Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/82225d-040a-4d9b-a33b-88d8234a6d3e/1/TkMMADsADTVe0WnlXYzPOTg34go.mft
File:                     TkMMADsADTVe0WnlXYzPOTg34go.mft (raw, json)
Hash identifier:          B8PfYfnxUwe5lVCoW/FyD5S9uPPEjziU8GntAQuPXfQ=
Subject key identifier:   B9:70:AC:14:53:39:89:F8:41:FE:89:9E:95:33:E0:CB:51:AC:07:99
Authority key identifier: 4E:43:0C:00:3B:00:0D:35:5E:D1:69:E5:5D:8C:CF:39:38:37:E2:0A
Certificate issuer:       /CN=4e430c003b000d355ed169e55d8ccf393837e20a
Certificate serial:       019A722612E0D26B0229EA0747D696E5BA61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TkMMADsADTVe0WnlXYzPOTg34go.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/82225d-040a-4d9b-a33b-88d8234a6d3e/1/TkMMADsADTVe0WnlXYzPOTg34go.mft
Manifest number:          0EA3
Signing time:             Tue 11 Nov 2025 09:01:29 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:29 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:29 +0000
Files and hashes:         1: TkMMADsADTVe0WnlXYzPOTg34go.crl (hash: kONJ9ZeiqC/SEVx15vG9a2FQCBXVww6oHLXwpuFxXXk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/82225d-040a-4d9b-a33b-88d8234a6d3e/1/TkMMADsADTVe0WnlXYzPOTg34go.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/82225d-040a-4d9b-a33b-88d8234a6d3e/1/TkMMADsADTVe0WnlXYzPOTg34go.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TkMMADsADTVe0WnlXYzPOTg34go.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:12:e0:d2:6b:02:29:ea:07:47:d6:96:e5:ba:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e430c003b000d355ed169e55d8ccf393837e20a
        Validity
            Not Before: Nov 11 09:01:29 2025 GMT
            Not After : Nov 12 09:01:29 2025 GMT
        Subject: CN=b970ac14533989f841fe899e9533e0cb51ac0799
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:ff:e5:bc:22:ee:f2:84:a3:60:3e:bb:b0:76:
                    52:67:99:17:74:a7:e9:16:e2:a6:c9:14:2f:74:9b:
                    b9:0c:03:da:e8:bf:2f:78:41:73:f4:c3:c2:71:ae:
                    11:04:eb:dd:54:91:91:0e:a1:44:b3:c7:49:5b:93:
                    d2:67:68:fc:af:f1:32:b4:8d:a2:22:b9:ba:a1:81:
                    58:0b:76:7d:42:91:39:99:56:51:66:33:2e:d4:d8:
                    2f:2b:e9:c8:2b:31:cd:09:d6:c9:d1:4f:ac:b4:31:
                    89:61:32:51:c8:33:ed:85:e9:86:d2:20:15:f5:fa:
                    91:8b:bd:7b:09:de:ee:46:9c:97:86:ac:dd:cb:ce:
                    e7:fc:a3:b3:09:e5:ab:4c:ce:c9:15:b9:3c:5f:62:
                    e3:94:89:6f:90:da:18:97:21:b2:7e:de:9f:38:52:
                    29:27:f7:86:cc:51:9f:50:25:8d:38:f3:ca:b2:58:
                    7b:31:af:e4:19:44:b5:e1:4c:03:d0:a7:5e:82:f2:
                    6d:aa:e1:54:69:a8:1e:f9:bf:60:61:4e:5a:f1:3d:
                    44:66:4f:15:96:c2:42:07:0a:73:a0:3a:ca:95:05:
                    f6:03:c4:cd:7c:fa:a0:e5:55:85:43:e4:8b:a4:7f:
                    c2:7c:25:ef:77:b4:0a:b0:5f:7e:d0:7c:11:c8:e6:
                    c9:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:70:AC:14:53:39:89:F8:41:FE:89:9E:95:33:E0:CB:51:AC:07:99
