Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
File:                     TYEGKSpQrK_qaBfLoczmd6J34OE.mft (raw, json)
Hash identifier:          SuYuqwG7JNmP+2Mye4yYEleMStSfbL0dLTHoMTGCjLU=
Subject key identifier:   20:9F:6E:F3:8B:CE:4F:4A:23:CB:BA:F0:5B:2B:EA:4E:45:8B:93:B8
Authority key identifier: 4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1
Certificate issuer:       /CN=4d8106292a50acafea6817cba1cce677a277e0e1
Certificate serial:       019745C2812B6E0375FA0E1A2CDCC94F26D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
Manifest number:          03EE
Signing time:             Fri 06 Jun 2025 15:01:04 +0000
Manifest this update:     Fri 06 Jun 2025 15:01:04 +0000
Manifest next update:     Sat 07 Jun 2025 15:01:04 +0000
Files and hashes:         1: TYEGKSpQrK_qaBfLoczmd6J34OE.crl (hash: DBTN4EDfztL+uCKT3ue9BYx6S7jm/w6vsNK7k0VM3G0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:45:c2:81:2b:6e:03:75:fa:0e:1a:2c:dc:c9:4f:26:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d8106292a50acafea6817cba1cce677a277e0e1
        Validity
            Not Before: Jun  6 15:01:04 2025 GMT
            Not After : Jun  7 15:01:04 2025 GMT
        Subject: CN=209f6ef38bce4f4a23cbbaf05b2bea4e458b93b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:d3:6a:03:88:79:88:9c:db:16:51:8c:41:c1:
                    8f:9b:a7:de:ea:e9:f1:46:8e:f0:ac:5a:9b:9d:01:
                    61:11:09:65:e5:58:11:04:d8:42:c8:aa:a2:ac:aa:
                    6a:e5:0d:f5:fb:e3:0c:77:0c:d1:1f:18:52:3f:f5:
                    a1:86:c2:12:be:d6:90:79:b5:0c:0f:5f:b6:d4:d3:
                    ef:f0:db:62:84:c5:d0:b5:21:3a:2a:16:93:dc:7b:
                    3b:4c:bf:98:a9:be:de:3a:2e:a9:d8:25:42:0c:d1:
                    96:24:fc:91:a0:aa:4c:66:fd:26:7b:ff:4e:39:85:
                    86:eb:29:31:48:3b:47:23:e9:1e:7d:bd:10:d9:eb:
                    6a:af:06:26:44:d5:85:a5:ec:c3:25:53:e5:6f:14:
                    6b:61:0a:3f:17:65:80:49:d7:52:d6:0d:ed:ef:b2:
                    2f:f5:d1:d3:5c:e0:3a:9b:64:7b:5f:ce:c8:58:1f:
                    76:93:df:76:9b:cd:d6:60:ef:10:73:27:37:b6:1b:
                    fe:a8:ea:90:7e:fe:d4:13:8b:76:3a:95:55:01:23:
                    eb:88:42:db:59:f8:4a:d6:38:d5:c7:ab:96:4e:58:
                    f2:b2:26:4c:69:c7:b5:d9:fc:a6:39:c6:27:f1:9c:
                    6c:ab:fc:ab:a2:59:12:7a:b9:a7:90:2f:82:c7:31:
                    c4:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:9F:6E:F3:8B:CE:4F:4A:23:CB:BA:F0:5B:2B:EA:4E:45:8B:93:B8
            X509v3 Authority Key Identifier:
                keyid:4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:0d:8d:1e:7a:76:89:a9:28:5e:c2:e9:95:f1:be:e2:20:7d:
         d9:fc:cb:a1:1c:6d:1d:cf:cb:ea:cc:69:dc:c5:6f:dc:bc:18:
         b3:1d:2d:a6:f3:a5:74:1e:82:03:ae:2f:d6:82:dd:92:b0:ee:
         00:36:14:93:4a:05:77:d8:ec:53:1a:ce:56:29:f7:7d:97:40:
         83:4b:41:29:bc:e4:c6:9f:29:41:20:e2:05:cc:30:b0:c9:97:
         f6:be:69:cf:d5:bf:2c:2b:55:31:ed:fa:bb:a5:bd:1b:13:76:
         7f:93:99:58:2e:c3:93:ae:04:82:73:89:e5:94:0e:c4:85:9e:
         9f:ac:02:44:3f:ef:d2:2a:f7:09:8c:36:44:e0:7d:8c:f7:ec:
         ef:de:49:36:dc:b9:f2:f4:fb:de:74:15:fe:9e:61:dd:50:5f:
         5a:8f:8c:d8:6e:8b:d7:4c:63:f6:84:37:a5:0a:de:9f:4a:84:
         51:68:7b:98:f6:46:8c:f9:3a:39:f7:e7:ad:73:41:bb:7f:07:
         4e:f3:43:1c:74:64:ee:e2:92:d5:56:40:ec:41:2f:1d:00:81:
         54:b7:18:b0:dc:d6:53:79:02:1f:2a:ab:3d:57:8f:53:35:94:
         a7:31:fa:fb:9c:bc:db:ec:94:57:ad:7e:76:48:d7:0b:85:91:
         21:be:5e:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdFwoErbgN1+g4aLNzJTybUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkODEwNjI5MmE1MGFjYWZlYTY4MTdjYmExY2NlNjc3YTI3
N2UwZTEwHhcNMjUwNjA2MTUwMTA0WhcNMjUwNjA3MTUwMTA0WjAzMTEwLwYDVQQD
EygyMDlmNmVmMzhiY2U0ZjRhMjNjYmJhZjA1YjJiZWE0ZTQ1OGI5M2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNNqA4h5iJzbFlGMQcGPm6fe6unx
Ro7wrFqbnQFhEQll5VgRBNhCyKqirKpq5Q31++MMdwzRHxhSP/WhhsISvtaQebUM
D1+21NPv8NtihMXQtSE6KhaT3Hs7TL+Yqb7eOi6p2CVCDNGWJPyRoKpMZv0me/9O
OYWG6ykxSDtHI+kefb0Q2etqrwYmRNWFpezDJVPlbxRrYQo/F2WASddS1g3t77Iv
9dHTXOA6m2R7X87IWB92k992m83WYO8Qcyc3thv+qOqQfv7UE4t2OpVVASPriELb
WfhK1jjVx6uWTljysiZMace12fymOcYn8Zxsq/yrolkSermnkC+CxzHEeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCCfbvOLzk9KI8u68Fsr6k5Fi5O4MB8GA1UdIwQY
MBaAFE2BBikqUKyv6mgXy6HM5neid+DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDct
M2E1YjM2OTY4MTdkLzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDctM2E1YjM2OTY4MTdk
LzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiA2NHnp2
iakoXsLplfG+4iB92fzLoRxtHc/L6sxp3MVv3LwYsx0tpvOldB6CA64v1oLdkrDu
ADYUk0oFd9jsUxrOVin3fZdAg0tBKbzkxp8pQSDiBcwwsMmX9r5pz9W/LCtVMe36
u6W9GxN2f5OZWC7Dk64EgnOJ5ZQOxIWen6wCRD/v0ir3CYw2ROB9jPfs795JNty5
8vT73nQV/p5h3VBfWo+M2G6L10xj9oQ3pQren0qEUWh7mPZGjPk6OffnrXNBu38H
TvNDHHRk7uKS1VZA7EEvHQCBVLcYsNzWU3kCHyqrPVePUzWUpzH6+5y82+yUV61+
dkjXC4WRIb5eiA==
-----END CERTIFICATE-----