Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.mft
File:                     tRFbXBJF3DDhIwQHnslKNe1SfGY.mft (raw, json)
Hash identifier:          rW8tgZTCuxUpYmvEMgkei6h/WGAsuCsCKIiBPye/jN8=
Subject key identifier:   08:64:76:17:09:CA:E0:80:AE:04:07:92:BF:B1:40:36:AE:AC:B6:B2
Authority key identifier: B5:11:5B:5C:12:45:DC:30:E1:23:04:07:9E:C9:4A:35:ED:52:7C:66
Certificate issuer:       /CN=b5115b5c1245dc30e12304079ec94a35ed527c66
Certificate serial:       01992330F4EBC8175E45E08D6C2D6D9DFC86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tRFbXBJF3DDhIwQHnslKNe1SfGY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.mft
Manifest number:          33
Signing time:             Sun 07 Sep 2025 08:00:34 +0000
Manifest this update:     Sun 07 Sep 2025 08:00:34 +0000
Manifest next update:     Mon 08 Sep 2025 08:00:34 +0000
Files and hashes:         1: tRFbXBJF3DDhIwQHnslKNe1SfGY.crl (hash: pTRA27hqK/VTQuRLXa4JgTDUZz60DjKYJFqUhkpmOlw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tRFbXBJF3DDhIwQHnslKNe1SfGY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:30:f4:eb:c8:17:5e:45:e0:8d:6c:2d:6d:9d:fc:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5115b5c1245dc30e12304079ec94a35ed527c66
        Validity
            Not Before: Sep  7 08:00:34 2025 GMT
            Not After : Sep  8 08:00:34 2025 GMT
        Subject: CN=0864761709cae080ae040792bfb14036aeacb6b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:e9:85:38:4b:83:a9:41:e6:4b:07:4b:a2:a3:
                    43:c9:f1:f1:3f:8b:6d:42:2a:0f:5a:69:aa:27:44:
                    f0:a0:55:b1:c1:1f:a4:fb:12:a7:87:5d:b2:cb:f2:
                    5f:dd:40:2d:30:40:d8:1c:2f:67:c9:1f:16:df:17:
                    7d:28:0c:ef:38:3d:e9:ae:7d:51:77:24:2c:0d:cf:
                    0e:f4:6c:c2:9b:22:8c:71:59:40:84:66:4d:3a:67:
                    45:51:4e:ce:4d:ea:ca:de:d1:70:99:5f:7d:3b:0a:
                    79:46:cd:83:15:a5:b4:c0:1a:32:7a:8e:32:9a:02:
                    15:f3:0a:ac:bb:15:23:aa:75:97:08:21:55:c3:94:
                    12:de:a3:ab:bc:ed:0d:d9:29:da:25:35:7c:a9:0c:
                    51:58:47:1c:62:07:a7:fd:53:cb:35:d4:40:b4:aa:
                    67:ae:24:01:3c:fe:45:18:52:3a:0e:5f:2d:60:36:
                    a8:ca:5c:dc:71:01:86:b1:c6:71:96:95:6a:7e:37:
                    be:92:70:e3:39:11:f8:07:09:a0:ef:26:68:30:6a:
                    e3:d6:2a:51:05:51:66:57:f4:5b:23:52:e1:3a:bb:
                    16:d5:8c:ea:63:f0:2e:61:04:c6:9e:4b:e9:ab:77:
                    f9:fb:22:06:ff:74:19:ab:a2:5e:2c:49:2d:7c:92:
                    f7:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:64:76:17:09:CA:E0:80:AE:04:07:92:BF:B1:40:36:AE:AC:B6:B2
            X509v3 Authority Key Identifier:
