Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
File:                     TvMzZvDPXk-oBO730eKSlO6lFIw.mft (raw, json)
Hash identifier:          OIwzxwf0FDeA9BMo8f6u+DGlNVMtg3ohKH/FH3xO8qA=
Subject key identifier:   36:D0:BA:2D:E2:2D:FA:D7:18:5B:69:3D:4C:57:86:85:35:2B:69:95
Authority key identifier: 4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C
Certificate issuer:       /CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c
Certificate serial:       0198529F7C55585BAB342870894E39C4BF4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
Manifest number:          029F
Signing time:             Mon 28 Jul 2025 20:00:40 +0000
Manifest this update:     Mon 28 Jul 2025 20:00:40 +0000
Manifest next update:     Tue 29 Jul 2025 20:00:40 +0000
Files and hashes:         1: TvMzZvDPXk-oBO730eKSlO6lFIw.crl (hash: 6V5ylqGb3L5h2fqdKxV9EElgiPiTjD+IcV5S8C+uTqk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Jul 2025 20:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:52:9f:7c:55:58:5b:ab:34:28:70:89:4e:39:c4:bf:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c
        Validity
            Not Before: Jul 28 20:00:40 2025 GMT
            Not After : Jul 29 20:00:40 2025 GMT
        Subject: CN=36d0ba2de22dfad7185b693d4c578685352b6995
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:44:74:e6:29:68:4c:c2:4e:58:8b:11:43:79:
                    57:96:6f:2f:7d:40:60:70:90:80:20:0c:40:d2:17:
                    ce:d3:12:6b:6f:f2:ee:fc:07:ce:79:46:2c:13:97:
                    b2:1f:fd:db:f1:42:7c:61:af:ac:6d:42:7a:c4:d3:
                    28:f6:11:1f:22:80:54:e0:6e:0e:99:a2:60:c9:df:
                    80:ed:c7:28:ed:cb:16:b4:48:c6:80:7b:55:cd:07:
                    30:79:0f:4e:18:e4:1a:1e:02:06:fb:79:34:a4:3f:
                    a7:f7:d1:13:0c:eb:aa:50:ea:15:ea:95:7f:e6:ea:
                    cf:b7:b2:49:27:17:43:53:1e:b2:2d:86:5a:73:55:
                    a3:d9:95:23:7c:93:6d:24:47:d5:5a:be:37:ff:ec:
                    c5:ae:26:84:a0:77:b0:58:9e:50:9f:f4:be:2a:db:
                    92:b1:c3:53:75:4c:5e:6a:f3:9f:40:c5:da:6e:7b:
                    0a:76:3e:07:ad:d4:72:d2:29:15:6d:da:70:aa:9a:
                    ae:91:c9:23:9e:59:3d:e2:57:e3:4d:ed:83:00:97:
                    2a:9f:e1:2e:98:11:7b:d8:2d:2a:d0:29:1e:01:9d:
                    fe:dc:bf:8d:4c:96:e7:f4:9c:e0:db:22:70:23:f9:
                    91:37:39:b6:00:1a:e7:b3:0a:8d:b7:bc:25:09:30:
                    3e:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:D0:BA:2D:E2:2D:FA:D7:18:5B:69:3D:4C:57:86:85:35:2B:69:95
            X509v3 Authority Key Identifier:
                keyid:4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:ca:ef:02:c4:58:ca:b4:f7:d0:99:99:cb:4a:ec:db:8e:cb:
         87:99:34:77:a9:13:bf:b3:57:c8:7a:0b:11:41:6c:08:9a:75:
         5b:e6:13:d3:01:71:47:94:f5:75:8a:af:e9:9d:56:63:0f:93:
         36:f3:04:c9:f1:74:50:c3:ae:21:2d:b3:47:e1:17:7a:02:21:
         72:d1:20:29:98:24:d4:a8:2b:d1:b0:c6:6a:8f:81:53:ba:76:
         e3:7e:67:9a:4b:55:2e:42:e1:bb:fb:c0:f6:27:ca:bb:6d:71:
         2d:a0:e7:cb:a9:20:17:32:a0:24:55:f9:ec:e4:7e:b6:04:64:
         db:67:84:99:79:52:26:6a:9e:23:a0:7f:ab:5f:71:ae:22:6f:
         47:3d:c0:c6:05:24:07:e7:02:bb:41:fc:6e:3e:3c:ee:9e:39:
         ed:9f:08:ab:dd:60:7f:c8:66:93:ff:a8:a5:d7:3d:b0:cd:fe:
         f4:fa:a7:fe:ba:73:2f:4d:c5:b3:05:86:97:d6:50:c3:88:aa:
         b6:e0:14:09:e0:f7:c0:2d:f1:35:4c:8f:de:92:8a:88:29:34:
         26:b3:8c:cb:db:20:e7:99:15:2e:ea:a1:3c:62:af:60:4a:08:
         78:49:e3:08:8e:3d:d0:66:82:09:ea:77:d7:e4:a9:50:92:df:
         bf:80:8b:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhSn3xVWFurNChwiU45xL9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZjMzMzY2ZjBjZjVlNGZhODA0ZWVmN2QxZTI5Mjk0ZWVh
NTE0OGMwHhcNMjUwNzI4MjAwMDQwWhcNMjUwNzI5MjAwMDQwWjAzMTEwLwYDVQQD
EygzNmQwYmEyZGUyMmRmYWQ3MTg1YjY5M2Q0YzU3ODY4NTM1MmI2OTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnER05iloTMJOWIsRQ3lXlm8vfUBg
cJCAIAxA0hfO0xJrb/Lu/AfOeUYsE5eyH/3b8UJ8Ya+sbUJ6xNMo9hEfIoBU4G4O
maJgyd+A7cco7csWtEjGgHtVzQcweQ9OGOQaHgIG+3k0pD+n99ETDOuqUOoV6pV/
5urPt7JJJxdDUx6yLYZac1Wj2ZUjfJNtJEfVWr43/+zFriaEoHewWJ5Qn/S+KtuS
scNTdUxeavOfQMXabnsKdj4HrdRy0ikVbdpwqpqukckjnlk94lfjTe2DAJcqn+Eu
mBF72C0q0CkeAZ3+3L+NTJbn9Jzg2yJwI/mRNzm2ABrnswqNt7wlCTA+LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDbQui3iLfrXGFtpPUxXhoU1K2mVMB8GA1UdIwQY
MBaAFE7zM2bwz15PqATu99HikpTupRSMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3Zjct
NmQ5ZjM4NGQyYmMzLzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3ZjctNmQ5ZjM4NGQyYmMz
LzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAasrvAsRY
yrT30JmZy0rs247Lh5k0d6kTv7NXyHoLEUFsCJp1W+YT0wFxR5T1dYqv6Z1WYw+T
NvMEyfF0UMOuIS2zR+EXegIhctEgKZgk1Kgr0bDGao+BU7p2435nmktVLkLhu/vA
9ifKu21xLaDny6kgFzKgJFX57OR+tgRk22eEmXlSJmqeI6B/q19xriJvRz3AxgUk
B+cCu0H8bj487p457Z8Iq91gf8hmk/+opdc9sM3+9Pqn/rpzL03FswWGl9ZQw4iq
tuAUCeD3wC3xNUyP3pKKiCk0JrOMy9sg55kVLuqhPGKvYEoIeEnjCI490GaCCep3
1+SpUJLfv4CL0g==
-----END CERTIFICATE-----