Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft
File:                     tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft (raw, json)
Hash identifier:          oBIDPU+/kSv6Ba1IvQOOoxl3SDVZseD4gyLflSIZQEo=
Subject key identifier:   D8:E1:C0:78:47:80:A1:AB:76:88:EE:7B:F0:62:C4:2F:23:12:3D:4E
Authority key identifier: B5:3A:CA:36:84:6D:2D:30:23:64:8E:AC:58:1C:7D:9B:63:17:EE:DC
Certificate issuer:       /CN=b53aca36846d2d3023648eac581c7d9b6317eedc
Certificate serial:       019A00A2F1A095F0C7DB3050131A20566324
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft
Manifest number:          02E3
Signing time:             Mon 20 Oct 2025 08:01:09 +0000
Manifest this update:     Mon 20 Oct 2025 08:01:09 +0000
Manifest next update:     Tue 21 Oct 2025 08:01:09 +0000
Files and hashes:         1: tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl (hash: X1bxhbqFy3hdPG5BMw5HHfcdzJmjNEJFGsEEtVZO8+E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:a2:f1:a0:95:f0:c7:db:30:50:13:1a:20:56:63:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b53aca36846d2d3023648eac581c7d9b6317eedc
        Validity
            Not Before: Oct 20 08:01:09 2025 GMT
            Not After : Oct 21 08:01:09 2025 GMT
        Subject: CN=d8e1c0784780a1ab7688ee7bf062c42f23123d4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:a5:85:d8:7d:40:bf:51:32:45:f8:3d:45:c0:
                    de:6a:81:cc:90:98:7f:3a:71:65:6e:85:20:56:75:
                    ef:72:d0:ff:32:2d:47:17:77:7c:95:f8:cf:58:c1:
                    6d:09:39:16:2f:91:75:31:1e:f4:6e:58:29:8a:40:
                    30:3b:0c:91:bd:56:25:ee:a6:8e:48:e7:84:7a:a5:
                    35:d5:98:a4:2a:f2:d1:9b:51:5c:32:55:e3:d8:e3:
                    b1:d8:16:e0:d3:28:82:91:0f:5a:6e:d7:13:0a:d4:
                    d0:c8:02:2f:cb:10:ba:1e:b0:75:d8:11:4e:44:5d:
                    2c:dc:bc:69:35:43:de:fa:c2:bc:64:d6:44:49:1c:
                    2f:af:eb:a3:24:1c:ca:39:57:44:a3:e5:d4:4d:92:
                    4a:ad:54:d6:04:8f:1f:64:19:58:db:82:30:d4:22:
                    e7:06:f2:74:12:9e:66:f3:70:ee:33:da:60:c5:21:
                    6d:01:8d:56:ca:45:00:d0:13:16:fa:86:8f:49:ef:
                    5c:be:bc:4e:d8:df:82:cf:71:be:6f:a0:2f:c3:85:
                    ce:ad:76:22:fb:b8:cf:49:bd:c4:71:e7:24:6a:af:
                    0f:3f:2c:fa:d8:be:d6:32:92:1b:93:f0:aa:9a:95:
                    0c:d8:f2:19:28:f1:e7:bd:5f:0a:cd:74:7f:e4:96:
                    4a:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:E1:C0:78:47:80:A1:AB:76:88:EE:7B:F0:62:C4:2F:23:12:3D:4E
