Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft
File:                     tRm7YH6Ot267nMsgIsxkbDzOC2A.mft (raw, json)
Hash identifier:          L6ncI6QpFBarcutcYo44vSKO6xXRUMmXPbjYOnRGfnc=
Subject key identifier:   0A:91:C8:45:CD:D5:0B:AC:F1:8F:41:6B:57:9D:9B:F0:82:81:CA:EF
Authority key identifier: B5:19:BB:60:7E:8E:B7:6E:BB:9C:CB:20:22:CC:64:6C:3C:CE:0B:60
Certificate issuer:       /CN=b519bb607e8eb76ebb9ccb2022cc646c3cce0b60
Certificate serial:       019A4EF4CA7E9440892A7F108D7E8007D6BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tRm7YH6Ot267nMsgIsxkbDzOC2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 13:00:56 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:56 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:56 +0000
Files and hashes:         1: tRm7YH6Ot267nMsgIsxkbDzOC2A.crl (hash: HpfmUXmMn9jNp07iuKSH3ZWZ+TCdcQYKsKXi/mQhYTk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tRm7YH6Ot267nMsgIsxkbDzOC2A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:ca:7e:94:40:89:2a:7f:10:8d:7e:80:07:d6:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b519bb607e8eb76ebb9ccb2022cc646c3cce0b60
        Validity
            Not Before: Nov  4 13:00:56 2025 GMT
            Not After : Nov  5 13:00:56 2025 GMT
        Subject: CN=0a91c845cdd50bacf18f416b579d9bf08281caef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:8a:0a:f6:58:01:5c:0c:a6:93:4b:5f:33:3d:
                    4b:56:cf:20:bf:9c:7a:81:fa:65:76:bf:68:ea:2d:
                    d5:dd:87:b5:d4:92:8d:cb:99:5f:37:62:77:5a:e5:
                    02:fa:3c:2f:9e:8c:e5:31:0b:3b:07:f4:99:21:de:
                    94:e3:83:ef:4a:d3:66:5a:ff:41:b0:32:6a:0d:0f:
                    f3:ee:26:7b:a7:15:48:56:e9:1b:76:82:18:3c:da:
                    e6:ff:19:f3:7f:e5:a5:9b:f4:44:3d:b4:70:20:e2:
                    5f:50:df:cc:56:58:c1:d7:7a:7e:36:f0:ce:40:29:
                    52:cb:89:fb:c9:15:f4:1b:0a:47:9c:93:e0:f1:60:
                    a7:d5:61:47:4d:28:90:89:eb:4f:c7:fc:b1:2d:40:
                    36:d5:e8:73:b6:c3:22:0e:bc:cc:e0:fd:6c:ca:92:
                    3e:1a:55:32:6d:10:6f:cc:ef:81:d3:a5:24:dc:a9:
                    76:59:4f:e7:ad:c7:44:8b:b6:e1:93:9b:73:b4:d3:
                    46:60:70:f2:fb:f3:32:b9:d9:5d:40:20:3b:90:3d:
                    aa:51:3f:7b:9a:24:80:3a:f0:9f:c6:61:d1:f0:58:
                    40:2f:4a:6f:41:4a:5e:14:27:e3:d2:6c:e2:f5:d8:
                    cb:a7:0e:b6:84:fa:70:4a:a0:8f:b4:19:6b:ee:30:
                    b8:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:91:C8:45:CD:D5:0B:AC:F1:8F:41:6B:57:9D:9B:F0:82:81:CA:EF
            X509v3 Authority Key Identifier:
