Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft
File:                     TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft (raw, json)
Hash identifier:          mTziFnz6M/obtgyHbANUpzt7BgJpc39Xh0HyrgBYW/8=
Subject key identifier:   AC:5C:6E:48:FA:30:8B:A9:D3:A0:AC:F9:B5:B1:91:8E:9B:70:E2:E8
Authority key identifier: 4C:00:06:E0:58:96:F6:FF:B3:01:61:E7:C8:DD:A2:F9:AD:05:B5:61
Certificate issuer:       /CN=4c0006e05896f6ffb30161e7c8dda2f9ad05b561
Certificate serial:       019A7225C08042143CF8D119CBF2D610898E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TAAG4FiW9v-zAWHnyN2i-a0FtWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft
Manifest number:          167C
Signing time:             Tue 11 Nov 2025 09:01:07 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:07 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:07 +0000
Files and hashes:         1: TAAG4FiW9v-zAWHnyN2i-a0FtWE.crl (hash: dbcExtv7eY/gb1q0aM+CAUm3vo+bFtp23yPZwcXlUiQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TAAG4FiW9v-zAWHnyN2i-a0FtWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:c0:80:42:14:3c:f8:d1:19:cb:f2:d6:10:89:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c0006e05896f6ffb30161e7c8dda2f9ad05b561
        Validity
            Not Before: Nov 11 09:01:07 2025 GMT
            Not After : Nov 12 09:01:07 2025 GMT
        Subject: CN=ac5c6e48fa308ba9d3a0acf9b5b1918e9b70e2e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:4b:27:9d:64:f0:5d:1b:2f:92:16:99:b7:c9:
                    1f:70:35:de:43:93:f4:d3:cd:f6:2d:99:58:cf:32:
                    2b:ab:65:57:1d:8c:c1:a4:32:52:cc:2c:f8:38:19:
                    13:46:12:75:c2:88:d7:0d:61:49:86:6f:cd:7e:74:
                    3b:f9:0d:01:21:17:8f:30:13:c3:ba:60:ac:21:d4:
                    f7:de:ee:37:61:f1:ef:ac:74:31:19:9e:76:e2:08:
                    d4:f0:04:f2:7e:58:56:5d:7b:57:f1:b3:58:65:9d:
                    57:43:c4:21:e8:ed:93:bf:7e:bd:3f:bc:39:a3:5f:
                    36:5b:5a:90:58:09:65:bc:be:3d:66:2b:ca:f6:ed:
                    09:e3:84:72:a1:66:57:49:50:60:f1:e2:be:95:50:
                    e1:67:c8:c2:24:60:38:a5:56:ff:b0:18:cf:d4:e4:
                    7b:e0:2f:b4:a7:5d:da:43:be:28:29:4e:27:3d:87:
                    a8:4b:e0:be:2d:d4:76:f1:c3:d4:05:98:fc:36:94:
                    40:90:09:31:16:91:99:e7:c8:e9:6e:11:f2:60:67:
                    7a:ad:7c:b4:29:0e:d7:04:1f:3d:8b:34:b0:9d:7b:
                    a9:af:7f:ef:a1:14:b3:84:ba:36:5e:43:cd:ec:c6:
                    3e:08:74:bb:fe:03:2b:f7:e0:13:d6:e1:4f:d1:e5:
                    e8:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:5C:6E:48:FA:30:8B:A9:D3:A0:AC:F9:B5:B1:91:8E:9B:70:E2:E8
            X509v3 Authority Key Identifier:
