Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft
File:                     TnxZtb-73klP0T13jm8i3adJYsE.mft (raw, json)
Hash identifier:          nWAL7OGCHd31D3uIJLrIOmpPf9Ghd4TYQ7Rc36pANkU=
Subject key identifier:   CA:C8:A8:70:33:D9:60:90:5F:24:D2:7B:A6:D9:53:B9:FA:63:8E:11
Authority key identifier: 4E:7C:59:B5:BF:BB:DE:49:4F:D1:3D:77:8E:6F:22:DD:A7:49:62:C1
Certificate issuer:       /CN=4e7c59b5bfbbde494fd13d778e6f22dda74962c1
Certificate serial:       0197469DB2F50F9C41BA7A7402247157B896
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TnxZtb-73klP0T13jm8i3adJYsE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft
Manifest number:          08BD
Signing time:             Fri 06 Jun 2025 19:00:29 +0000
Manifest this update:     Fri 06 Jun 2025 19:00:29 +0000
Manifest next update:     Sat 07 Jun 2025 19:00:29 +0000
Files and hashes:         1: TnxZtb-73klP0T13jm8i3adJYsE.crl (hash: tJjySaDY79CtgtcuL0q1j3hZJSeRWxKptfqUn6gqpMQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TnxZtb-73klP0T13jm8i3adJYsE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9d:b2:f5:0f:9c:41:ba:7a:74:02:24:71:57:b8:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e7c59b5bfbbde494fd13d778e6f22dda74962c1
        Validity
            Not Before: Jun  6 19:00:29 2025 GMT
            Not After : Jun  7 19:00:29 2025 GMT
        Subject: CN=cac8a87033d960905f24d27ba6d953b9fa638e11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:46:3a:c3:a2:15:e6:64:e0:15:6e:f0:a9:6e:
                    9f:b9:33:87:49:5b:9e:8d:41:a7:d9:8d:35:58:e6:
                    13:c9:aa:f8:69:9e:83:f2:4d:6d:c7:f3:87:7e:37:
                    77:c9:c4:fa:4d:5e:0c:2c:74:ab:ae:aa:b2:36:a6:
                    47:c0:53:59:9d:d5:4a:2c:27:7a:14:71:09:fb:47:
                    66:fd:7c:91:c6:12:ed:94:03:2a:1a:ed:90:2a:ff:
                    81:24:1e:4c:2b:2d:9f:58:90:1d:bd:23:11:d9:b2:
                    7d:f8:5f:3d:7b:08:e1:c4:62:e7:6f:a3:79:c6:56:
                    3c:05:6a:61:51:28:89:d7:e9:ec:f8:94:1d:9a:0c:
                    e3:95:3c:6b:6f:6e:d5:a6:5b:5b:e5:95:92:fe:4d:
                    39:d4:1c:d9:37:e3:60:9d:dc:2d:f5:80:d0:00:13:
                    49:28:37:ea:ee:d4:0b:b6:d2:74:15:7a:9a:bb:94:
                    f0:8a:56:52:3b:a4:81:2d:ca:5f:39:08:2d:cc:0f:
                    ed:bf:b7:c8:ed:bb:96:85:93:9d:81:9b:5e:db:11:
                    22:15:ad:01:2a:5a:50:a6:90:d2:9a:f8:25:36:3d:
                    48:a9:da:ea:50:f8:01:6d:91:b2:f1:d1:0d:d3:b6:
                    c0:19:0c:fa:f9:e4:34:2c:c5:5d:22:49:62:7a:38:
                    e5:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:C8:A8:70:33:D9:60:90:5F:24:D2:7B:A6:D9:53:B9:FA:63:8E:11
            X509v3 Authority Key Identifier:
