Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
File:                     tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft (raw, json)
Hash identifier:          kfSlac530QNz8oTOcqYHUl9CYc7T/IN++PpRfm3ycVw=
Subject key identifier:   08:C1:39:A9:FC:08:71:76:3B:B0:18:92:7D:66:A5:F4:CA:3B:68:9B
Authority key identifier: B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA
Certificate issuer:       /CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa
Certificate serial:       019A4D0671A387EE8497F751AEB57EEC3D84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
Manifest number:          1708
Signing time:             Tue 04 Nov 2025 04:00:59 +0000
Manifest this update:     Tue 04 Nov 2025 04:00:59 +0000
Manifest next update:     Wed 05 Nov 2025 04:00:59 +0000
Files and hashes:         1: tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl (hash: 70rr0HCgBWLJkXdufszIe2rf49g6pgFzPzLP6+aoYIo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 04:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:06:71:a3:87:ee:84:97:f7:51:ae:b5:7e:ec:3d:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa
        Validity
            Not Before: Nov  4 04:00:59 2025 GMT
            Not After : Nov  5 04:00:59 2025 GMT
        Subject: CN=08c139a9fc0871763bb018927d66a5f4ca3b689b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:5d:37:9a:6d:d6:3c:94:89:c8:c1:b4:fb:1d:
                    b3:f2:3e:cc:d6:5d:00:14:f9:b1:93:15:b1:aa:43:
                    dc:3d:da:b3:41:9b:18:14:d5:e6:ff:2e:cb:95:0d:
                    68:39:8d:0d:a2:51:e9:cb:8b:a9:56:d8:6f:52:af:
                    2a:e3:46:b3:e9:23:5f:4e:32:ac:d4:1b:ce:f7:40:
                    63:8d:92:38:50:8b:9f:b5:6f:96:4d:7b:66:7f:6a:
                    04:5a:f6:17:d6:5a:da:6e:27:21:06:17:45:ec:41:
                    aa:79:7c:e1:17:f9:5a:60:d4:a1:21:93:59:08:9a:
                    96:52:c9:13:68:9b:ec:dc:7c:d1:44:ce:58:cb:bc:
                    d2:be:ea:e3:b6:6a:79:c4:7b:81:30:2a:23:fe:f2:
                    c8:1d:e0:f3:30:f1:00:a9:1e:5e:42:13:fa:42:ac:
                    b0:94:73:d9:ab:dc:0a:0d:b8:a9:36:be:53:99:d3:
                    3c:d4:be:ee:45:cc:9b:86:c9:3b:87:cf:d8:a4:1a:
                    72:f8:4f:fd:df:73:66:ee:e6:49:e7:d9:cb:49:f9:
                    64:56:96:7c:be:d9:78:e9:34:8d:2b:f5:85:e1:d5:
                    21:7e:90:29:0b:07:44:b4:8d:9b:95:7d:36:be:59:
                    9e:80:f3:81:4f:6f:6a:6b:12:89:aa:15:fb:64:f3:
                    20:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:C1:39:A9:FC:08:71:76:3B:B0:18:92:7D:66:A5:F4:CA:3B:68:9B
            X509v3 Authority Key Identifier:
                keyid:B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:fd:70:08:40:75:57:38:66:37:fd:ef:dc:be:b0:be:68:74:
         03:4f:a0:83:ab:e0:34:a9:0b:3d:75:78:bf:9c:ae:66:fd:53:
         3b:27:87:55:c9:54:c2:a2:ce:3c:7a:bc:98:86:70:9d:05:ac:
         6d:a9:5a:81:be:dc:93:f6:73:da:a7:b2:cc:ca:10:06:2f:39:
         24:9c:0e:e3:67:0a:9c:4a:0a:f6:bc:cc:35:dd:48:e0:d4:1f:
         d4:9a:a4:77:0a:62:90:fc:78:fd:70:f7:7d:ce:3c:aa:72:7a:
         e3:00:ec:66:b5:3a:b1:f1:1b:d9:be:d3:b2:bd:13:9c:e9:29:
         7e:19:f8:b7:6d:c0:b1:88:36:b4:d3:10:b7:7a:81:9b:26:64:
         e0:70:4d:3f:c8:66:4b:ec:fb:a5:08:ab:d1:68:e3:3f:ec:4c:
         e7:37:55:2e:84:a1:88:01:a9:11:82:fd:e8:be:57:9c:26:0b:
         e5:9b:d3:2d:2d:e3:4c:30:fc:f2:c7:92:bd:19:99:19:0b:ff:
         be:db:58:70:42:d9:62:bf:98:18:c2:cd:be:70:e8:86:45:5e:
         e6:13:0c:48:fd:15:16:bd:23:44:12:c2:47:5d:48:5b:1d:38:
         1c:3c:83:60:84:3e:41:d6:90:2c:12:7e:70:b5:10:11:27:7a:
         d8:70:40:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBnGjh+6El/dRrrV+7D2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3M2Q4OGQ3NDY4YWY2MDFhZjE0YzVlMWVkOTAzYzRmMzZj
YWY1ZmEwHhcNMjUxMTA0MDQwMDU5WhcNMjUxMTA1MDQwMDU5WjAzMTEwLwYDVQQD
EygwOGMxMzlhOWZjMDg3MTc2M2JiMDE4OTI3ZDY2YTVmNGNhM2I2ODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp103mm3WPJSJyMG0+x2z8j7M1l0A
FPmxkxWxqkPcPdqzQZsYFNXm/y7LlQ1oOY0NolHpy4upVthvUq8q40az6SNfTjKs
1BvO90BjjZI4UIuftW+WTXtmf2oEWvYX1lrabichBhdF7EGqeXzhF/laYNShIZNZ
CJqWUskTaJvs3HzRRM5Yy7zSvurjtmp5xHuBMCoj/vLIHeDzMPEAqR5eQhP6Qqyw
lHPZq9wKDbipNr5TmdM81L7uRcybhsk7h8/YpBpy+E/933Nm7uZJ59nLSflkVpZ8
vtl46TSNK/WF4dUhfpApCwdEtI2blX02vlmegPOBT29qaxKJqhX7ZPMgsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAjBOan8CHF2O7AYkn1mpfTKO2ibMB8GA1UdIwQY
MBaAFLc9iNdGivYBrxTF4e2QPE82yvX6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAt
MGYyYjU0MGVjYTA4LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAtMGYyYjU0MGVjYTA4
LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVv1wCEB1
VzhmN/3v3L6wvmh0A0+gg6vgNKkLPXV4v5yuZv1TOyeHVclUwqLOPHq8mIZwnQWs
balagb7ck/Zz2qeyzMoQBi85JJwO42cKnEoK9rzMNd1I4NQf1JqkdwpikPx4/XD3
fc48qnJ64wDsZrU6sfEb2b7Tsr0TnOkpfhn4t23AsYg2tNMQt3qBmyZk4HBNP8hm
S+z7pQir0WjjP+xM5zdVLoShiAGpEYL96L5XnCYL5ZvTLS3jTDD88seSvRmZGQv/
vttYcELZYr+YGMLNvnDohkVe5hMMSP0VFr0jRBLCR11IWx04HDyDYIQ+QdaQLBJ+
cLUQESd62HBA/g==
-----END CERTIFICATE-----