Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
File:                     tsaaSiFb3h0yk03chd6vj9nJRHk.mft (raw, json)
Hash identifier:          9lwkiWSp7VsgRZRVPXv3PL47L7z9kXGXEYNoLpE98zQ=
Subject key identifier:   A1:E6:2E:67:E5:3D:89:AD:6F:78:6F:9A:5C:9A:A4:A6:B4:28:88:56
Authority key identifier: B6:C6:9A:4A:21:5B:DE:1D:32:93:4D:DC:85:DE:AF:8F:D9:C9:44:79
Certificate issuer:       /CN=b6c69a4a215bde1d32934ddc85deaf8fd9c94479
Certificate serial:       01987DF811007853C86FACD626B3A9D6E2C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
Manifest number:          0DC8
Signing time:             Wed 06 Aug 2025 06:01:05 +0000
Manifest this update:     Wed 06 Aug 2025 06:01:05 +0000
Manifest next update:     Thu 07 Aug 2025 06:01:05 +0000
Files and hashes:         1: tsaaSiFb3h0yk03chd6vj9nJRHk.crl (hash: YZEnlu3mxLbJ+VTIkLvGZcpTBXSJiu59QWaTPjdqw50=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 06:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7d:f8:11:00:78:53:c8:6f:ac:d6:26:b3:a9:d6:e2:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6c69a4a215bde1d32934ddc85deaf8fd9c94479
        Validity
            Not Before: Aug  6 06:01:05 2025 GMT
            Not After : Aug  7 06:01:05 2025 GMT
        Subject: CN=a1e62e67e53d89ad6f786f9a5c9aa4a6b4288856
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:fc:a5:db:d2:db:81:29:7d:30:6e:b5:84:64:
                    f9:47:89:33:b2:60:fa:0e:81:ef:88:42:93:62:1c:
                    83:78:7b:ab:d8:b1:b2:d1:df:46:3d:ea:42:4c:04:
                    6a:3d:58:65:18:0e:fb:04:74:80:59:76:46:b1:d9:
                    8a:d5:0b:24:dc:51:dc:77:c4:35:22:99:5d:ea:7c:
                    50:3f:e9:b6:57:6a:30:4f:8f:a3:2e:df:a9:50:88:
                    1e:2a:38:a1:7e:8a:1a:da:7c:20:86:ad:9c:3e:bf:
                    a9:20:4b:16:76:6b:e8:81:31:c6:6d:c6:5e:25:96:
                    52:c2:c0:40:b3:39:44:f3:91:a2:39:fa:75:f8:e2:
                    8f:4b:1e:04:8b:82:8e:cd:35:cc:29:ba:22:de:ad:
                    c2:c6:ff:6a:38:66:b2:75:77:81:c3:06:d2:b7:9d:
                    d2:e0:92:95:13:10:6d:7e:ff:e6:80:9b:03:dd:dc:
                    ca:82:29:40:12:f8:8d:c1:eb:68:4d:05:9e:49:63:
                    e2:2f:2e:38:95:fa:58:12:cc:d0:c3:57:7d:de:eb:
                    89:47:76:a4:bf:6d:ea:22:f2:fd:fe:6c:1b:53:a7:
                    59:ca:cc:25:a7:f3:b7:1d:0a:b7:42:79:35:a4:35:
                    1e:42:34:02:09:8d:ca:69:22:2b:c8:de:63:bd:b1:
                    35:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:E6:2E:67:E5:3D:89:AD:6F:78:6F:9A:5C:9A:A4:A6:B4:28:88:56
