Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft
File:                     TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft (raw, json)
Hash identifier:          c16yUCexRtnnjrX6Tui2Klj1bYn33QhGmuRAqnckTLI=
Subject key identifier:   B3:33:85:3D:1F:F8:16:9E:E0:3D:D9:60:E3:CD:07:F5:8B:F6:F1:60
Authority key identifier: 4E:91:16:2B:B0:D9:B5:51:BF:5F:7B:1C:15:EE:31:5A:51:A6:77:F4
Certificate issuer:       /CN=4e91162bb0d9b551bf5f7b1c15ee315a51a677f4
Certificate serial:       0199FAD7D279313C4DF87DD3B7AE74A97EB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft
Manifest number:          0C54
Signing time:             Sun 19 Oct 2025 05:01:12 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:12 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:12 +0000
Files and hashes:         1: TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl (hash: aiVjbslBgh0NwdPZJrNFY1S9Sk0GqyW14R+ou9SrjmQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d7:d2:79:31:3c:4d:f8:7d:d3:b7:ae:74:a9:7e:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e91162bb0d9b551bf5f7b1c15ee315a51a677f4
        Validity
            Not Before: Oct 19 05:01:12 2025 GMT
            Not After : Oct 20 05:01:12 2025 GMT
        Subject: CN=b333853d1ff8169ee03dd960e3cd07f58bf6f160
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:41:92:21:6e:84:94:f1:6e:05:e8:79:a3:75:
                    d0:b2:93:df:bb:da:5b:5d:70:bd:09:b2:ea:97:94:
                    45:ca:88:5e:db:e5:ed:f2:39:01:dd:0e:9e:49:69:
                    5d:72:e8:1a:c4:4f:97:1c:b9:07:4f:68:e7:02:6f:
                    e7:1b:c2:0f:ae:f2:87:9e:8d:3f:0b:c6:a7:21:9f:
                    4a:42:51:e3:3d:f1:c7:25:33:6d:0d:98:63:e0:fe:
                    cd:c0:e2:ad:8e:80:96:34:1a:bd:ae:0f:af:a6:93:
                    00:12:ba:61:5a:82:6a:d1:8f:d5:9d:be:32:66:5f:
                    e2:2c:80:ee:62:ff:a4:e1:b4:c6:a5:de:2e:79:c9:
                    cd:70:9d:ff:73:8a:34:d0:40:c2:05:be:db:40:a7:
                    13:41:ef:c0:2a:61:db:e2:09:d4:ec:55:86:dc:14:
                    88:04:ee:c2:7a:df:4b:b4:20:e9:97:ab:4d:ba:fb:
                    26:dd:a3:e7:2f:c8:0a:d5:3d:ee:94:9f:ac:97:cd:
                    cd:78:68:b4:c0:21:97:0a:94:67:b3:f7:51:a2:dc:
                    56:88:28:36:0f:88:29:90:9f:68:c4:1f:bc:fd:24:
                    7a:2e:ba:64:66:82:cc:75:4d:66:23:01:c2:40:0f:
                    69:43:8e:a0:d6:f9:06:5c:7d:e7:1f:8f:87:e1:e2:
                    79:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:33:85:3D:1F:F8:16:9E:E0:3D:D9:60:E3:CD:07:F5:8B:F6:F1:60
