Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/fb93ea-6163-47ec-8bdc-63d90e664822/1/T_TbtnXuCOi72XQHoafv2RkZ5zg.mft
File:                     T_TbtnXuCOi72XQHoafv2RkZ5zg.mft (raw, json)
Hash identifier:          C1AOgDc6bs+K/PFDZvCG2MNo8XYZtdzGz2/iuMHxn84=
Subject key identifier:   CA:A9:06:FB:E8:F0:3E:30:B4:FC:2D:6F:65:01:98:E1:A6:02:35:F7
Authority key identifier: 4F:F4:DB:B6:75:EE:08:E8:BB:D9:74:07:A1:A7:EF:D9:19:19:E7:38
Certificate issuer:       /CN=4ff4dbb675ee08e8bbd97407a1a7efd91919e738
Certificate serial:       0199239FAB8BF709D8DE6688E5931955E767
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T_TbtnXuCOi72XQHoafv2RkZ5zg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/fb93ea-6163-47ec-8bdc-63d90e664822/1/T_TbtnXuCOi72XQHoafv2RkZ5zg.mft
Manifest number:          0F88
Signing time:             Sun 07 Sep 2025 10:01:30 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:30 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:30 +0000
Files and hashes:         1: T_TbtnXuCOi72XQHoafv2RkZ5zg.crl (hash: eBZj4R2j3vpzXFelCUjevOYLAbJ1AlXBlrH+bodKCcY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/fb93ea-6163-47ec-8bdc-63d90e664822/1/T_TbtnXuCOi72XQHoafv2RkZ5zg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/fb93ea-6163-47ec-8bdc-63d90e664822/1/T_TbtnXuCOi72XQHoafv2RkZ5zg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T_TbtnXuCOi72XQHoafv2RkZ5zg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:ab:8b:f7:09:d8:de:66:88:e5:93:19:55:e7:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ff4dbb675ee08e8bbd97407a1a7efd91919e738
        Validity
            Not Before: Sep  7 10:01:30 2025 GMT
            Not After : Sep  8 10:01:30 2025 GMT
        Subject: CN=caa906fbe8f03e30b4fc2d6f650198e1a60235f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:28:c7:d4:1f:ca:23:25:45:5a:f5:91:86:3d:
                    6d:47:8f:31:80:6d:e6:6e:82:a2:fe:bc:08:e9:fd:
                    c0:40:ce:3b:bf:a9:54:72:d1:31:b5:5f:d9:c4:d5:
                    24:88:2c:51:8a:21:13:0b:f5:08:db:e4:35:b5:fd:
                    b7:a3:10:ab:b7:c1:43:7d:d0:a7:d9:82:bc:96:6c:
                    ca:40:12:cc:b4:f2:dd:b3:3b:15:8a:b8:fd:83:7d:
                    b0:26:1c:6e:9d:0b:01:98:ed:f8:d8:df:e9:e5:c6:
                    c5:5d:5b:b3:11:25:09:81:e3:a3:e9:e7:2f:bb:6a:
                    a7:25:b9:58:c0:b7:b6:3b:88:5c:9c:c6:6e:c0:fd:
                    a8:91:75:76:2b:a3:a4:44:5d:92:91:5f:2c:5b:64:
                    3d:0a:83:be:28:3e:44:97:87:2a:67:e3:25:94:70:
                    b3:32:61:33:b7:35:dd:b9:7b:c4:f4:bd:9b:94:22:
                    2d:24:21:45:f3:ca:73:ba:b2:88:25:80:dd:dd:6d:
                    f9:bf:aa:ed:ad:b3:e3:30:cc:b6:1d:14:9b:6e:8c:
                    b5:55:f6:23:8a:1e:21:28:0a:a0:f4:90:85:77:0e:
                    a3:96:be:75:17:ed:db:0b:9d:f8:41:83:04:93:4b:
                    40:66:49:b5:a6:ba:81:42:2a:69:ac:4c:ed:a8:38:
                    7f:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:A9:06:FB:E8:F0:3E:30:B4:FC:2D:6F:65:01:98:E1:A6:02:35:F7
