Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft
File:                     TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft (raw, json)
Hash identifier:          ++5ElAvoJ5nRE5xTVCQTttk65UCanLCOdQYrIgCuqrA=
Subject key identifier:   37:DB:39:81:29:DD:84:B8:6A:1D:1F:2F:EB:C5:F8:C6:CA:DA:D5:4A
Authority key identifier: 4E:A8:05:AE:A8:60:30:BA:CD:D0:BA:3E:4E:42:4E:1B:AE:F0:82:4D
Certificate issuer:       /CN=4ea805aea86030bacdd0ba3e4e424e1baef0824d
Certificate serial:       019916F6BB1A82E5590F9A7B998BD28235E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TqgFrqhgMLrN0Lo-TkJOG67wgk0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft
Manifest number:          025A
Signing time:             Thu 04 Sep 2025 23:01:32 +0000
Manifest this update:     Thu 04 Sep 2025 23:01:32 +0000
Manifest next update:     Fri 05 Sep 2025 23:01:32 +0000
Files and hashes:         1: TqgFrqhgMLrN0Lo-TkJOG67wgk0.crl (hash: PszJz/Cc4EeU10hB49CfMoF7yV3MZthvm1CDEvsWauY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TqgFrqhgMLrN0Lo-TkJOG67wgk0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 23:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:16:f6:bb:1a:82:e5:59:0f:9a:7b:99:8b:d2:82:35:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ea805aea86030bacdd0ba3e4e424e1baef0824d
        Validity
            Not Before: Sep  4 23:01:32 2025 GMT
            Not After : Sep  5 23:01:32 2025 GMT
        Subject: CN=37db398129dd84b86a1d1f2febc5f8c6cadad54a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:ea:5d:84:10:1b:82:02:ca:c3:52:c3:d4:93:
                    16:85:79:25:9c:c5:17:05:27:17:ac:30:a8:db:37:
                    33:5a:19:b8:5a:64:25:3c:bd:5c:cc:70:7b:9a:0f:
                    28:5c:ea:76:b6:37:ee:38:19:8c:f0:61:9f:ac:9f:
                    0a:65:2f:09:57:05:d3:d1:f5:fb:ac:cf:24:af:7c:
                    c3:cb:ac:b4:de:1a:60:be:22:0f:1f:a8:80:f4:ed:
                    f6:e6:fd:55:f7:47:db:8f:d7:ba:4b:c1:c2:40:82:
                    e6:6e:79:68:2e:c4:f5:91:d8:56:a7:ca:2a:94:fa:
                    10:46:a6:6a:ce:63:a0:6c:6f:c5:96:93:d2:46:f3:
                    cd:03:49:e5:df:13:70:f8:94:32:94:7b:3f:2a:f7:
                    38:58:a4:be:4e:22:66:04:05:10:97:a7:29:f7:8a:
                    b1:61:f7:f5:45:95:db:af:c2:a2:cf:79:8e:63:76:
                    9f:b3:80:73:3e:e4:a3:48:45:0e:2d:4c:5c:04:b8:
                    67:6c:cd:09:dd:3d:10:fc:6c:c5:51:02:b1:8a:63:
                    32:28:5f:9a:6f:3d:0c:03:d0:60:18:53:fa:86:e8:
                    bd:c4:3d:6a:d6:75:32:c4:98:e6:c7:16:b5:43:3a:
                    18:b5:cd:eb:41:6f:ab:8e:dd:4e:c9:17:66:22:80:
                    6c:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:DB:39:81:29:DD:84:B8:6A:1D:1F:2F:EB:C5:F8:C6:CA:DA:D5:4A
