Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
File:                     TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft (raw, json)
Hash identifier:          XuFIrwrsZpMT+GHlK3N7LsoIvmVta5QMxAbTK4eOr48=
Subject key identifier:   50:5E:E6:3C:9C:04:F8:E7:74:53:A8:A2:A2:85:18:83:96:6D:4F:E1
Authority key identifier: 4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB
Certificate issuer:       /CN=4d0f257f339cfb9e2754b6cc24364f0f129058db
Certificate serial:       0198D6CDC46FA76F760F2A185596E90DC72F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
Manifest number:          1483
Signing time:             Sat 23 Aug 2025 12:01:06 +0000
Manifest this update:     Sat 23 Aug 2025 12:01:06 +0000
Manifest next update:     Sun 24 Aug 2025 12:01:06 +0000
Files and hashes:         1: TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl (hash: L6bJVooFhoyfYQpv5XAKMwM3BBkQaSZLEThUIS+uja0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:c4:6f:a7:6f:76:0f:2a:18:55:96:e9:0d:c7:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d0f257f339cfb9e2754b6cc24364f0f129058db
        Validity
            Not Before: Aug 23 12:01:06 2025 GMT
            Not After : Aug 24 12:01:06 2025 GMT
        Subject: CN=505ee63c9c04f8e77453a8a2a2851883966d4fe1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:2e:aa:74:54:05:0a:fc:c1:33:c1:8f:81:f2:
                    41:45:89:75:13:a2:bf:6c:53:68:30:c5:fe:5d:df:
                    92:ce:94:89:7f:12:e6:02:9c:d7:d4:22:f2:ed:89:
                    13:38:3c:49:6f:eb:33:6f:54:b0:6f:12:fb:37:f2:
                    91:54:d4:ef:4f:8c:08:05:d8:72:45:31:11:f5:65:
                    36:10:4c:44:4b:05:36:6d:74:e3:f9:c6:fb:c5:dc:
                    ac:b7:08:34:f5:7e:81:09:8d:84:b5:9b:d6:c3:b2:
                    c5:95:db:bf:1c:eb:b7:c5:fb:1b:ec:f7:cb:7f:7b:
                    be:03:af:f3:0c:57:40:20:93:b8:ba:06:18:da:2f:
                    42:26:ae:db:05:b8:7e:fe:0e:e9:b4:21:cb:4a:31:
                    e2:1b:5f:a8:51:45:c6:d0:0f:78:f2:9a:a4:4a:ca:
                    45:2a:bd:db:72:01:10:a3:65:65:b7:c4:e3:8e:18:
                    b8:c4:4d:d4:68:dc:09:54:98:e7:82:d5:dc:04:7b:
                    96:11:ca:9b:e6:64:1c:30:e4:fb:a5:2f:18:15:0f:
                    51:60:ee:05:c5:c2:b9:28:9f:f3:79:d9:0f:c2:d7:
                    39:13:97:f0:fa:67:fe:30:90:f1:cd:09:a2:21:e0:
                    c8:a3:88:ea:e3:c1:a6:7d:6c:88:76:ac:44:fd:e7:
                    93:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:5E:E6:3C:9C:04:F8:E7:74:53:A8:A2:A2:85:18:83:96:6D:4F:E1
            X509v3 Authority Key Identifier:
                keyid:4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:6f:b1:8f:84:0e:07:bd:ed:1c:a8:7e:0c:66:7a:0a:80:fb:
         f4:08:f5:bc:9e:32:ad:fd:27:85:17:e3:57:39:50:06:76:66:
         7b:ac:70:2e:f1:2c:05:27:0e:8f:a8:6d:17:c7:2b:8f:1c:5f:
         af:de:90:40:13:d7:94:3d:5e:9f:f3:e5:8b:0f:dc:d6:c8:e1:
         35:aa:1a:58:a3:a8:f6:22:65:19:e5:5c:5f:7f:6e:e8:68:b8:
         b0:79:bb:a8:44:b3:bf:6e:74:8c:28:21:7e:31:f1:86:41:f3:
         a4:ac:c2:3e:82:7e:5c:c6:f9:c7:c6:a1:c4:22:4a:65:c2:4d:
         28:79:24:06:c6:44:2b:98:cc:57:80:dd:f0:02:97:1c:e9:a0:
         24:01:1a:04:31:3c:51:ae:c3:9b:12:d6:3a:5b:08:ae:3f:8a:
         ae:95:16:b1:18:5c:54:47:2d:5c:63:f3:e2:a6:17:53:37:6c:
         0a:04:89:14:e1:95:97:12:04:f7:76:f0:b5:7b:70:1d:b5:e5:
         86:06:1b:bd:b0:6c:f0:09:26:fb:38:d3:ee:d2:29:b9:03:33:
         d6:4f:02:42:28:45:5c:6f:70:93:da:ec:d6:38:7b:31:f0:c4:
         4f:21:73:a0:56:ec:1c:81:d5:47:ac:d3:c3:75:51:bd:36:4b:
         82:74:04:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzcRvp292DyoYVZbpDccvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMGYyNTdmMzM5Y2ZiOWUyNzU0YjZjYzI0MzY0ZjBmMTI5
MDU4ZGIwHhcNMjUwODIzMTIwMTA2WhcNMjUwODI0MTIwMTA2WjAzMTEwLwYDVQQD
Eyg1MDVlZTYzYzljMDRmOGU3NzQ1M2E4YTJhMjg1MTg4Mzk2NmQ0ZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtS6qdFQFCvzBM8GPgfJBRYl1E6K/
bFNoMMX+Xd+SzpSJfxLmApzX1CLy7YkTODxJb+szb1SwbxL7N/KRVNTvT4wIBdhy
RTER9WU2EExESwU2bXTj+cb7xdystwg09X6BCY2EtZvWw7LFldu/HOu3xfsb7PfL
f3u+A6/zDFdAIJO4ugYY2i9CJq7bBbh+/g7ptCHLSjHiG1+oUUXG0A948pqkSspF
Kr3bcgEQo2Vlt8Tjjhi4xE3UaNwJVJjngtXcBHuWEcqb5mQcMOT7pS8YFQ9RYO4F
xcK5KJ/zedkPwtc5E5fw+mf+MJDxzQmiIeDIo4jq48GmfWyIdqxE/eeTHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFBe5jycBPjndFOooqKFGIOWbU/hMB8GA1UdIwQY
MBaAFE0PJX8znPueJ1S2zCQ2Tw8SkFjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUt
ZjNmNTgxZGZjNjQ4LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUtZjNmNTgxZGZjNjQ4
LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqW+xj4QO
B73tHKh+DGZ6CoD79Aj1vJ4yrf0nhRfjVzlQBnZme6xwLvEsBScOj6htF8crjxxf
r96QQBPXlD1en/Pliw/c1sjhNaoaWKOo9iJlGeVcX39u6Gi4sHm7qESzv250jCgh
fjHxhkHzpKzCPoJ+XMb5x8ahxCJKZcJNKHkkBsZEK5jMV4Dd8AKXHOmgJAEaBDE8
Ua7DmxLWOlsIrj+KrpUWsRhcVEctXGPz4qYXUzdsCgSJFOGVlxIE93bwtXtwHbXl
hgYbvbBs8Akm+zjT7tIpuQMz1k8CQihFXG9wk9rs1jh7MfDETyFzoFbsHIHVR6zT
w3VRvTZLgnQESQ==
-----END CERTIFICATE-----