Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/f01712-72bb-4088-8b61-7fe20f2efed4/1/tpqu8c6hny-Sb1cJYVRc_k7WmvY.mft
File:                     tpqu8c6hny-Sb1cJYVRc_k7WmvY.mft (raw, json)
Hash identifier:          hSWLUaqMvnkn+Kyr20E7RByY9vfTQCdSbpR3GabfCXg=
Subject key identifier:   44:68:AC:DF:BA:E2:4B:E1:A8:46:1C:7C:87:67:A1:73:04:42:75:D2
Authority key identifier: B6:9A:AE:F1:CE:A1:9F:2F:92:6F:57:09:61:54:5C:FE:4E:D6:9A:F6
Certificate issuer:       /CN=b69aaef1cea19f2f926f570961545cfe4ed69af6
Certificate serial:       019A209B7AB208E5598FA23407E9E6322CE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tpqu8c6hny-Sb1cJYVRc_k7WmvY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/f01712-72bb-4088-8b61-7fe20f2efed4/1/tpqu8c6hny-Sb1cJYVRc_k7WmvY.mft
Manifest number:          0694
Signing time:             Sun 26 Oct 2025 13:00:51 +0000
Manifest this update:     Sun 26 Oct 2025 13:00:51 +0000
Manifest next update:     Mon 27 Oct 2025 13:00:51 +0000
Files and hashes:         1: tpqu8c6hny-Sb1cJYVRc_k7WmvY.crl (hash: zt2GiFsACNgqSFnDDmkWaQziXEbYbN4dTgf8+kA4FCA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/f01712-72bb-4088-8b61-7fe20f2efed4/1/tpqu8c6hny-Sb1cJYVRc_k7WmvY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/f01712-72bb-4088-8b61-7fe20f2efed4/1/tpqu8c6hny-Sb1cJYVRc_k7WmvY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tpqu8c6hny-Sb1cJYVRc_k7WmvY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 27 Oct 2025 12:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:20:9b:7a:b2:08:e5:59:8f:a2:34:07:e9:e6:32:2c:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b69aaef1cea19f2f926f570961545cfe4ed69af6
        Validity
            Not Before: Oct 26 13:00:51 2025 GMT
            Not After : Oct 27 13:00:51 2025 GMT
        Subject: CN=4468acdfbae24be1a8461c7c8767a173044275d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:d7:a7:36:d4:a0:65:19:8f:6f:d3:3f:f4:b7:
                    a0:ce:3c:9f:e2:0b:0f:53:ed:27:45:2a:73:73:08:
                    9b:c6:81:35:81:33:93:4b:c3:49:fe:22:44:bd:11:
                    11:07:42:8e:e3:6d:e8:0a:c9:d8:9e:74:94:05:fd:
                    b9:70:3a:f2:34:26:c8:ed:b3:ef:13:ca:89:b6:cf:
                    4d:8e:fb:af:6a:1f:22:cd:53:78:e0:88:54:cb:01:
                    24:16:ca:53:d4:4c:46:fa:57:6d:41:35:b9:44:59:
                    d1:17:b4:98:30:b3:ad:28:a7:b4:eb:06:72:b2:de:
                    e5:3a:62:fe:62:50:78:7c:9f:8b:c9:bc:28:da:08:
                    c6:6b:eb:24:d9:6f:24:d3:71:49:56:27:c9:90:e3:
                    24:29:47:8c:85:54:14:b6:c0:45:8c:cb:e2:55:f6:
                    16:98:a8:0b:44:d2:93:36:4a:1f:70:92:67:03:dd:
                    b2:31:8f:5c:f8:ee:7f:d7:f2:b9:6d:e4:dc:d3:f3:
                    08:1d:e5:f6:58:af:72:88:d0:d9:86:6d:7e:9f:48:
                    c0:f8:a1:69:80:69:7f:11:fe:bb:dc:c0:41:34:ed:
                    df:4e:11:10:ed:b2:9b:8e:e9:a6:14:2c:99:97:2b:
                    5f:bd:65:fb:5f:12:2c:35:4e:6e:59:9f:67:97:29:
                    74:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:68:AC:DF:BA:E2:4B:E1:A8:46:1C:7C:87:67:A1:73:04:42:75:D2
