Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
File:                     tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft (raw, json)
Hash identifier:          5OceYw4wGikxhaVRfjtgeHCoOiVgc7iDXe6M4dorAzw=
Subject key identifier:   55:81:ED:D0:5D:27:61:90:1B:2F:F3:A7:1A:76:19:BE:0A:CC:21:74
Authority key identifier: B4:83:BC:0A:71:A5:2D:0C:F3:98:95:22:36:75:75:95:9E:BD:CE:F5
Certificate issuer:       /CN=b483bc0a71a52d0cf3989522367575959ebdcef5
Certificate serial:       0198A0BAA5822FE8EB3221346F32844BD345
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
Manifest number:          15BC
Signing time:             Wed 13 Aug 2025 00:00:43 +0000
Manifest this update:     Wed 13 Aug 2025 00:00:43 +0000
Manifest next update:     Thu 14 Aug 2025 00:00:43 +0000
Files and hashes:         1: tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl (hash: l2gpcELlISwszvB8/pmRc3JHDtoyNu1JXf4h7/IbnuQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:ba:a5:82:2f:e8:eb:32:21:34:6f:32:84:4b:d3:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b483bc0a71a52d0cf3989522367575959ebdcef5
        Validity
            Not Before: Aug 13 00:00:43 2025 GMT
            Not After : Aug 14 00:00:43 2025 GMT
        Subject: CN=5581edd05d2761901b2ff3a71a7619be0acc2174
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:d9:c4:05:a9:74:6b:cd:fa:00:51:03:84:4e:
                    13:be:5b:e3:d4:b5:31:6c:bc:a7:46:ce:38:d1:f3:
                    d5:7a:b7:37:b9:e7:d5:64:90:90:d3:c9:be:61:8e:
                    6d:79:57:99:90:6f:71:0e:ff:bf:31:d1:66:86:8c:
                    47:a6:27:c8:77:10:ec:28:40:fe:c9:9d:0c:52:7e:
                    a0:c0:ac:06:1b:3c:eb:d3:d6:9b:9a:f9:f4:51:a8:
                    7d:94:d2:03:71:9c:2a:42:71:d3:37:86:cc:d3:91:
                    0a:74:c0:69:6b:16:f6:c4:bd:29:51:f1:8e:24:cc:
                    fd:1f:87:28:28:eb:34:1f:e3:e2:7d:6f:85:22:66:
                    6a:35:13:c0:a9:f6:ab:a2:e7:64:1a:ff:95:c1:e7:
                    49:cd:33:e7:aa:62:87:8c:58:44:e5:4a:33:ed:35:
                    cb:2e:d1:d0:73:72:32:cd:a7:47:c2:a1:db:fa:a2:
                    12:76:7d:d3:51:bc:70:ae:29:ce:b1:c5:bc:56:6e:
                    26:ab:b5:b8:f1:c5:11:7b:10:53:5f:21:a0:d4:09:
                    9e:96:4f:d5:29:00:5f:27:8c:bf:aa:10:c3:b4:fd:
                    e7:85:13:2b:a4:04:0c:10:a9:fa:a1:b5:04:8b:5e:
                    fd:ae:8f:96:c4:09:0c:35:0f:79:4e:8a:dd:32:4f:
                    05:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:81:ED:D0:5D:27:61:90:1B:2F:F3:A7:1A:76:19:BE:0A:CC:21:74
