Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft
File:                     tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft (raw, json)
Hash identifier:          VqSRmBZ2Aofqgy8X+2haa6KmJu1kDN2sDIHNeaifzOM=
Subject key identifier:   65:3E:4E:84:72:FC:8F:0B:76:D7:2B:DA:E0:E2:E6:50:23:72:2C:41
Authority key identifier: B5:3A:CA:36:84:6D:2D:30:23:64:8E:AC:58:1C:7D:9B:63:17:EE:DC
Certificate issuer:       /CN=b53aca36846d2d3023648eac581c7d9b6317eedc
Certificate serial:       019A4FCFF932A13D920E66E9B0896E803CD1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft
Manifest number:          030C
Signing time:             Tue 04 Nov 2025 17:00:20 +0000
Manifest this update:     Tue 04 Nov 2025 17:00:20 +0000
Manifest next update:     Wed 05 Nov 2025 17:00:20 +0000
Files and hashes:         1: tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl (hash: 0EY5r+Ol29tGggCIBzdEq08Zqdjj3QuFqyZ2xM6c4bk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 17:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:cf:f9:32:a1:3d:92:0e:66:e9:b0:89:6e:80:3c:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b53aca36846d2d3023648eac581c7d9b6317eedc
        Validity
            Not Before: Nov  4 17:00:20 2025 GMT
            Not After : Nov  5 17:00:20 2025 GMT
        Subject: CN=653e4e8472fc8f0b76d72bdae0e2e65023722c41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:6f:8d:64:ab:21:60:7f:08:f0:08:60:4f:33:
                    71:ff:93:e5:7b:81:ae:d2:a4:ed:dc:24:25:8b:c5:
                    16:bf:a6:eb:8b:dc:d9:2f:8f:8a:c2:95:88:00:3b:
                    7a:a1:12:5a:22:02:e5:e1:aa:af:94:52:90:75:43:
                    0a:9d:cc:4a:b1:b6:c2:0e:f1:02:03:78:83:d9:19:
                    14:a4:d6:a4:70:8d:a1:01:1d:c0:5e:a0:08:25:bc:
                    a5:45:b3:b8:97:6c:f9:7b:07:59:a3:f1:63:7a:04:
                    fb:2f:e4:e2:ee:fa:ee:c5:00:df:11:bc:fc:85:39:
                    a9:35:a2:d1:2a:65:9a:4f:ce:01:f0:b5:a5:92:02:
                    b6:0c:7c:65:ab:be:d1:e4:e1:f6:67:41:11:57:68:
                    0c:bd:2f:e0:ed:dc:e6:12:66:fb:5d:df:b7:2a:ae:
                    78:c0:e9:eb:68:e0:f8:dc:97:3a:4d:b4:31:ad:88:
                    65:bc:51:78:3d:55:9a:fc:29:39:ce:af:5a:09:e2:
                    e6:25:27:2e:be:b4:55:6c:68:c3:d2:ae:6c:fd:f1:
                    01:96:c9:9a:9e:fd:4b:d4:e0:b2:df:ca:6e:40:dd:
                    c7:08:2d:fa:91:80:61:c7:07:8a:aa:2e:db:b8:60:
                    f5:97:df:e6:c0:11:56:83:07:b7:82:45:39:dd:58:
                    8b:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:3E:4E:84:72:FC:8F:0B:76:D7:2B:DA:E0:E2:E6:50:23:72:2C:41
