Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft
File:                     TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft (raw, json)
Hash identifier:          Loq19f0lbqUQisxNzWnLOFHaP5+y4GDj7PIvRPjlTAE=
Subject key identifier:   82:1A:72:4B:32:DA:C6:36:28:BA:D4:37:F4:C2:2E:E6:1E:F3:47:94
Authority key identifier: 4E:91:16:2B:B0:D9:B5:51:BF:5F:7B:1C:15:EE:31:5A:51:A6:77:F4
Certificate issuer:       /CN=4e91162bb0d9b551bf5f7b1c15ee315a51a677f4
Certificate serial:       0197B77C2DDD490385E6C027BD036C84B118
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft
Manifest number:          0B28
Signing time:             Sat 28 Jun 2025 17:00:58 +0000
Manifest this update:     Sat 28 Jun 2025 17:00:58 +0000
Manifest next update:     Sun 29 Jun 2025 17:00:58 +0000
Files and hashes:         1: TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl (hash: OfaZS197reZZ1FplvdIQoNDfJSVRgbVNH69h4+PqFk0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:2d:dd:49:03:85:e6:c0:27:bd:03:6c:84:b1:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e91162bb0d9b551bf5f7b1c15ee315a51a677f4
        Validity
            Not Before: Jun 28 17:00:58 2025 GMT
            Not After : Jun 29 17:00:58 2025 GMT
        Subject: CN=821a724b32dac63628bad437f4c22ee61ef34794
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:97:4b:a0:c8:dd:4c:aa:22:68:cd:a7:c9:5d:
                    3b:2d:29:de:f0:d3:ee:8b:e1:87:33:92:6d:4b:d0:
                    d0:ff:b2:35:6b:67:cc:a9:d7:e1:80:a8:d8:b8:17:
                    c3:ab:7f:bd:d9:f4:ab:43:91:f3:28:a1:af:31:39:
                    72:a0:7c:3b:5a:34:ca:32:d5:1a:fc:1a:d6:3d:ce:
                    fe:4d:f0:c8:1a:90:7c:51:77:f0:70:63:ec:04:98:
                    c2:a2:14:9f:a5:f5:0b:c7:20:d6:5a:9f:2f:31:f9:
                    c4:1d:ff:eb:e9:c2:83:47:03:ba:c5:de:05:32:b4:
                    71:9c:d8:b0:36:8b:c6:4f:75:6e:16:72:16:41:97:
                    ae:38:63:e7:f6:1e:1f:8f:5f:e4:d6:04:2d:79:a3:
                    9b:a5:23:6e:20:bc:fb:14:9d:2a:be:a8:c2:b3:9a:
                    dd:57:5a:2c:0a:39:b9:1e:cc:5c:7c:6e:26:f2:a5:
                    77:c7:e6:fe:db:f6:a7:90:f1:1b:2d:a4:a6:5a:17:
                    b5:fe:94:06:23:2d:3b:2b:22:07:2c:26:db:d6:5e:
                    1e:1a:c4:6b:3c:23:5c:f4:2c:08:5c:dd:3c:1b:65:
                    3f:d8:ba:23:51:ef:69:6b:ce:a9:41:16:7b:8f:04:
                    b8:93:59:da:84:1b:95:8a:f3:19:1c:c5:09:7d:56:
                    30:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:1A:72:4B:32:DA:C6:36:28:BA:D4:37:F4:C2:2E:E6:1E:F3:47:94