                keyid:B5:19:BB:60:7E:8E:B7:6E:BB:9C:CB:20:22:CC:64:6C:3C:CE:0B:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRm7YH6Ot267nMsgIsxkbDzOC2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:1e:01:45:f7:b3:f8:6d:67:58:96:b8:e4:f7:84:d8:a8:c4:
         89:7b:49:ce:72:ab:65:0d:7d:0a:6e:6e:e7:71:36:3a:50:77:
         ee:b8:1d:64:43:a2:40:d3:9b:a2:9b:08:eb:da:94:11:2c:79:
         e7:a1:c4:03:d3:73:9e:fa:f4:94:ce:27:70:9f:20:1e:48:01:
         4b:5d:41:99:bd:05:d5:ff:30:9b:54:1d:29:89:ed:4f:dd:e4:
         36:28:32:a1:6f:7b:91:12:7f:a7:57:65:d8:86:5e:bb:fb:4a:
         96:1f:70:89:ce:d5:c0:09:87:34:cb:5a:32:db:c2:ee:7f:7f:
         28:4a:27:c4:32:64:9f:2d:cf:e1:2c:69:2f:22:cb:70:6c:10:
         4b:06:98:14:9d:e6:48:98:cb:f5:ac:d9:70:2e:3e:ec:f9:6e:
         68:90:0a:04:0c:c2:2e:7a:de:e6:54:75:c8:ed:26:3a:99:f7:
         ae:17:50:e8:3e:85:ed:cd:ea:73:c4:f9:cc:bc:2c:fd:21:13:
         68:62:cd:2e:8e:48:63:2b:0c:77:8a:78:db:cd:ed:1b:64:04:
         ab:0a:5a:b6:c7:e2:1d:18:d7:bd:7c:96:5f:a2:d2:c9:af:ea:
         4d:e2:5e:94:a1:4f:6c:b9:4d:f9:d2:43:56:e3:31:c1:94:5e:
         26:3e:06:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9Mp+lECJKn8QjX6AB9a6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MTliYjYwN2U4ZWI3NmViYjljY2IyMDIyY2M2NDZjM2Nj
ZTBiNjAwHhcNMjUxMTA0MTMwMDU2WhcNMjUxMTA1MTMwMDU2WjAzMTEwLwYDVQQD
EygwYTkxYzg0NWNkZDUwYmFjZjE4ZjQxNmI1NzlkOWJmMDgyODFjYWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA84oK9lgBXAymk0tfMz1LVs8gv5x6
gfpldr9o6i3V3Ye11JKNy5lfN2J3WuUC+jwvnozlMQs7B/SZId6U44PvStNmWv9B
sDJqDQ/z7iZ7pxVIVukbdoIYPNrm/xnzf+Wlm/REPbRwIOJfUN/MVljB13p+NvDO
QClSy4n7yRX0GwpHnJPg8WCn1WFHTSiQietPx/yxLUA21ehztsMiDrzM4P1sypI+
GlUybRBvzO+B06Uk3Kl2WU/nrcdEi7bhk5tztNNGYHDy+/MyudldQCA7kD2qUT97
miSAOvCfxmHR8FhAL0pvQUpeFCfj0mzi9djLpw62hPpwSqCPtBlr7jC41wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAqRyEXN1Qus8Y9Ba1edm/CCgcrvMB8GA1UdIwQY
MBaAFLUZu2B+jrduu5zLICLMZGw8zgtgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFJtN1lINk90MjY3bk1zZ0lzeGtiRHpPQzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ZTUwNDktODU2ZC00YzA3LTg1NTYt
ZTE4MTg0ZTgwMjU4LzEvdFJtN1lINk90MjY3bk1zZ0lzeGtiRHpPQzJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ZTUwNDktODU2ZC00YzA3LTg1NTYtZTE4MTg0ZTgwMjU4
LzEvdFJtN1lINk90MjY3bk1zZ0lzeGtiRHpPQzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADh4BRfez
+G1nWJa45PeE2KjEiXtJznKrZQ19Cm5u53E2OlB37rgdZEOiQNObopsI69qUESx5
56HEA9Nznvr0lM4ncJ8gHkgBS11Bmb0F1f8wm1QdKYntT93kNigyoW97kRJ/p1dl
2IZeu/tKlh9wic7VwAmHNMtaMtvC7n9/KEonxDJkny3P4SxpLyLLcGwQSwaYFJ3m
SJjL9azZcC4+7PluaJAKBAzCLnre5lR1yO0mOpn3rhdQ6D6F7c3qc8T5zLws/SET
aGLNLo5IYysMd4p4283tG2QEqwpatsfiHRjXvXyWX6LSya/qTeJelKFPbLlN+dJD
VuMxwZReJj4GQw==
-----END CERTIFICATE-----