Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft
File:                     TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft (raw, json)
Hash identifier:          8qiWBhxUyGfFJ5jOvKruwA3fyKujDvZOW7HQ+yRfSiw=
Subject key identifier:   BC:0A:6F:DC:D3:6B:97:A2:8D:AB:BE:F0:94:67:F9:1E:63:31:BF:CD
Authority key identifier: 4E:48:9F:66:15:9F:77:BB:58:D2:BB:C7:E4:FC:1D:FD:9D:DC:B0:34
Certificate issuer:       /CN=4e489f66159f77bb58d2bbc7e4fc1dfd9ddcb034
Certificate serial:       019A7225D7725F599ABD9BBCE8AC796A7505
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 09:01:13 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:13 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:13 +0000
Files and hashes:         1: TkifZhWfd7tY0rvH5Pwd_Z3csDQ.crl (hash: yIZ4SU0LgfchdVF2rIwsdGWn02lTlpOjoujBMGyx9kg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:d7:72:5f:59:9a:bd:9b:bc:e8:ac:79:6a:75:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e489f66159f77bb58d2bbc7e4fc1dfd9ddcb034
        Validity
            Not Before: Nov 11 09:01:13 2025 GMT
            Not After : Nov 12 09:01:13 2025 GMT
        Subject: CN=bc0a6fdcd36b97a28dabbef09467f91e6331bfcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:df:dd:17:84:f5:cc:e7:b1:a8:26:14:fa:16:
                    bd:66:2e:2b:8c:c5:ef:b2:cb:9d:e5:27:73:e3:d3:
                    64:e8:4e:1d:6f:3d:d5:25:e9:c6:c7:f9:c2:9d:42:
                    b4:12:4d:72:93:bb:bc:f9:a7:0a:43:f5:96:4d:63:
                    53:3d:81:54:3d:0d:8c:58:5c:ab:a0:e4:e2:58:1b:
                    74:61:13:d1:f9:4b:4a:0a:9b:0f:0e:3f:ea:73:c5:
                    b6:f7:34:3f:db:67:f1:86:62:fb:8c:2e:9c:55:f8:
                    9e:70:8b:df:92:f1:1e:ba:7e:a5:09:d4:1a:15:05:
                    fb:da:2d:8e:d4:c7:3c:ba:75:7f:dd:80:d4:75:b2:
                    97:2f:16:5c:76:b2:19:10:3a:ec:86:70:22:c2:2d:
                    3e:9e:bd:05:48:f4:41:3a:54:55:9c:01:17:86:44:
                    d1:dd:c5:20:25:16:bd:f0:61:4d:2a:4c:9d:ee:4c:
                    e5:94:4b:91:73:d3:7f:69:3a:19:ab:cc:1d:16:70:
                    78:df:1e:2f:37:d4:f8:1b:5c:4f:41:a6:41:ea:4c:
                    2d:7d:f1:61:0f:58:5f:e3:0a:1e:93:c8:8d:52:fb:
                    70:80:62:ed:c4:f6:bf:d6:5e:f3:2d:20:9c:93:44:
                    8a:98:a1:0e:fd:ef:1b:ff:47:4e:6b:85:16:cd:d5:
                    a9:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:0A:6F:DC:D3:6B:97:A2:8D:AB:BE:F0:94:67:F9:1E:63:31:BF:CD
            X509v3 Authority Key Identifier:
