Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft
File:                     R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft (raw, json)
Hash identifier:          haD+ezG/9oTEjmHRdFugb4jMzhIiJmA0o8RaJUvv0j8=
Subject key identifier:   A8:C5:43:82:59:3E:DD:15:9A:74:D3:0F:BF:FB:B0:6A:93:EA:FB:65
Authority key identifier: 47:C6:8E:D5:0B:B5:3D:CA:E8:57:E4:C8:5B:CA:FD:51:3F:27:74:DA
Certificate issuer:       /CN=47c68ed50bb53dcae857e4c85bcafd513f2774da
Certificate serial:       019923A000F543FD0D1D55B9C2CE886681D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 10:01:52 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:52 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:52 +0000
Files and hashes:         1: R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl (hash: M16CCNz2V41Y4ks5TPpzkWTIsCLGG/bzU8lFDZjoHeY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:00:f5:43:fd:0d:1d:55:b9:c2:ce:88:66:81:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47c68ed50bb53dcae857e4c85bcafd513f2774da
        Validity
            Not Before: Sep  7 10:01:52 2025 GMT
            Not After : Sep  8 10:01:52 2025 GMT
        Subject: CN=a8c54382593edd159a74d30fbffbb06a93eafb65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:cf:dd:f3:f9:10:43:2e:58:03:6e:c7:57:14:
                    ec:ea:84:7d:c5:a5:6e:21:5d:a8:31:b2:22:0e:ca:
                    b8:c5:e5:bc:a4:8d:2d:ee:a2:fd:55:97:ce:70:af:
                    89:fa:74:d6:a5:42:fa:62:7c:76:11:1b:cb:6a:48:
                    2d:b3:ef:92:f3:08:94:6c:8e:6b:e5:1e:1d:b2:f8:
                    eb:98:49:c1:bf:09:f4:99:28:48:39:6e:a9:8b:8f:
                    10:89:18:6e:c7:b3:6c:ef:51:6c:28:6e:e6:0a:1d:
                    2f:bc:c2:64:7a:cc:ef:65:06:fd:86:ca:51:63:2b:
                    9f:d3:61:4e:08:86:27:b8:2a:6d:c4:0d:e8:66:5a:
                    c6:75:42:34:39:87:d7:11:5d:57:fe:02:f2:bc:0d:
                    e9:8b:14:5a:6b:6a:49:6a:ba:02:5c:76:fa:f0:bc:
                    9b:cb:b3:d6:5e:fe:89:3b:ab:8a:07:a4:83:0f:07:
                    ab:98:b7:87:af:9d:91:9b:e4:ea:05:4c:57:5a:cf:
                    d2:40:7f:ca:19:be:85:b0:e6:68:a1:ea:b8:80:ec:
                    b9:90:0e:ef:b5:fb:3e:bc:c5:e7:3e:6d:91:5a:78:
                    66:2c:84:57:fd:36:47:a0:e8:f4:f9:d4:2f:b1:1f:
                    92:63:78:4f:5f:ed:e9:40:e3:94:40:81:e9:2c:dd:
                    7d:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:C5:43:82:59:3E:DD:15:9A:74:D3:0F:BF:FB:B0:6A:93:EA:FB:65
