Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft
File:                     Tle6dst9bSrsBSA89BuOZxbufqA.mft (raw, json)
Hash identifier:          KqX+aSjj+jOZyLPjMHfyO1vUL7TtPB1nr4bvOvT8FNE=
Subject key identifier:   32:13:DA:43:F8:21:AA:45:A5:DF:7D:29:B8:09:2F:DB:8F:CC:78:76
Authority key identifier: 4E:57:BA:76:CB:7D:6D:2A:EC:05:20:3C:F4:1B:8E:67:16:EE:7E:A0
Certificate issuer:       /CN=4e57ba76cb7d6d2aec05203cf41b8e6716ee7ea0
Certificate serial:       019921B1C10B659D05AF184C226450458D3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Tle6dst9bSrsBSA89BuOZxbufqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft
Manifest number:          0F96
Signing time:             Sun 07 Sep 2025 01:02:01 +0000
Manifest this update:     Sun 07 Sep 2025 01:02:01 +0000
Manifest next update:     Mon 08 Sep 2025 01:02:01 +0000
Files and hashes:         1: Tle6dst9bSrsBSA89BuOZxbufqA.crl (hash: zMS1D3JUEJsTW8NgIlqY++pV5DA8bnKb3K3SabKCHTQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Tle6dst9bSrsBSA89BuOZxbufqA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:02:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:c1:0b:65:9d:05:af:18:4c:22:64:50:45:8d:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e57ba76cb7d6d2aec05203cf41b8e6716ee7ea0
        Validity
            Not Before: Sep  7 01:02:01 2025 GMT
            Not After : Sep  8 01:02:01 2025 GMT
        Subject: CN=3213da43f821aa45a5df7d29b8092fdb8fcc7876
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:d8:84:ba:40:f0:e4:4a:ef:cb:5b:91:3e:34:
                    62:78:23:ac:aa:0f:9e:b6:7f:74:24:cd:03:0e:a4:
                    94:a6:4f:2b:d3:3e:19:19:a0:ee:2f:47:ae:6f:d4:
                    04:9d:8c:52:ea:62:59:2c:46:c1:81:d9:3c:67:8b:
                    23:1e:94:43:ad:f1:a5:50:40:e6:88:2e:9b:03:a9:
                    5f:1d:9e:45:66:7f:b5:4f:c4:5e:f0:b3:5e:d0:ab:
                    f4:be:f2:9e:8f:f2:d4:7c:85:4c:0e:b1:29:92:a9:
                    c2:e3:e9:94:9c:7a:ae:63:16:7e:d3:f3:7c:0d:59:
                    c8:06:bb:43:f0:d8:69:a0:42:39:55:39:ec:7b:0d:
                    62:7a:e3:c9:50:fa:21:fd:96:2c:24:12:06:a7:eb:
                    54:83:92:51:29:1b:93:07:f0:0b:73:0e:fb:d7:56:
                    ce:7a:ae:0b:eb:55:90:f0:20:b5:ae:88:3a:26:5b:
                    ce:0d:ab:5b:cc:58:34:ac:95:75:a9:3f:a5:8f:39:
                    f2:7f:a9:cd:16:27:be:3a:55:ee:c6:f0:fc:49:e1:
                    b2:a0:81:59:75:c1:5b:88:35:d1:3d:71:7c:a9:e9:
                    7f:c8:4f:cc:12:88:db:7d:22:c1:b6:f1:17:5e:91:
                    d0:f8:da:b8:a8:aa:22:24:46:58:c7:21:67:a1:bf:
                    3d:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:13:DA:43:F8:21:AA:45:A5:DF:7D:29:B8:09:2F:DB:8F:CC:78:76