            X509v3 Authority Key Identifier:
                keyid:B5:3A:CA:36:84:6D:2D:30:23:64:8E:AC:58:1C:7D:9B:63:17:EE:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:5a:f7:1f:05:f8:26:31:47:71:1c:37:b4:0b:5d:de:c8:a7:
         6e:98:85:d4:0e:42:d9:82:2d:36:e7:15:c6:49:81:d8:a6:ea:
         2b:a2:be:50:b4:fe:3c:f4:cd:2c:28:5e:f8:55:c0:9a:15:08:
         10:07:da:72:b5:d4:c9:b9:8f:0a:ad:8f:c9:9e:94:71:f6:87:
         80:0d:f4:a7:b5:d0:14:54:04:58:49:35:1e:5b:56:18:b3:c4:
         d3:7e:b0:ac:b8:5a:dd:23:4f:1f:3a:54:4a:0c:04:2f:39:ce:
         bd:8c:75:e4:0e:7d:ce:86:a5:bf:ec:f3:24:89:01:37:b7:0f:
         65:ee:80:21:b7:a3:23:4b:75:f5:25:09:72:16:37:0b:70:78:
         28:d2:a1:c5:10:47:3a:6c:b3:68:f7:70:ed:4f:0f:98:d4:ea:
         b7:00:e7:8d:ec:96:38:6d:3a:67:8c:73:a0:b1:52:28:b6:22:
         5b:51:a1:b5:76:c5:3a:84:ef:86:43:bb:1a:f4:4a:11:86:5f:
         4d:7a:d6:bc:11:38:90:ba:29:c5:0a:69:7c:8d:aa:51:ce:3c:
         0a:82:33:eb:c6:3e:31:84:bf:2a:7a:68:35:12:f6:c3:1c:36:
         91:71:96:7f:fc:4d:22:ef:2f:be:8f:d7:90:e9:08:4a:13:80:
         fa:ae:fc:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAovGglfDH2zBQExogVmMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1M2FjYTM2ODQ2ZDJkMzAyMzY0OGVhYzU4MWM3ZDliNjMx
N2VlZGMwHhcNMjUxMDIwMDgwMTA5WhcNMjUxMDIxMDgwMTA5WjAzMTEwLwYDVQQD
EyhkOGUxYzA3ODQ3ODBhMWFiNzY4OGVlN2JmMDYyYzQyZjIzMTIzZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aWF2H1Av1EyRfg9RcDeaoHMkJh/
OnFlboUgVnXvctD/Mi1HF3d8lfjPWMFtCTkWL5F1MR70blgpikAwOwyRvVYl7qaO
SOeEeqU11ZikKvLRm1FcMlXj2OOx2Bbg0yiCkQ9abtcTCtTQyAIvyxC6HrB12BFO
RF0s3LxpNUPe+sK8ZNZESRwvr+ujJBzKOVdEo+XUTZJKrVTWBI8fZBlY24Iw1CLn
BvJ0Ep5m83DuM9pgxSFtAY1WykUA0BMW+oaPSe9cvrxO2N+Cz3G+b6Avw4XOrXYi
+7jPSb3Ececkaq8PPyz62L7WMpIbk/CqmpUM2PIZKPHnvV8KzXR/5JZKsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjhwHhHgKGrdojue/BixC8jEj1OMB8GA1UdIwQY
MBaAFLU6yjaEbS0wI2SOrFgcfZtjF+7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hYWYzNmMtNjY2ZC00YWM0LWIwZjMt
NGJiMzdiMThiOWZlLzEvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9hYWYzNmMtNjY2ZC00YWM0LWIwZjMtNGJiMzdiMThiOWZl
LzEvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoVr3HwX4
JjFHcRw3tAtd3sinbpiF1A5C2YItNucVxkmB2KbqK6K+ULT+PPTNLChe+FXAmhUI
EAfacrXUybmPCq2PyZ6UcfaHgA30p7XQFFQEWEk1HltWGLPE036wrLha3SNPHzpU
SgwELznOvYx15A59zoalv+zzJIkBN7cPZe6AIbejI0t19SUJchY3C3B4KNKhxRBH
OmyzaPdw7U8PmNTqtwDnjeyWOG06Z4xzoLFSKLYiW1GhtXbFOoTvhkO7GvRKEYZf
TXrWvBE4kLopxQppfI2qUc48CoIz68Y+MYS/KnpoNRL2wxw2kXGWf/xNIu8vvo/X
kOkIShOA+q78Tw==
-----END CERTIFICATE-----