Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft
File:                     aesKgBz9tLWANaXQdaKQSy6qX5E.mft (raw, json)
Hash identifier:          EwAVKR8hQezeCfCo22H2TUz+/CKi/eHGHrgvLgZmcOw=
Subject key identifier:   F2:11:48:79:B4:8B:33:DD:93:E9:5D:E3:4F:5A:7E:6C:A7:C0:E7:74
Authority key identifier: 69:EB:0A:80:1C:FD:B4:B5:80:35:A5:D0:75:A2:90:4B:2E:AA:5F:91
Certificate issuer:       /CN=69eb0a801cfdb4b58035a5d075a2904b2eaa5f91
Certificate serial:       019923A0211B59A40B41A0E11D60599440B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aesKgBz9tLWANaXQdaKQSy6qX5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft
Manifest number:          166F
Signing time:             Sun 07 Sep 2025 10:02:00 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:00 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:00 +0000
Files and hashes:         1: aesKgBz9tLWANaXQdaKQSy6qX5E.crl (hash: 56NpHTnJESShqjyqnSkqafr+szlDNAlk64BXpb5Kgwk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aesKgBz9tLWANaXQdaKQSy6qX5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:21:1b:59:a4:0b:41:a0:e1:1d:60:59:94:40:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69eb0a801cfdb4b58035a5d075a2904b2eaa5f91
        Validity
            Not Before: Sep  7 10:02:00 2025 GMT
            Not After : Sep  8 10:02:00 2025 GMT
        Subject: CN=f2114879b48b33dd93e95de34f5a7e6ca7c0e774
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:d9:70:64:84:dd:9a:5d:58:ac:ec:02:4d:bd:
                    e9:bf:03:a5:2d:cd:52:64:74:6f:38:69:8e:db:4e:
                    da:6d:aa:04:d5:dc:39:1a:84:70:02:cb:47:3a:21:
                    05:96:a3:41:94:ce:54:75:5d:ca:b7:bd:33:05:e4:
                    29:99:7f:86:fd:61:ba:f4:8d:c4:52:bd:2d:65:24:
                    80:b2:f7:e1:51:5e:18:04:89:5d:bc:89:7c:4a:3f:
                    9a:ac:ab:84:3a:c8:61:9d:87:ee:ae:30:e5:1e:ec:
                    6f:fe:9a:ef:6d:36:c6:4b:e7:eb:9f:65:4b:a3:9e:
                    dc:e9:23:48:1a:b2:23:4e:ad:a9:28:76:60:cb:ee:
                    7a:b7:cd:81:71:85:56:ff:ff:33:15:a6:d7:d9:01:
                    b2:70:22:35:86:cf:3b:cf:b5:30:f0:5e:de:58:d6:
                    db:f7:de:64:2c:fc:ca:28:e1:37:fd:f8:62:35:0a:
                    9c:a8:26:d4:89:04:67:bf:f4:ce:b3:9f:4b:7e:2c:
                    76:3b:ac:e8:2c:ff:8c:aa:d2:a5:72:22:36:54:c4:
                    be:b6:63:f4:9f:a2:bd:50:33:63:9e:93:da:1c:a1:
                    dd:06:66:03:2e:33:60:04:ab:db:c6:d3:19:57:1c:
                    0d:ca:e8:50:2b:ad:99:3a:c6:19:84:b9:59:1e:2f:
                    c6:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:11:48:79:B4:8B:33:DD:93:E9:5D:E3:4F:5A:7E:6C:A7:C0:E7:74
            X509v3 Authority Key Identifier:
