Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
File:                     tNkMTfZ2phH1alrtWAmwV-msV5E.mft (raw, json)
Hash identifier:          cDMrcyuyA2g2dhwmPYGpqx0Fj3w+ygEm903XqbPAVNk=
Subject key identifier:   9A:A7:D6:96:53:E7:67:F1:35:4D:2B:5B:C4:02:0F:CE:64:6D:BC:DB
Authority key identifier: B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91
Certificate issuer:       /CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
Certificate serial:       019A71EEF817DD0B76C1BC8FC506BF19917E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
Manifest number:          09A6
Signing time:             Tue 11 Nov 2025 08:01:17 +0000
Manifest this update:     Tue 11 Nov 2025 08:01:17 +0000
Manifest next update:     Wed 12 Nov 2025 08:01:17 +0000
Files and hashes:         1: tNkMTfZ2phH1alrtWAmwV-msV5E.crl (hash: +FvM1lRkXLhQIvPNxN7keMTR1rI8dPA6qlVWMyzK7Q8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:f8:17:dd:0b:76:c1:bc:8f:c5:06:bf:19:91:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
        Validity
            Not Before: Nov 11 08:01:17 2025 GMT
            Not After : Nov 12 08:01:17 2025 GMT
        Subject: CN=9aa7d69653e767f1354d2b5bc4020fce646dbcdb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:53:00:2b:c9:62:4f:f2:28:28:66:13:33:ce:
                    f5:bb:dd:94:ef:a8:96:2e:2b:06:f6:82:a9:f0:90:
                    98:7f:72:95:cb:84:58:6e:bf:27:95:71:d3:38:50:
                    25:27:c4:98:4e:cb:43:7a:c7:ff:17:78:3f:e2:2c:
                    6c:2d:ab:ac:a8:9f:2a:1f:b8:a5:bc:08:23:79:e6:
                    bf:5c:94:bb:29:7c:2b:a0:87:5e:6d:6d:f2:79:4a:
                    dc:dd:d9:86:c3:9e:ce:8f:fe:8d:08:db:03:d1:32:
                    1b:46:44:cf:50:cc:5c:77:94:51:ee:09:5e:de:a7:
                    c5:44:98:8b:a0:b2:09:b5:48:99:e6:8c:ac:19:c6:
                    7d:ab:f3:a7:02:df:70:59:5c:dc:67:cf:44:08:05:
                    1e:5d:81:97:9d:6f:9b:ae:2b:27:84:d1:e3:cb:96:
                    8a:d9:79:07:27:d6:0a:22:49:e8:e5:28:cd:6a:02:
                    79:04:08:e7:a6:bd:b9:3b:43:05:8f:52:eb:77:3d:
                    8b:33:fd:c5:d0:23:da:c2:a6:b9:06:5d:ef:13:5e:
                    4b:a3:a0:0d:7d:94:7b:fc:bb:b4:7c:51:ed:01:db:
                    71:e6:ad:fc:fa:bb:74:eb:9c:68:e2:b3:fe:15:42:
                    15:b2:8e:1b:c5:a3:b2:70:14:89:45:9e:61:bc:a8:
                    9f:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:A7:D6:96:53:E7:67:F1:35:4D:2B:5B:C4:02:0F:CE:64:6D:BC:DB
            X509v3 Authority Key Identifier:
                keyid:B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:dc:00:f7:b3:9b:a7:45:47:ac:63:8a:0e:ff:76:08:ec:74:
         d2:c2:4f:61:b4:90:f8:2a:76:2b:07:21:83:05:6c:ba:3e:17:
         26:af:a4:cc:20:1c:4f:2d:f9:09:71:12:a9:c7:4d:0a:20:a8:
         fd:8e:dd:6b:5a:a2:d0:77:4a:42:69:91:56:ee:eb:d9:31:f8:
         71:af:db:e0:19:65:ed:62:63:8a:e8:bc:26:fd:6b:4e:94:eb:
         d2:0d:b6:99:43:19:66:7d:41:63:c9:4a:5f:85:53:9a:25:da:
         b8:40:26:bc:9b:88:e1:c6:67:34:3e:c5:18:60:ec:3a:99:81:
         f3:62:ca:2b:f3:23:ee:b6:e3:82:a7:d0:4b:42:6a:67:a3:aa:
         9b:d8:7c:77:a1:de:cc:0f:28:9d:8a:b4:87:36:2d:92:0a:4f:
         84:9b:9b:eb:7b:7f:66:c3:d5:34:c8:86:dc:5d:99:09:63:ef:
         5b:50:bd:a1:57:9f:92:d0:fd:d3:b9:e5:d1:c0:b9:a1:fe:de:
         8e:88:97:de:9b:7b:f3:1c:24:98:c3:e0:0a:8a:8b:d6:85:96:
         86:93:9e:8a:79:b8:95:84:a9:ad:65:25:17:69:b2:4c:96:cf:
         c7:5c:82:d3:3f:d0:22:1a:80:e3:34:be:89:31:81:3d:f8:6e:
         10:a0:a9:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7vgX3Qt2wbyPxQa/GZF+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZDkwYzRkZjY3NmE2MTFmNTZhNWFlZDU4MDliMDU3ZTlh
YzU3OTEwHhcNMjUxMTExMDgwMTE3WhcNMjUxMTEyMDgwMTE3WjAzMTEwLwYDVQQD
Eyg5YWE3ZDY5NjUzZTc2N2YxMzU0ZDJiNWJjNDAyMGZjZTY0NmRiY2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlMAK8liT/IoKGYTM871u92U76iW
LisG9oKp8JCYf3KVy4RYbr8nlXHTOFAlJ8SYTstDesf/F3g/4ixsLausqJ8qH7il
vAgjeea/XJS7KXwroIdebW3yeUrc3dmGw57Oj/6NCNsD0TIbRkTPUMxcd5RR7gle
3qfFRJiLoLIJtUiZ5oysGcZ9q/OnAt9wWVzcZ89ECAUeXYGXnW+brisnhNHjy5aK
2XkHJ9YKIkno5SjNagJ5BAjnpr25O0MFj1Lrdz2LM/3F0CPawqa5Bl3vE15Lo6AN
fZR7/Lu0fFHtAdtx5q38+rt065xo4rP+FUIVso4bxaOycBSJRZ5hvKif+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJqn1pZT52fxNU0rW8QCD85kbbzbMB8GA1UdIwQY
MBaAFLTZDE32dqYR9Wpa7VgJsFfprFeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTIt
NDM1ZTU3ZmNjZGM5LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTItNDM1ZTU3ZmNjZGM5
LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPdwA97Ob
p0VHrGOKDv92COx00sJPYbSQ+Cp2KwchgwVsuj4XJq+kzCAcTy35CXESqcdNCiCo
/Y7da1qi0HdKQmmRVu7r2TH4ca/b4Bll7WJjiui8Jv1rTpTr0g22mUMZZn1BY8lK
X4VTmiXauEAmvJuI4cZnND7FGGDsOpmB82LKK/Mj7rbjgqfQS0JqZ6Oqm9h8d6He
zA8onYq0hzYtkgpPhJub63t/ZsPVNMiG3F2ZCWPvW1C9oVefktD907nl0cC5of7e
joiX3pt78xwkmMPgCoqL1oWWhpOeinm4lYSprWUlF2myTJbPx1yC0z/QIhqA4zS+
iTGBPfhuEKCp3w==
-----END CERTIFICATE-----