Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
File:                     tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft (raw, json)
Hash identifier:          jn3Mbh4B/77VhNP/jOHDOapHbMOQiZM79fz5GqaTR+g=
Subject key identifier:   73:83:9D:0F:53:27:28:BB:ED:AC:97:14:69:37:32:71:B9:F6:D8:8A
Authority key identifier: B4:83:BC:0A:71:A5:2D:0C:F3:98:95:22:36:75:75:95:9E:BD:CE:F5
Certificate issuer:       /CN=b483bc0a71a52d0cf3989522367575959ebdcef5
Certificate serial:       0199221F1FD380F41E96BCAE9F0B3FD1A6C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
Manifest number:          15FF
Signing time:             Sun 07 Sep 2025 03:01:29 +0000
Manifest this update:     Sun 07 Sep 2025 03:01:29 +0000
Manifest next update:     Mon 08 Sep 2025 03:01:29 +0000
Files and hashes:         1: tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl (hash: f0Uhn7w0e3SWIZmKO7yJrkJTI3hLxVkxziC6lTIB65w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1f:1f:d3:80:f4:1e:96:bc:ae:9f:0b:3f:d1:a6:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b483bc0a71a52d0cf3989522367575959ebdcef5
        Validity
            Not Before: Sep  7 03:01:29 2025 GMT
            Not After : Sep  8 03:01:29 2025 GMT
        Subject: CN=73839d0f532728bbedac971469373271b9f6d88a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:4c:ce:53:49:d2:49:fd:bf:c4:88:d9:2a:db:
                    71:9a:77:dd:99:6e:e0:a0:eb:82:b9:4b:21:90:85:
                    63:64:04:ca:d7:85:48:c5:35:0a:7c:b3:2f:61:3d:
                    73:d3:47:64:a6:8b:e9:30:6b:5f:72:7c:d3:29:28:
                    68:65:76:c3:76:b9:90:2b:7f:75:96:a6:e9:26:fb:
                    07:b8:8f:82:aa:74:dc:6c:e1:23:58:54:6a:11:2c:
                    f7:3b:87:d0:d9:6e:dc:98:92:54:9a:da:74:c9:35:
                    b3:b0:fc:16:c2:95:61:99:6c:df:62:8d:62:2e:2f:
                    ea:73:bd:ac:82:62:a8:46:ac:97:6b:ea:ce:78:1e:
                    c6:db:63:7e:f2:00:5c:ea:a2:1e:94:1b:05:e6:eb:
                    75:60:ce:b4:f2:bf:93:0c:0d:3c:51:69:51:35:d7:
                    41:be:90:09:62:61:4a:62:c9:78:29:fe:0d:da:9a:
                    34:d0:ea:7b:ca:ce:09:6c:3d:41:f1:5e:4d:ee:e0:
                    e9:07:6a:8f:ba:f2:fe:d4:d5:8b:63:e1:8f:cb:9f:
                    42:1e:0d:a3:3a:29:6e:7f:99:59:57:6f:8d:47:18:
                    3f:84:cf:76:75:ca:c7:44:1d:af:80:53:42:0d:44:
                    0c:09:86:93:97:fc:1a:02:b1:d6:70:26:61:0f:82:
                    58:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:83:9D:0F:53:27:28:BB:ED:AC:97:14:69:37:32:71:B9:F6:D8:8A