                keyid:B5:11:5B:5C:12:45:DC:30:E1:23:04:07:9E:C9:4A:35:ED:52:7C:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRFbXBJF3DDhIwQHnslKNe1SfGY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:85:df:0a:a2:80:43:3e:80:c0:51:68:e7:2c:9e:4b:46:45:
         dc:21:0c:81:fb:b0:78:ed:21:9b:4e:ef:e3:da:cb:46:27:77:
         32:22:51:dd:b1:7e:e3:db:c0:6b:42:e3:27:96:b1:f7:b7:74:
         6f:3b:a8:36:01:17:98:36:81:c7:9e:a8:1f:60:f3:81:c0:1d:
         30:eb:20:c4:1e:0a:4b:18:b6:76:91:47:99:0c:ad:46:07:54:
         2c:53:9b:7e:05:cf:62:be:21:ff:05:9c:af:7e:d3:ff:50:16:
         49:17:23:8e:2f:92:79:cd:90:28:bf:95:8c:6d:47:e4:e9:5c:
         1c:00:bd:ff:0b:30:1b:49:24:65:02:6a:68:7d:3d:0b:96:a6:
         92:92:7c:6f:92:1d:aa:20:3c:39:c4:89:dd:02:67:6e:10:e6:
         dd:58:63:c7:ea:b4:b2:e9:9a:6e:27:7a:a4:f6:45:9e:76:74:
         f0:f6:21:3f:27:7d:8f:af:41:a5:58:20:1f:30:22:58:19:20:
         39:b4:09:74:a4:ee:0f:04:05:b3:c2:f3:90:83:7b:14:48:40:
         ad:5d:d6:e3:7e:ac:bc:f9:32:c7:a9:7b:9d:1f:ce:ba:db:0e:
         0c:fd:27:3f:25:fc:a4:96:68:c8:35:54:28:35:1d:17:55:38:
         aa:fe:fb:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMPTryBdeReCNbC1tnfyGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MTE1YjVjMTI0NWRjMzBlMTIzMDQwNzllYzk0YTM1ZWQ1
MjdjNjYwHhcNMjUwOTA3MDgwMDM0WhcNMjUwOTA4MDgwMDM0WjAzMTEwLwYDVQQD
EygwODY0NzYxNzA5Y2FlMDgwYWUwNDA3OTJiZmIxNDAzNmFlYWNiNmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5emFOEuDqUHmSwdLoqNDyfHxP4tt
QioPWmmqJ0TwoFWxwR+k+xKnh12yy/Jf3UAtMEDYHC9nyR8W3xd9KAzvOD3prn1R
dyQsDc8O9GzCmyKMcVlAhGZNOmdFUU7OTerK3tFwmV99Owp5Rs2DFaW0wBoyeo4y
mgIV8wqsuxUjqnWXCCFVw5QS3qOrvO0N2SnaJTV8qQxRWEccYgen/VPLNdRAtKpn
riQBPP5FGFI6Dl8tYDaoylzccQGGscZxlpVqfje+knDjORH4Bwmg7yZoMGrj1ipR
BVFmV/RbI1LhOrsW1YzqY/AuYQTGnkvpq3f5+yIG/3QZq6JeLEktfJL3jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAhkdhcJyuCArgQHkr+xQDaurLayMB8GA1UdIwQY
MBaAFLURW1wSRdww4SMEB57JSjXtUnxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFJGYlhCSkYzRERoSXdRSG5zbEtOZTFTZkdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9hMzZhNjctNTQyYi00ZjhlLTgxZjAt
NmUyZGE2MGUyODM0LzEvdFJGYlhCSkYzRERoSXdRSG5zbEtOZTFTZkdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9hMzZhNjctNTQyYi00ZjhlLTgxZjAtNmUyZGE2MGUyODM0
LzEvdFJGYlhCSkYzRERoSXdRSG5zbEtOZTFTZkdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXoXfCqKA
Qz6AwFFo5yyeS0ZF3CEMgfuweO0hm07v49rLRid3MiJR3bF+49vAa0LjJ5ax97d0
bzuoNgEXmDaBx56oH2DzgcAdMOsgxB4KSxi2dpFHmQytRgdULFObfgXPYr4h/wWc
r37T/1AWSRcjji+Sec2QKL+VjG1H5OlcHAC9/wswG0kkZQJqaH09C5amkpJ8b5Id
qiA8OcSJ3QJnbhDm3Vhjx+q0sumabid6pPZFnnZ08PYhPyd9j69BpVggHzAiWBkg
ObQJdKTuDwQFs8LzkIN7FEhArV3W436svPkyx6l7nR/OutsODP0nPyX8pJZoyDVU
KDUdF1U4qv77tw==
-----END CERTIFICATE-----