            X509v3 Authority Key Identifier:
                keyid:B6:9A:AE:F1:CE:A1:9F:2F:92:6F:57:09:61:54:5C:FE:4E:D6:9A:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tpqu8c6hny-Sb1cJYVRc_k7WmvY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f01712-72bb-4088-8b61-7fe20f2efed4/1/tpqu8c6hny-Sb1cJYVRc_k7WmvY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f01712-72bb-4088-8b61-7fe20f2efed4/1/tpqu8c6hny-Sb1cJYVRc_k7WmvY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:ce:66:6a:a0:66:2b:1b:e7:72:34:74:9f:df:11:70:26:4d:
         54:f1:f7:87:c8:21:0c:71:1c:55:99:96:65:4b:4d:c6:e8:61:
         a0:7c:59:75:ca:79:81:cd:01:04:af:12:80:3d:5d:7d:de:bf:
         d4:4f:95:6c:f9:39:98:1c:5b:d6:29:8b:85:f6:cd:6b:ca:c6:
         68:08:e0:4d:94:68:86:54:f4:7f:6e:80:c1:81:45:c4:a8:ae:
         d8:d0:0c:14:4e:1e:d4:ed:20:a1:f4:40:0c:06:db:a9:c8:ba:
         04:01:01:2a:4c:de:56:8f:17:35:99:a0:ed:86:2b:67:2f:bd:
         2e:2b:06:7a:39:f9:85:c5:c0:59:18:64:6c:a7:d0:89:63:d8:
         1c:3b:e7:b7:60:eb:ee:6e:6a:cb:4c:87:c1:3d:1b:c2:cb:87:
         18:c6:42:57:96:34:a6:9b:8f:60:21:df:90:70:47:b0:00:44:
         91:ce:a3:22:a4:bf:a8:da:33:01:45:a6:0b:7a:a5:aa:2a:44:
         3a:d6:14:65:4c:56:ad:8b:1a:6a:11:b5:1d:6b:30:fb:62:ca:
         39:a2:cb:f3:41:97:da:6b:59:99:d9:6e:26:0f:4e:21:91:06:
         bb:c6:71:b7:c9:f2:10:4f:b2:02:45:3d:eb:2e:82:52:e7:a5:
         ef:6a:59:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZogm3qyCOVZj6I0B+nmMizjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2OWFhZWYxY2VhMTlmMmY5MjZmNTcwOTYxNTQ1Y2ZlNGVk
NjlhZjYwHhcNMjUxMDI2MTMwMDUxWhcNMjUxMDI3MTMwMDUxWjAzMTEwLwYDVQQD
Eyg0NDY4YWNkZmJhZTI0YmUxYTg0NjFjN2M4NzY3YTE3MzA0NDI3NWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tenNtSgZRmPb9M/9Legzjyf4gsP
U+0nRSpzcwibxoE1gTOTS8NJ/iJEvRERB0KO423oCsnYnnSUBf25cDryNCbI7bPv
E8qJts9Njvuvah8izVN44IhUywEkFspT1ExG+ldtQTW5RFnRF7SYMLOtKKe06wZy
st7lOmL+YlB4fJ+Lybwo2gjGa+sk2W8k03FJVifJkOMkKUeMhVQUtsBFjMviVfYW
mKgLRNKTNkofcJJnA92yMY9c+O5/1/K5beTc0/MIHeX2WK9yiNDZhm1+n0jA+KFp
gGl/Ef673MBBNO3fThEQ7bKbjummFCyZlytfvWX7XxIsNU5uWZ9nlyl0TwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFERorN+64kvhqEYcfIdnoXMEQnXSMB8GA1UdIwQY
MBaAFLaarvHOoZ8vkm9XCWFUXP5O1pr2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHBxdThjNmhueS1TYjFjSllWUmNfazdXbXZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mMDE3MTItNzJiYi00MDg4LThiNjEt
N2ZlMjBmMmVmZWQ0LzEvdHBxdThjNmhueS1TYjFjSllWUmNfazdXbXZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mMDE3MTItNzJiYi00MDg4LThiNjEtN2ZlMjBmMmVmZWQ0
LzEvdHBxdThjNmhueS1TYjFjSllWUmNfazdXbXZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs85maqBm
KxvncjR0n98RcCZNVPH3h8ghDHEcVZmWZUtNxuhhoHxZdcp5gc0BBK8SgD1dfd6/
1E+VbPk5mBxb1imLhfbNa8rGaAjgTZRohlT0f26AwYFFxKiu2NAMFE4e1O0gofRA
DAbbqci6BAEBKkzeVo8XNZmg7YYrZy+9LisGejn5hcXAWRhkbKfQiWPYHDvnt2Dr
7m5qy0yHwT0bwsuHGMZCV5Y0ppuPYCHfkHBHsABEkc6jIqS/qNozAUWmC3qlqipE
OtYUZUxWrYsaahG1HWsw+2LKOaLL80GX2mtZmdluJg9OIZEGu8Zxt8nyEE+yAkU9
6y6CUuel72pZ3w==
-----END CERTIFICATE-----