:91:ba:
                    85:32:ff:29:54:ad:39:ed:f2:6d:c6:1b:68:00:7d:
                    db:5d:58:53:cb:32:f9:bc:37:63:d7:39:7c:fa:47:
                    32:99:45:15:38:62:8d:ba:eb:1b:02:f5:0f:65:5b:
                    2a:bc:0a:81:6c:fd:a2:36:60:20:5d:32:ef:09:48:
                    16:f8:51:1a:d2:8c:22:fb:5f:e4:d6:9b:d5:c2:52:
                    ef:75:d5:f9:fb:e4:3e:f9:c1:0b:19:e0:40:38:6b:
                    e8:1c:19:4a:10:5d:0b:f2:28:08:65:0b:8a:26:1b:
                    ae:73:50:11:d1:96:70:0e:12:b6:89:f8:98:cd:06:
                    83:28:aa:58:a4:49:eb:6c:57:82:4b:0b:d6:df:ee:
                    ba:11:43:f7:2f:4d:fe:a8:5b:31:d8:f7:0b:ce:e5:
                    a1:28:c7:9a:76:a0:1c:ce:de:67:0d:d9:f0:fa:df:
                    0e:82:52:51:b3:21:ec:18:41:8b:e5:e7:23:f9:3a:
                    0d:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:A1:62:BD:2D:29:CF:A4:75:58:5B:9C:F2:5C:1D:F8:97:FD:BB:43
            X509v3 Authority Key Identifier:
                keyid:4E:91:16:2B:B0:D9:B5:51:BF:5F:7B:1C:15:EE:31:5A:51:A6:77:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:f0:b0:f5:39:8a:0d:45:3b:08:23:36:2e:fd:7e:62:04:f3:
         ae:06:66:f2:45:c7:e1:27:e9:fc:b7:de:b5:49:a5:5d:de:b0:
         41:92:bf:2f:0a:ce:f7:5b:2f:dc:c2:11:78:6c:76:27:e7:a5:
         85:fc:58:03:fa:7e:43:f4:19:a6:ea:f0:78:32:b5:ae:60:33:
         06:d6:87:7c:5d:5a:3e:75:2a:0c:6f:87:ca:61:99:fc:c1:b7:
         53:e8:c4:2a:e3:bf:ee:12:50:81:24:8a:cf:11:72:02:45:35:
         59:0f:25:1f:9c:44:b3:72:35:2a:9c:a7:68:4a:a5:eb:9a:a4:
         46:a9:62:d5:ad:11:87:d1:a1:d4:40:43:0e:b9:a0:cb:52:56:
         51:d6:5f:36:2c:fe:4c:14:70:4d:95:e9:c0:24:97:a6:f7:62:
         26:92:fc:19:cc:ac:e1:95:f7:06:65:7f:5a:53:60:56:1c:14:
         db:5d:19:9d:42:9a:cd:75:30:fc:d1:4f:34:9b:e2:ad:ea:42:
         7f:a7:75:ea:93:81:e5:9d:ed:73:39:f4:98:9b:63:12:34:06:
         5c:b6:e6:9c:77:40:d3:98:a5:b3:f7:2b:7d:4c:00:d4:1f:9e:
         f7:10:ab:8d:75:42:4d:6a:08:7c:3d:1a:75:b3:bf:8c:9a:2c:
         b3:6a:e7:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTqmkiKepNkQEo6/Jx5N/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlOTExNjJiYjBkOWI1NTFiZjVmN2IxYzE1ZWUzMTVhNTFh
Njc3ZjQwHhcNMjUwODIzMDUwMjM4WhcNMjUwODI0MDUwMjM4WjAzMTEwLwYDVQQD
EyhiNGExNjJiZDJkMjljZmE0NzU1ODViOWNmMjVjMWRmODk3ZmRiYjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFyIM13WyQuTQgLvebbLf4U5LJUQ
H4gGOYBcPAtmN8Z/9RD0l9K/zTmkPl6NjblkBvoxr6cLwgr9JxamH0GrlwxxUBZj
feM/kbqFMv8pVK057fJtxhtoAH3bXVhTyzL5vDdj1zl8+kcymUUVOGKNuusbAvUP
ZVsqvAqBbP2iNmAgXTLvCUgW+FEa0owi+1/k1pvVwlLvddX5++Q++cELGeBAOGvo
HBlKEF0L8igIZQuKJhuuc1AR0ZZwDhK2ifiYzQaDKKpYpEnrbFeCSwvW3+66EUP3
L03+qFsx2PcLzuWhKMeadqAczt5nDdnw+t8OglJRsyHsGEGL5ecj+ToN3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLShYr0tKc+kdVhbnPJcHfiX/btDMB8GA1UdIwQY
MBaAFE6RFiuw2bVRv197HBXuMVpRpnf0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yMjljM2YtOTk3Mi00M2Q2LThlNDIt
NTcxM2YxNzQ5YzFkLzEvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yMjljM2YtOTk3Mi00M2Q2LThlNDItNTcxM2YxNzQ5YzFk
LzEvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmvCw9TmK
DUU7CCM2Lv1+YgTzrgZm8kXH4Sfp/LfetUmlXd6wQZK/LwrO91sv3MIReGx2J+el
hfxYA/p+Q/QZpurweDK1rmAzBtaHfF1aPnUqDG+HymGZ/MG3U+jEKuO/7hJQgSSK
zxFyAkU1WQ8lH5xEs3I1KpynaEql65qkRqli1a0Rh9Gh1EBDDrmgy1JWUdZfNiz+
TBRwTZXpwCSXpvdiJpL8Gcys4ZX3BmV/WlNgVhwU210ZnUKazXUw/NFPNJvirepC
f6d16pOB5Z3tczn0mJtjEjQGXLbmnHdA05ils/crfUwA1B+e9xCrjXVCTWoIfD0a
dbO/jJoss2rnQg==
-----END CERTIFICATE-----