            X509v3 Authority Key Identifier:
                keyid:4F:F4:DB:B6:75:EE:08:E8:BB:D9:74:07:A1:A7:EF:D9:19:19:E7:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T_TbtnXuCOi72XQHoafv2RkZ5zg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fb93ea-6163-47ec-8bdc-63d90e664822/1/T_TbtnXuCOi72XQHoafv2RkZ5zg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fb93ea-6163-47ec-8bdc-63d90e664822/1/T_TbtnXuCOi72XQHoafv2RkZ5zg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:cd:63:c7:19:19:1e:37:0f:2b:80:fc:c9:59:8e:1f:5f:51:
         2a:3e:ee:e8:2b:ce:3d:96:09:ba:ea:31:a8:c9:8a:41:f9:1a:
         5e:51:9f:d6:6d:59:c4:70:1c:04:3e:3b:c8:62:cf:e4:e8:b7:
         7c:bc:3d:e0:07:d2:39:80:d5:f4:a0:6d:d7:15:38:e6:7f:79:
         ae:f4:ac:02:37:0f:a6:5a:e0:6e:c8:1f:a6:d2:79:72:08:bd:
         ea:4e:c6:02:ca:4d:66:34:20:cc:40:92:7a:c1:2c:8b:f5:dd:
         5b:72:5e:49:dd:ea:9f:00:36:88:2f:0f:20:60:b5:b4:a7:d5:
         1d:c2:2f:c5:b3:e4:a6:09:49:34:64:23:38:0c:9c:3b:d6:dc:
         08:a8:25:c5:5b:38:41:0c:fe:5a:5d:c2:e4:0a:6a:ae:be:54:
         92:10:64:f8:3f:c4:b2:5a:73:5f:4d:7d:93:ae:9a:23:73:66:
         01:7b:50:f2:47:a2:2e:d6:a2:64:6e:30:7a:79:80:fb:2d:bd:
         05:52:bb:89:1a:b2:29:55:cb:dd:23:1e:f6:28:1b:68:66:a4:
         6a:f1:0f:d0:f0:ad:4d:ee:e4:0c:67:bb:c7:fe:38:53:68:8e:
         a7:51:3b:9a:75:1f:91:33:e5:f2:5c:a4:0d:b8:46:43:85:9a:
         7c:d5:71:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn6uL9wnY3maI5ZMZVednMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmZjRkYmI2NzVlZTA4ZThiYmQ5NzQwN2ExYTdlZmQ5MTkx
OWU3MzgwHhcNMjUwOTA3MTAwMTMwWhcNMjUwOTA4MTAwMTMwWjAzMTEwLwYDVQQD
EyhjYWE5MDZmYmU4ZjAzZTMwYjRmYzJkNmY2NTAxOThlMWE2MDIzNWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCjH1B/KIyVFWvWRhj1tR48xgG3m
boKi/rwI6f3AQM47v6lUctExtV/ZxNUkiCxRiiETC/UI2+Q1tf23oxCrt8FDfdCn
2YK8lmzKQBLMtPLdszsVirj9g32wJhxunQsBmO342N/p5cbFXVuzESUJgeOj6ecv
u2qnJblYwLe2O4hcnMZuwP2okXV2K6OkRF2SkV8sW2Q9CoO+KD5El4cqZ+MllHCz
MmEztzXduXvE9L2blCItJCFF88pzurKIJYDd3W35v6rtrbPjMMy2HRSbboy1VfYj
ih4hKAqg9JCFdw6jlr51F+3bC534QYMEk0tAZkm1prqBQipprEztqDh/7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMqpBvvo8D4wtPwtb2UBmOGmAjX3MB8GA1UdIwQY
MBaAFE/027Z17gjou9l0B6Gn79kZGec4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVF9UYnRuWHVDT2k3MlhRSG9hZnYyUmtaNXpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mYjkzZWEtNjE2My00N2VjLThiZGMt
NjNkOTBlNjY0ODIyLzEvVF9UYnRuWHVDT2k3MlhRSG9hZnYyUmtaNXpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mYjkzZWEtNjE2My00N2VjLThiZGMtNjNkOTBlNjY0ODIy
LzEvVF9UYnRuWHVDT2k3MlhRSG9hZnYyUmtaNXpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApM1jxxkZ
HjcPK4D8yVmOH19RKj7u6CvOPZYJuuoxqMmKQfkaXlGf1m1ZxHAcBD47yGLP5Oi3
fLw94AfSOYDV9KBt1xU45n95rvSsAjcPplrgbsgfptJ5cgi96k7GAspNZjQgzECS
esEsi/XdW3JeSd3qnwA2iC8PIGC1tKfVHcIvxbPkpglJNGQjOAycO9bcCKglxVs4
QQz+Wl3C5Apqrr5UkhBk+D/EslpzX019k66aI3NmAXtQ8keiLtaiZG4wenmA+y29
BVK7iRqyKVXL3SMe9igbaGakavEP0PCtTe7kDGe7x/44U2iOp1E7mnUfkTPl8lyk
DbhGQ4WafNVx7A==
-----END CERTIFICATE-----