                keyid:4C:00:06:E0:58:96:F6:FF:B3:01:61:E7:C8:DD:A2:F9:AD:05:B5:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TAAG4FiW9v-zAWHnyN2i-a0FtWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:28:e9:63:d4:e6:80:46:75:5d:d3:fc:f6:6b:3b:24:01:1b:
         3b:32:a5:db:24:c1:30:5f:0e:f8:d7:d3:55:ff:f1:9a:e6:3a:
         da:24:77:f5:a2:52:ec:92:77:7b:ad:00:d1:ee:57:c2:9c:12:
         e6:66:58:a3:d7:4a:da:5b:0c:e7:ae:04:4c:b2:27:a8:cf:d5:
         73:57:61:1b:08:c5:5a:23:de:48:26:91:28:18:35:fb:25:86:
         e3:78:f3:ab:ac:8c:c1:14:c1:24:ff:42:3d:67:44:c4:be:01:
         3d:9e:17:bf:50:a0:5b:b3:c8:2a:d5:51:ab:57:d0:61:fe:02:
         f1:20:db:07:b2:ae:e4:37:53:5f:0e:f7:c6:00:5a:35:2c:ec:
         ca:6b:6b:60:55:91:77:b8:a6:38:49:a7:b2:ad:10:09:16:cf:
         99:fd:2f:4a:90:4e:9e:5a:46:5b:2b:49:96:87:e9:26:06:a4:
         e0:4a:bc:b7:43:6b:af:ed:a2:03:24:62:a7:54:c3:a9:fb:fc:
         da:e9:ee:fa:ce:fc:64:35:87:b5:cb:fb:39:91:40:47:de:16:
         b9:fd:ab:32:7c:f2:1a:94:6b:42:cb:a4:28:8d:70:27:13:35:
         ae:f2:ea:ff:fa:ae:bc:78:07:ef:47:f5:68:5e:48:07:79:f5:
         b2:35:77:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJcCAQhQ8+NEZy/LWEImOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMDAwNmUwNTg5NmY2ZmZiMzAxNjFlN2M4ZGRhMmY5YWQw
NWI1NjEwHhcNMjUxMTExMDkwMTA3WhcNMjUxMTEyMDkwMTA3WjAzMTEwLwYDVQQD
EyhhYzVjNmU0OGZhMzA4YmE5ZDNhMGFjZjliNWIxOTE4ZTliNzBlMmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40snnWTwXRsvkhaZt8kfcDXeQ5P0
0832LZlYzzIrq2VXHYzBpDJSzCz4OBkTRhJ1wojXDWFJhm/NfnQ7+Q0BIRePMBPD
umCsIdT33u43YfHvrHQxGZ524gjU8ATyflhWXXtX8bNYZZ1XQ8Qh6O2Tv369P7w5
o182W1qQWAllvL49ZivK9u0J44RyoWZXSVBg8eK+lVDhZ8jCJGA4pVb/sBjP1OR7
4C+0p13aQ74oKU4nPYeoS+C+LdR28cPUBZj8NpRAkAkxFpGZ58jpbhHyYGd6rXy0
KQ7XBB89izSwnXupr3/voRSzhLo2XkPN7MY+CHS7/gMr9+AT1uFP0eXo8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKxcbkj6MIup06Cs+bWxkY6bcOLoMB8GA1UdIwQY
MBaAFEwABuBYlvb/swFh58jdovmtBbVhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEFBRzRGaVc5di16QVdIbnlOMmktYTBGdFdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9iN2Y4MzktYzY4MC00NWVhLWE4ZWUt
MTMwODdiZWJkMWU0LzEvVEFBRzRGaVc5di16QVdIbnlOMmktYTBGdFdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9iN2Y4MzktYzY4MC00NWVhLWE4ZWUtMTMwODdiZWJkMWU0
LzEvVEFBRzRGaVc5di16QVdIbnlOMmktYTBGdFdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKyjpY9Tm
gEZ1XdP89ms7JAEbOzKl2yTBMF8O+NfTVf/xmuY62iR39aJS7JJ3e60A0e5XwpwS
5mZYo9dK2lsM564ETLInqM/Vc1dhGwjFWiPeSCaRKBg1+yWG43jzq6yMwRTBJP9C
PWdExL4BPZ4Xv1CgW7PIKtVRq1fQYf4C8SDbB7Ku5DdTXw73xgBaNSzsymtrYFWR
d7imOEmnsq0QCRbPmf0vSpBOnlpGWytJlofpJgak4Eq8t0Nrr+2iAyRip1TDqfv8
2unu+s78ZDWHtcv7OZFAR94Wuf2rMnzyGpRrQsukKI1wJxM1rvLq//quvHgH70f1
aF5IB3n1sjV3uw==
-----END CERTIFICATE-----