Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
File:                     tZXiFxdovJspQknw46U1kBecUu4.mft (raw, json)
Hash identifier:          GSxRPcf4YCAVlLrMDUYks6NuA1Ma4OSKUghpRVjRotQ=
Subject key identifier:   EB:75:30:40:9F:BF:81:68:1B:E3:80:94:D6:6D:BF:10:2D:76:72:43
Authority key identifier: B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE
Certificate issuer:       /CN=b595e2171768bc9b294249f0e3a53590179c52ee
Certificate serial:       019894B72F04EA60F4CEEC7446BB11D1F339
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
Manifest number:          1629
Signing time:             Sun 10 Aug 2025 16:01:29 +0000
Manifest this update:     Sun 10 Aug 2025 16:01:29 +0000
Manifest next update:     Mon 11 Aug 2025 16:01:29 +0000
Files and hashes:         1: tZXiFxdovJspQknw46U1kBecUu4.crl (hash: dCofOFb1OfkOe/UdvMTspBGpZQ1PANOWty2fu4Jx1kA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 16:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:94:b7:2f:04:ea:60:f4:ce:ec:74:46:bb:11:d1:f3:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b595e2171768bc9b294249f0e3a53590179c52ee
        Validity
            Not Before: Aug 10 16:01:29 2025 GMT
            Not After : Aug 11 16:01:29 2025 GMT
        Subject: CN=eb7530409fbf81681be38094d66dbf102d767243
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:16:91:b1:ab:23:4c:f6:a6:b7:39:9b:69:21:
                    0b:d9:45:51:00:bc:9b:83:08:93:68:73:b2:03:6e:
                    31:34:d2:de:8a:39:a6:a4:8d:96:53:cc:e7:13:f0:
                    08:7d:fb:f3:60:6d:91:90:7b:63:1b:01:64:62:99:
                    7c:24:8c:cb:1e:46:13:25:86:b7:06:a6:1d:2f:bb:
                    4c:43:39:8e:bd:d0:15:f4:f8:da:9f:2b:b7:51:03:
                    71:b0:e0:af:09:68:51:75:27:92:de:27:32:e4:58:
                    a5:db:de:34:8e:b7:1e:e1:2d:be:ba:36:3a:9f:dd:
                    b8:e8:e2:83:b8:df:4e:6e:10:7c:a4:2b:2f:de:f8:
                    a1:50:11:4b:95:b8:38:a5:40:52:de:b0:52:e8:c1:
                    c2:15:64:87:46:1f:86:2f:cf:cb:fc:17:a4:17:16:
                    e7:55:d1:71:d2:23:16:25:ea:1b:15:bd:0c:f8:00:
                    cf:e0:a4:56:c7:24:a0:46:d9:d9:bb:20:fe:00:2a:
                    2c:4d:11:72:e1:9f:98:0a:7e:9c:71:ed:90:95:26:
                    27:be:bc:3b:86:51:ba:f0:f8:cf:1f:a6:28:2b:97:
                    b2:41:a8:81:48:c5:ef:8e:51:37:e8:7d:66:07:13:
                    bf:c2:a8:09:c6:cc:bb:17:80:bb:25:b6:f2:7d:98:
                    21:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:75:30:40:9F:BF:81:68:1B:E3:80:94:D6:6D:BF:10:2D:76:72:43
            X509v3 Authority Key Identifier:
                keyid:B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:27:bf:41:38:0b:c0:ea:9a:eb:48:3e:7c:98:13:b4:0d:2f:
         95:8b:59:c8:5f:54:0f:18:00:ed:8c:f4:47:e4:ab:35:7f:fa:
         30:2b:cb:43:aa:6d:f6:32:98:d9:95:94:fe:f9:63:92:94:04:
         db:98:16:3d:4a:a3:52:a3:65:17:99:6c:05:ce:c2:d3:b1:0a:
         fa:f7:bf:b4:e7:c7:17:b9:75:3f:bb:52:38:13:ca:a5:57:47:
         75:d5:f2:2f:d7:b0:f7:58:01:d8:bb:5a:5c:b6:a1:4c:67:d8:
         86:1f:c9:48:a7:07:a1:64:6a:7a:cf:ef:6b:d2:38:80:e3:20:
         b5:e5:6b:3a:12:63:38:45:09:b1:b6:3a:3b:00:8e:ca:f0:4b:
         89:1a:b2:3e:ab:70:46:12:81:2f:8d:e6:54:90:ee:4a:4a:54:
         c2:af:43:2b:e4:ae:02:dd:df:38:58:92:fc:b1:6f:27:18:a8:
         53:05:0f:5e:a8:0a:af:cb:ae:5f:33:4d:79:fd:41:83:6a:0a:
         18:ce:42:40:4d:ab:6f:af:93:82:02:75:e9:21:8d:77:77:5c:
         9e:07:d0:59:a9:86:ea:4a:80:39:10:eb:cf:38:18:36:c1:85:
         f4:82:c4:a1:2b:b7:d4:74:08:b2:16:03:0a:c2:99:a1:99:08:
         ca:c8:b5:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiUty8E6mD0zux0RrsR0fM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OTVlMjE3MTc2OGJjOWIyOTQyNDlmMGUzYTUzNTkwMTc5
YzUyZWUwHhcNMjUwODEwMTYwMTI5WhcNMjUwODExMTYwMTI5WjAzMTEwLwYDVQQD
EyhlYjc1MzA0MDlmYmY4MTY4MWJlMzgwOTRkNjZkYmYxMDJkNzY3MjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphaRsasjTPamtzmbaSEL2UVRALyb
gwiTaHOyA24xNNLeijmmpI2WU8znE/AIffvzYG2RkHtjGwFkYpl8JIzLHkYTJYa3
BqYdL7tMQzmOvdAV9Pjanyu3UQNxsOCvCWhRdSeS3icy5Fil2940jrce4S2+ujY6
n9246OKDuN9ObhB8pCsv3vihUBFLlbg4pUBS3rBS6MHCFWSHRh+GL8/L/BekFxbn
VdFx0iMWJeobFb0M+ADP4KRWxySgRtnZuyD+ACosTRFy4Z+YCn6cce2QlSYnvrw7
hlG68PjPH6YoK5eyQaiBSMXvjlE36H1mBxO/wqgJxsy7F4C7JbbyfZghDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOt1MECfv4FoG+OAlNZtvxAtdnJDMB8GA1UdIwQY
MBaAFLWV4hcXaLybKUJJ8OOlNZAXnFLuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEt
NjBiNGFjZTAwNGI1LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEtNjBiNGFjZTAwNGI1
LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFSe/QTgL
wOqa60g+fJgTtA0vlYtZyF9UDxgA7Yz0R+SrNX/6MCvLQ6pt9jKY2ZWU/vljkpQE
25gWPUqjUqNlF5lsBc7C07EK+ve/tOfHF7l1P7tSOBPKpVdHddXyL9ew91gB2Lta
XLahTGfYhh/JSKcHoWRqes/va9I4gOMgteVrOhJjOEUJsbY6OwCOyvBLiRqyPqtw
RhKBL43mVJDuSkpUwq9DK+SuAt3fOFiS/LFvJxioUwUPXqgKr8uuXzNNef1Bg2oK
GM5CQE2rb6+TggJ16SGNd3dcngfQWamG6kqAORDrzzgYNsGF9ILEoSu31HQIshYD
CsKZoZkIysi1yA==
-----END CERTIFICATE-----