Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft
File:                     TnxZtb-73klP0T13jm8i3adJYsE.mft (raw, json)
Hash identifier:          cPN09/t+KcO7Pjq3EHyAPH++MGHFgd1XdO1xdWi11ng=
Subject key identifier:   23:BC:5B:18:A6:A1:56:3F:41:50:34:91:31:57:B2:13:B9:29:14:47
Authority key identifier: 4E:7C:59:B5:BF:BB:DE:49:4F:D1:3D:77:8E:6F:22:DD:A7:49:62:C1
Certificate issuer:       /CN=4e7c59b5bfbbde494fd13d778e6f22dda74962c1
Certificate serial:       019A71B77596B77753F675E46FD5FA1602D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TnxZtb-73klP0T13jm8i3adJYsE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft
Manifest number:          0A61
Signing time:             Tue 11 Nov 2025 07:00:39 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:39 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:39 +0000
Files and hashes:         1: TnxZtb-73klP0T13jm8i3adJYsE.crl (hash: N2/zLU+shDmKJDeyFJuUHI6DThsKV4Rk0ExV2IHJaPY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TnxZtb-73klP0T13jm8i3adJYsE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:75:96:b7:77:53:f6:75:e4:6f:d5:fa:16:02:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e7c59b5bfbbde494fd13d778e6f22dda74962c1
        Validity
            Not Before: Nov 11 07:00:39 2025 GMT
            Not After : Nov 12 07:00:39 2025 GMT
        Subject: CN=23bc5b18a6a1563f415034913157b213b9291447
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:ab:1d:6a:fb:ed:bf:30:05:02:18:d4:fd:68:
                    78:9c:35:bc:59:37:07:f0:13:a0:58:4a:93:b8:1a:
                    32:3a:77:46:ed:59:83:27:17:65:e7:e6:1c:d0:c8:
                    63:d2:2c:87:6e:ff:c9:61:25:47:0b:37:f3:d7:25:
                    87:5f:0b:2c:ba:9e:e3:c6:d9:96:3f:7a:e1:c3:22:
                    19:a8:75:c0:0c:86:5f:7b:0b:c1:9c:15:ed:ae:3d:
                    3f:93:ea:71:0f:de:3d:2a:94:b1:69:39:ee:37:d1:
                    76:94:5d:e5:12:5c:32:81:d7:60:87:65:d7:77:99:
                    8f:a8:f5:86:33:93:ce:c5:4e:7b:5f:6d:1b:54:5e:
                    9d:37:87:59:5b:21:a8:8c:84:a5:9f:4a:71:95:23:
                    47:4d:94:10:fa:a9:ae:92:72:de:d9:a0:66:66:f7:
                    14:77:bb:31:7e:01:06:75:15:b2:27:83:f2:b8:82:
                    b6:cd:8d:f1:d4:3a:58:40:45:cc:68:59:79:39:ab:
                    26:88:d7:ec:7a:9d:95:b1:29:a1:f2:c6:07:6f:18:
                    ff:fa:0d:dc:54:f7:41:a1:7d:0d:ca:fb:39:72:03:
                    9f:3c:91:31:de:67:71:49:93:0e:84:f6:6f:b9:32:
                    f6:aa:d4:1b:a5:2d:c1:df:d7:94:2c:1e:af:af:f0:
                    0b:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:BC:5B:18:A6:A1:56:3F:41:50:34:91:31:57:B2:13:B9:29:14:47
            X509v3 Authority Key Identifier:
                keyid:4E:7C:59:B5:BF:BB:DE:49:4F:D1:3D:77:8E:6F:22:DD:A7:49:62:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TnxZtb-73klP0T13jm8i3adJYsE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:c6:96:ea:12:28:31:b4:b3:f7:00:bf:f7:5c:cd:e9:96:68:
         90:99:b1:b2:6b:c2:22:97:34:9e:c7:2c:74:76:b0:36:37:bb:
         97:a7:00:a7:75:a0:50:c1:81:8b:7b:8d:74:e7:19:1c:7d:b4:
         c2:e0:2d:69:b6:6d:b3:08:03:81:64:e8:e9:c3:6b:33:e0:ef:
         ed:ae:e3:63:c1:b3:2b:83:5f:03:72:21:8a:b9:b2:20:1d:9b:
         eb:c4:3e:35:89:3a:96:92:49:1d:bb:cf:f0:c3:d3:27:25:17:
         cb:88:41:f3:c2:ca:1c:cb:43:d3:8d:ca:b5:6e:97:3d:0b:70:
         60:b7:cb:06:d2:a6:fd:78:d1:ed:65:9e:aa:67:e4:17:c9:d4:
         84:16:4d:fe:75:4a:31:c7:2b:9f:43:4d:2b:2f:4a:97:96:76:
         f2:50:60:02:95:24:3e:46:e2:f0:ff:7b:4e:b0:a8:ea:96:0a:
         4a:4f:39:a4:83:81:c5:78:45:ff:9c:3e:f1:ae:86:1e:7e:28:
         d6:3d:fd:1b:4c:14:bd:88:11:cf:69:97:e6:d4:f7:4f:73:57:
         c5:f8:1a:7c:aa:8d:e8:c2:6b:00:55:94:2d:d3:a4:c5:54:e5:
         60:a1:7f:e5:14:15:ba:df:fc:4f:0f:6a:ba:35:ba:7c:76:4f:
         d4:8c:47:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt3WWt3dT9nXkb9X6FgLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlN2M1OWI1YmZiYmRlNDk0ZmQxM2Q3NzhlNmYyMmRkYTc0
OTYyYzEwHhcNMjUxMTExMDcwMDM5WhcNMjUxMTEyMDcwMDM5WjAzMTEwLwYDVQQD
EygyM2JjNWIxOGE2YTE1NjNmNDE1MDM0OTEzMTU3YjIxM2I5MjkxNDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzasdavvtvzAFAhjU/Wh4nDW8WTcH
8BOgWEqTuBoyOndG7VmDJxdl5+Yc0Mhj0iyHbv/JYSVHCzfz1yWHXwssup7jxtmW
P3rhwyIZqHXADIZfewvBnBXtrj0/k+pxD949KpSxaTnuN9F2lF3lElwygddgh2XX
d5mPqPWGM5POxU57X20bVF6dN4dZWyGojISln0pxlSNHTZQQ+qmuknLe2aBmZvcU
d7sxfgEGdRWyJ4PyuIK2zY3x1DpYQEXMaFl5OasmiNfsep2VsSmh8sYHbxj/+g3c
VPdBoX0Nyvs5cgOfPJEx3mdxSZMOhPZvuTL2qtQbpS3B39eULB6vr/ALNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCO8WximoVY/QVA0kTFXshO5KRRHMB8GA1UdIwQY
MBaAFE58WbW/u95JT9E9d45vIt2nSWLBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG54WnRiLTcza2xQMFQxM2ptOGkzYWRKWXNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mMzA2MDItNWZhMi00YWI4LTk5ZTct
YzA3ZjZjNWEwYWE3LzEvVG54WnRiLTcza2xQMFQxM2ptOGkzYWRKWXNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mMzA2MDItNWZhMi00YWI4LTk5ZTctYzA3ZjZjNWEwYWE3
LzEvVG54WnRiLTcza2xQMFQxM2ptOGkzYWRKWXNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjsaW6hIo
MbSz9wC/91zN6ZZokJmxsmvCIpc0nscsdHawNje7l6cAp3WgUMGBi3uNdOcZHH20
wuAtabZtswgDgWTo6cNrM+Dv7a7jY8GzK4NfA3IhirmyIB2b68Q+NYk6lpJJHbvP
8MPTJyUXy4hB88LKHMtD043KtW6XPQtwYLfLBtKm/XjR7WWeqmfkF8nUhBZN/nVK
Mccrn0NNKy9Kl5Z28lBgApUkPkbi8P97TrCo6pYKSk85pIOBxXhF/5w+8a6GHn4o
1j39G0wUvYgRz2mX5tT3T3NXxfgafKqN6MJrAFWULdOkxVTlYKF/5RQVut/8Tw9q
ujW6fHZP1IxHAg==
-----END CERTIFICATE-----