            X509v3 Authority Key Identifier:
                keyid:4E:43:0C:00:3B:00:0D:35:5E:D1:69:E5:5D:8C:CF:39:38:37:E2:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkMMADsADTVe0WnlXYzPOTg34go.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/82225d-040a-4d9b-a33b-88d8234a6d3e/1/TkMMADsADTVe0WnlXYzPOTg34go.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/82225d-040a-4d9b-a33b-88d8234a6d3e/1/TkMMADsADTVe0WnlXYzPOTg34go.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:ef:0a:72:02:b7:0d:a1:0b:91:65:8e:27:41:2b:63:f0:ff:
         b6:6d:af:bf:78:f3:46:99:e0:df:a5:d6:84:70:51:0b:bb:12:
         12:13:d1:06:bb:07:a9:74:e4:83:47:1e:4c:08:5e:df:56:5c:
         8a:2e:ef:ae:07:53:d1:5f:3b:8a:b5:15:27:d2:69:65:f5:cc:
         64:65:79:da:4e:f7:03:cf:1f:ef:a1:fa:b4:30:1a:21:c0:46:
         20:19:b1:8f:52:17:7a:65:b3:36:d4:49:d4:a4:37:1b:ed:f9:
         6d:db:0c:f3:87:29:1c:12:e0:5e:fa:84:7e:e6:3e:0f:79:d8:
         6b:66:1e:41:ff:fa:fb:e3:34:47:2a:04:7b:a6:53:02:01:50:
         c4:ac:7f:09:6f:d0:19:41:3e:d0:a0:ab:62:9a:72:52:9d:10:
         b3:8b:58:fb:68:24:6f:6a:90:10:bb:1e:26:c4:45:d9:9d:61:
         2b:47:de:ac:6f:14:6a:c2:1d:72:b8:a0:c0:85:ee:38:81:55:
         2b:fa:f1:bb:45:99:ca:13:a9:f5:27:f9:08:93:cb:75:52:37:
         5c:0b:b6:55:54:8f:04:6c:dd:0b:33:68:41:04:81:5a:34:95:
         95:f0:d8:fe:2b:5f:56:95:54:8d:d2:cc:f0:e1:6a:bf:e9:2d:
         15:04:8b:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJhLg0msCKeoHR9aW5bphMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNDMwYzAwM2IwMDBkMzU1ZWQxNjllNTVkOGNjZjM5Mzgz
N2UyMGEwHhcNMjUxMTExMDkwMTI5WhcNMjUxMTEyMDkwMTI5WjAzMTEwLwYDVQQD
EyhiOTcwYWMxNDUzMzk4OWY4NDFmZTg5OWU5NTMzZTBjYjUxYWMwNzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj//lvCLu8oSjYD67sHZSZ5kXdKfp
FuKmyRQvdJu5DAPa6L8veEFz9MPCca4RBOvdVJGRDqFEs8dJW5PSZ2j8r/EytI2i
Irm6oYFYC3Z9QpE5mVZRZjMu1NgvK+nIKzHNCdbJ0U+stDGJYTJRyDPthemG0iAV
9fqRi717Cd7uRpyXhqzdy87n/KOzCeWrTM7JFbk8X2LjlIlvkNoYlyGyft6fOFIp
J/eGzFGfUCWNOPPKslh7Ma/kGUS14UwD0KdegvJtquFUaage+b9gYU5a8T1EZk8V
lsJCBwpzoDrKlQX2A8TNfPqg5VWFQ+SLpH/CfCXvd7QKsF9+0HwRyObJwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLlwrBRTOYn4Qf6JnpUz4MtRrAeZMB8GA1UdIwQY
MBaAFE5DDAA7AA01XtFp5V2Mzzk4N+IKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGtNTUFEc0FEVFZlMFdubFhZelBPVGczNGdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS84MjIyNWQtMDQwYS00ZDliLWEzM2It
ODhkODIzNGE2ZDNlLzEvVGtNTUFEc0FEVFZlMFdubFhZelBPVGczNGdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS84MjIyNWQtMDQwYS00ZDliLWEzM2ItODhkODIzNGE2ZDNl
LzEvVGtNTUFEc0FEVFZlMFdubFhZelBPVGczNGdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE+8KcgK3
DaELkWWOJ0ErY/D/tm2vv3jzRpng36XWhHBRC7sSEhPRBrsHqXTkg0ceTAhe31Zc
ii7vrgdT0V87irUVJ9JpZfXMZGV52k73A88f76H6tDAaIcBGIBmxj1IXemWzNtRJ
1KQ3G+35bdsM84cpHBLgXvqEfuY+D3nYa2YeQf/6++M0RyoEe6ZTAgFQxKx/CW/Q
GUE+0KCrYppyUp0Qs4tY+2gkb2qQELseJsRF2Z1hK0ferG8UasIdcrigwIXuOIFV
K/rxu0WZyhOp9Sf5CJPLdVI3XAu2VVSPBGzdCzNoQQSBWjSVlfDY/itfVpVUjdLM
8OFqv+ktFQSLMg==
-----END CERTIFICATE-----