            X509v3 Authority Key Identifier:
                keyid:4E:91:16:2B:B0:D9:B5:51:BF:5F:7B:1C:15:EE:31:5A:51:A6:77:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:5c:d0:50:0f:cd:84:59:6f:5c:5e:af:7c:93:bb:ea:80:a2:
         7c:70:97:0c:73:67:f0:64:85:4d:07:23:31:bc:2b:4a:6c:3c:
         83:ca:3c:e6:e0:df:90:1e:27:e1:b2:62:0e:c3:20:e0:2c:30:
         54:81:fc:24:17:e8:0d:8e:a7:d3:2c:07:f6:26:39:cf:13:43:
         80:82:fa:ff:f2:8e:bc:4b:5f:73:06:b7:e0:0b:6f:07:9f:0e:
         2c:b8:e0:fd:db:43:3c:f3:77:7d:bf:50:d9:6b:75:6b:31:ae:
         7e:27:6a:0e:53:be:9c:11:59:44:0d:5a:39:b1:2d:82:0f:de:
         ad:91:e4:6c:4d:87:06:be:4d:e7:b4:1f:36:45:86:54:6f:db:
         98:2e:9d:cf:89:aa:ad:e9:bf:f2:a7:d6:cb:f3:ca:97:67:9b:
         e6:44:3e:33:7c:16:a8:ad:2f:2b:cd:48:25:d0:a1:c8:fe:ff:
         3e:a3:69:7a:e0:27:fe:8f:2a:0e:31:d8:cc:6a:8a:98:c5:c5:
         70:2b:7d:ac:df:c0:bb:9d:88:ed:fa:3e:30:db:f9:73:a4:de:
         ae:5a:d4:67:a2:72:e4:74:e8:00:85:40:49:eb:f2:3b:02:4f:
         d8:93:b0:25:81:5c:39:e6:10:92:7a:b3:ea:82:ae:91:e8:6f:
         d0:9d:63:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn619J5MTxN+H3Tt650qX60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlOTExNjJiYjBkOWI1NTFiZjVmN2IxYzE1ZWUzMTVhNTFh
Njc3ZjQwHhcNMjUxMDE5MDUwMTEyWhcNMjUxMDIwMDUwMTEyWjAzMTEwLwYDVQQD
EyhiMzMzODUzZDFmZjgxNjllZTAzZGQ5NjBlM2NkMDdmNThiZjZmMTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UGSIW6ElPFuBeh5o3XQspPfu9pb
XXC9CbLql5RFyohe2+Xt8jkB3Q6eSWldcugaxE+XHLkHT2jnAm/nG8IPrvKHno0/
C8anIZ9KQlHjPfHHJTNtDZhj4P7NwOKtjoCWNBq9rg+vppMAErphWoJq0Y/Vnb4y
Zl/iLIDuYv+k4bTGpd4uecnNcJ3/c4o00EDCBb7bQKcTQe/AKmHb4gnU7FWG3BSI
BO7Cet9LtCDpl6tNuvsm3aPnL8gK1T3ulJ+sl83NeGi0wCGXCpRns/dRotxWiCg2
D4gpkJ9oxB+8/SR6LrpkZoLMdU1mIwHCQA9pQ46g1vkGXH3nH4+H4eJ5VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLMzhT0f+Bae4D3ZYOPNB/WL9vFgMB8GA1UdIwQY
MBaAFE6RFiuw2bVRv197HBXuMVpRpnf0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yMjljM2YtOTk3Mi00M2Q2LThlNDIt
NTcxM2YxNzQ5YzFkLzEvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yMjljM2YtOTk3Mi00M2Q2LThlNDItNTcxM2YxNzQ5YzFk
LzEvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ1zQUA/N
hFlvXF6vfJO76oCifHCXDHNn8GSFTQcjMbwrSmw8g8o85uDfkB4n4bJiDsMg4Cww
VIH8JBfoDY6n0ywH9iY5zxNDgIL6//KOvEtfcwa34AtvB58OLLjg/dtDPPN3fb9Q
2Wt1azGufidqDlO+nBFZRA1aObEtgg/erZHkbE2HBr5N57QfNkWGVG/bmC6dz4mq
rem/8qfWy/PKl2eb5kQ+M3wWqK0vK81IJdChyP7/PqNpeuAn/o8qDjHYzGqKmMXF
cCt9rN/Au52I7fo+MNv5c6TerlrUZ6Jy5HToAIVASevyOwJP2JOwJYFcOeYQknqz
6oKukehv0J1jHQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:00 2025 by rpki-client