Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
File:                     tNkMTfZ2phH1alrtWAmwV-msV5E.mft (raw, json)
Hash identifier:          26ItunH+TqyFNRiMUwgC4O8uuWvQh7dVe4HvjrOJEyM=
Subject key identifier:   2B:C7:C7:FF:A2:CB:5F:47:7F:CC:C8:4D:91:7A:27:01:76:47:B7:49
Authority key identifier: B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91
Certificate issuer:       /CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
Certificate serial:       0199240D0972122B542C2ED2038E4EB4DFFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
Manifest number:          08F9
Signing time:             Sun 07 Sep 2025 12:00:58 +0000
Manifest this update:     Sun 07 Sep 2025 12:00:58 +0000
Manifest next update:     Mon 08 Sep 2025 12:00:58 +0000
Files and hashes:         1: tNkMTfZ2phH1alrtWAmwV-msV5E.crl (hash: DoHxUdBYu8GqUrf72JCs4GrWy1M7wvRKD/sOVkc99dE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:0d:09:72:12:2b:54:2c:2e:d2:03:8e:4e:b4:df:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
        Validity
            Not Before: Sep  7 12:00:58 2025 GMT
            Not After : Sep  8 12:00:58 2025 GMT
        Subject: CN=2bc7c7ffa2cb5f477fccc84d917a27017647b749
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:ce:5b:2a:e0:68:39:82:b7:d6:2a:82:00:21:
                    b7:05:97:22:a3:10:18:09:82:53:56:84:9f:22:8f:
                    14:b0:fe:1b:3b:64:77:6b:ae:d0:3d:35:d5:cf:a1:
                    14:83:01:41:27:b0:76:28:a3:ed:0f:72:cf:79:2d:
                    64:cf:25:49:3c:91:8b:6b:29:9f:aa:e4:6f:af:c9:
                    85:e4:4d:63:e8:20:44:fc:7d:1f:23:5d:fe:62:ca:
                    c1:0c:e4:27:4f:81:d3:22:99:ce:bf:62:b7:b1:41:
                    7c:c3:67:a4:bb:60:ea:71:54:21:0c:42:ef:8a:ab:
                    3f:78:a3:0c:6c:c2:55:fb:86:32:03:45:d6:3c:75:
                    e6:23:d1:bf:d2:be:04:48:a9:99:ae:1f:32:f7:e7:
                    a6:3d:5e:72:83:88:3e:8c:7d:47:6a:5d:48:71:2b:
                    80:ee:ec:a6:23:75:3a:0a:dd:fa:68:6b:bf:6e:3b:
                    bd:f8:3d:fe:e8:ac:6f:68:d5:10:ea:94:3a:c2:c7:
                    84:7c:8f:82:5f:93:61:54:5f:4b:8d:55:29:78:28:
                    12:5c:26:d2:96:23:e2:79:4c:87:15:df:a1:2e:0e:
                    b0:9e:1e:4d:14:b5:3f:c3:e4:07:0a:a3:27:3d:4c:
                    64:b4:e1:a3:08:49:5b:30:1e:de:6c:3d:81:96:7c:
                    3a:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:C7:C7:FF:A2:CB:5F:47:7F:CC:C8:4D:91:7A:27:01:76:47:B7:49
            X509v3 Authority Key Identifier:
                keyid:B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:2e:02:73:66:50:0a:cb:f5:3d:fb:81:72:78:3d:aa:cc:ae:
         52:d3:ac:46:a9:78:6d:40:16:97:34:b8:fb:f4:91:43:07:ff:
         a4:b2:ed:63:9e:e3:53:8a:13:08:e8:19:7a:95:7a:d3:7d:4a:
         71:43:e9:ef:15:e4:53:4f:77:d9:49:d1:c3:88:a9:be:cf:27:
         45:b0:9b:e3:f9:09:66:eb:64:e3:c4:b1:86:da:2d:77:73:34:
         17:d5:64:c2:53:00:d2:1a:6c:23:9f:c5:e0:c8:4f:0c:56:2a:
         13:6c:5f:d9:b4:f5:4f:66:4a:f6:d4:c2:0e:0a:25:0d:37:39:
         10:43:0b:e8:44:e9:cf:82:75:76:8e:f8:bc:cb:5a:72:5c:22:
         23:bf:01:81:f5:be:1e:4b:70:bf:99:17:67:e8:49:17:95:3d:
         f7:38:75:09:90:e1:a3:5c:80:2a:37:77:88:04:a9:0f:89:56:
         a8:f5:8f:9b:fa:45:38:6b:6d:48:35:23:64:62:80:bd:e2:b4:
         36:21:24:76:70:00:dd:94:cd:94:92:e4:23:03:92:50:21:06:
         e6:96:e0:2f:e8:38:4b:d7:c1:e2:04:56:d1:a2:2d:b0:03:61:
         c2:16:2f:ae:cb:88:f6:4e:ec:58:f3:2e:8d:bf:89:34:23:7d:
         ce:0a:e5:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDQlyEitULC7SA45OtN/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZDkwYzRkZjY3NmE2MTFmNTZhNWFlZDU4MDliMDU3ZTlh
YzU3OTEwHhcNMjUwOTA3MTIwMDU4WhcNMjUwOTA4MTIwMDU4WjAzMTEwLwYDVQQD
EygyYmM3YzdmZmEyY2I1ZjQ3N2ZjY2M4NGQ5MTdhMjcwMTc2NDdiNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA085bKuBoOYK31iqCACG3BZcioxAY
CYJTVoSfIo8UsP4bO2R3a67QPTXVz6EUgwFBJ7B2KKPtD3LPeS1kzyVJPJGLaymf
quRvr8mF5E1j6CBE/H0fI13+YsrBDOQnT4HTIpnOv2K3sUF8w2eku2DqcVQhDELv
iqs/eKMMbMJV+4YyA0XWPHXmI9G/0r4ESKmZrh8y9+emPV5yg4g+jH1Hal1IcSuA
7uymI3U6Ct36aGu/bju9+D3+6KxvaNUQ6pQ6wseEfI+CX5NhVF9LjVUpeCgSXCbS
liPieUyHFd+hLg6wnh5NFLU/w+QHCqMnPUxktOGjCElbMB7ebD2Blnw6qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCvHx/+iy19Hf8zITZF6JwF2R7dJMB8GA1UdIwQY
MBaAFLTZDE32dqYR9Wpa7VgJsFfprFeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTIt
NDM1ZTU3ZmNjZGM5LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTItNDM1ZTU3ZmNjZGM5
LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKC4Cc2ZQ
Csv1PfuBcng9qsyuUtOsRql4bUAWlzS4+/SRQwf/pLLtY57jU4oTCOgZepV6031K
cUPp7xXkU0932UnRw4ipvs8nRbCb4/kJZutk48Sxhtotd3M0F9VkwlMA0hpsI5/F
4MhPDFYqE2xf2bT1T2ZK9tTCDgolDTc5EEML6ETpz4J1do74vMtaclwiI78BgfW+
Hktwv5kXZ+hJF5U99zh1CZDho1yAKjd3iASpD4lWqPWPm/pFOGttSDUjZGKAveK0
NiEkdnAA3ZTNlJLkIwOSUCEG5pbgL+g4S9fB4gRW0aItsANhwhYvrsuI9k7sWPMu
jb+JNCN9zgrlHA==
-----END CERTIFICATE-----