                keyid:4E:48:9F:66:15:9F:77:BB:58:D2:BB:C7:E4:FC:1D:FD:9D:DC:B0:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:31:a7:e6:ab:96:54:8a:82:71:72:9c:01:51:fc:45:47:49:
         85:ba:05:0f:bb:94:79:c7:5a:38:d1:f4:45:b7:27:5f:11:5a:
         ec:61:ac:93:29:9b:a8:8c:86:90:a5:5b:b1:06:bd:cb:60:64:
         10:25:8a:3d:ca:e8:9c:69:0a:93:54:87:b0:e1:d8:ca:a3:07:
         a7:c5:9b:27:98:97:e6:fc:f8:12:97:b1:4a:3e:b9:09:1b:8e:
         57:fd:b3:6d:00:8e:e4:55:5a:e1:d0:6a:22:13:80:05:a8:43:
         74:79:d8:06:2b:51:7f:fe:68:0a:f3:56:56:8f:4a:15:99:11:
         55:f6:78:69:c6:3e:34:6d:45:35:4a:a5:6c:c1:18:db:a6:af:
         6f:38:5f:32:56:bf:7c:42:05:00:4d:1d:88:5c:2f:77:f7:89:
         bb:00:0f:56:e5:3e:4b:83:86:bc:e8:b2:99:75:d2:a4:70:0c:
         e4:14:eb:c6:f2:21:f2:29:40:f4:12:87:7f:22:56:4e:4e:32:
         9f:36:c5:4c:ef:73:e9:06:ed:1c:19:e9:7b:1b:84:77:39:2e:
         25:da:66:3a:47:b7:fa:fb:a8:2b:4b:48:42:d0:20:f7:f1:da:
         c9:c7:b9:70:53:d6:ae:6e:6d:c8:8e:79:c7:21:a5:f3:8d:1b:
         2d:1f:30:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJddyX1mavZu86Kx5anUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNDg5ZjY2MTU5Zjc3YmI1OGQyYmJjN2U0ZmMxZGZkOWRk
Y2IwMzQwHhcNMjUxMTExMDkwMTEzWhcNMjUxMTEyMDkwMTEzWjAzMTEwLwYDVQQD
EyhiYzBhNmZkY2QzNmI5N2EyOGRhYmJlZjA5NDY3ZjkxZTYzMzFiZmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAut/dF4T1zOexqCYU+ha9Zi4rjMXv
ssud5Sdz49Nk6E4dbz3VJenGx/nCnUK0Ek1yk7u8+acKQ/WWTWNTPYFUPQ2MWFyr
oOTiWBt0YRPR+UtKCpsPDj/qc8W29zQ/22fxhmL7jC6cVfiecIvfkvEeun6lCdQa
FQX72i2O1Mc8unV/3YDUdbKXLxZcdrIZEDrshnAiwi0+nr0FSPRBOlRVnAEXhkTR
3cUgJRa98GFNKkyd7kzllEuRc9N/aToZq8wdFnB43x4vN9T4G1xPQaZB6kwtffFh
D1hf4woek8iNUvtwgGLtxPa/1l7zLSCck0SKmKEO/e8b/0dOa4UWzdWplwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwKb9zTa5eijau+8JRn+R5jMb/NMB8GA1UdIwQY
MBaAFE5In2YVn3e7WNK7x+T8Hf2d3LA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGtpZlpoV2ZkN3RZMHJ2SDVQd2RfWjNjc0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hNTgxOTctZWIwOS00NDE1LWE2MWQt
YWJkNjFhYTgyNDI2LzEvVGtpZlpoV2ZkN3RZMHJ2SDVQd2RfWjNjc0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hNTgxOTctZWIwOS00NDE1LWE2MWQtYWJkNjFhYTgyNDI2
LzEvVGtpZlpoV2ZkN3RZMHJ2SDVQd2RfWjNjc0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANTGn5quW
VIqCcXKcAVH8RUdJhboFD7uUecdaONH0RbcnXxFa7GGskymbqIyGkKVbsQa9y2Bk
ECWKPcronGkKk1SHsOHYyqMHp8WbJ5iX5vz4EpexSj65CRuOV/2zbQCO5FVa4dBq
IhOABahDdHnYBitRf/5oCvNWVo9KFZkRVfZ4acY+NG1FNUqlbMEY26avbzhfMla/
fEIFAE0diFwvd/eJuwAPVuU+S4OGvOiymXXSpHAM5BTrxvIh8ilA9BKHfyJWTk4y
nzbFTO9z6QbtHBnpexuEdzkuJdpmOke3+vuoK0tIQtAg9/Hayce5cFPWrm5tyI55
xyGl840bLR8wvQ==
-----END CERTIFICATE-----