Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
File:                     TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft (raw, json)
Hash identifier:          rT7BSsiRlgMIfMz/qQ0uD7JE8zKcEGXs8lPuJrE7FE0=
Subject key identifier:   B5:06:21:4E:96:6F:A2:87:57:62:0E:F6:89:3E:E8:CB:94:96:A2:69
Authority key identifier: 4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC
Certificate issuer:       /CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
Certificate serial:       019A4DAAF1FD17A6C7A3E2EE81E87F48648E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
Manifest number:          13DA
Signing time:             Tue 04 Nov 2025 07:00:39 +0000
Manifest this update:     Tue 04 Nov 2025 07:00:39 +0000
Manifest next update:     Wed 05 Nov 2025 07:00:39 +0000
Files and hashes:         1: TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl (hash: 3v0QRYbV7Iq2Dv8G8xGGb2e448XWgdboiZvmaSP2sPw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 07:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:aa:f1:fd:17:a6:c7:a3:e2:ee:81:e8:7f:48:64:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
        Validity
            Not Before: Nov  4 07:00:39 2025 GMT
            Not After : Nov  5 07:00:39 2025 GMT
        Subject: CN=b506214e966fa28757620ef6893ee8cb9496a269
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:c1:6b:cf:d0:7a:67:3f:c7:3f:85:d9:07:cb:
                    e2:36:7e:9c:70:b8:bf:a8:ca:c0:37:a9:e2:03:9f:
                    72:70:b6:52:62:09:0b:5d:e3:19:7a:97:85:eb:f9:
                    4f:ca:32:00:42:7f:bf:1a:aa:5a:28:0f:87:97:63:
                    34:66:1c:30:2d:cf:2e:ae:e4:c3:08:25:03:4d:6e:
                    c2:4c:05:37:09:48:c7:6f:8f:67:75:67:6c:e0:ca:
                    33:75:0d:12:8f:94:ac:78:69:0e:76:6f:07:c5:52:
                    a4:47:e9:b1:7b:db:b9:ba:26:34:54:9a:dd:8a:70:
                    7e:d8:38:64:ab:db:68:97:b4:f1:ac:7e:d6:6d:dd:
                    9c:0d:69:5f:43:41:19:50:31:2e:cd:11:36:f1:ad:
                    c7:64:79:5d:df:bc:39:36:28:f7:6a:f2:d6:37:7b:
                    5d:2a:31:08:b2:62:36:a6:b3:6f:e0:94:46:f4:b1:
                    de:20:22:f2:31:d3:26:ed:0e:de:e5:03:6f:5c:e1:
                    d4:95:dd:1a:c9:a0:c3:15:ba:23:34:64:c5:ff:8e:
                    53:5f:8e:75:3e:8a:e3:03:f7:f7:cc:3b:fe:0a:2a:
                    d3:58:ca:8d:19:38:a6:29:ba:c1:3f:41:5c:c1:0d:
                    c7:2f:65:01:6a:ca:1b:16:24:c3:79:3f:20:d7:9f:
                    c1:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:06:21:4E:96:6F:A2:87:57:62:0E:F6:89:3E:E8:CB:94:96:A2:69
            X509v3 Authority Key Identifier:
                keyid:4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:b7:63:59:4d:11:5b:da:06:9e:c2:88:51:ad:70:e5:57:a0:
         13:ae:8c:20:68:70:a2:b2:d3:e7:2f:5e:bb:bc:a5:02:ad:6b:
         8f:18:cf:a3:92:a8:98:be:88:c0:e5:35:2d:01:ff:98:1f:9b:
         5b:e4:73:2c:78:e7:83:36:42:b9:a0:0a:a5:15:dd:fb:e6:2e:
         34:6b:6f:75:8c:1e:aa:c6:7c:68:08:6d:54:10:8a:1f:14:82:
         43:e0:f0:d9:37:69:71:0e:ba:4b:c2:4a:3f:f6:40:12:46:59:
         bb:f6:a4:63:89:a9:dc:75:4f:31:d4:de:31:be:c3:58:b5:69:
         2c:bf:0b:9f:2c:72:36:be:0f:42:64:53:12:af:6f:d9:94:34:
         6b:e8:aa:83:16:c2:4c:58:62:be:03:b3:b2:24:55:43:cf:b2:
         fa:c5:e3:a6:a1:a4:78:f5:f5:e5:a9:33:15:4d:5a:46:24:ac:
         5b:c6:a5:a2:60:dd:c2:e5:96:cb:f1:9d:2b:ba:16:aa:11:7d:
         3c:55:9a:00:a4:96:27:08:f9:63:f1:85:b4:8b:1d:03:b3:e8:
         a9:4c:d1:01:f3:98:50:be:f0:92:d3:23:f8:5e:3c:f2:45:d5:
         be:c6:35:6c:b4:79:5d:09:6d:b3:09:bb:63:95:3d:ba:7e:3b:
         24:a8:e2:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqvH9F6bHo+Lugeh/SGSOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzVkYTdlODQzZTM3YzdkYmE0ZmNhNzE4ZjQzODY1ZmQ3
Yzk4ZGMwHhcNMjUxMTA0MDcwMDM5WhcNMjUxMTA1MDcwMDM5WjAzMTEwLwYDVQQD
EyhiNTA2MjE0ZTk2NmZhMjg3NTc2MjBlZjY4OTNlZThjYjk0OTZhMjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sFrz9B6Zz/HP4XZB8viNn6ccLi/
qMrAN6niA59ycLZSYgkLXeMZepeF6/lPyjIAQn+/GqpaKA+Hl2M0ZhwwLc8uruTD
CCUDTW7CTAU3CUjHb49ndWds4MozdQ0Sj5SseGkOdm8HxVKkR+mxe9u5uiY0VJrd
inB+2Dhkq9tol7TxrH7Wbd2cDWlfQ0EZUDEuzRE28a3HZHld37w5Nij3avLWN3td
KjEIsmI2prNv4JRG9LHeICLyMdMm7Q7e5QNvXOHUld0ayaDDFbojNGTF/45TX451
PorjA/f3zDv+CirTWMqNGTimKbrBP0FcwQ3HL2UBasobFiTDeT8g15/BbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLUGIU6Wb6KHV2IO9ok+6MuUlqJpMB8GA1UdIwQY
MBaAFEw12n6EPjfH26T8pxj0OGX9fJjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgt
YTY1ZTVlMzNkY2MwLzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgtYTY1ZTVlMzNkY2Mw
LzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPbdjWU0R
W9oGnsKIUa1w5VegE66MIGhworLT5y9eu7ylAq1rjxjPo5KomL6IwOU1LQH/mB+b
W+RzLHjngzZCuaAKpRXd++YuNGtvdYweqsZ8aAhtVBCKHxSCQ+Dw2TdpcQ66S8JK
P/ZAEkZZu/akY4mp3HVPMdTeMb7DWLVpLL8LnyxyNr4PQmRTEq9v2ZQ0a+iqgxbC
TFhivgOzsiRVQ8+y+sXjpqGkePX15akzFU1aRiSsW8alomDdwuWWy/GdK7oWqhF9
PFWaAKSWJwj5Y/GFtIsdA7PoqUzRAfOYUL7wktMj+F488kXVvsY1bLR5XQltswm7
Y5U9un47JKjiWw==
-----END CERTIFICATE-----