            X509v3 Authority Key Identifier:
                keyid:B4:83:BC:0A:71:A5:2D:0C:F3:98:95:22:36:75:75:95:9E:BD:CE:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:71:67:38:3c:e8:44:57:78:7f:64:65:c5:ed:5e:3f:54:83:
         d4:fa:59:0a:88:09:30:86:42:97:2a:80:8b:ad:93:aa:2b:5c:
         20:87:87:54:e0:af:4f:38:49:f2:e1:d5:b8:f6:75:bc:77:8b:
         68:91:49:a3:09:f0:5e:59:d9:e1:b3:a5:07:ff:47:d8:52:c4:
         aa:14:b3:dd:1a:60:46:76:df:b0:3a:50:8a:2c:54:da:95:59:
         61:eb:86:15:96:d6:4a:f0:89:13:87:ff:04:28:e1:b2:07:3b:
         58:b0:20:cf:70:53:97:1d:a5:c3:c4:41:db:52:5b:2e:9a:79:
         97:47:da:2e:05:96:08:32:00:43:e7:e0:92:35:bb:7f:5c:81:
         fc:93:65:63:79:09:70:cb:68:de:96:7d:5d:60:5f:b4:53:fc:
         d1:5d:23:71:69:d7:56:9c:c4:66:ba:ac:f9:ff:59:2b:29:f8:
         f8:5b:68:3a:f3:6b:7a:61:e5:d8:d1:02:70:88:0f:8d:2e:e8:
         f0:65:62:c6:83:fb:b3:b3:3f:91:da:86:f2:3b:a4:88:c5:0b:
         d1:70:83:6d:20:60:12:34:6e:5f:94:fa:38:5d:3f:5c:5e:fe:
         53:99:ff:ae:a6:7b:fd:03:b7:45:af:bb:c8:d6:5b:ea:60:7c:
         c4:32:71:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHx/TgPQelryunws/0abJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODNiYzBhNzFhNTJkMGNmMzk4OTUyMjM2NzU3NTk1OWVi
ZGNlZjUwHhcNMjUwOTA3MDMwMTI5WhcNMjUwOTA4MDMwMTI5WjAzMTEwLwYDVQQD
Eyg3MzgzOWQwZjUzMjcyOGJiZWRhYzk3MTQ2OTM3MzI3MWI5ZjZkODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokzOU0nSSf2/xIjZKttxmnfdmW7g
oOuCuUshkIVjZATK14VIxTUKfLMvYT1z00dkpovpMGtfcnzTKShoZXbDdrmQK391
lqbpJvsHuI+CqnTcbOEjWFRqESz3O4fQ2W7cmJJUmtp0yTWzsPwWwpVhmWzfYo1i
Li/qc72sgmKoRqyXa+rOeB7G22N+8gBc6qIelBsF5ut1YM608r+TDA08UWlRNddB
vpAJYmFKYsl4Kf4N2po00Op7ys4JbD1B8V5N7uDpB2qPuvL+1NWLY+GPy59CHg2j
Oiluf5lZV2+NRxg/hM92dcrHRB2vgFNCDUQMCYaTl/waArHWcCZhD4JYdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHODnQ9TJyi77ayXFGk3MnG59tiKMB8GA1UdIwQY
MBaAFLSDvApxpS0M85iVIjZ1dZWevc71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9mODlmYmQtNTE0Mi00YmNjLWJhYjEt
OTk0ZWY4N2RiM2EzLzEvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9mODlmYmQtNTE0Mi00YmNjLWJhYjEtOTk0ZWY4N2RiM2Ez
LzEvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACnFnODzo
RFd4f2Rlxe1eP1SD1PpZCogJMIZClyqAi62TqitcIIeHVOCvTzhJ8uHVuPZ1vHeL
aJFJownwXlnZ4bOlB/9H2FLEqhSz3RpgRnbfsDpQiixU2pVZYeuGFZbWSvCJE4f/
BCjhsgc7WLAgz3BTlx2lw8RB21JbLpp5l0faLgWWCDIAQ+fgkjW7f1yB/JNlY3kJ
cMto3pZ9XWBftFP80V0jcWnXVpzEZrqs+f9ZKyn4+FtoOvNremHl2NECcIgPjS7o
8GVixoP7s7M/kdqG8jukiMUL0XCDbSBgEjRuX5T6OF0/XF7+U5n/rqZ7/QO3Ra+7
yNZb6mB8xDJx4Q==
-----END CERTIFICATE-----