Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft
File:                     tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft (raw, json)
Hash identifier:          HCmXvA9AIJ7WL2NMlYOvmpstV6xjtZrRRGM3s4BZJYI=
Subject key identifier:   BE:01:FA:26:2D:53:10:C4:A1:78:DF:44:8A:25:9E:15:97:7F:75:4C
Authority key identifier: B5:94:EB:B6:74:8F:DC:12:12:7C:3F:92:7E:7F:B9:B1:AF:89:26:2C
Certificate issuer:       /CN=b594ebb6748fdc12127c3f927e7fb9b1af89262c
Certificate serial:       019A4EF45343138F7F46E0A02EE526A6704B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 13:00:26 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:26 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:26 +0000
Files and hashes:         1: tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl (hash: 4JQK5Pgf1t/bxSMP5xNSoiK02FyeyQRPkQY85vYBnZE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:53:43:13:8f:7f:46:e0:a0:2e:e5:26:a6:70:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b594ebb6748fdc12127c3f927e7fb9b1af89262c
        Validity
            Not Before: Nov  4 13:00:26 2025 GMT
            Not After : Nov  5 13:00:26 2025 GMT
        Subject: CN=be01fa262d5310c4a178df448a259e15977f754c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:94:37:03:b2:5a:19:ac:02:17:1e:7a:da:a6:
                    c6:ac:f3:79:5b:a0:24:07:2c:21:d3:3f:e3:6c:cb:
                    53:df:35:85:fa:39:9e:f6:70:e6:f4:fb:55:00:2f:
                    ec:17:be:09:d5:f8:fa:bd:2f:95:f4:7e:52:48:9b:
                    09:94:4f:e2:47:cd:dc:4f:d8:43:bd:05:5d:69:f7:
                    98:e1:2a:72:bb:fe:07:4f:b6:bc:65:27:0d:95:24:
                    0b:cf:48:12:2c:af:f0:36:97:61:1f:e7:cb:50:2f:
                    0e:26:ea:ea:9e:e6:e8:dd:44:42:d2:4a:20:95:a1:
                    c0:07:42:fe:ae:b5:91:80:7d:77:59:88:e6:d1:4b:
                    35:64:8d:8d:fe:69:91:9f:84:1c:92:0b:4d:c0:08:
                    24:69:f5:61:cc:ce:7d:e5:e4:f3:e5:63:72:0c:58:
                    fd:e4:e7:4f:d7:c8:06:3c:fc:db:5c:4c:2b:d1:9e:
                    57:89:16:37:0d:e2:08:d9:08:05:6f:cd:bd:14:93:
                    75:bc:4d:a0:ce:f8:28:0a:54:8a:32:41:1a:ed:92:
                    35:ec:46:02:16:07:c8:b2:90:11:b6:57:2a:37:82:
                    7a:61:89:7f:69:f1:0c:09:7b:95:f8:7c:78:12:1a:
                    8d:95:72:82:7f:61:70:ee:57:1c:9d:5d:01:a0:30:
                    a8:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:01:FA:26:2D:53:10:C4:A1:78:DF:44:8A:25:9E:15:97:7F:75:4C
            X509v3 Authority Key Identifier:
                keyid:B5:94:EB:B6:74:8F:DC:12:12:7C:3F:92:7E:7F:B9:B1:AF:89:26:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:d4:09:d8:5b:d9:b1:f6:f9:ae:cd:27:fd:9e:19:4a:f8:93:
         e5:a5:34:ed:0c:21:d6:64:86:7d:e3:98:e8:3f:b8:0b:5b:c1:
         8e:cd:7a:e8:6d:4c:dc:b0:18:57:b3:28:2e:b4:5a:12:30:d2:
         3f:f9:bb:7d:18:f3:6c:05:15:93:1f:c7:89:f8:6b:94:ed:1a:
         e7:01:98:1e:ae:32:a1:d7:be:72:98:90:79:49:5e:77:11:85:
         ed:89:7c:7c:3c:6c:8b:8e:35:b4:ed:a6:6c:9d:ce:7c:b9:76:
         14:76:6e:e9:a1:f0:29:a6:e5:d6:e0:18:92:b1:0d:97:a3:f4:
         de:a1:06:9f:46:db:2d:b2:47:e3:16:b5:50:ac:d8:8d:e7:64:
         81:39:bd:09:b1:0e:f7:44:d6:d8:5d:7d:3e:3e:ba:0f:f1:c2:
         12:6a:ab:62:43:3b:d7:47:77:cc:79:cb:bb:9e:db:98:90:78:
         fc:2f:a3:00:75:97:5c:e5:17:ab:d8:2f:8b:53:7f:6f:7b:69:
         f7:00:01:f2:b2:a1:eb:34:4c:a4:14:3b:2e:c9:62:30:26:24:
         a5:78:eb:d3:09:68:0a:5f:7b:ee:88:9e:24:6b:95:3b:03:f6:
         ad:06:16:98:f1:d4:a9:e7:66:b8:7d:cc:be:47:2a:29:b4:73:
         3a:7b:52:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9FNDE49/RuCgLuUmpnBLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OTRlYmI2NzQ4ZmRjMTIxMjdjM2Y5MjdlN2ZiOWIxYWY4
OTI2MmMwHhcNMjUxMTA0MTMwMDI2WhcNMjUxMTA1MTMwMDI2WjAzMTEwLwYDVQQD
EyhiZTAxZmEyNjJkNTMxMGM0YTE3OGRmNDQ4YTI1OWUxNTk3N2Y3NTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJQ3A7JaGawCFx562qbGrPN5W6Ak
Bywh0z/jbMtT3zWF+jme9nDm9PtVAC/sF74J1fj6vS+V9H5SSJsJlE/iR83cT9hD
vQVdafeY4Spyu/4HT7a8ZScNlSQLz0gSLK/wNpdhH+fLUC8OJurqnubo3URC0kog
laHAB0L+rrWRgH13WYjm0Us1ZI2N/mmRn4QckgtNwAgkafVhzM595eTz5WNyDFj9
5OdP18gGPPzbXEwr0Z5XiRY3DeII2QgFb829FJN1vE2gzvgoClSKMkEa7ZI17EYC
FgfIspARtlcqN4J6YYl/afEMCXuV+Hx4EhqNlXKCf2Fw7lccnV0BoDCoCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL4B+iYtUxDEoXjfRIolnhWXf3VMMB8GA1UdIwQY
MBaAFLWU67Z0j9wSEnw/kn5/ubGviSYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84YWEwODEtMzk2OS00MzJjLTk4ZDAt
ODIxOTM2YjMxNTE4LzEvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84YWEwODEtMzk2OS00MzJjLTk4ZDAtODIxOTM2YjMxNTE4
LzEvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACdQJ2FvZ
sfb5rs0n/Z4ZSviT5aU07Qwh1mSGfeOY6D+4C1vBjs166G1M3LAYV7MoLrRaEjDS
P/m7fRjzbAUVkx/HifhrlO0a5wGYHq4yode+cpiQeUledxGF7Yl8fDxsi441tO2m
bJ3OfLl2FHZu6aHwKabl1uAYkrENl6P03qEGn0bbLbJH4xa1UKzYjedkgTm9CbEO
90TW2F19Pj66D/HCEmqrYkM710d3zHnLu57bmJB4/C+jAHWXXOUXq9gvi1N/b3tp
9wAB8rKh6zRMpBQ7LsliMCYkpXjr0wloCl977oieJGuVOwP2rQYWmPHUqedmuH3M
vkcqKbRzOntS8g==
-----END CERTIFICATE-----