            X509v3 Authority Key Identifier:
                keyid:B5:3A:CA:36:84:6D:2D:30:23:64:8E:AC:58:1C:7D:9B:63:17:EE:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:b5:66:e8:62:85:50:ba:86:5e:0c:f1:a0:fd:ba:81:1a:46:
         d0:1f:94:cd:7f:19:14:7e:c5:2c:c4:48:dd:cc:7f:7b:ac:dc:
         3a:fd:ad:44:bc:be:02:c9:c0:e5:96:20:e9:b7:37:8f:28:c8:
         5d:ee:03:80:a1:a6:58:8b:7c:5f:35:92:57:03:81:9c:74:7a:
         6a:15:0b:bd:ec:79:26:21:0b:a7:8b:e5:2e:db:e5:d0:f8:ab:
         6a:d6:28:92:b9:28:f1:37:00:2c:b3:5e:68:75:87:40:1b:7c:
         ca:ce:93:d1:a1:55:a8:5f:59:5c:cd:f9:8a:b6:2e:b8:4f:c7:
         72:b5:7d:04:8b:e0:77:f2:71:3e:24:91:36:4a:da:14:46:30:
         95:e4:a1:54:ab:e7:f1:da:ed:26:20:7e:13:a0:b8:ae:ec:f5:
         3e:6e:c4:f1:02:ee:4f:e1:bd:8c:2f:b0:9d:0b:e4:cf:b5:02:
         fc:21:5f:19:8a:ed:96:bc:e6:34:46:7b:dc:aa:29:95:b1:5d:
         f6:5b:c6:4d:36:04:c8:42:5b:45:c1:5f:b3:66:00:ed:58:c3:
         d6:27:83:f1:80:a4:67:86:ad:4d:de:fa:1b:b9:a9:40:55:90:
         6a:7f:1d:3e:ae:3f:b6:89:6a:aa:eb:40:ec:83:f1:d2:fa:e1:
         f7:0f:02:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPz/kyoT2SDmbpsIlugDzRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1M2FjYTM2ODQ2ZDJkMzAyMzY0OGVhYzU4MWM3ZDliNjMx
N2VlZGMwHhcNMjUxMTA0MTcwMDIwWhcNMjUxMTA1MTcwMDIwWjAzMTEwLwYDVQQD
Eyg2NTNlNGU4NDcyZmM4ZjBiNzZkNzJiZGFlMGUyZTY1MDIzNzIyYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzG+NZKshYH8I8AhgTzNx/5Ple4Gu
0qTt3CQli8UWv6bri9zZL4+KwpWIADt6oRJaIgLl4aqvlFKQdUMKncxKsbbCDvEC
A3iD2RkUpNakcI2hAR3AXqAIJbylRbO4l2z5ewdZo/FjegT7L+Ti7vruxQDfEbz8
hTmpNaLRKmWaT84B8LWlkgK2DHxlq77R5OH2Z0ERV2gMvS/g7dzmEmb7Xd+3Kq54
wOnraOD43Jc6TbQxrYhlvFF4PVWa/Ck5zq9aCeLmJScuvrRVbGjD0q5s/fEBlsma
nv1L1OCy38puQN3HCC36kYBhxweKqi7buGD1l9/mwBFWgwe3gkU53ViLYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGU+ToRy/I8Ldtcr2uDi5lAjcixBMB8GA1UdIwQY
MBaAFLU6yjaEbS0wI2SOrFgcfZtjF+7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hYWYzNmMtNjY2ZC00YWM0LWIwZjMt
NGJiMzdiMThiOWZlLzEvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9hYWYzNmMtNjY2ZC00YWM0LWIwZjMtNGJiMzdiMThiOWZl
LzEvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAALVm6GKF
ULqGXgzxoP26gRpG0B+UzX8ZFH7FLMRI3cx/e6zcOv2tRLy+AsnA5ZYg6bc3jyjI
Xe4DgKGmWIt8XzWSVwOBnHR6ahULvex5JiELp4vlLtvl0PiratYokrko8TcALLNe
aHWHQBt8ys6T0aFVqF9ZXM35irYuuE/HcrV9BIvgd/JxPiSRNkraFEYwleShVKvn
8drtJiB+E6C4ruz1Pm7E8QLuT+G9jC+wnQvkz7UC/CFfGYrtlrzmNEZ73KoplbFd
9lvGTTYEyEJbRcFfs2YA7VjD1ieD8YCkZ4atTd76G7mpQFWQan8dPq4/tolqqutA
7IPx0vrh9w8Crg==
-----END CERTIFICATE-----