            X509v3 Authority Key Identifier:
                keyid:47:C6:8E:D5:0B:B5:3D:CA:E8:57:E4:C8:5B:CA:FD:51:3F:27:74:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:a8:fb:6d:54:45:0f:5b:c8:15:1b:92:04:87:39:f0:bb:bb:
         2f:84:73:e1:0b:96:b5:9f:76:d8:c8:ff:ec:cb:36:82:75:6b:
         f9:a4:98:86:cf:a3:89:d9:6c:70:4a:7c:db:11:8e:ef:da:57:
         fa:d4:b2:de:ef:48:a9:29:72:8f:75:cd:98:4e:96:04:ba:81:
         ec:47:57:fa:c2:a0:20:92:04:f6:8a:a5:6b:d3:5f:d8:77:0f:
         b7:af:be:2e:ce:9e:ad:24:ee:3e:ca:14:81:73:04:c9:0e:3f:
         17:d8:3f:3c:1f:c7:95:6d:e8:6b:f0:7c:45:74:cd:5b:8c:05:
         8a:6f:ec:03:e1:d8:fb:c8:e8:fa:5e:a1:86:2d:ac:5c:ee:e3:
         a9:1d:01:f4:ad:6d:5e:2a:65:75:1c:32:86:2d:89:cf:09:b0:
         b9:89:15:58:40:f5:30:ba:ce:4f:58:e6:a1:e1:e2:58:06:78:
         2a:91:5f:54:c3:c0:1b:80:88:42:6e:66:5c:0d:36:20:cf:2f:
         fe:82:e3:d0:72:85:40:c5:e0:1f:04:fa:e5:86:2f:10:45:11:
         84:59:ed:3d:36:1d:d1:91:28:4b:19:c4:3d:1d:61:02:69:5d:
         c7:11:60:06:54:a1:0a:b6:fb:77:5d:e2:0a:6e:25:79:57:9f:
         7a:cf:22:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoAD1Q/0NHVW5ws6IZoHXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YzY4ZWQ1MGJiNTNkY2FlODU3ZTRjODViY2FmZDUxM2Yy
Nzc0ZGEwHhcNMjUwOTA3MTAwMTUyWhcNMjUwOTA4MTAwMTUyWjAzMTEwLwYDVQQD
EyhhOGM1NDM4MjU5M2VkZDE1OWE3NGQzMGZiZmZiYjA2YTkzZWFmYjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAos/d8/kQQy5YA27HVxTs6oR9xaVu
IV2oMbIiDsq4xeW8pI0t7qL9VZfOcK+J+nTWpUL6Ynx2ERvLakgts++S8wiUbI5r
5R4dsvjrmEnBvwn0mShIOW6pi48QiRhux7Ns71FsKG7mCh0vvMJkeszvZQb9hspR
Yyuf02FOCIYnuCptxA3oZlrGdUI0OYfXEV1X/gLyvA3pixRaa2pJaroCXHb68Lyb
y7PWXv6JO6uKB6SDDwermLeHr52Rm+TqBUxXWs/SQH/KGb6FsOZooeq4gOy5kA7v
tfs+vMXnPm2RWnhmLIRX/TZHoOj0+dQvsR+SY3hPX+3pQOOUQIHpLN19VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKjFQ4JZPt0VmnTTD7/7sGqT6vtlMB8GA1UdIwQY
MBaAFEfGjtULtT3K6FfkyFvK/VE/J3TaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9mZmNhMTgtOWQ3Ni00MDljLWEwZWMt
N2M0NTA0OTgyMDMwLzEvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9mZmNhMTgtOWQ3Ni00MDljLWEwZWMtN2M0NTA0OTgyMDMw
LzEvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMKj7bVRF
D1vIFRuSBIc58Lu7L4Rz4QuWtZ922Mj/7Ms2gnVr+aSYhs+jidlscEp82xGO79pX
+tSy3u9IqSlyj3XNmE6WBLqB7EdX+sKgIJIE9oqla9Nf2HcPt6++Ls6erSTuPsoU
gXMEyQ4/F9g/PB/HlW3oa/B8RXTNW4wFim/sA+HY+8jo+l6hhi2sXO7jqR0B9K1t
XipldRwyhi2JzwmwuYkVWED1MLrOT1jmoeHiWAZ4KpFfVMPAG4CIQm5mXA02IM8v
/oLj0HKFQMXgHwT65YYvEEURhFntPTYd0ZEoSxnEPR1hAmldxxFgBlShCrb7d13i
Cm4leVefes8iBQ==
-----END CERTIFICATE-----