Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
File:                     TvMzZvDPXk-oBO730eKSlO6lFIw.mft (raw, json)
Hash identifier:          inTQQDr9t2nKRrutjnbcx2yW+AjfvJEMS7vO95uX3Y0=
Subject key identifier:   DF:A2:D3:5A:02:3F:AE:9F:B9:39:C9:31:8F:E9:3B:4F:DC:2F:03:A8
Authority key identifier: 4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C
Certificate issuer:       /CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c
Certificate serial:       019875628AC312093D52DA2CDAA8888A7693
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
Manifest number:          02B1
Signing time:             Mon 04 Aug 2025 14:00:49 +0000
Manifest this update:     Mon 04 Aug 2025 14:00:49 +0000
Manifest next update:     Tue 05 Aug 2025 14:00:49 +0000
Files and hashes:         1: TvMzZvDPXk-oBO730eKSlO6lFIw.crl (hash: hhdADTXxBlwzMkfEWNnmPwjGYg6QguMAwrVG6JY3G8k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:75:62:8a:c3:12:09:3d:52:da:2c:da:a8:88:8a:76:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c
        Validity
            Not Before: Aug  4 14:00:49 2025 GMT
            Not After : Aug  5 14:00:49 2025 GMT
        Subject: CN=dfa2d35a023fae9fb939c9318fe93b4fdc2f03a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:02:09:0e:d8:c0:a1:a3:f4:a5:28:0a:fe:95:
                    2f:b5:aa:53:69:a7:5b:11:0b:7c:6f:42:5c:ce:f4:
                    8a:47:01:19:ea:55:c5:2b:7e:d0:8f:84:3b:e3:7b:
                    30:d3:79:26:1d:03:2c:84:c4:95:90:18:5d:a2:51:
                    21:96:fe:3e:fe:cd:82:43:c6:51:e9:11:bb:a0:65:
                    43:c8:68:e9:42:62:45:f9:9d:bc:dc:49:66:eb:d1:
                    5e:c7:c5:92:f8:7c:73:7d:a8:b4:74:e2:ab:54:f8:
                    26:23:9d:20:16:c8:63:f5:77:7a:5a:1c:eb:88:86:
                    a8:98:f0:96:76:2f:7c:47:25:7b:4e:34:18:9f:d4:
                    0f:0a:fc:00:03:24:ca:59:40:34:db:38:5e:62:e2:
                    ed:d2:d2:7b:62:1a:c5:eb:83:87:f5:7c:63:66:86:
                    5d:c8:52:24:43:ad:8a:22:0e:9f:81:1c:20:c7:d8:
                    2f:b3:9e:cb:7f:46:01:8e:99:57:21:97:d7:3a:80:
                    55:9b:74:61:20:a8:7d:21:0e:f3:b5:a4:dd:8d:a1:
                    33:9b:0e:70:d4:a9:6b:3e:83:64:16:dc:45:f6:d2:
                    b4:93:7b:2d:7c:2d:00:be:e9:f5:cb:ed:d5:99:af:
                    e8:42:ca:b2:0c:5b:9c:b9:38:74:00:9c:ca:74:32:
                    1c:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:A2:D3:5A:02:3F:AE:9F:B9:39:C9:31:8F:E9:3B:4F:DC:2F:03:A8
            X509v3 Authority Key Identifier:
                keyid:4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:f2:d1:d2:83:be:b9:65:9a:a5:03:ea:12:20:ee:57:be:33:
         15:1e:8c:28:65:6d:54:2c:26:26:ed:ca:31:ef:ce:7b:43:e5:
         30:35:c2:c6:77:30:95:e2:5d:a5:d4:36:06:4b:bc:6e:9a:de:
         0e:b6:13:ee:3f:01:1a:f4:78:d3:63:86:56:75:38:a8:6c:0f:
         b2:c6:71:50:63:b4:a9:cf:b9:0a:35:da:8f:27:97:80:37:38:
         2b:05:0b:ce:55:0c:3c:16:e0:0c:f8:e8:cf:75:4c:7b:8a:8c:
         10:bb:ba:78:c8:ef:8d:db:ba:d6:93:3f:12:0e:48:2e:a9:8d:
         84:1f:bd:1d:fc:bc:96:a3:b3:1f:85:26:19:46:83:95:b1:0e:
         24:49:38:9c:41:e8:73:8b:89:5d:d6:fb:9f:66:30:a3:01:a5:
         96:d3:e3:5a:dd:5d:ec:cf:06:0d:c6:b9:ba:5d:6d:61:24:92:
         74:a8:9c:fe:8d:76:bd:12:46:e2:62:58:92:de:e2:98:31:a5:
         f8:91:ec:8c:88:e7:a1:81:2b:91:a5:d2:81:bc:0a:37:b0:9f:
         57:6f:ba:a7:07:cb:56:27:73:87:7d:ac:5a:79:22:90:c1:dd:
         bf:23:4c:45:be:5d:8c:bb:34:45:89:75:2d:3a:81:2d:d8:20:
         b4:e1:b1:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh1YorDEgk9Utos2qiIinaTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZjMzMzY2ZjBjZjVlNGZhODA0ZWVmN2QxZTI5Mjk0ZWVh
NTE0OGMwHhcNMjUwODA0MTQwMDQ5WhcNMjUwODA1MTQwMDQ5WjAzMTEwLwYDVQQD
EyhkZmEyZDM1YTAyM2ZhZTlmYjkzOWM5MzE4ZmU5M2I0ZmRjMmYwM2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwIJDtjAoaP0pSgK/pUvtapTaadb
EQt8b0JczvSKRwEZ6lXFK37Qj4Q743sw03kmHQMshMSVkBhdolEhlv4+/s2CQ8ZR
6RG7oGVDyGjpQmJF+Z283Elm69Fex8WS+Hxzfai0dOKrVPgmI50gFshj9Xd6Whzr
iIaomPCWdi98RyV7TjQYn9QPCvwAAyTKWUA02zheYuLt0tJ7YhrF64OH9XxjZoZd
yFIkQ62KIg6fgRwgx9gvs57Lf0YBjplXIZfXOoBVm3RhIKh9IQ7ztaTdjaEzmw5w
1KlrPoNkFtxF9tK0k3stfC0Avun1y+3Vma/oQsqyDFucuTh0AJzKdDIcYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN+i01oCP66fuTnJMY/pO0/cLwOoMB8GA1UdIwQY
MBaAFE7zM2bwz15PqATu99HikpTupRSMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3Zjct
NmQ5ZjM4NGQyYmMzLzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3ZjctNmQ5ZjM4NGQyYmMz
LzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQfLR0oO+
uWWapQPqEiDuV74zFR6MKGVtVCwmJu3KMe/Oe0PlMDXCxncwleJdpdQ2Bku8bpre
DrYT7j8BGvR402OGVnU4qGwPssZxUGO0qc+5CjXajyeXgDc4KwULzlUMPBbgDPjo
z3VMe4qMELu6eMjvjdu61pM/Eg5ILqmNhB+9Hfy8lqOzH4UmGUaDlbEOJEk4nEHo
c4uJXdb7n2YwowGlltPjWt1d7M8GDca5ul1tYSSSdKic/o12vRJG4mJYkt7imDGl
+JHsjIjnoYErkaXSgbwKN7CfV2+6pwfLVidzh32sWnkikMHdvyNMRb5djLs0RYl1
LTqBLdggtOGxxQ==
-----END CERTIFICATE-----