Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/289f40-a233-4c63-b93e-8e4c7c7b6504/1/tXyKwFXFdNjPE1IrlkuSMU0hHq4.mft
File:                     tXyKwFXFdNjPE1IrlkuSMU0hHq4.mft (raw, json)
Hash identifier:          HdnOyig2XkLZjWdG0EK4Gtc+G0pLR7scyLRxzp2Hre4=
Subject key identifier:   75:50:E0:27:B1:BB:BA:FB:96:8F:C9:4E:82:95:88:15:9C:D8:57:92
Authority key identifier: B5:7C:8A:C0:55:C5:74:D8:CF:13:52:2B:96:4B:92:31:4D:21:1E:AE
Certificate issuer:       /CN=b57c8ac055c574d8cf13522b964b92314d211eae
Certificate serial:       019A7293FA06109C3DAECE42CD1AD52A1D3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tXyKwFXFdNjPE1IrlkuSMU0hHq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/289f40-a233-4c63-b93e-8e4c7c7b6504/1/tXyKwFXFdNjPE1IrlkuSMU0hHq4.mft
Manifest number:          146C
Signing time:             Tue 11 Nov 2025 11:01:31 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:31 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:31 +0000
Files and hashes:         1: tXyKwFXFdNjPE1IrlkuSMU0hHq4.crl (hash: xTfXSWuGAKAuBZ5Wao2yBAmHitc9vUqcbzxOuUXkSVE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/289f40-a233-4c63-b93e-8e4c7c7b6504/1/tXyKwFXFdNjPE1IrlkuSMU0hHq4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/289f40-a233-4c63-b93e-8e4c7c7b6504/1/tXyKwFXFdNjPE1IrlkuSMU0hHq4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tXyKwFXFdNjPE1IrlkuSMU0hHq4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:fa:06:10:9c:3d:ae:ce:42:cd:1a:d5:2a:1d:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b57c8ac055c574d8cf13522b964b92314d211eae
        Validity
            Not Before: Nov 11 11:01:31 2025 GMT
            Not After : Nov 12 11:01:31 2025 GMT
        Subject: CN=7550e027b1bbbafb968fc94e829588159cd85792
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:16:fd:a9:5a:87:b4:0d:2b:6f:06:54:8f:be:
                    25:60:18:57:15:4d:24:21:1b:8d:c1:91:63:bd:c5:
                    1e:cd:cd:8d:4b:59:a0:68:c3:15:4f:63:66:7d:b2:
                    1c:47:6d:41:66:e3:bc:75:ca:4b:bf:b8:de:ca:e2:
                    1b:8e:5c:d1:aa:74:bb:31:a0:cb:98:8a:e5:64:75:
                    35:ae:73:ce:fc:9a:b7:b4:41:dd:85:72:07:1e:a3:
                    b2:00:a7:93:2f:00:72:b5:9b:22:97:dd:28:87:5e:
                    6f:f1:da:2b:29:92:b3:ce:5d:26:61:76:9d:a0:08:
                    f2:0b:fd:8b:66:39:03:5e:f1:15:ca:34:9d:d6:f9:
                    7e:b7:e6:76:7c:bf:83:82:b2:c3:c9:cd:85:67:93:
                    e7:e6:44:ae:fb:a2:3e:fe:3c:04:b9:5a:a6:70:09:
                    c6:78:30:28:55:b4:3d:0c:f4:93:09:ab:6f:2a:61:
                    f5:6f:9a:11:f1:ea:ee:c2:7e:79:09:c0:c4:17:0a:
                    6b:23:99:51:c1:e1:b2:32:02:30:42:3f:e8:47:75:
                    84:9f:9a:8b:42:10:18:26:3e:5c:a7:3c:42:d3:be:
                    4c:06:6d:0b:28:e6:f7:ad:b2:27:48:3f:5c:9a:d8:
                    2e:c1:7a:09:64:70:e8:4a:72:23:0b:01:b8:bc:9d:
                    54:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:50:E0:27:B1:BB:BA:FB:96:8F:C9:4E:82:95:88:15:9C:D8:57:92
