Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
File:                     TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft (raw, json)
Hash identifier:          5XLhgOoUzwAxbHlHB1d7AW+tB7s4c/ywlbjz/uZMRRU=
Subject key identifier:   77:79:E7:F0:6B:52:E4:4A:FC:0F:63:89:92:6E:FB:E6:89:10:16:81
Authority key identifier: 4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC
Certificate issuer:       /CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
Certificate serial:       019A725C673252009D01262A328EE9710AAE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
Manifest number:          13ED
Signing time:             Tue 11 Nov 2025 10:00:49 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:49 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:49 +0000
Files and hashes:         1: TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl (hash: ++qXXmVFrhRoAidAntqnnA+aSvffcn2BpItraHfGJX4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:67:32:52:00:9d:01:26:2a:32:8e:e9:71:0a:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
        Validity
            Not Before: Nov 11 10:00:49 2025 GMT
            Not After : Nov 12 10:00:49 2025 GMT
        Subject: CN=7779e7f06b52e44afc0f6389926efbe689101681
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:f1:d5:ad:fd:0f:ff:03:5b:6b:60:4f:74:ad:
                    4d:8e:2a:a5:c4:53:16:78:14:1a:35:e4:27:4a:be:
                    96:7f:b5:96:fd:2e:65:06:e2:53:dc:6a:f4:51:4f:
                    4a:39:d6:17:64:e8:7f:0c:ea:20:14:3d:20:af:bd:
                    5b:0e:d2:31:ce:9a:a6:0a:7b:28:58:9a:10:fc:40:
                    50:d2:97:01:be:3c:8f:cb:7f:b1:38:6b:06:cb:bc:
                    c4:d5:62:83:fa:87:bd:ce:65:bf:a2:fb:04:3a:ed:
                    42:f0:66:ed:b5:ea:55:02:d7:00:29:f0:53:90:ae:
                    a5:7b:79:9a:31:69:64:cd:8d:78:cf:80:51:5d:0e:
                    60:f4:36:3c:38:62:1d:32:d1:57:5a:44:15:c8:7b:
                    05:66:95:4c:2f:63:da:7f:3a:87:a9:7c:9f:71:e6:
                    8f:fa:d3:77:62:d7:0b:a8:4d:cc:fa:26:d5:71:40:
                    ef:f7:2f:d5:90:a8:cd:d1:1f:19:76:a8:40:b8:70:
                    67:5e:27:35:8d:12:40:5d:8f:04:a8:d5:32:b6:72:
                    44:43:b0:dd:5a:70:f4:cf:81:5d:00:43:47:e1:ae:
                    93:a9:1e:ab:69:37:72:aa:c2:d2:a4:84:9a:1d:a1:
                    3b:59:57:af:8a:74:bd:4f:a3:89:b8:c8:93:b4:60:
                    88:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:79:E7:F0:6B:52:E4:4A:FC:0F:63:89:92:6E:FB:E6:89:10:16:81
            X509v3 Authority Key Identifier:
                keyid:4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:25:3b:ad:5f:c1:b5:b3:d8:7a:6f:31:90:4d:2b:5c:16:7b:
         ea:b5:37:24:4c:a7:cd:d0:05:c4:33:88:d5:e9:6b:29:cd:55:
         45:ba:8d:66:28:31:3e:00:e7:3c:39:c2:43:75:64:7e:0d:94:
         0d:70:28:85:50:4b:a0:08:1d:4e:eb:c6:79:b2:50:6b:25:81:
         0d:18:36:54:cc:6a:bd:83:b6:c4:38:4d:92:8d:2e:63:ef:1e:
         14:e8:e7:d7:f5:29:fa:3a:1d:d2:cd:6b:8e:83:6b:ed:c6:f5:
         03:db:5a:3a:b0:7b:a5:08:d7:a2:93:0a:cc:ee:25:f7:0b:32:
         30:1e:5a:8b:f0:30:a8:25:77:3c:15:cc:d8:36:fc:dd:b1:50:
         66:5e:e6:00:ea:43:d6:89:36:0c:76:c6:e3:2d:f9:a0:26:ea:
         65:c2:f8:db:4d:e3:09:0b:2c:22:1e:0c:eb:7d:02:e5:f9:e7:
         b6:64:60:81:b4:ec:d3:b8:48:ec:41:82:d4:d1:b7:d4:20:5a:
         b9:4a:1b:9e:81:0f:28:79:69:eb:8b:5b:fa:2b:90:80:50:2a:
         ef:5c:fa:bb:d0:40:56:91:53:c9:91:22:48:7d:6f:32:7e:8c:
         91:a3:5d:72:98:96:73:bd:1a:53:76:ca:b8:a7:45:5e:4e:98:
         93:5d:c2:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXGcyUgCdASYqMo7pcQquMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzVkYTdlODQzZTM3YzdkYmE0ZmNhNzE4ZjQzODY1ZmQ3
Yzk4ZGMwHhcNMjUxMTExMTAwMDQ5WhcNMjUxMTEyMTAwMDQ5WjAzMTEwLwYDVQQD
Eyg3Nzc5ZTdmMDZiNTJlNDRhZmMwZjYzODk5MjZlZmJlNjg5MTAxNjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvHVrf0P/wNba2BPdK1NjiqlxFMW
eBQaNeQnSr6Wf7WW/S5lBuJT3Gr0UU9KOdYXZOh/DOogFD0gr71bDtIxzpqmCnso
WJoQ/EBQ0pcBvjyPy3+xOGsGy7zE1WKD+oe9zmW/ovsEOu1C8GbttepVAtcAKfBT
kK6le3maMWlkzY14z4BRXQ5g9DY8OGIdMtFXWkQVyHsFZpVML2PafzqHqXyfceaP
+tN3YtcLqE3M+ibVcUDv9y/VkKjN0R8ZdqhAuHBnXic1jRJAXY8EqNUytnJEQ7Dd
WnD0z4FdAENH4a6TqR6raTdyqsLSpISaHaE7WVevinS9T6OJuMiTtGCIzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHd55/BrUuRK/A9jiZJu++aJEBaBMB8GA1UdIwQY
MBaAFEw12n6EPjfH26T8pxj0OGX9fJjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgt
YTY1ZTVlMzNkY2MwLzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgtYTY1ZTVlMzNkY2Mw
LzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACyU7rV/B
tbPYem8xkE0rXBZ76rU3JEynzdAFxDOI1elrKc1VRbqNZigxPgDnPDnCQ3Vkfg2U
DXAohVBLoAgdTuvGebJQayWBDRg2VMxqvYO2xDhNko0uY+8eFOjn1/Up+jod0s1r
joNr7cb1A9taOrB7pQjXopMKzO4l9wsyMB5ai/AwqCV3PBXM2Db83bFQZl7mAOpD
1ok2DHbG4y35oCbqZcL4203jCQssIh4M630C5fnntmRggbTs07hI7EGC1NG31CBa
uUobnoEPKHlp64tb+iuQgFAq71z6u9BAVpFTyZEiSH1vMn6MkaNdcpiWc70aU3bK
uKdFXk6Yk13C6Q==
-----END CERTIFICATE-----