            X509v3 Authority Key Identifier:
                keyid:4E:57:BA:76:CB:7D:6D:2A:EC:05:20:3C:F4:1B:8E:67:16:EE:7E:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tle6dst9bSrsBSA89BuOZxbufqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:80:18:3f:d5:3a:9f:b4:49:3a:a7:09:02:76:a7:d6:ad:be:
         f3:3d:f7:d7:8f:ca:28:2c:ea:bb:4d:b4:db:04:89:36:8f:2a:
         83:ef:d9:95:52:9f:71:da:fa:c0:16:b8:27:b1:73:c7:f4:b9:
         fb:6f:f6:c8:fc:f6:dd:5a:f5:23:0f:c6:58:da:ad:8e:b0:6b:
         19:b1:05:b7:ec:ff:85:ed:fa:0a:ed:aa:a5:11:c1:83:0c:9d:
         5a:5e:b3:0b:b9:d7:b7:60:f2:cc:6b:74:cf:dd:0a:b3:34:34:
         a6:31:82:2d:c5:46:ee:a4:53:b8:3e:32:be:8f:8a:bf:a7:d7:
         57:05:7c:ca:7f:d1:15:5a:57:a5:54:28:fe:66:21:a9:f1:ca:
         80:5d:48:3e:ef:1c:04:24:5e:27:00:c2:2f:a8:32:1a:bb:d8:
         00:18:6c:6e:95:51:ff:d7:9d:b9:f1:1f:3c:98:2c:f2:7b:4a:
         d3:8e:9d:e4:ee:7b:b4:9b:4d:40:c9:38:4d:a3:5f:e4:21:89:
         94:f2:6e:6b:0a:6c:6c:d3:1e:b6:ac:50:2d:bc:5d:70:47:ef:
         d1:1b:d5:7c:79:58:35:31:b3:4f:a0:78:0b:a8:a4:23:6a:70:
         cc:b4:b1:37:16:2d:fd:02:83:8c:a8:94:4d:58:2f:75:40:e6:
         4a:4b:1b:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhscELZZ0FrxhMImRQRY0+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNTdiYTc2Y2I3ZDZkMmFlYzA1MjAzY2Y0MWI4ZTY3MTZl
ZTdlYTAwHhcNMjUwOTA3MDEwMjAxWhcNMjUwOTA4MDEwMjAxWjAzMTEwLwYDVQQD
EygzMjEzZGE0M2Y4MjFhYTQ1YTVkZjdkMjliODA5MmZkYjhmY2M3ODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodiEukDw5Ervy1uRPjRieCOsqg+e
tn90JM0DDqSUpk8r0z4ZGaDuL0eub9QEnYxS6mJZLEbBgdk8Z4sjHpRDrfGlUEDm
iC6bA6lfHZ5FZn+1T8Re8LNe0Kv0vvKej/LUfIVMDrEpkqnC4+mUnHquYxZ+0/N8
DVnIBrtD8NhpoEI5VTnsew1ieuPJUPoh/ZYsJBIGp+tUg5JRKRuTB/ALcw7711bO
eq4L61WQ8CC1rog6JlvODatbzFg0rJV1qT+ljznyf6nNFie+OlXuxvD8SeGyoIFZ
dcFbiDXRPXF8qel/yE/MEojbfSLBtvEXXpHQ+Nq4qKoiJEZYxyFnob89AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDIT2kP4IapFpd99KbgJL9uPzHh2MB8GA1UdIwQY
MBaAFE5XunbLfW0q7AUgPPQbjmcW7n6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGxlNmRzdDliU3JzQlNBODlCdU9aeGJ1ZnFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82OWU3ZmUtNDBjMC00NWMyLWIyYjEt
YjcyZDdhZGJmYjk2LzEvVGxlNmRzdDliU3JzQlNBODlCdU9aeGJ1ZnFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82OWU3ZmUtNDBjMC00NWMyLWIyYjEtYjcyZDdhZGJmYjk2
LzEvVGxlNmRzdDliU3JzQlNBODlCdU9aeGJ1ZnFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkoAYP9U6
n7RJOqcJAnan1q2+8z3314/KKCzqu0202wSJNo8qg+/ZlVKfcdr6wBa4J7Fzx/S5
+2/2yPz23Vr1Iw/GWNqtjrBrGbEFt+z/he36Cu2qpRHBgwydWl6zC7nXt2DyzGt0
z90KszQ0pjGCLcVG7qRTuD4yvo+Kv6fXVwV8yn/RFVpXpVQo/mYhqfHKgF1IPu8c
BCReJwDCL6gyGrvYABhsbpVR/9edufEfPJgs8ntK046d5O57tJtNQMk4TaNf5CGJ
lPJuawpsbNMetqxQLbxdcEfv0RvVfHlYNTGzT6B4C6ikI2pwzLSxNxYt/QKDjKiU
TVgvdUDmSksbvw==
-----END CERTIFICATE-----