Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/1f1e7b-5907-48c1-90fd-5602712baa5b/1/TgfHPboamfW7wV94xjkKqZwmmCQ.mft
File:                     TgfHPboamfW7wV94xjkKqZwmmCQ.mft (raw, json)
Hash identifier:          a4kLB+pxvBwQ9mYvSzP9P0727+2GfeifyjVCYOhZcWE=
Subject key identifier:   3D:1D:B5:FD:ED:BC:DF:9A:65:69:E8:E0:93:71:EC:01:FC:DC:ED:23
Authority key identifier: 4E:07:C7:3D:BA:1A:99:F5:BB:C1:5F:78:C6:39:0A:A9:9C:26:98:24
Certificate issuer:       /CN=4e07c73dba1a99f5bbc15f78c6390aa99c269824
Certificate serial:       019A71B8DF846F0B0C0F1026AF0FFA2B883A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TgfHPboamfW7wV94xjkKqZwmmCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/1f1e7b-5907-48c1-90fd-5602712baa5b/1/TgfHPboamfW7wV94xjkKqZwmmCQ.mft
Manifest number:          14E6
Signing time:             Tue 11 Nov 2025 07:02:12 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:12 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:12 +0000
Files and hashes:         1: TgfHPboamfW7wV94xjkKqZwmmCQ.crl (hash: OtIvw1IqJqA5IPBQWkOQJc+vKpk/PFFKKCWmVOWrakQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/1f1e7b-5907-48c1-90fd-5602712baa5b/1/TgfHPboamfW7wV94xjkKqZwmmCQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/1f1e7b-5907-48c1-90fd-5602712baa5b/1/TgfHPboamfW7wV94xjkKqZwmmCQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TgfHPboamfW7wV94xjkKqZwmmCQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:df:84:6f:0b:0c:0f:10:26:af:0f:fa:2b:88:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e07c73dba1a99f5bbc15f78c6390aa99c269824
        Validity
            Not Before: Nov 11 07:02:12 2025 GMT
            Not After : Nov 12 07:02:12 2025 GMT
        Subject: CN=3d1db5fdedbcdf9a6569e8e09371ec01fcdced23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:86:38:cf:7c:3a:0c:7b:78:ae:2b:ab:2b:ae:
                    a6:7d:f6:ba:20:c5:de:fd:b0:87:3f:27:c0:c2:6b:
                    56:8c:b2:9a:b4:f1:cb:4a:49:d3:2f:9d:b0:37:a1:
                    fc:ff:7a:ac:2b:54:3f:b3:18:39:ee:cd:d0:7e:1d:
                    f2:79:fc:8e:97:8d:e9:71:66:7a:34:9b:3e:f9:51:
                    7f:2d:75:66:9f:c3:4b:e6:57:5f:5d:98:12:d0:16:
                    12:18:f2:14:f4:c2:71:2a:36:5e:72:12:40:48:73:
                    d7:2d:c5:cc:b0:f9:e0:45:89:39:0c:6b:d1:c7:94:
                    4a:7a:f6:35:5e:1b:2f:db:af:eb:29:b5:ae:4e:8d:
                    42:52:82:8d:6e:81:6a:19:ff:96:fa:3f:66:7b:59:
                    cb:6c:45:6a:c1:fb:34:f3:0e:5b:14:8c:4f:1c:23:
                    80:7e:66:f6:ba:62:b5:46:a1:87:67:74:e6:f7:6e:
                    9b:de:ca:bc:52:f3:18:9f:89:7e:df:81:ca:ce:f5:
                    26:0c:43:a1:8c:f2:21:6d:7e:e1:f8:59:70:f6:70:
                    4c:d8:b2:76:b4:da:05:ad:4d:50:ef:27:bd:60:15:
                    65:c4:27:f7:5e:71:50:af:73:ab:f0:16:ce:02:db:
                    a2:94:fc:14:ee:d6:62:fd:1f:00:cb:15:61:58:8e:
                    b1:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:1D:B5:FD:ED:BC:DF:9A:65:69:E8:E0:93:71:EC:01:FC:DC:ED:23