            X509v3 Authority Key Identifier:
                keyid:4E:A8:05:AE:A8:60:30:BA:CD:D0:BA:3E:4E:42:4E:1B:AE:F0:82:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TqgFrqhgMLrN0Lo-TkJOG67wgk0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:50:25:97:59:32:98:a8:3d:db:be:60:f5:76:eb:b5:94:13:
         92:09:b9:88:2e:7b:c7:29:7d:b6:8b:78:e7:ad:da:8f:84:93:
         ec:69:47:b9:09:68:6d:b5:1d:74:1b:31:c7:9b:b4:5b:ff:1d:
         7e:40:f3:54:e5:c1:02:4f:35:7c:3c:55:c0:77:a9:aa:ba:da:
         15:8b:3a:d8:bf:30:ef:6f:1f:7c:8a:0f:26:18:c1:d4:8d:35:
         9a:af:fc:7b:ad:48:17:38:30:b2:f1:57:a3:95:e0:78:2a:ea:
         0c:88:02:53:69:cb:bd:52:36:39:f3:ab:46:41:a9:1c:34:92:
         e7:5f:53:81:a2:6d:e0:40:bf:90:a0:a4:ea:7b:32:bc:4b:5d:
         21:b0:22:b4:cb:3a:a9:67:67:c4:7a:4d:43:68:04:68:2a:79:
         b2:5a:80:97:57:5b:2a:70:9e:b4:d3:82:20:c6:57:f1:6b:cc:
         65:55:0c:8d:d5:00:2d:5b:38:35:e9:4b:6b:04:be:c0:3c:67:
         ba:0d:5f:e3:17:01:1f:1f:cf:b3:84:12:e7:27:8a:ad:ae:6e:
         bb:c9:72:60:53:59:2a:c7:74:4b:39:b6:a9:ee:d0:bf:36:56:
         30:4d:1c:cd:6c:5b:6d:a3:53:ab:11:ac:8e:c9:da:a0:53:42:
         e1:19:39:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkW9rsaguVZD5p7mYvSgjXlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYTgwNWFlYTg2MDMwYmFjZGQwYmEzZTRlNDI0ZTFiYWVm
MDgyNGQwHhcNMjUwOTA0MjMwMTMyWhcNMjUwOTA1MjMwMTMyWjAzMTEwLwYDVQQD
EygzN2RiMzk4MTI5ZGQ4NGI4NmExZDFmMmZlYmM1ZjhjNmNhZGFkNTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxepdhBAbggLKw1LD1JMWhXklnMUX
BScXrDCo2zczWhm4WmQlPL1czHB7mg8oXOp2tjfuOBmM8GGfrJ8KZS8JVwXT0fX7
rM8kr3zDy6y03hpgviIPH6iA9O325v1V90fbj9e6S8HCQILmbnloLsT1kdhWp8oq
lPoQRqZqzmOgbG/FlpPSRvPNA0nl3xNw+JQylHs/Kvc4WKS+TiJmBAUQl6cp94qx
Yff1RZXbr8Kiz3mOY3afs4BzPuSjSEUOLUxcBLhnbM0J3T0Q/GzFUQKximMyKF+a
bz0MA9BgGFP6hui9xD1q1nUyxJjmxxa1QzoYtc3rQW+rjt1OyRdmIoBsOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDfbOYEp3YS4ah0fL+vF+MbK2tVKMB8GA1UdIwQY
MBaAFE6oBa6oYDC6zdC6Pk5CThuu8IJNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHFnRnJxaGdNTHJOMExvLVRrSk9HNjd3Z2swLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mOTBhYzktNTM2Ny00MjMyLWIxMzct
Nzc4ODczYTI3MjZjLzEvVHFnRnJxaGdNTHJOMExvLVRrSk9HNjd3Z2swLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9mOTBhYzktNTM2Ny00MjMyLWIxMzctNzc4ODczYTI3MjZj
LzEvVHFnRnJxaGdNTHJOMExvLVRrSk9HNjd3Z2swLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWlAll1ky
mKg9275g9XbrtZQTkgm5iC57xyl9tot4563aj4ST7GlHuQlobbUddBsxx5u0W/8d
fkDzVOXBAk81fDxVwHepqrraFYs62L8w728ffIoPJhjB1I01mq/8e61IFzgwsvFX
o5XgeCrqDIgCU2nLvVI2OfOrRkGpHDSS519TgaJt4EC/kKCk6nsyvEtdIbAitMs6
qWdnxHpNQ2gEaCp5slqAl1dbKnCetNOCIMZX8WvMZVUMjdUALVs4NelLawS+wDxn
ug1f4xcBHx/Ps4QS5yeKra5uu8lyYFNZKsd0Szm2qe7QvzZWME0czWxbbaNTqxGs
jsnaoFNC4Rk5PQ==
-----END CERTIFICATE-----