Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft
File:                     _1VJGZMcZ70mUPxODHPC-z4ijZU.mft (raw, json)
Hash identifier:          rleeSIxCBmLa3T8iTNOncT2FbsKh9os06zKh4K5DguE=
Subject key identifier:   AA:6E:5F:1C:67:09:72:CB:3F:97:09:C8:D9:9C:49:98:A9:20:FC:4F
Authority key identifier: FF:55:49:19:93:1C:67:BD:26:50:FC:4E:0C:73:C2:FB:3E:22:8D:95
Certificate issuer:       /CN=ff554919931c67bd2650fc4e0c73c2fb3e228d95
Certificate serial:       019922552A753739A0D186CEE04CE06013C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_1VJGZMcZ70mUPxODHPC-z4ijZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft
Manifest number:          166C
Signing time:             Sun 07 Sep 2025 04:00:30 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:30 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:30 +0000
Files and hashes:         1: _1VJGZMcZ70mUPxODHPC-z4ijZU.crl (hash: N3qvswJ1lo42Gfhh1h6BMK03mveu2sy0A4piQgArDsM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_1VJGZMcZ70mUPxODHPC-z4ijZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:2a:75:37:39:a0:d1:86:ce:e0:4c:e0:60:13:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff554919931c67bd2650fc4e0c73c2fb3e228d95
        Validity
            Not Before: Sep  7 04:00:30 2025 GMT
            Not After : Sep  8 04:00:30 2025 GMT
        Subject: CN=aa6e5f1c670972cb3f9709c8d99c4998a920fc4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:ec:2a:96:39:5f:79:3b:11:b6:54:9c:25:32:
                    93:68:57:ea:ad:e5:61:21:0d:f0:ed:e9:47:08:87:
                    c8:d1:12:dc:05:3a:76:c6:b7:d6:82:e0:31:8e:b7:
                    32:99:97:43:47:e4:ba:3e:b4:c9:df:8a:40:8e:c2:
                    69:94:4d:a8:03:1c:b7:2d:62:80:b8:b3:ba:dd:86:
                    e7:71:82:18:03:e9:9e:74:8d:f0:15:9d:18:45:b2:
                    9a:7e:aa:03:d7:e3:01:63:29:2e:bf:03:0c:25:d9:
                    c9:db:2b:4d:3f:06:8e:87:81:1c:a9:d8:8a:41:01:
                    d1:7a:9f:3b:9d:e3:df:5f:82:61:97:3b:c3:ca:8b:
                    d0:4c:d8:7e:88:a1:a3:7a:36:50:99:3b:aa:f7:d1:
                    fd:83:1b:f7:af:96:df:5d:8a:51:30:67:67:87:bf:
                    36:9b:9d:92:2b:71:64:c9:b0:99:5e:20:9e:fa:c5:
                    d8:34:8b:1f:a5:9e:70:75:51:9b:02:23:02:1b:3f:
                    6a:76:7a:6d:8a:27:23:aa:53:d5:ec:c1:9b:e6:4c:
                    de:78:5f:41:01:e0:4c:83:1f:49:31:a2:e3:1c:ea:
                    6f:00:00:15:d8:94:14:ed:3b:03:55:21:e6:3f:5d:
                    de:a5:67:7b:e3:b7:fc:5a:ee:02:03:8b:e9:07:1a:
                    da:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:6E:5F:1C:67:09:72:CB:3F:97:09:C8:D9:9C:49:98:A9:20:FC:4F
            X509v3 Authority Key Identifier:
                keyid:FF:55:49:19:93:1C:67:BD:26:50:FC:4E:0C:73:C2:FB:3E:22:8D:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_1VJGZMcZ70mUPxODHPC-z4ijZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:a8:82:4e:ef:ca:c3:90:9b:87:5c:9f:40:91:13:01:bf:b3:
         54:5d:c8:29:5f:40:0f:9c:82:b7:39:e1:54:5d:f2:ea:38:ea:
         90:6d:8a:34:2c:05:b6:1d:ed:22:9a:1a:eb:18:2f:e0:94:86:
         58:5f:17:11:03:e9:8d:c6:52:18:a1:76:d8:2b:3e:34:af:83:
         54:62:e8:c2:37:19:c5:0b:f1:52:93:9e:27:93:85:e0:bc:d7:
         d8:86:b0:6e:b3:a5:eb:8b:0b:ec:7b:9f:c5:e1:09:85:35:2e:
         75:f9:8b:f8:2b:08:26:7d:10:57:c5:9a:89:8e:cd:76:81:0d:
         2b:d0:13:4f:c9:09:d4:59:c4:0a:fe:31:7a:66:61:7b:d3:dd:
         3a:be:27:46:3a:e4:ae:9e:c4:df:f0:fe:a3:0f:a9:d0:b4:c9:
         3f:6b:86:cd:78:b3:60:29:6c:53:f3:69:60:87:6f:77:9d:c5:
         2c:ee:08:9e:77:e1:f5:20:a5:01:2b:76:11:79:f6:a9:65:cc:
         46:ca:7d:4a:16:74:42:ae:f5:a5:ae:1b:80:5f:8a:db:b9:3e:
         b7:f1:ea:5b:23:94:22:08:d6:8f:52:e2:50:f5:04:58:0a:38:
         79:a2:77:52:4b:05:95:69:67:4c:d4:4e:17:4b:91:82:14:d0:
         59:6f:33:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVSp1Nzmg0YbO4EzgYBPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNTU0OTE5OTMxYzY3YmQyNjUwZmM0ZTBjNzNjMmZiM2Uy
MjhkOTUwHhcNMjUwOTA3MDQwMDMwWhcNMjUwOTA4MDQwMDMwWjAzMTEwLwYDVQQD
EyhhYTZlNWYxYzY3MDk3MmNiM2Y5NzA5YzhkOTljNDk5OGE5MjBmYzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+wqljlfeTsRtlScJTKTaFfqreVh
IQ3w7elHCIfI0RLcBTp2xrfWguAxjrcymZdDR+S6PrTJ34pAjsJplE2oAxy3LWKA
uLO63YbncYIYA+medI3wFZ0YRbKafqoD1+MBYykuvwMMJdnJ2ytNPwaOh4EcqdiK
QQHRep87nePfX4JhlzvDyovQTNh+iKGjejZQmTuq99H9gxv3r5bfXYpRMGdnh782
m52SK3FkybCZXiCe+sXYNIsfpZ5wdVGbAiMCGz9qdnptiicjqlPV7MGb5kzeeF9B
AeBMgx9JMaLjHOpvAAAV2JQU7TsDVSHmP13epWd747f8Wu4CA4vpBxra7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKpuXxxnCXLLP5cJyNmcSZipIPxPMB8GA1UdIwQY
MBaAFP9VSRmTHGe9JlD8Tgxzwvs+Io2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzFWSkdaTWNaNzBtVVB4T0RIUEMtejRpalpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8yMzI0NGQtNDg4Ni00NzBiLWIxZmMt
MjkwYWE0MzE4Y2FhLzEvXzFWSkdaTWNaNzBtVVB4T0RIUEMtejRpalpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8yMzI0NGQtNDg4Ni00NzBiLWIxZmMtMjkwYWE0MzE4Y2Fh
LzEvXzFWSkdaTWNaNzBtVVB4T0RIUEMtejRpalpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAw6iCTu/K
w5Cbh1yfQJETAb+zVF3IKV9AD5yCtznhVF3y6jjqkG2KNCwFth3tIpoa6xgv4JSG
WF8XEQPpjcZSGKF22Cs+NK+DVGLowjcZxQvxUpOeJ5OF4LzX2IawbrOl64sL7Huf
xeEJhTUudfmL+CsIJn0QV8WaiY7NdoENK9ATT8kJ1FnECv4xemZhe9PdOr4nRjrk
rp7E3/D+ow+p0LTJP2uGzXizYClsU/NpYIdvd53FLO4Innfh9SClASt2EXn2qWXM
Rsp9ShZ0Qq71pa4bgF+K27k+t/HqWyOUIgjWj1LiUPUEWAo4eaJ3UksFlWlnTNRO
F0uRghTQWW8zPw==
-----END CERTIFICATE-----