Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
File:                     TYEGKSpQrK_qaBfLoczmd6J34OE.mft (raw, json)
Hash identifier:          +9Aj7TCqPpxSfpsQ8yc9mDrNZlB/B0MaOXQncm8AzYE=
Subject key identifier:   6A:56:6C:76:E0:8A:17:FA:21:02:1A:B4:78:A8:39:59:E8:B0:09:28
Authority key identifier: 4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1
Certificate issuer:       /CN=4d8106292a50acafea6817cba1cce677a277e0e1
Certificate serial:       019A70DC7B3B637F5EDFD03F41F2007A7C02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
Manifest number:          0592
Signing time:             Tue 11 Nov 2025 03:01:28 +0000
Manifest this update:     Tue 11 Nov 2025 03:01:28 +0000
Manifest next update:     Wed 12 Nov 2025 03:01:28 +0000
Files and hashes:         1: TYEGKSpQrK_qaBfLoczmd6J34OE.crl (hash: anDE63CMUrYykvj2zhM+DCSEuJ1eEVSqUeDTi7eYpbA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:dc:7b:3b:63:7f:5e:df:d0:3f:41:f2:00:7a:7c:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d8106292a50acafea6817cba1cce677a277e0e1
        Validity
            Not Before: Nov 11 03:01:28 2025 GMT
            Not After : Nov 12 03:01:28 2025 GMT
        Subject: CN=6a566c76e08a17fa21021ab478a83959e8b00928
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:30:cd:f9:a3:45:1f:91:77:ba:89:82:ab:0d:
                    36:fd:c8:56:a2:de:31:e3:f2:3a:b1:cd:3d:46:6d:
                    90:9c:d2:60:b5:aa:84:34:2a:55:f2:85:b5:87:1e:
                    ab:bc:c5:6e:57:6c:61:be:10:dc:eb:ce:4d:a0:24:
                    97:28:00:15:f6:f4:20:4f:11:40:9a:b1:65:7c:7a:
                    02:71:cc:a0:38:2a:c8:de:52:4c:7c:1e:65:29:5a:
                    46:ea:fc:1a:8b:cc:11:ec:f0:cc:6b:4d:ef:96:8a:
                    97:15:36:1d:d6:5b:5e:27:dc:00:a8:7b:95:58:a7:
                    e0:4f:46:0d:9e:af:71:ba:13:43:0a:5c:58:a5:ff:
                    0d:ad:55:6b:19:f0:ac:ce:d3:65:d4:ca:f1:b9:10:
                    ec:96:bb:94:bc:e8:ac:a4:a6:aa:a2:2c:48:8e:5e:
                    ee:a9:b7:10:74:f3:79:e2:67:7a:2d:56:65:b4:37:
                    2f:d2:05:68:7c:c0:1f:f4:85:4d:25:38:41:21:a2:
                    54:71:a8:94:2b:9c:c5:7b:9a:92:53:c2:bf:cf:7e:
                    01:fc:c7:0b:cd:64:39:91:5e:ee:2f:43:d7:19:81:
                    b2:70:4c:22:fe:9d:ba:4c:2f:0c:01:a3:43:f8:41:
                    ea:b4:8c:46:89:92:bf:2c:f1:68:da:19:1f:73:b9:
                    bb:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:56:6C:76:E0:8A:17:FA:21:02:1A:B4:78:A8:39:59:E8:B0:09:28
            X509v3 Authority Key Identifier:
                keyid:4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:92:03:75:c7:93:83:eb:4e:c5:3f:8c:37:11:29:dd:fa:de:
         67:6e:16:b0:a1:95:a0:8a:60:a7:b1:b8:45:45:f4:0a:76:4d:
         05:54:9d:9f:fc:59:04:fa:c5:92:79:b9:38:1d:cf:b3:e7:f3:
         a6:b3:ed:83:df:9b:11:1f:50:79:d7:73:b9:e4:c0:a1:da:c7:
         ea:56:62:f9:c9:19:d4:df:2f:a9:b5:63:c1:c0:bb:61:af:95:
         58:46:af:a7:c6:8d:7d:c6:58:07:fb:fc:40:ce:ad:03:8d:60:
         be:aa:05:60:8d:d7:b3:96:ac:83:15:89:b9:b5:57:26:5f:59:
         e6:14:7d:9d:ac:d8:88:8a:35:d5:ea:0f:00:91:d2:cf:61:50:
         d9:a1:53:ec:1a:f5:2b:6e:26:31:25:05:32:45:0f:59:28:d1:
         42:5e:55:47:8e:85:02:c8:59:bb:d1:94:a2:08:0e:2c:1f:08:
         4a:ea:3a:9f:dd:75:0a:fb:b2:39:dd:af:3e:21:14:e9:ea:c3:
         cd:92:f7:e6:d3:73:6e:d3:91:9e:a1:ff:42:41:05:6d:63:4f:
         93:80:fe:9b:5f:c9:a6:b7:94:47:94:0d:4a:8c:0e:af:19:04:
         b2:c5:64:a6:5d:a3:9c:a4:56:a2:06:36:9b:e1:7e:3e:4c:5e:
         38:62:b4:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3Hs7Y39e39A/QfIAenwCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkODEwNjI5MmE1MGFjYWZlYTY4MTdjYmExY2NlNjc3YTI3
N2UwZTEwHhcNMjUxMTExMDMwMTI4WhcNMjUxMTEyMDMwMTI4WjAzMTEwLwYDVQQD
Eyg2YTU2NmM3NmUwOGExN2ZhMjEwMjFhYjQ3OGE4Mzk1OWU4YjAwOTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTDN+aNFH5F3uomCqw02/chWot4x
4/I6sc09Rm2QnNJgtaqENCpV8oW1hx6rvMVuV2xhvhDc685NoCSXKAAV9vQgTxFA
mrFlfHoCccygOCrI3lJMfB5lKVpG6vwai8wR7PDMa03vloqXFTYd1lteJ9wAqHuV
WKfgT0YNnq9xuhNDClxYpf8NrVVrGfCsztNl1MrxuRDslruUvOispKaqoixIjl7u
qbcQdPN54md6LVZltDcv0gVofMAf9IVNJThBIaJUcaiUK5zFe5qSU8K/z34B/McL
zWQ5kV7uL0PXGYGycEwi/p26TC8MAaND+EHqtIxGiZK/LPFo2hkfc7m78wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGpWbHbgihf6IQIatHioOVnosAkoMB8GA1UdIwQY
MBaAFE2BBikqUKyv6mgXy6HM5neid+DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDct
M2E1YjM2OTY4MTdkLzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDctM2E1YjM2OTY4MTdk
LzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHpIDdceT
g+tOxT+MNxEp3freZ24WsKGVoIpgp7G4RUX0CnZNBVSdn/xZBPrFknm5OB3Ps+fz
prPtg9+bER9QeddzueTAodrH6lZi+ckZ1N8vqbVjwcC7Ya+VWEavp8aNfcZYB/v8
QM6tA41gvqoFYI3Xs5asgxWJubVXJl9Z5hR9nazYiIo11eoPAJHSz2FQ2aFT7Br1
K24mMSUFMkUPWSjRQl5VR46FAshZu9GUoggOLB8ISuo6n911CvuyOd2vPiEU6erD
zZL35tNzbtORnqH/QkEFbWNPk4D+m1/JpreUR5QNSowOrxkEssVkpl2jnKRWogY2
m+F+PkxeOGK0fA==
-----END CERTIFICATE-----