                keyid:4E:7C:59:B5:BF:BB:DE:49:4F:D1:3D:77:8E:6F:22:DD:A7:49:62:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TnxZtb-73klP0T13jm8i3adJYsE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:43:32:b6:6a:46:49:36:0f:46:40:09:72:6d:6a:0d:07:57:
         6b:42:c6:34:9c:f5:ce:19:7f:7c:57:76:4d:ea:de:80:fe:ca:
         0d:85:d0:09:e9:b2:e3:a6:28:01:db:75:cf:fe:61:52:21:06:
         84:5d:d2:56:10:82:aa:b0:07:ed:79:d5:8c:ff:92:7b:cb:60:
         7f:22:75:d4:87:be:d8:81:54:9b:37:be:b2:0f:06:cd:fe:15:
         b6:af:b1:a5:1d:c8:4f:ee:c6:78:b9:85:fb:70:48:c0:d4:09:
         b1:a1:b2:f0:8f:2e:0e:8d:19:5a:e9:be:7f:02:7a:b2:9c:dd:
         a8:0c:99:0e:73:1b:45:70:bf:7c:5f:cc:72:d5:68:bb:eb:fa:
         5d:fe:6e:42:4d:c7:42:7d:6a:4e:80:ea:89:2b:90:0a:f8:0f:
         29:fa:ee:74:eb:c8:95:f0:d9:67:3b:72:0c:a2:a3:b9:93:88:
         c5:21:59:86:32:93:64:b5:ee:fe:c4:93:2e:cf:54:ab:28:57:
         ed:bb:86:4f:9e:bc:eb:7c:aa:49:57:a6:0b:be:d9:71:ba:65:
         b2:b6:02:89:41:6d:bf:91:4f:01:a4:8f:2e:94:b7:38:c1:f6:
         02:7c:7f:a4:c4:ba:c4:c6:7a:2b:58:ea:47:35:5b:8a:67:11:
         38:c9:51:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnbL1D5xBunp0AiRxV7iWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlN2M1OWI1YmZiYmRlNDk0ZmQxM2Q3NzhlNmYyMmRkYTc0
OTYyYzEwHhcNMjUwNjA2MTkwMDI5WhcNMjUwNjA3MTkwMDI5WjAzMTEwLwYDVQQD
EyhjYWM4YTg3MDMzZDk2MDkwNWYyNGQyN2JhNmQ5NTNiOWZhNjM4ZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkY6w6IV5mTgFW7wqW6fuTOHSVue
jUGn2Y01WOYTyar4aZ6D8k1tx/OHfjd3ycT6TV4MLHSrrqqyNqZHwFNZndVKLCd6
FHEJ+0dm/XyRxhLtlAMqGu2QKv+BJB5MKy2fWJAdvSMR2bJ9+F89ewjhxGLnb6N5
xlY8BWphUSiJ1+ns+JQdmgzjlTxrb27Vpltb5ZWS/k051BzZN+Ngndwt9YDQABNJ
KDfq7tQLttJ0FXqau5TwilZSO6SBLcpfOQgtzA/tv7fI7buWhZOdgZte2xEiFa0B
KlpQppDSmvglNj1IqdrqUPgBbZGy8dEN07bAGQz6+eQ0LMVdIkliejjlNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMrIqHAz2WCQXyTSe6bZU7n6Y44RMB8GA1UdIwQY
MBaAFE58WbW/u95JT9E9d45vIt2nSWLBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG54WnRiLTcza2xQMFQxM2ptOGkzYWRKWXNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mMzA2MDItNWZhMi00YWI4LTk5ZTct
YzA3ZjZjNWEwYWE3LzEvVG54WnRiLTcza2xQMFQxM2ptOGkzYWRKWXNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mMzA2MDItNWZhMi00YWI4LTk5ZTctYzA3ZjZjNWEwYWE3
LzEvVG54WnRiLTcza2xQMFQxM2ptOGkzYWRKWXNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAakMytmpG
STYPRkAJcm1qDQdXa0LGNJz1zhl/fFd2TeregP7KDYXQCemy46YoAdt1z/5hUiEG
hF3SVhCCqrAH7XnVjP+Se8tgfyJ11Ie+2IFUmze+sg8Gzf4Vtq+xpR3IT+7GeLmF
+3BIwNQJsaGy8I8uDo0ZWum+fwJ6spzdqAyZDnMbRXC/fF/MctVou+v6Xf5uQk3H
Qn1qToDqiSuQCvgPKfrudOvIlfDZZztyDKKjuZOIxSFZhjKTZLXu/sSTLs9UqyhX
7buGT56863yqSVemC77ZcbplsrYCiUFtv5FPAaSPLpS3OMH2Anx/pMS6xMZ6K1jq
RzVbimcROMlRMA==
-----END CERTIFICATE-----