            X509v3 Authority Key Identifier:
                keyid:B4:83:BC:0A:71:A5:2D:0C:F3:98:95:22:36:75:75:95:9E:BD:CE:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:f9:88:6f:71:25:31:30:53:ea:da:ae:cf:0c:44:66:9b:61:
         34:06:1d:69:28:78:2a:5f:6f:d7:62:e2:a5:e6:47:b1:a2:63:
         a8:5a:3d:eb:da:82:b5:28:3d:8f:32:cb:e5:90:32:be:49:75:
         84:88:83:7e:1d:0b:45:57:88:d5:73:1e:57:5b:0b:59:4b:a4:
         7a:05:8f:6b:76:1b:f7:4f:68:af:f6:ce:cd:df:f3:68:e1:85:
         84:20:83:f1:f1:5a:9a:d0:9a:b3:79:11:42:fa:35:18:6f:c7:
         64:b3:72:6c:de:9f:9b:67:45:e8:0a:f4:3d:06:9c:5f:98:f7:
         9f:7e:bb:3e:4c:e7:11:1e:1e:ae:b4:08:7c:df:9d:bd:ac:2e:
         83:e5:2a:2f:14:cc:00:23:38:48:fc:6e:57:c1:20:17:28:c2:
         79:49:af:65:2c:03:11:c7:0b:57:2f:9c:4f:74:e4:22:57:2d:
         d7:37:08:96:40:64:a7:36:ca:2c:7d:fe:a6:ce:ee:ba:e8:36:
         47:a6:b2:8d:12:14:1a:8b:97:3b:e0:b9:8b:5e:cc:f9:82:e2:
         78:f3:b9:b0:65:ba:68:0f:d2:56:c8:2e:40:a6:da:a8:8a:80:
         e5:b7:4a:b7:70:d0:05:21:36:9c:3a:b7:a5:e1:fe:6c:3b:d5:
         36:1b:da:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiguqWCL+jrMiE0bzKES9NFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODNiYzBhNzFhNTJkMGNmMzk4OTUyMjM2NzU3NTk1OWVi
ZGNlZjUwHhcNMjUwODEzMDAwMDQzWhcNMjUwODE0MDAwMDQzWjAzMTEwLwYDVQQD
Eyg1NTgxZWRkMDVkMjc2MTkwMWIyZmYzYTcxYTc2MTliZTBhY2MyMTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NnEBal0a836AFEDhE4Tvlvj1LUx
bLynRs440fPVerc3uefVZJCQ08m+YY5teVeZkG9xDv+/MdFmhoxHpifIdxDsKED+
yZ0MUn6gwKwGGzzr09abmvn0Uah9lNIDcZwqQnHTN4bM05EKdMBpaxb2xL0pUfGO
JMz9H4coKOs0H+PifW+FImZqNRPAqfaroudkGv+VwedJzTPnqmKHjFhE5Uoz7TXL
LtHQc3IyzadHwqHb+qISdn3TUbxwrinOscW8Vm4mq7W48cURexBTXyGg1Amelk/V
KQBfJ4y/qhDDtP3nhRMrpAQMEKn6obUEi179ro+WxAkMNQ95TordMk8F0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFWB7dBdJ2GQGy/zpxp2Gb4KzCF0MB8GA1UdIwQY
MBaAFLSDvApxpS0M85iVIjZ1dZWevc71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9mODlmYmQtNTE0Mi00YmNjLWJhYjEt
OTk0ZWY4N2RiM2EzLzEvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9mODlmYmQtNTE0Mi00YmNjLWJhYjEtOTk0ZWY4N2RiM2Ez
LzEvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPPmIb3El
MTBT6tquzwxEZpthNAYdaSh4Kl9v12LipeZHsaJjqFo969qCtSg9jzLL5ZAyvkl1
hIiDfh0LRVeI1XMeV1sLWUukegWPa3Yb909or/bOzd/zaOGFhCCD8fFamtCas3kR
Qvo1GG/HZLNybN6fm2dF6Ar0PQacX5j3n367PkznER4errQIfN+dvawug+UqLxTM
ACM4SPxuV8EgFyjCeUmvZSwDEccLVy+cT3TkIlct1zcIlkBkpzbKLH3+ps7uuug2
R6ayjRIUGouXO+C5i17M+YLiePO5sGW6aA/SVsguQKbaqIqA5bdKt3DQBSE2nDq3
peH+bDvVNhvaTg==
-----END CERTIFICATE-----