Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
File:                     tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft (raw, json)
Hash identifier:          txJIk8Cvswmu+OAfFI2qIiO5S/rVEcV89JaOUHld8bE=
Subject key identifier:   29:FF:D7:A9:FE:C6:14:02:24:09:5D:39:FC:A2:9C:1B:CD:BF:79:9E
Authority key identifier: B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8
Certificate issuer:       /CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
Certificate serial:       019849D3D0F9E03AD99EDF238EDC4BBAD0E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
Manifest number:          0816
Signing time:             Sun 27 Jul 2025 03:01:14 +0000
Manifest this update:     Sun 27 Jul 2025 03:01:14 +0000
Manifest next update:     Mon 28 Jul 2025 03:01:14 +0000
Files and hashes:         1: tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl (hash: tfQr4OdxgOdhgpXcOM3h6x2K3aBmvmQ0YKX+zXxpIGs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:d3:d0:f9:e0:3a:d9:9e:df:23:8e:dc:4b:ba:d0:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
        Validity
            Not Before: Jul 27 03:01:14 2025 GMT
            Not After : Jul 28 03:01:14 2025 GMT
        Subject: CN=29ffd7a9fec6140224095d39fca29c1bcdbf799e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:c1:7f:cf:a9:1c:b3:b1:27:23:46:9e:e9:49:
                    00:4f:8b:6b:a7:ea:b0:bf:00:1b:36:26:d2:42:45:
                    c3:9a:f2:06:87:02:65:54:12:59:c2:74:75:61:38:
                    9f:07:3b:16:65:62:42:25:cc:9b:0c:73:fc:ba:72:
                    90:9e:15:bb:fd:90:2c:99:3e:39:c8:a8:74:1c:bf:
                    6d:ee:77:30:ab:9a:f0:ea:bb:20:c2:41:4d:17:65:
                    57:1e:91:c4:a9:57:a9:2c:b7:c2:a5:c9:f9:44:f5:
                    b6:07:2f:a2:81:b5:32:02:62:2f:51:4d:c8:c1:f9:
                    56:fd:3c:2b:25:17:85:33:b2:1f:89:36:64:8f:1c:
                    06:5f:cf:c9:d1:3a:6b:f1:c6:53:f6:4a:a4:8c:b2:
                    e4:d4:9e:dd:48:6c:70:86:91:e3:2b:1b:e7:a4:96:
                    79:7f:ce:6d:69:73:94:7c:d7:c2:45:25:b7:49:4f:
                    e3:3d:78:44:65:f7:36:29:1b:dd:8c:41:38:93:95:
                    d4:f1:3e:87:ae:0b:05:d2:25:65:9d:1a:10:73:42:
                    ba:93:05:e6:bc:9f:4d:80:6b:72:db:9c:2d:63:68:
                    36:34:c8:8a:d7:75:23:70:4f:fc:f4:8f:d1:79:40:
                    06:c3:fa:52:73:1b:93:02:b3:ca:86:4f:7a:78:3b:
                    f8:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:FF:D7:A9:FE:C6:14:02:24:09:5D:39:FC:A2:9C:1B:CD:BF:79:9E
            X509v3 Authority Key Identifier:
                keyid:B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:98:40:c6:e2:ba:dd:62:1e:e8:e4:e3:7f:3b:89:8f:b6:4d:
         ea:49:a0:4f:e3:cc:84:02:9c:92:e3:03:7a:1b:26:23:af:18:
         6d:76:02:9e:ff:34:76:6a:41:1d:38:f1:e1:a9:b4:b7:28:a2:
         fe:a6:18:2c:bf:ed:15:c0:23:e8:b3:b5:92:d9:c2:87:ac:a3:
         a5:2f:f8:5e:53:41:75:2a:29:ff:96:f5:95:ca:67:f5:a4:84:
         66:35:91:f4:dd:47:ae:f6:05:00:f1:59:9b:94:d6:57:03:96:
         b9:01:2d:3f:63:64:6b:ed:3b:48:d2:78:35:ba:c4:76:65:5b:
         6a:4c:ee:bb:64:61:50:30:9a:f4:ad:01:76:53:dd:e0:b7:d7:
         cc:f7:2f:40:08:a5:e5:a2:d1:63:f2:2f:3c:b0:4d:89:56:28:
         d0:f3:14:9a:91:94:c4:7f:2a:c9:a2:15:e9:f7:29:f4:83:0f:
         76:f0:31:e8:6b:fe:b4:e9:ee:51:95:ce:57:bb:d4:91:1f:cc:
         66:0f:31:18:e3:5f:15:d9:dd:af:a6:d0:a0:a7:fd:09:0f:0b:
         fc:63:9f:11:bb:1c:8c:d1:53:74:0f:fe:d9:07:b7:84:e1:1e:
         67:66:7f:09:bf:e7:05:e1:17:24:14:2e:44:14:79:14:49:87:
         e3:9f:6d:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJ09D54DrZnt8jjtxLutDpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTNhOWJlNzdlMmQ5ZmRlN2ZmZTFmNTE2MjlmOTRlOThl
YTNjZDgwHhcNMjUwNzI3MDMwMTE0WhcNMjUwNzI4MDMwMTE0WjAzMTEwLwYDVQQD
EygyOWZmZDdhOWZlYzYxNDAyMjQwOTVkMzlmY2EyOWMxYmNkYmY3OTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcF/z6kcs7EnI0ae6UkAT4trp+qw
vwAbNibSQkXDmvIGhwJlVBJZwnR1YTifBzsWZWJCJcybDHP8unKQnhW7/ZAsmT45
yKh0HL9t7ncwq5rw6rsgwkFNF2VXHpHEqVepLLfCpcn5RPW2By+igbUyAmIvUU3I
wflW/TwrJReFM7IfiTZkjxwGX8/J0Tpr8cZT9kqkjLLk1J7dSGxwhpHjKxvnpJZ5
f85taXOUfNfCRSW3SU/jPXhEZfc2KRvdjEE4k5XU8T6HrgsF0iVlnRoQc0K6kwXm
vJ9NgGty25wtY2g2NMiK13UjcE/89I/ReUAGw/pScxuTArPKhk96eDv4aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCn/16n+xhQCJAldOfyinBvNv3meMB8GA1UdIwQY
MBaAFLSjqb534tn95//h9RYp+U6Y6jzYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYt
MzNjZmE1MTFiMGM3LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYtMzNjZmE1MTFiMGM3
LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP5hAxuK6
3WIe6OTjfzuJj7ZN6kmgT+PMhAKckuMDehsmI68YbXYCnv80dmpBHTjx4am0tyii
/qYYLL/tFcAj6LO1ktnCh6yjpS/4XlNBdSop/5b1lcpn9aSEZjWR9N1HrvYFAPFZ
m5TWVwOWuQEtP2Nka+07SNJ4NbrEdmVbakzuu2RhUDCa9K0BdlPd4LfXzPcvQAil
5aLRY/IvPLBNiVYo0PMUmpGUxH8qyaIV6fcp9IMPdvAx6Gv+tOnuUZXOV7vUkR/M
Zg8xGONfFdndr6bQoKf9CQ8L/GOfEbscjNFTdA/+2Qe3hOEeZ2Z/Cb/nBeEXJBQu
RBR5FEmH459tcQ==
-----END CERTIFICATE-----