            X509v3 Authority Key Identifier:
                keyid:4E:91:16:2B:B0:D9:B5:51:BF:5F:7B:1C:15:EE:31:5A:51:A6:77:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:23:4a:29:c7:d1:d0:83:63:fb:24:9c:58:82:1f:b2:54:16:
         e1:c1:bd:9a:31:30:20:6e:5e:08:df:be:be:8b:2f:24:8a:f1:
         77:56:9d:62:4a:d7:97:28:8f:22:5b:27:de:06:b1:4f:88:dd:
         45:85:e9:c2:1b:79:b7:a1:f6:fa:71:e5:e6:74:ba:9c:35:5c:
         d5:1b:30:6f:b6:d1:c6:80:2b:69:f6:15:f7:40:76:ab:5d:9f:
         9d:1f:7e:b5:fe:73:9b:23:0d:13:e5:ba:91:75:86:9b:dd:bf:
         b3:35:dd:d0:64:f4:72:66:ab:1e:62:58:0d:ce:5f:82:ce:92:
         09:08:8e:00:2d:2d:2d:49:bb:cb:0f:2b:3a:80:82:f1:c9:c0:
         89:cf:60:ca:14:0b:39:27:ad:4c:71:81:ea:45:81:a2:79:51:
         26:0e:f7:ee:16:1c:49:2b:07:d8:b2:b1:9b:c5:89:c4:33:43:
         50:40:15:8a:a7:89:81:00:10:08:59:e1:04:2e:9e:b4:4c:87:
         9c:e5:8b:79:64:60:20:b9:ae:4f:70:be:91:5f:4e:ef:ac:83:
         dd:b4:d2:e7:62:83:18:b4:04:53:05:82:21:97:3b:17:a7:f9:
         b7:4f:ec:03:5e:8b:ae:b7:5e:dc:7b:1c:ed:04:26:01:2c:7d:
         7c:be:c2:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fC3dSQOF5sAnvQNshLEYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlOTExNjJiYjBkOWI1NTFiZjVmN2IxYzE1ZWUzMTVhNTFh
Njc3ZjQwHhcNMjUwNjI4MTcwMDU4WhcNMjUwNjI5MTcwMDU4WjAzMTEwLwYDVQQD
Eyg4MjFhNzI0YjMyZGFjNjM2MjhiYWQ0MzdmNGMyMmVlNjFlZjM0Nzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8pdLoMjdTKoiaM2nyV07LSne8NPu
i+GHM5JtS9DQ/7I1a2fMqdfhgKjYuBfDq3+92fSrQ5HzKKGvMTlyoHw7WjTKMtUa
/BrWPc7+TfDIGpB8UXfwcGPsBJjCohSfpfULxyDWWp8vMfnEHf/r6cKDRwO6xd4F
MrRxnNiwNovGT3VuFnIWQZeuOGPn9h4fj1/k1gQteaObpSNuILz7FJ0qvqjCs5rd
V1osCjm5HsxcfG4m8qV3x+b+2/ankPEbLaSmWhe1/pQGIy07KyIHLCbb1l4eGsRr
PCNc9CwIXN08G2U/2LojUe9pa86pQRZ7jwS4k1nahBuVivMZHMUJfVYw/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIIacksy2sY2KLrUN/TCLuYe80eUMB8GA1UdIwQY
MBaAFE6RFiuw2bVRv197HBXuMVpRpnf0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yMjljM2YtOTk3Mi00M2Q2LThlNDIt
NTcxM2YxNzQ5YzFkLzEvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yMjljM2YtOTk3Mi00M2Q2LThlNDItNTcxM2YxNzQ5YzFk
LzEvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAniNKKcfR
0INj+yScWIIfslQW4cG9mjEwIG5eCN++vosvJIrxd1adYkrXlyiPIlsn3gaxT4jd
RYXpwht5t6H2+nHl5nS6nDVc1Rswb7bRxoArafYV90B2q12fnR9+tf5zmyMNE+W6
kXWGm92/szXd0GT0cmarHmJYDc5fgs6SCQiOAC0tLUm7yw8rOoCC8cnAic9gyhQL
OSetTHGB6kWBonlRJg737hYcSSsH2LKxm8WJxDNDUEAViqeJgQAQCFnhBC6etEyH
nOWLeWRgILmuT3C+kV9O76yD3bTS52KDGLQEUwWCIZc7F6f5t0/sA16Lrrde3Hsc
7QQmASx9fL7CeA==
-----END CERTIFICATE-----