Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
File:                     TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft (raw, json)
Hash identifier:          aFpkiRWpGmdxoTkSLHQ4jpuDMkCxpJmyLUDX1I8GWK0=
Subject key identifier:   9C:69:7A:07:D0:CA:34:7C:5D:53:59:52:DB:CD:BD:39:66:FC:B9:A2
Authority key identifier: 4C:9D:92:3A:3B:43:41:69:59:57:6B:CB:40:04:16:CA:5C:F6:06:0D
Certificate issuer:       /CN=4c9d923a3b43416959576bcb400416ca5cf6060d
Certificate serial:       0198439A2B8F36340DBB3FFF8A8E8987F427
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
Manifest number:          076E
Signing time:             Fri 25 Jul 2025 22:00:33 +0000
Manifest this update:     Fri 25 Jul 2025 22:00:33 +0000
Manifest next update:     Sat 26 Jul 2025 22:00:33 +0000
Files and hashes:         1: TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl (hash: z1qeKIWpMFlEyzFc5L7iqmj5SDQmpKM58oaAhHW08Ok=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 26 Jul 2025 21:50:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:43:9a:2b:8f:36:34:0d:bb:3f:ff:8a:8e:89:87:f4:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c9d923a3b43416959576bcb400416ca5cf6060d
        Validity
            Not Before: Jul 25 22:00:33 2025 GMT
            Not After : Jul 26 22:00:33 2025 GMT
        Subject: CN=9c697a07d0ca347c5d535952dbcdbd3966fcb9a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:50:14:1a:19:d6:f5:2e:30:d2:6b:b4:38:d7:
                    42:04:48:83:63:47:a8:0f:c4:75:18:41:96:d9:ec:
                    9e:e9:fe:d3:2d:22:6a:8b:a4:82:45:c2:2f:f0:14:
                    22:d2:fa:4e:7a:9a:7f:50:01:3a:5f:78:1e:20:e9:
                    a8:08:4d:de:9d:cf:8f:0d:1f:f8:66:6f:9e:0f:e6:
                    67:0b:dc:19:27:d8:06:04:fb:4b:38:3e:e5:98:e0:
                    3c:57:fe:ee:1d:1e:b1:97:c1:47:92:f5:92:4e:6e:
                    2b:9c:14:2a:33:b4:7a:5e:39:57:3c:44:78:b1:73:
                    bf:83:57:a8:bd:d3:c4:77:e5:01:c6:d6:3d:e5:ed:
                    73:de:61:a5:3c:1b:ff:06:ed:58:2b:f6:77:18:15:
                    13:e3:14:67:c5:ee:59:86:fd:79:53:ef:f6:de:24:
                    06:0a:22:4e:a1:b4:53:d4:40:2f:d5:86:00:d4:8c:
                    54:03:77:81:77:2f:5f:73:8d:17:3a:df:10:93:fb:
                    fa:f7:fa:5b:67:bc:18:eb:fc:6d:c3:36:0c:62:b9:
                    cf:06:d7:18:54:ba:13:7a:29:cc:a9:6d:83:4c:50:
                    ca:9c:17:c9:97:9e:4c:59:63:6b:5f:b6:f0:c3:d5:
                    62:1c:ea:a0:f5:64:8b:a7:c4:94:24:a5:0f:e4:0b:
                    91:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:69:7A:07:D0:CA:34:7C:5D:53:59:52:DB:CD:BD:39:66:FC:B9:A2
