Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft
File:                     tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft (raw, json)
Hash identifier:          Qsitg+QEMHgfuMDAyXG2rjooSV5GEpl9TPR8Thc0wvQ=
Subject key identifier:   39:ED:35:44:14:18:47:A0:61:6B:67:B8:C3:AA:D2:F1:A8:1C:1C:31
Authority key identifier: B5:94:EB:B6:74:8F:DC:12:12:7C:3F:92:7E:7F:B9:B1:AF:89:26:2C
Certificate issuer:       /CN=b594ebb6748fdc12127c3f927e7fb9b1af89262c
Certificate serial:       019A71B802FA6C58B56A321F53CB183961D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 07:01:16 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:16 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:16 +0000
Files and hashes:         1: tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl (hash: wez9yVdLf2I3d6LoyR4S9+7IIiG13PngKDKqdOkEDF4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:02:fa:6c:58:b5:6a:32:1f:53:cb:18:39:61:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b594ebb6748fdc12127c3f927e7fb9b1af89262c
        Validity
            Not Before: Nov 11 07:01:16 2025 GMT
            Not After : Nov 12 07:01:16 2025 GMT
        Subject: CN=39ed3544141847a0616b67b8c3aad2f1a81c1c31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:47:22:d0:59:07:03:f3:63:30:23:67:61:e7:
                    c0:d4:fa:fb:08:53:a3:59:66:c1:1a:f9:d2:a5:0e:
                    a2:ad:ad:45:8d:41:41:52:b0:36:29:6a:45:8d:88:
                    f1:0d:d1:d6:4d:46:2b:2c:84:0e:b2:71:77:1b:a4:
                    c6:62:b8:7d:9f:2c:32:32:1d:34:8a:64:6e:f7:db:
                    1b:61:75:54:6d:ee:a4:c2:38:41:cd:0d:fd:60:6d:
                    48:d0:2a:2a:a8:a8:41:e2:f0:78:08:f2:79:a1:8b:
                    29:0f:fe:68:be:9b:f7:e3:0e:11:d7:4b:ec:22:2b:
                    42:81:66:fa:ea:99:3e:6b:69:f5:55:50:13:af:81:
                    da:17:b1:cc:9a:15:cf:cb:b5:c8:cc:6f:79:ce:7c:
                    d1:9c:2b:32:a5:5d:db:a6:df:6c:69:b0:fc:bd:ad:
                    ad:35:83:50:db:1f:3c:a9:fe:16:bd:93:4a:fd:cd:
                    7a:67:ee:c8:65:46:47:a4:f8:0b:86:e4:61:95:7f:
                    5e:a6:34:e6:2d:6b:36:f9:ee:6e:06:96:b4:6d:84:
                    e5:a4:28:ae:36:3e:aa:48:35:13:05:be:b6:2a:db:
                    a7:dc:1b:be:ae:c2:28:b7:97:0e:25:cf:ba:f9:6c:
                    56:4e:9a:c3:f0:a0:37:1f:4b:6c:4d:d4:a6:1e:ed:
                    d3:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:ED:35:44:14:18:47:A0:61:6B:67:B8:C3:AA:D2:F1:A8:1C:1C:31
            X509v3 Authority Key Identifier:
                keyid:B5:94:EB:B6:74:8F:DC:12:12:7C:3F:92:7E:7F:B9:B1:AF:89:26:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:53:f6:8a:5c:fd:05:d1:ef:c2:16:e9:a8:06:b4:6c:aa:61:
         e8:fb:ac:da:c4:d8:55:86:89:bc:67:ff:4f:27:0e:df:19:26:
         d0:da:69:21:59:1c:55:c6:8d:89:21:ec:88:72:33:a1:97:58:
         d1:e2:71:b3:24:88:05:f7:a9:af:e6:56:a4:51:d6:6a:e3:fb:
         b3:dd:33:35:0a:b8:f2:4b:d1:42:85:1b:2d:ba:01:f2:ea:6a:
         b9:fd:6a:4a:03:2b:19:c0:c3:74:a6:ad:26:0e:ec:83:e2:e8:
         5c:09:3c:b1:0a:52:df:d4:e6:f9:a7:ca:e9:57:e1:a4:a0:c5:
         70:41:ac:e9:a4:89:01:42:73:89:13:00:d6:2a:f4:7a:af:d2:
         1f:09:58:2e:83:e9:b8:fb:f0:26:de:15:a1:a5:b1:f4:66:8e:
         05:61:2d:d0:5d:ad:78:19:0d:71:1f:98:31:be:46:f1:c0:4c:
         de:44:33:1d:db:86:26:61:3c:80:07:bd:bb:b8:3b:55:d8:f6:
         24:0d:0c:84:98:87:6b:47:75:c9:02:f7:30:0e:b9:a8:92:ba:
         c8:ed:79:3b:cf:90:0a:a4:3e:93:fb:cd:d1:4e:db:09:cf:4a:
         22:7d:47:b3:29:d7:20:40:43:f6:fc:ba:8e:22:28:c1:60:8a:
         df:5f:2d:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuAL6bFi1ajIfU8sYOWHQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OTRlYmI2NzQ4ZmRjMTIxMjdjM2Y5MjdlN2ZiOWIxYWY4
OTI2MmMwHhcNMjUxMTExMDcwMTE2WhcNMjUxMTEyMDcwMTE2WjAzMTEwLwYDVQQD
EygzOWVkMzU0NDE0MTg0N2EwNjE2YjY3YjhjM2FhZDJmMWE4MWMxYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEci0FkHA/NjMCNnYefA1Pr7CFOj
WWbBGvnSpQ6ira1FjUFBUrA2KWpFjYjxDdHWTUYrLIQOsnF3G6TGYrh9nywyMh00
imRu99sbYXVUbe6kwjhBzQ39YG1I0CoqqKhB4vB4CPJ5oYspD/5ovpv34w4R10vs
IitCgWb66pk+a2n1VVATr4HaF7HMmhXPy7XIzG95znzRnCsypV3bpt9sabD8va2t
NYNQ2x88qf4WvZNK/c16Z+7IZUZHpPgLhuRhlX9epjTmLWs2+e5uBpa0bYTlpCiu
Nj6qSDUTBb62Ktun3Bu+rsIot5cOJc+6+WxWTprD8KA3H0tsTdSmHu3TUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDntNUQUGEegYWtnuMOq0vGoHBwxMB8GA1UdIwQY
MBaAFLWU67Z0j9wSEnw/kn5/ubGviSYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84YWEwODEtMzk2OS00MzJjLTk4ZDAt
ODIxOTM2YjMxNTE4LzEvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84YWEwODEtMzk2OS00MzJjLTk4ZDAtODIxOTM2YjMxNTE4
LzEvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUVP2ilz9
BdHvwhbpqAa0bKph6Pus2sTYVYaJvGf/TycO3xkm0NppIVkcVcaNiSHsiHIzoZdY
0eJxsySIBfepr+ZWpFHWauP7s90zNQq48kvRQoUbLboB8upquf1qSgMrGcDDdKat
Jg7sg+LoXAk8sQpS39Tm+afK6VfhpKDFcEGs6aSJAUJziRMA1ir0eq/SHwlYLoPp
uPvwJt4VoaWx9GaOBWEt0F2teBkNcR+YMb5G8cBM3kQzHduGJmE8gAe9u7g7Vdj2
JA0MhJiHa0d1yQL3MA65qJK6yO15O8+QCqQ+k/vN0U7bCc9KIn1HsynXIEBD9vy6
jiIowWCK318tNw==
-----END CERTIFICATE-----