Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
File:                     TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft (raw, json)
Hash identifier:          Zsmqha4akUXCi+tB5XLM2XFiicXowPQNnMpPhJttjZQ=
Subject key identifier:   70:3E:D4:19:5D:3C:F6:4E:E3:8B:68:33:33:40:7B:41:7B:79:36:79
Authority key identifier: 4C:9D:92:3A:3B:43:41:69:59:57:6B:CB:40:04:16:CA:5C:F6:06:0D
Certificate issuer:       /CN=4c9d923a3b43416959576bcb400416ca5cf6060d
Certificate serial:       019A71B9239A88FE2F09FC7A587D007D8612
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
Manifest number:          088F
Signing time:             Tue 11 Nov 2025 07:02:29 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:29 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:29 +0000
Files and hashes:         1: TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl (hash: YrLDmxCGPGtPoEtFAATU8jajmuC2pbPegrbD2g0h7oc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:23:9a:88:fe:2f:09:fc:7a:58:7d:00:7d:86:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c9d923a3b43416959576bcb400416ca5cf6060d
        Validity
            Not Before: Nov 11 07:02:29 2025 GMT
            Not After : Nov 12 07:02:29 2025 GMT
        Subject: CN=703ed4195d3cf64ee38b683333407b417b793679
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:d0:b9:0e:3d:34:57:9a:02:f3:7c:6f:f6:f9:
                    7f:e5:36:81:50:e4:f7:30:37:3b:cc:dd:cf:6e:64:
                    22:dc:7d:d7:b3:84:d5:62:01:2a:b0:f1:17:73:dc:
                    0e:84:c8:27:77:6f:53:7c:1d:c4:11:04:a4:6b:b5:
                    b3:0a:b9:9c:d1:ec:93:89:99:9c:e7:7a:09:5c:b8:
                    42:96:97:22:ca:70:1f:01:b6:9b:29:6e:8d:1b:94:
                    37:2f:63:a0:67:44:67:ee:81:03:b5:75:b8:06:50:
                    ff:c2:c8:4c:b1:d4:c0:8d:d5:3d:ec:8a:52:88:32:
                    9b:c4:d8:af:19:6e:5b:7b:dd:ac:22:b3:7c:df:0c:
                    25:5c:24:79:a8:12:0d:f1:7d:6f:6f:16:1c:b3:51:
                    0e:b6:d6:cf:8c:0e:c5:e2:17:ef:ef:e4:c1:a4:da:
                    43:5f:2b:d4:41:37:d1:17:ff:39:d8:1f:83:45:23:
                    c9:1c:ce:85:85:85:32:b2:6c:16:e8:a8:72:15:4e:
                    bd:aa:b0:36:b1:a7:95:5a:35:f2:98:e4:97:39:8e:
                    72:8e:ad:ee:e1:c6:3b:ce:b3:ab:fe:55:94:82:64:
                    ba:b4:3e:61:5d:cc:57:a3:7e:a6:a5:76:17:1d:67:
                    76:4a:b7:17:bd:44:24:c2:34:7a:4b:33:5d:cc:e5:
                    20:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:3E:D4:19:5D:3C:F6:4E:E3:8B:68:33:33:40:7B:41:7B:79:36:79
            X509v3 Authority Key Identifier:
                keyid:4C:9D:92:3A:3B:43:41:69:59:57:6B:CB:40:04:16:CA:5C:F6:06:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:31:19:f6:a4:ec:9b:c3:08:2c:51:30:eb:fc:d7:26:ab:d9:
         88:8f:85:02:38:85:6e:d7:6e:b5:ce:29:95:ce:52:59:d8:58:
         5e:4d:b2:22:7d:57:d2:4a:46:70:22:aa:67:df:dc:5a:35:5c:
         20:cc:f8:47:60:c3:93:87:ca:bb:da:79:8c:c1:73:c7:af:8a:
         82:6d:bc:68:e3:5a:84:3c:9f:29:bb:7c:a4:18:f4:72:31:44:
         2f:19:08:08:55:13:22:da:4f:83:e0:73:d3:5f:fa:50:15:38:
         51:d1:7b:a0:36:48:ef:55:48:42:85:07:b3:13:0d:4e:6c:d9:
         15:87:2c:31:20:be:c2:98:27:db:fe:f1:34:47:fb:45:92:86:
         00:c1:b8:8d:1a:60:42:b8:14:25:a4:bf:fc:77:98:35:aa:2f:
         5c:f1:e4:72:a0:87:25:8b:81:11:ef:e9:70:73:06:85:dd:a8:
         a8:1b:ce:31:4d:72:46:a7:ad:7a:1d:88:fe:2c:9e:f5:cc:e5:
         1b:c5:9d:96:79:ac:c6:1b:54:f7:5d:fd:4e:16:f8:8b:8c:d0:
         8c:dd:76:a7:73:8c:17:eb:06:5b:f5:33:c6:aa:60:c2:e7:03:
         df:8d:79:e5:da:5c:54:f1:2f:54:c6:61:49:60:71:06:f1:d9:
         75:83:fb:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuSOaiP4vCfx6WH0AfYYSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOWQ5MjNhM2I0MzQxNjk1OTU3NmJjYjQwMDQxNmNhNWNm
NjA2MGQwHhcNMjUxMTExMDcwMjI5WhcNMjUxMTEyMDcwMjI5WjAzMTEwLwYDVQQD
Eyg3MDNlZDQxOTVkM2NmNjRlZTM4YjY4MzMzMzQwN2I0MTdiNzkzNjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9C5Dj00V5oC83xv9vl/5TaBUOT3
MDc7zN3PbmQi3H3Xs4TVYgEqsPEXc9wOhMgnd29TfB3EEQSka7WzCrmc0eyTiZmc
53oJXLhClpciynAfAbabKW6NG5Q3L2OgZ0Rn7oEDtXW4BlD/wshMsdTAjdU97IpS
iDKbxNivGW5be92sIrN83wwlXCR5qBIN8X1vbxYcs1EOttbPjA7F4hfv7+TBpNpD
XyvUQTfRF/852B+DRSPJHM6FhYUysmwW6KhyFU69qrA2saeVWjXymOSXOY5yjq3u
4cY7zrOr/lWUgmS6tD5hXcxXo36mpXYXHWd2SrcXvUQkwjR6SzNdzOUgVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHA+1BldPPZO44toMzNAe0F7eTZ5MB8GA1UdIwQY
MBaAFEydkjo7Q0FpWVdry0AEFspc9gYNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lNzFjOWMtZjU4OS00NzZjLWIwODAt
YzAxZGI5ZDUzNDc5LzEvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lNzFjOWMtZjU4OS00NzZjLWIwODAtYzAxZGI5ZDUzNDc5
LzEvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAADEZ9qTs
m8MILFEw6/zXJqvZiI+FAjiFbtdutc4plc5SWdhYXk2yIn1X0kpGcCKqZ9/cWjVc
IMz4R2DDk4fKu9p5jMFzx6+Kgm28aONahDyfKbt8pBj0cjFELxkICFUTItpPg+Bz
01/6UBU4UdF7oDZI71VIQoUHsxMNTmzZFYcsMSC+wpgn2/7xNEf7RZKGAMG4jRpg
QrgUJaS//HeYNaovXPHkcqCHJYuBEe/pcHMGhd2oqBvOMU1yRqeteh2I/iye9czl
G8WdlnmsxhtU9139Thb4i4zQjN12p3OMF+sGW/UzxqpgwucD34155dpcVPEvVMZh
SWBxBvHZdYP7dQ==
-----END CERTIFICATE-----