Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
File:                     TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft (raw, json)
Hash identifier:          qmiMJC3wKKt4+62VZlsedFXNUzosA24TfMJuq6X9x+8=
Subject key identifier:   31:35:ED:96:41:04:CC:D2:4F:BB:14:0E:3D:B7:ED:0B:D9:93:A5:6C
Authority key identifier: 4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD
Certificate issuer:       /CN=4d4927a141fb25b75824c6beaef0679d34fc49bd
Certificate serial:       019A1F884D9CE071D58862B2844C7C24C948
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
Manifest number:          03E9
Signing time:             Sun 26 Oct 2025 08:00:17 +0000
Manifest this update:     Sun 26 Oct 2025 08:00:17 +0000
Manifest next update:     Mon 27 Oct 2025 08:00:17 +0000
Files and hashes:         1: TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl (hash: coQEm9hA6bvsRZfCLUGhV2JK3Ze7hCpGSUKfto465aM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 27 Oct 2025 03:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:1f:88:4d:9c:e0:71:d5:88:62:b2:84:4c:7c:24:c9:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d4927a141fb25b75824c6beaef0679d34fc49bd
        Validity
            Not Before: Oct 26 08:00:17 2025 GMT
            Not After : Oct 27 08:00:17 2025 GMT
        Subject: CN=3135ed964104ccd24fbb140e3db7ed0bd993a56c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:57:b4:68:60:bd:76:fa:35:15:d0:71:75:50:
                    91:23:5e:15:4a:58:3e:04:0a:c8:4a:9b:50:e0:87:
                    f6:08:1b:2d:97:71:6c:bc:20:08:01:d2:59:92:57:
                    58:c2:b7:fd:f1:31:ab:17:c7:8e:9e:b6:ea:f6:df:
                    84:6a:7f:73:c1:95:c8:b2:06:ad:c9:d6:6c:6e:80:
                    ac:ed:df:18:03:8d:47:fa:ce:5b:dd:5a:96:8a:4c:
                    8d:0a:76:77:e1:94:e6:d2:f9:2e:4f:22:c5:f1:58:
                    11:0b:46:e1:a9:bb:95:05:66:78:db:2c:25:b3:0a:
                    66:f3:bb:97:bb:7c:2e:29:f3:fe:8f:a2:85:a0:68:
                    5c:91:61:30:a2:09:26:e0:c6:ec:6e:48:94:dc:4a:
                    cd:89:6b:4d:31:80:ff:4a:c2:36:eb:aa:fc:8b:5f:
                    f6:b3:73:38:cb:3c:ae:76:6a:e7:51:9d:11:25:0f:
                    e4:fe:76:ca:e3:c4:04:a6:fc:d0:08:b9:50:b3:c4:
                    f4:f9:f6:c1:e9:96:d4:5e:d5:b9:b5:a8:a3:5c:23:
                    74:33:27:4f:2d:f7:57:c7:58:98:17:71:ca:b0:dc:
                    fe:11:70:43:02:f7:a4:94:71:b6:01:3e:6c:07:49:
                    3d:57:6b:06:2f:cc:37:e2:db:66:e6:bb:7b:99:f6:
                    4f:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:35:ED:96:41:04:CC:D2:4F:BB:14:0E:3D:B7:ED:0B:D9:93:A5:6C
            X509v3 Authority Key Identifier:
                keyid:4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:74:d6:73:35:a8:66:3c:16:9a:06:4c:15:55:ae:76:ee:41:
         81:7e:7c:98:62:f6:e4:41:15:95:3a:5b:11:2c:72:34:08:7d:
         84:23:e9:23:88:08:5c:c8:f7:90:ea:18:71:f0:6b:09:81:e3:
         4e:ad:cd:db:d9:f9:a9:16:b6:a3:a6:d8:72:78:76:f6:df:09:
         72:f5:cf:1c:db:60:34:fb:ac:4c:bf:1e:d6:2f:80:2f:29:e9:
         a4:41:76:53:f5:b5:51:80:a7:46:21:1d:fc:87:40:33:74:91:
         de:2f:af:6b:5f:93:89:d7:b1:f4:0b:bb:05:18:8d:4b:8c:c3:
         36:f5:a5:fa:54:fb:fd:25:62:eb:6d:d2:43:65:a8:94:17:c3:
         db:7c:a7:6c:78:2c:9d:c2:59:f8:af:55:ac:9f:52:d8:5a:55:
         9a:41:7d:d5:3c:f1:b5:f2:fb:46:22:4e:c2:de:be:aa:6b:8c:
         93:36:3e:7f:01:59:3a:4c:0a:b6:80:17:e2:c8:b8:f1:9e:ba:
         94:7c:c8:af:ef:15:57:ff:9b:03:14:e2:4f:98:34:54:86:f7:
         a6:de:12:d2:10:f9:1f:5e:cc:42:9e:ae:2d:d9:bf:62:e3:be:
         8d:32:d9:52:0b:5a:44:91:33:5e:ea:04:fb:e3:a2:d0:0a:bb:
         bc:a7:9d:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZofiE2c4HHViGKyhEx8JMlIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNDkyN2ExNDFmYjI1Yjc1ODI0YzZiZWFlZjA2NzlkMzRm
YzQ5YmQwHhcNMjUxMDI2MDgwMDE3WhcNMjUxMDI3MDgwMDE3WjAzMTEwLwYDVQQD
EygzMTM1ZWQ5NjQxMDRjY2QyNGZiYjE0MGUzZGI3ZWQwYmQ5OTNhNTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1e0aGC9dvo1FdBxdVCRI14VSlg+
BArISptQ4If2CBstl3FsvCAIAdJZkldYwrf98TGrF8eOnrbq9t+Ean9zwZXIsgat
ydZsboCs7d8YA41H+s5b3VqWikyNCnZ34ZTm0vkuTyLF8VgRC0bhqbuVBWZ42ywl
swpm87uXu3wuKfP+j6KFoGhckWEwogkm4MbsbkiU3ErNiWtNMYD/SsI266r8i1/2
s3M4yzyudmrnUZ0RJQ/k/nbK48QEpvzQCLlQs8T0+fbB6ZbUXtW5taijXCN0MydP
LfdXx1iYF3HKsNz+EXBDAveklHG2AT5sB0k9V2sGL8w34ttm5rt7mfZPuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDE17ZZBBMzST7sUDj237QvZk6VsMB8GA1UdIwQY
MBaAFE1JJ6FB+yW3WCTGvq7wZ500/Em9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUt
NjgwODM3MDlhNGI1LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUtNjgwODM3MDlhNGI1
LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgXTWczWo
ZjwWmgZMFVWudu5BgX58mGL25EEVlTpbESxyNAh9hCPpI4gIXMj3kOoYcfBrCYHj
Tq3N29n5qRa2o6bYcnh29t8JcvXPHNtgNPusTL8e1i+ALynppEF2U/W1UYCnRiEd
/IdAM3SR3i+va1+Tidex9Au7BRiNS4zDNvWl+lT7/SVi623SQ2WolBfD23ynbHgs
ncJZ+K9VrJ9S2FpVmkF91TzxtfL7RiJOwt6+qmuMkzY+fwFZOkwKtoAX4si48Z66
lHzIr+8VV/+bAxTiT5g0VIb3pt4S0hD5H17MQp6uLdm/YuO+jTLZUgtaRJEzXuoE
++Oi0Aq7vKed9A==
-----END CERTIFICATE-----