            X509v3 Authority Key Identifier:
                keyid:B6:C6:9A:4A:21:5B:DE:1D:32:93:4D:DC:85:DE:AF:8F:D9:C9:44:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:ab:7b:4f:67:bb:ea:5e:bd:28:b3:68:2a:44:20:96:51:13:
         d2:11:57:60:a1:f5:fe:d6:3d:9d:63:0e:57:b0:81:d1:fa:bc:
         6e:0b:94:2d:2f:c5:d5:57:7a:5e:cc:76:92:09:87:68:4d:44:
         74:14:9a:d8:3a:63:be:2c:30:aa:38:9c:53:23:63:d1:2a:0d:
         9e:be:a1:21:fe:13:d0:a1:ea:e5:b7:e7:0b:6c:ef:d9:8f:3b:
         c4:1b:f5:6a:34:9f:eb:6d:d0:09:c6:6b:57:1b:1f:62:5a:e4:
         c6:ea:54:d9:1a:cf:df:f6:69:9f:d5:60:2b:fb:48:48:38:64:
         a6:d9:09:db:f7:8a:d6:24:6d:4c:57:c9:fa:81:af:21:66:e4:
         c9:1b:ab:d2:3c:40:8f:aa:31:57:29:f9:d2:02:f6:d8:61:16:
         0e:f4:d9:2d:71:fb:98:c9:c9:5d:af:78:d4:bd:6a:fe:fb:72:
         a1:c2:4b:73:60:cf:2c:d8:ac:98:be:39:0c:85:b9:b8:f7:3f:
         36:d5:5b:5d:0c:83:94:67:dd:42:0a:5b:f5:ed:fc:16:3e:1d:
         00:fc:ed:85:59:00:6f:27:c8:5f:1f:96:f7:f4:a1:a6:bb:5f:
         09:b6:95:b6:5a:ed:16:bf:e8:d0:b5:e5:24:c6:fb:d0:50:e4:
         a1:fb:c5:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9+BEAeFPIb6zWJrOp1uLGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YzY5YTRhMjE1YmRlMWQzMjkzNGRkYzg1ZGVhZjhmZDlj
OTQ0NzkwHhcNMjUwODA2MDYwMTA1WhcNMjUwODA3MDYwMTA1WjAzMTEwLwYDVQQD
EyhhMWU2MmU2N2U1M2Q4OWFkNmY3ODZmOWE1YzlhYTRhNmI0Mjg4ODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPyl29LbgSl9MG61hGT5R4kzsmD6
DoHviEKTYhyDeHur2LGy0d9GPepCTARqPVhlGA77BHSAWXZGsdmK1Qsk3FHcd8Q1
Ipld6nxQP+m2V2owT4+jLt+pUIgeKjihfooa2nwghq2cPr+pIEsWdmvogTHGbcZe
JZZSwsBAszlE85GiOfp1+OKPSx4Ei4KOzTXMKboi3q3Cxv9qOGaydXeBwwbSt53S
4JKVExBtfv/mgJsD3dzKgilAEviNwetoTQWeSWPiLy44lfpYEszQw1d93uuJR3ak
v23qIvL9/mwbU6dZyswlp/O3HQq3Qnk1pDUeQjQCCY3KaSIryN5jvbE1NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHmLmflPYmtb3hvmlyapKa0KIhWMB8GA1UdIwQY
MBaAFLbGmkohW94dMpNN3IXer4/ZyUR5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81NzdhN2ItNWRjYy00M2E3LWE4OWMt
ZTNiYzZiNDk5ZTdiLzEvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81NzdhN2ItNWRjYy00M2E3LWE4OWMtZTNiYzZiNDk5ZTdi
LzEvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI6t7T2e7
6l69KLNoKkQgllET0hFXYKH1/tY9nWMOV7CB0fq8bguULS/F1Vd6Xsx2kgmHaE1E
dBSa2DpjviwwqjicUyNj0SoNnr6hIf4T0KHq5bfnC2zv2Y87xBv1ajSf623QCcZr
VxsfYlrkxupU2RrP3/Zpn9VgK/tISDhkptkJ2/eK1iRtTFfJ+oGvIWbkyRur0jxA
j6oxVyn50gL22GEWDvTZLXH7mMnJXa941L1q/vtyocJLc2DPLNismL45DIW5uPc/
NtVbXQyDlGfdQgpb9e38Fj4dAPzthVkAbyfIXx+W9/ShprtfCbaVtlrtFr/o0LXl
JMb70FDkofvFlw==
-----END CERTIFICATE-----