Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft
File:                     TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft (raw, json)
Hash identifier:          6YA8JWIdXB2H44IQhhhejr441BFLzJv7BOcogr2p2mw=
Subject key identifier:   52:47:30:18:B8:AA:F6:B2:31:AC:D0:1B:9D:9D:4B:96:F6:1D:70:D5
Authority key identifier: 4E:48:9F:66:15:9F:77:BB:58:D2:BB:C7:E4:FC:1D:FD:9D:DC:B0:34
Certificate issuer:       /CN=4e489f66159f77bb58d2bbc7e4fc1dfd9ddcb034
Certificate serial:       019918771C7D4155E501C7799DF8ACCEC192
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft
Manifest number:          1668
Signing time:             Fri 05 Sep 2025 06:01:23 +0000
Manifest this update:     Fri 05 Sep 2025 06:01:23 +0000
Manifest next update:     Sat 06 Sep 2025 06:01:23 +0000
Files and hashes:         1: TkifZhWfd7tY0rvH5Pwd_Z3csDQ.crl (hash: 0yFmoqzrmz36U68tf42lmoR/insFXPjwmBuyik0qq40=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:77:1c:7d:41:55:e5:01:c7:79:9d:f8:ac:ce:c1:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e489f66159f77bb58d2bbc7e4fc1dfd9ddcb034
        Validity
            Not Before: Sep  5 06:01:23 2025 GMT
            Not After : Sep  6 06:01:23 2025 GMT
        Subject: CN=52473018b8aaf6b231acd01b9d9d4b96f61d70d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:c5:65:35:58:e9:bb:e8:aa:6b:5c:b2:76:14:
                    ba:20:1f:07:f4:9a:0e:b6:21:ec:15:c3:2b:0d:58:
                    bc:65:9a:3f:b0:c9:6a:b5:ad:e9:31:2b:5c:d2:af:
                    a8:e0:63:19:4e:1f:3d:46:4b:f7:b4:31:78:86:1f:
                    1d:04:d1:b9:1c:25:a5:45:ec:f7:fc:fe:34:80:d9:
                    8e:3e:1d:b6:33:f0:1b:c3:3d:24:4f:6b:94:4a:72:
                    d8:b0:d0:9a:e7:0a:57:47:c6:4a:8a:46:38:52:45:
                    67:23:12:ac:06:4e:4d:9b:42:cf:a9:b4:5d:8b:4d:
                    28:ea:0a:41:5b:1b:b6:35:2f:79:a3:b8:55:ff:07:
                    c3:1f:8c:9f:dd:e1:fa:80:80:08:26:94:99:a3:a8:
                    be:3b:3f:02:82:17:db:d7:30:af:00:c2:60:42:d5:
                    55:31:b4:61:ce:17:7f:99:74:6d:67:5c:2d:7a:2d:
                    09:a2:ee:21:bb:97:2b:5a:06:d1:16:1f:9a:c2:2b:
                    05:a8:57:51:86:d9:40:cf:86:dd:67:4f:03:92:14:
                    74:ae:89:d8:b2:ab:86:2b:8c:9b:60:44:f3:70:56:
                    71:33:be:68:7f:ea:16:18:60:8e:bb:76:05:55:db:
                    82:1d:e2:c4:f5:c1:ac:8f:bf:01:99:82:08:b3:b5:
                    ff:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:47:30:18:B8:AA:F6:B2:31:AC:D0:1B:9D:9D:4B:96:F6:1D:70:D5
            X509v3 Authority Key Identifier:
                keyid:4E:48:9F:66:15:9F:77:BB:58:D2:BB:C7:E4:FC:1D:FD:9D:DC:B0:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:f9:34:e1:99:35:35:6a:f3:41:48:50:12:36:b5:dc:0d:5c:
         e0:b1:60:d8:06:1d:55:54:c1:4f:2b:74:11:a4:14:c0:0f:a3:
         70:6d:5f:29:cf:3d:99:c6:97:f0:31:6d:8f:7f:ea:56:98:68:
         cd:08:82:55:31:3a:16:cb:d2:f3:a8:af:cd:05:f3:35:ba:6f:
         4a:f4:43:7a:6c:e0:31:1c:29:d8:84:80:26:1b:36:97:58:56:
         8e:62:a3:ca:5d:a7:b2:a6:7c:c0:1f:3d:1e:47:de:ba:94:0a:
         37:0c:d9:65:bd:46:06:8a:42:f2:43:b4:bd:80:62:b9:4a:cf:
         c3:aa:53:df:26:3a:60:00:23:ff:ef:6a:ca:5d:d4:a0:2b:03:
         4b:0f:92:14:3f:c2:da:bf:25:87:de:ab:12:bf:37:5f:23:67:
         ef:ba:85:ca:63:c5:76:a3:18:6f:86:b6:88:84:06:08:1e:94:
         ba:2b:89:87:42:6b:6d:35:c4:b2:f5:dc:45:3d:ce:a0:e0:c7:
         cf:95:c1:22:ce:6f:c2:06:64:4b:64:5b:cc:00:ab:ce:dd:2d:
         fd:20:4e:53:c6:6e:32:7b:7b:5b:88:b2:c5:8e:37:50:d4:ba:
         bc:29:21:17:2f:c5:2c:e6:80:59:4c:ad:11:d5:d6:42:9f:e2:
         e6:82:76:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYdxx9QVXlAcd5nfiszsGSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNDg5ZjY2MTU5Zjc3YmI1OGQyYmJjN2U0ZmMxZGZkOWRk
Y2IwMzQwHhcNMjUwOTA1MDYwMTIzWhcNMjUwOTA2MDYwMTIzWjAzMTEwLwYDVQQD
Eyg1MjQ3MzAxOGI4YWFmNmIyMzFhY2QwMWI5ZDlkNGI5NmY2MWQ3MGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8sVlNVjpu+iqa1yydhS6IB8H9JoO
tiHsFcMrDVi8ZZo/sMlqta3pMStc0q+o4GMZTh89Rkv3tDF4hh8dBNG5HCWlRez3
/P40gNmOPh22M/Abwz0kT2uUSnLYsNCa5wpXR8ZKikY4UkVnIxKsBk5Nm0LPqbRd
i00o6gpBWxu2NS95o7hV/wfDH4yf3eH6gIAIJpSZo6i+Oz8Cghfb1zCvAMJgQtVV
MbRhzhd/mXRtZ1wtei0Jou4hu5crWgbRFh+awisFqFdRhtlAz4bdZ08DkhR0ronY
squGK4ybYETzcFZxM75of+oWGGCOu3YFVduCHeLE9cGsj78BmYIIs7X/ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFJHMBi4qvayMazQG52dS5b2HXDVMB8GA1UdIwQY
MBaAFE5In2YVn3e7WNK7x+T8Hf2d3LA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGtpZlpoV2ZkN3RZMHJ2SDVQd2RfWjNjc0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hNTgxOTctZWIwOS00NDE1LWE2MWQt
YWJkNjFhYTgyNDI2LzEvVGtpZlpoV2ZkN3RZMHJ2SDVQd2RfWjNjc0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hNTgxOTctZWIwOS00NDE1LWE2MWQtYWJkNjFhYTgyNDI2
LzEvVGtpZlpoV2ZkN3RZMHJ2SDVQd2RfWjNjc0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd/k04Zk1
NWrzQUhQEja13A1c4LFg2AYdVVTBTyt0EaQUwA+jcG1fKc89mcaX8DFtj3/qVpho
zQiCVTE6FsvS86ivzQXzNbpvSvRDemzgMRwp2ISAJhs2l1hWjmKjyl2nsqZ8wB89
HkfeupQKNwzZZb1GBopC8kO0vYBiuUrPw6pT3yY6YAAj/+9qyl3UoCsDSw+SFD/C
2r8lh96rEr83XyNn77qFymPFdqMYb4a2iIQGCB6UuiuJh0JrbTXEsvXcRT3OoODH
z5XBIs5vwgZkS2RbzACrzt0t/SBOU8ZuMnt7W4iyxY43UNS6vCkhFy/FLOaAWUyt
EdXWQp/i5oJ2aQ==
-----END CERTIFICATE-----