            X509v3 Authority Key Identifier:
                keyid:B5:7C:8A:C0:55:C5:74:D8:CF:13:52:2B:96:4B:92:31:4D:21:1E:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tXyKwFXFdNjPE1IrlkuSMU0hHq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/289f40-a233-4c63-b93e-8e4c7c7b6504/1/tXyKwFXFdNjPE1IrlkuSMU0hHq4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/289f40-a233-4c63-b93e-8e4c7c7b6504/1/tXyKwFXFdNjPE1IrlkuSMU0hHq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:ed:93:b4:4e:fd:6f:a2:6f:60:9c:ba:d3:18:20:60:47:39:
         22:a8:45:8c:c2:33:13:2a:26:af:99:cc:73:75:a9:02:d3:03:
         18:e6:33:51:c4:91:bd:f4:d3:ea:aa:63:30:1b:d4:2c:5b:34:
         11:08:b8:e2:25:f4:80:b1:08:5a:de:3b:6a:9f:4b:b6:3b:f5:
         1b:17:ae:37:b7:32:03:b2:3c:2b:fb:8c:f7:3e:c1:c9:a7:bb:
         9e:1f:83:94:55:cd:5b:ab:7c:41:95:0b:24:c4:2a:ab:cc:0a:
         e9:c1:9a:fb:e6:04:d5:15:f6:34:a7:5f:cf:a4:d5:13:64:ce:
         00:98:59:e9:bb:54:d9:8b:4c:80:35:28:c4:bb:b9:09:08:61:
         66:ac:8a:e0:5d:31:99:eb:6a:09:08:4c:c4:57:4d:44:16:96:
         bb:f0:4b:eb:4f:ee:ee:35:55:4b:c2:45:f3:a9:cf:0e:ec:39:
         ea:29:66:16:0e:a2:c4:73:f0:81:46:5c:29:50:61:7c:96:ce:
         be:ce:b7:3b:5b:15:06:b1:4d:11:c6:4e:e4:9e:26:d4:7b:45:
         da:4f:c0:e9:36:1e:60:0c:a1:13:db:7c:68:38:5c:38:ea:04:
         93:6c:d1:de:1d:e4:ac:14:8b:e2:b1:9b:ea:45:97:b0:9c:42:
         23:29:32:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk/oGEJw9rs5CzRrVKh06MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1N2M4YWMwNTVjNTc0ZDhjZjEzNTIyYjk2NGI5MjMxNGQy
MTFlYWUwHhcNMjUxMTExMTEwMTMxWhcNMjUxMTEyMTEwMTMxWjAzMTEwLwYDVQQD
Eyg3NTUwZTAyN2IxYmJiYWZiOTY4ZmM5NGU4Mjk1ODgxNTljZDg1NzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihb9qVqHtA0rbwZUj74lYBhXFU0k
IRuNwZFjvcUezc2NS1mgaMMVT2NmfbIcR21BZuO8dcpLv7jeyuIbjlzRqnS7MaDL
mIrlZHU1rnPO/Jq3tEHdhXIHHqOyAKeTLwBytZsil90oh15v8dorKZKzzl0mYXad
oAjyC/2LZjkDXvEVyjSd1vl+t+Z2fL+DgrLDyc2FZ5Pn5kSu+6I+/jwEuVqmcAnG
eDAoVbQ9DPSTCatvKmH1b5oR8eruwn55CcDEFwprI5lRweGyMgIwQj/oR3WEn5qL
QhAYJj5cpzxC075MBm0LKOb3rbInSD9cmtguwXoJZHDoSnIjCwG4vJ1UDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHVQ4Cexu7r7lo/JToKViBWc2FeSMB8GA1UdIwQY
MBaAFLV8isBVxXTYzxNSK5ZLkjFNIR6uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFh5S3dGWEZkTmpQRTFJcmxrdVNNVTBoSHE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8yODlmNDAtYTIzMy00YzYzLWI5M2Ut
OGU0YzdjN2I2NTA0LzEvdFh5S3dGWEZkTmpQRTFJcmxrdVNNVTBoSHE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8yODlmNDAtYTIzMy00YzYzLWI5M2UtOGU0YzdjN2I2NTA0
LzEvdFh5S3dGWEZkTmpQRTFJcmxrdVNNVTBoSHE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD+2TtE79
b6JvYJy60xggYEc5IqhFjMIzEyomr5nMc3WpAtMDGOYzUcSRvfTT6qpjMBvULFs0
EQi44iX0gLEIWt47ap9Ltjv1GxeuN7cyA7I8K/uM9z7Byae7nh+DlFXNW6t8QZUL
JMQqq8wK6cGa++YE1RX2NKdfz6TVE2TOAJhZ6btU2YtMgDUoxLu5CQhhZqyK4F0x
metqCQhMxFdNRBaWu/BL60/u7jVVS8JF86nPDuw56ilmFg6ixHPwgUZcKVBhfJbO
vs63O1sVBrFNEcZO5J4m1HtF2k/A6TYeYAyhE9t8aDhcOOoEk2zR3h3krBSL4rGb
6kWXsJxCIykyiA==
-----END CERTIFICATE-----