            X509v3 Authority Key Identifier:
                keyid:4E:07:C7:3D:BA:1A:99:F5:BB:C1:5F:78:C6:39:0A:A9:9C:26:98:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TgfHPboamfW7wV94xjkKqZwmmCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/1f1e7b-5907-48c1-90fd-5602712baa5b/1/TgfHPboamfW7wV94xjkKqZwmmCQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/1f1e7b-5907-48c1-90fd-5602712baa5b/1/TgfHPboamfW7wV94xjkKqZwmmCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:bc:94:73:ee:fd:95:08:10:78:a8:57:90:42:ca:fe:5d:6b:
         d4:31:c8:a3:fb:08:4f:70:05:f4:9f:0b:46:56:45:ff:9f:16:
         f7:6e:2a:69:e1:b0:62:44:a5:23:79:9a:85:90:30:03:96:04:
         de:f1:51:4d:82:9d:80:71:b9:c7:e7:8c:e7:3f:88:d6:85:41:
         15:bc:f5:51:12:77:58:86:11:b7:92:00:f8:33:f4:9e:e4:6b:
         60:8c:77:5f:ce:27:28:e5:1e:c5:31:07:c2:85:1f:58:93:b5:
         09:ee:64:cd:50:6e:d9:74:49:99:b4:99:70:41:d6:b5:64:7d:
         bc:4a:92:58:71:e4:7b:5d:1a:7b:28:82:93:42:35:33:77:92:
         80:56:c8:e8:ee:78:49:5a:63:d8:cd:b0:e4:05:b3:47:ec:91:
         c8:60:77:1f:08:c9:c3:29:d6:af:e3:a1:da:99:36:15:bb:c2:
         7c:fe:4a:9e:44:3f:de:c0:b7:92:2d:90:4e:83:25:df:41:5c:
         28:b8:fc:f4:90:b5:e8:6f:0b:4d:21:77:ee:09:a4:b5:89:b9:
         f3:8a:e5:c3:45:24:10:2e:05:e7:2b:3a:af:06:6d:9c:1c:b2:
         0d:82:0b:f3:c4:54:0f:5f:d4:17:f4:25:65:42:40:8b:51:29:
         6e:26:c0:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuN+EbwsMDxAmrw/6K4g6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMDdjNzNkYmExYTk5ZjViYmMxNWY3OGM2MzkwYWE5OWMy
Njk4MjQwHhcNMjUxMTExMDcwMjEyWhcNMjUxMTEyMDcwMjEyWjAzMTEwLwYDVQQD
EygzZDFkYjVmZGVkYmNkZjlhNjU2OWU4ZTA5MzcxZWMwMWZjZGNlZDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA74Y4z3w6DHt4riurK66mffa6IMXe
/bCHPyfAwmtWjLKatPHLSknTL52wN6H8/3qsK1Q/sxg57s3Qfh3yefyOl43pcWZ6
NJs++VF/LXVmn8NL5ldfXZgS0BYSGPIU9MJxKjZechJASHPXLcXMsPngRYk5DGvR
x5RKevY1Xhsv26/rKbWuTo1CUoKNboFqGf+W+j9me1nLbEVqwfs08w5bFIxPHCOA
fmb2umK1RqGHZ3Tm926b3sq8UvMYn4l+34HKzvUmDEOhjPIhbX7h+Flw9nBM2LJ2
tNoFrU1Q7ye9YBVlxCf3XnFQr3Or8BbOAtuilPwU7tZi/R8AyxVhWI6xrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD0dtf3tvN+aZWno4JNx7AH83O0jMB8GA1UdIwQY
MBaAFE4Hxz26Gpn1u8FfeMY5CqmcJpgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGdmSFBib2FtZlc3d1Y5NHhqa0txWndtbUNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8xZjFlN2ItNTkwNy00OGMxLTkwZmQt
NTYwMjcxMmJhYTViLzEvVGdmSFBib2FtZlc3d1Y5NHhqa0txWndtbUNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8xZjFlN2ItNTkwNy00OGMxLTkwZmQtNTYwMjcxMmJhYTVi
LzEvVGdmSFBib2FtZlc3d1Y5NHhqa0txWndtbUNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKryUc+79
lQgQeKhXkELK/l1r1DHIo/sIT3AF9J8LRlZF/58W924qaeGwYkSlI3mahZAwA5YE
3vFRTYKdgHG5x+eM5z+I1oVBFbz1URJ3WIYRt5IA+DP0nuRrYIx3X84nKOUexTEH
woUfWJO1Ce5kzVBu2XRJmbSZcEHWtWR9vEqSWHHke10aeyiCk0I1M3eSgFbI6O54
SVpj2M2w5AWzR+yRyGB3HwjJwynWr+Oh2pk2FbvCfP5KnkQ/3sC3ki2QToMl30Fc
KLj89JC16G8LTSF37gmktYm584rlw0UkEC4F5ys6rwZtnByyDYIL88RUD1/UF/Ql
ZUJAi1EpbibAGw==
-----END CERTIFICATE-----