                keyid:69:EB:0A:80:1C:FD:B4:B5:80:35:A5:D0:75:A2:90:4B:2E:AA:5F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aesKgBz9tLWANaXQdaKQSy6qX5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:3a:79:6a:a0:77:f3:4b:69:13:b7:a0:8e:0a:26:3b:d2:05:
         e9:8c:89:5f:25:85:89:6c:9d:41:f6:55:87:d6:07:5c:ce:3b:
         94:88:ae:44:e1:37:a8:7d:93:d7:2a:21:7f:2c:ea:24:2e:33:
         52:42:50:28:86:60:93:c6:68:13:de:29:09:65:f5:49:91:3d:
         d9:c8:5e:2d:a9:4e:0e:6f:a9:cb:63:9f:4a:6e:d2:71:8c:95:
         57:2d:e5:e8:08:4e:d4:10:54:31:c6:96:3d:c6:fa:28:9c:79:
         54:21:fc:a3:69:b8:31:10:b9:98:c3:64:83:da:7e:9b:44:35:
         23:66:7c:5e:c9:6b:3d:6d:50:49:df:b1:c4:60:56:ec:7d:2c:
         8f:1c:69:71:a6:4a:ea:37:04:5f:90:bf:c5:20:88:4a:28:bd:
         43:d8:62:13:ec:58:4f:46:44:fe:65:8b:37:67:c1:ad:8f:7b:
         cb:d6:2c:a0:fc:cd:83:85:fb:71:4e:c2:4f:c5:78:14:38:1b:
         b9:bd:08:d3:f8:d4:f6:18:d4:20:e6:01:44:42:e5:ef:f5:a5:
         c4:0a:cd:37:58:3b:43:67:e2:34:b2:97:2b:e3:ec:0e:dd:17:
         38:4b:cf:74:55:2e:72:da:f9:12:86:fc:bc:70:70:3f:95:e3:
         26:61:fe:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoCEbWaQLQaDhHWBZlEC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZWIwYTgwMWNmZGI0YjU4MDM1YTVkMDc1YTI5MDRiMmVh
YTVmOTEwHhcNMjUwOTA3MTAwMjAwWhcNMjUwOTA4MTAwMjAwWjAzMTEwLwYDVQQD
EyhmMjExNDg3OWI0OGIzM2RkOTNlOTVkZTM0ZjVhN2U2Y2E3YzBlNzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9lwZITdml1YrOwCTb3pvwOlLc1S
ZHRvOGmO207abaoE1dw5GoRwAstHOiEFlqNBlM5UdV3Kt70zBeQpmX+G/WG69I3E
Ur0tZSSAsvfhUV4YBIldvIl8Sj+arKuEOshhnYfurjDlHuxv/prvbTbGS+frn2VL
o57c6SNIGrIjTq2pKHZgy+56t82BcYVW//8zFabX2QGycCI1hs87z7Uw8F7eWNbb
995kLPzKKOE3/fhiNQqcqCbUiQRnv/TOs59Lfix2O6zoLP+MqtKlciI2VMS+tmP0
n6K9UDNjnpPaHKHdBmYDLjNgBKvbxtMZVxwNyuhQK62ZOsYZhLlZHi/GWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPIRSHm0izPdk+ld409afmynwOd0MB8GA1UdIwQY
MBaAFGnrCoAc/bS1gDWl0HWikEsuql+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWVzS2dCejl0TFdBTmFYUWRhS1FTeTZxWDVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8zYmFiNTctZGIzYi00YmU4LWIyNzkt
MDBmNTZmNDcyMWMyLzEvYWVzS2dCejl0TFdBTmFYUWRhS1FTeTZxWDVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8zYmFiNTctZGIzYi00YmU4LWIyNzktMDBmNTZmNDcyMWMy
LzEvYWVzS2dCejl0TFdBTmFYUWRhS1FTeTZxWDVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbzp5aqB3
80tpE7egjgomO9IF6YyJXyWFiWydQfZVh9YHXM47lIiuROE3qH2T1yohfyzqJC4z
UkJQKIZgk8ZoE94pCWX1SZE92cheLalODm+py2OfSm7ScYyVVy3l6AhO1BBUMcaW
Pcb6KJx5VCH8o2m4MRC5mMNkg9p+m0Q1I2Z8XslrPW1QSd+xxGBW7H0sjxxpcaZK
6jcEX5C/xSCISii9Q9hiE+xYT0ZE/mWLN2fBrY97y9YsoPzNg4X7cU7CT8V4FDgb
ub0I0/jU9hjUIOYBRELl7/WlxArNN1g7Q2fiNLKXK+PsDt0XOEvPdFUuctr5Eob8
vHBwP5XjJmH+9A==
-----END CERTIFICATE-----