            X509v3 Authority Key Identifier:
                keyid:4C:9D:92:3A:3B:43:41:69:59:57:6B:CB:40:04:16:CA:5C:F6:06:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:57:41:91:ad:94:88:d7:ac:fc:bf:fe:f2:13:19:72:64:2e:
         3b:37:c5:c5:13:1e:6a:36:d2:2a:66:09:22:c6:16:74:6f:d8:
         f6:77:4f:19:30:1a:a7:e6:5c:65:79:91:cb:2f:4d:59:44:d6:
         78:c4:45:06:86:29:c6:61:7e:3c:71:0a:2d:a2:01:d4:01:2c:
         37:b4:40:52:b4:88:12:47:85:11:1f:21:5d:db:bc:3e:cf:99:
         2e:48:f1:dc:99:5a:6b:42:0c:af:2b:5d:9e:a4:79:08:ea:29:
         4a:9f:12:71:c7:39:e6:9a:d5:95:d9:07:66:94:7d:9a:b1:ca:
         ac:1c:31:40:c3:fd:e1:6f:d8:23:22:fd:01:63:4e:45:79:80:
         22:0d:04:fc:aa:0b:cc:b0:36:6e:d8:3f:7e:16:59:c2:24:44:
         4e:e3:c9:94:4c:eb:e5:a1:b6:c2:87:66:05:50:97:6e:e2:cd:
         b6:50:c0:c5:eb:eb:f5:c9:ee:b3:3b:8c:cf:95:e5:96:5b:22:
         46:ba:b7:82:d7:85:bd:c4:d0:69:a0:a0:df:54:a4:01:0f:a8:
         73:ec:f2:49:46:16:9e:62:f5:d5:ed:59:07:4d:43:5d:75:e2:
         69:76:c9:ee:76:2e:0c:ba:db:1e:7a:4a:6b:4f:11:40:ea:6d:
         34:99:43:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhDmiuPNjQNuz//io6Jh/QnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOWQ5MjNhM2I0MzQxNjk1OTU3NmJjYjQwMDQxNmNhNWNm
NjA2MGQwHhcNMjUwNzI1MjIwMDMzWhcNMjUwNzI2MjIwMDMzWjAzMTEwLwYDVQQD
Eyg5YzY5N2EwN2QwY2EzNDdjNWQ1MzU5NTJkYmNkYmQzOTY2ZmNiOWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1AUGhnW9S4w0mu0ONdCBEiDY0eo
D8R1GEGW2eye6f7TLSJqi6SCRcIv8BQi0vpOepp/UAE6X3geIOmoCE3enc+PDR/4
Zm+eD+ZnC9wZJ9gGBPtLOD7lmOA8V/7uHR6xl8FHkvWSTm4rnBQqM7R6XjlXPER4
sXO/g1eovdPEd+UBxtY95e1z3mGlPBv/Bu1YK/Z3GBUT4xRnxe5Zhv15U+/23iQG
CiJOobRT1EAv1YYA1IxUA3eBdy9fc40XOt8Qk/v69/pbZ7wY6/xtwzYMYrnPBtcY
VLoTeinMqW2DTFDKnBfJl55MWWNrX7bww9ViHOqg9WSLp8SUJKUP5AuRPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJxpegfQyjR8XVNZUtvNvTlm/LmiMB8GA1UdIwQY
MBaAFEydkjo7Q0FpWVdry0AEFspc9gYNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lNzFjOWMtZjU4OS00NzZjLWIwODAt
YzAxZGI5ZDUzNDc5LzEvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lNzFjOWMtZjU4OS00NzZjLWIwODAtYzAxZGI5ZDUzNDc5
LzEvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARFdBka2U
iNes/L/+8hMZcmQuOzfFxRMeajbSKmYJIsYWdG/Y9ndPGTAap+ZcZXmRyy9NWUTW
eMRFBoYpxmF+PHEKLaIB1AEsN7RAUrSIEkeFER8hXdu8Ps+ZLkjx3Jlaa0IMrytd
nqR5COopSp8Sccc55prVldkHZpR9mrHKrBwxQMP94W/YIyL9AWNORXmAIg0E/KoL
zLA2btg/fhZZwiRETuPJlEzr5aG2wodmBVCXbuLNtlDAxevr9cnuszuMz5Xlllsi
Rrq3gteFvcTQaaCg31SkAQ+oc+zySUYWnmL11e1ZB01DXXXiaXbJ7nYuDLrbHnpK
a08RQOptNJlDSA==
-----END CERTIFICATE-----