Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
File:                     tY6n73bYACz8pmxSD3ybYIo5XZU.mft (raw, json)
Hash identifier:          agxmfvFwrA1/v3VFB/tDtt7N3kKY9AWSBSvF7UHlmHI=
Subject key identifier:   9E:86:05:FC:53:8C:98:07:74:A7:C8:93:9E:96:FD:1D:90:FB:02:02
Authority key identifier: B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95
Certificate issuer:       /CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
Certificate serial:       019922FAA2D74C84BFE3081550736DA1B0C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
Manifest number:          0602
Signing time:             Sun 07 Sep 2025 07:01:14 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:14 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:14 +0000
Files and hashes:         1: tY6n73bYACz8pmxSD3ybYIo5XZU.crl (hash: kD9Rg6LesbiGhUQYp0dmZ8X6RFEGwCA3S5cnzRfSsxA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:a2:d7:4c:84:bf:e3:08:15:50:73:6d:a1:b0:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
        Validity
            Not Before: Sep  7 07:01:14 2025 GMT
            Not After : Sep  8 07:01:14 2025 GMT
        Subject: CN=9e8605fc538c980774a7c8939e96fd1d90fb0202
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:a5:17:85:c9:8f:d1:3e:93:6b:9b:95:ef:0c:
                    c4:b0:5a:9e:e8:84:ae:a9:d7:de:4f:6b:d7:39:10:
                    31:f8:8d:97:98:a2:f8:1d:6b:00:b0:19:34:17:af:
                    d7:8d:91:ce:f7:b7:74:3d:dc:a7:27:76:5e:bc:04:
                    71:a5:b0:5e:9a:f7:a4:2f:fa:33:72:7a:a1:c0:82:
                    2a:75:68:c2:89:c4:0d:18:45:a9:e5:e1:fe:aa:e5:
                    4c:98:69:bf:45:2a:e6:a3:db:57:47:6d:10:f4:c2:
                    ce:fb:43:22:1b:2b:10:1f:eb:93:d8:ec:9d:e6:a1:
                    f2:e2:d6:a3:ef:38:74:2f:90:b5:ee:6b:76:09:8f:
                    68:bc:80:63:68:b6:9f:30:6f:7b:a6:47:98:72:6f:
                    ae:a3:5f:13:1b:51:54:d5:fd:a9:0f:72:b3:2b:fb:
                    5e:90:07:22:f1:3e:38:8a:a4:85:23:fb:44:7d:b8:
                    90:22:18:5d:bb:e7:b7:56:78:c0:7a:51:ac:ae:c1:
                    e7:d9:30:de:55:7f:b9:bc:a9:11:ec:7f:d7:be:36:
                    b8:53:b6:00:16:6f:1f:43:d9:ab:a4:ec:79:34:17:
                    1c:aa:6f:a9:51:01:e9:5e:07:85:6b:7e:82:3d:f0:
                    74:93:d5:ba:74:21:3f:73:60:8e:83:bc:c6:1f:43:
                    db:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:86:05:FC:53:8C:98:07:74:A7:C8:93:9E:96:FD:1D:90:FB:02:02
            X509v3 Authority Key Identifier:
                keyid:B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:66:1e:7a:51:fb:95:87:ab:0f:91:06:fc:fe:7b:3c:82:81:
         54:08:39:7e:9a:27:ce:2d:dd:12:f2:cb:12:ca:dc:3a:51:7e:
         37:19:5c:84:62:20:77:0c:75:c8:86:4b:6b:b6:27:1c:de:23:
         04:08:5c:cd:9c:0b:80:aa:03:95:cb:5f:a0:e5:a8:aa:e5:c4:
         f0:98:4f:41:cc:5b:aa:4c:72:e4:90:5f:f4:28:56:ef:12:36:
         e2:d7:9f:f9:88:8d:8e:93:42:22:39:7e:f2:89:79:41:f3:ca:
         3a:0a:d2:05:30:ed:18:be:5a:af:27:88:9f:2e:90:99:7e:30:
         70:fa:b3:2c:c4:12:13:62:6e:66:5c:bd:a7:17:b3:c2:6d:5e:
         5d:18:ce:df:c9:f7:ce:a1:f7:b3:01:d8:d8:e3:2f:80:c2:54:
         44:84:86:e0:39:04:93:cc:c3:e6:75:5f:f8:f4:c8:f4:42:a2:
         1d:5a:bd:26:cc:bf:22:2a:78:be:6c:79:f3:ad:94:d1:75:b3:
         57:c7:08:f3:d7:91:32:57:ce:21:65:fc:d3:a8:82:61:c7:3d:
         87:96:2c:08:8f:43:a3:bf:9e:2d:c6:44:b1:be:0e:99:8e:50:
         3a:14:5c:04:71:2b:b4:81:76:00:e3:16:45:c6:e6:e5:9f:12:
         91:8e:47:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+qLXTIS/4wgVUHNtobDHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OGVhN2VmNzZkODAwMmNmY2E2NmM1MjBmN2M5YjYwOGEz
OTVkOTUwHhcNMjUwOTA3MDcwMTE0WhcNMjUwOTA4MDcwMTE0WjAzMTEwLwYDVQQD
Eyg5ZTg2MDVmYzUzOGM5ODA3NzRhN2M4OTM5ZTk2ZmQxZDkwZmIwMjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqUXhcmP0T6Ta5uV7wzEsFqe6ISu
qdfeT2vXORAx+I2XmKL4HWsAsBk0F6/XjZHO97d0PdynJ3ZevARxpbBemvekL/oz
cnqhwIIqdWjCicQNGEWp5eH+quVMmGm/RSrmo9tXR20Q9MLO+0MiGysQH+uT2Oyd
5qHy4taj7zh0L5C17mt2CY9ovIBjaLafMG97pkeYcm+uo18TG1FU1f2pD3KzK/te
kAci8T44iqSFI/tEfbiQIhhdu+e3VnjAelGsrsHn2TDeVX+5vKkR7H/Xvja4U7YA
Fm8fQ9mrpOx5NBccqm+pUQHpXgeFa36CPfB0k9W6dCE/c2COg7zGH0PbUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ6GBfxTjJgHdKfIk56W/R2Q+wICMB8GA1UdIwQY
MBaAFLWOp+922AAs/KZsUg98m2CKOV2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQt
NmI5ZmYyY2ZhMDdmLzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQtNmI5ZmYyY2ZhMDdm
LzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFGYeelH7
lYerD5EG/P57PIKBVAg5fponzi3dEvLLEsrcOlF+NxlchGIgdwx1yIZLa7YnHN4j
BAhczZwLgKoDlctfoOWoquXE8JhPQcxbqkxy5JBf9ChW7xI24tef+YiNjpNCIjl+
8ol5QfPKOgrSBTDtGL5aryeIny6QmX4wcPqzLMQSE2JuZly9pxezwm1eXRjO38n3
zqH3swHY2OMvgMJURISG4DkEk8zD5nVf+PTI9EKiHVq9Jsy/Iip4vmx5862U0XWz
V8cI89eRMlfOIWX806iCYcc9h5YsCI9Do7+eLcZEsb4OmY5QOhRcBHErtIF2AOMW
Rcbm5Z8SkY5Hyg==
-----END CERTIFICATE-----