Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dee8b9-c300-45eb-89e1-80699529cceb/1/cRcdWnbTurk3KszJJz66ffHFnPI.mft
File:                     cRcdWnbTurk3KszJJz66ffHFnPI.mft (raw, json)
Hash identifier:          +76welzZM/CYbCUzQL+eaZ+NK2ZXLfBOlpGkzIW8qy4=
Subject key identifier:   04:0D:FE:7D:A0:64:A2:D1:81:F9:76:19:5C:15:9D:CC:EB:9B:D3:F0
Authority key identifier: 71:17:1D:5A:76:D3:BA:B9:37:2A:CC:C9:27:3E:BA:7D:F1:C5:9C:F2
Certificate issuer:       /CN=71171d5a76d3bab9372accc9273eba7df1c59cf2
Certificate serial:       019923A006A87359C5FAA2EB7DA1CD89A22B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cRcdWnbTurk3KszJJz66ffHFnPI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/dee8b9-c300-45eb-89e1-80699529cceb/1/cRcdWnbTurk3KszJJz66ffHFnPI.mft
Manifest number:          166F
Signing time:             Sun 07 Sep 2025 10:01:53 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:53 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:53 +0000
Files and hashes:         1: cRcdWnbTurk3KszJJz66ffHFnPI.crl (hash: 1IY5SCOpywOQKA1HGgKyngTJXCCu/YPi7j4QdWMY+1k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/dee8b9-c300-45eb-89e1-80699529cceb/1/cRcdWnbTurk3KszJJz66ffHFnPI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/dee8b9-c300-45eb-89e1-80699529cceb/1/cRcdWnbTurk3KszJJz66ffHFnPI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cRcdWnbTurk3KszJJz66ffHFnPI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:06:a8:73:59:c5:fa:a2:eb:7d:a1:cd:89:a2:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71171d5a76d3bab9372accc9273eba7df1c59cf2
        Validity
            Not Before: Sep  7 10:01:53 2025 GMT
            Not After : Sep  8 10:01:53 2025 GMT
        Subject: CN=040dfe7da064a2d181f976195c159dcceb9bd3f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:3e:d1:40:26:b1:e8:93:4a:4b:c8:d3:2c:4c:
                    c6:8b:72:ab:9a:d5:e8:5e:f7:00:fe:e2:a6:7c:ec:
                    b5:b3:70:4a:db:ea:a6:f3:db:6c:b3:a5:eb:07:b7:
                    46:64:db:9e:06:98:72:db:f2:9e:44:bb:44:64:d5:
                    5a:06:43:09:60:3a:d4:45:24:3c:ec:6f:7d:06:38:
                    c5:72:51:bc:60:eb:3e:f7:e9:a1:89:29:78:9c:ae:
                    12:bc:37:b2:12:d1:45:c1:88:23:27:3a:f5:61:ac:
                    64:e8:64:f3:ec:f1:00:f1:1d:07:15:0e:ed:c6:44:
                    a9:21:3e:57:4f:af:36:85:32:7e:af:7d:21:1b:78:
                    f5:1c:29:82:c1:c5:68:59:ec:f9:29:4a:65:f7:fe:
                    19:95:47:e5:fb:2a:29:97:0e:07:20:7d:72:5f:f1:
                    9b:f7:83:15:7f:01:44:26:b2:11:de:73:6d:92:ee:
                    e0:77:ad:73:36:60:b6:a8:a5:e4:04:83:ee:a4:30:
                    34:15:6e:41:72:ee:14:c3:a2:10:35:98:00:c3:7c:
                    e7:d5:b4:cb:5d:6e:c5:d1:07:ef:ca:d3:95:1c:19:
                    e2:7d:e0:c2:8d:84:0b:65:e8:e7:fa:67:0c:ff:ec:
                    2b:ca:fe:31:a2:4c:4b:b1:5d:78:7c:47:34:c5:9f:
                    84:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:0D:FE:7D:A0:64:A2:D1:81:F9:76:19:5C:15:9D:CC:EB:9B:D3:F0
            X509v3 Authority Key Identifier:
                keyid:71:17:1D:5A:76:D3:BA:B9:37:2A:CC:C9:27:3E:BA:7D:F1:C5:9C:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cRcdWnbTurk3KszJJz66ffHFnPI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dee8b9-c300-45eb-89e1-80699529cceb/1/cRcdWnbTurk3KszJJz66ffHFnPI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dee8b9-c300-45eb-89e1-80699529cceb/1/cRcdWnbTurk3KszJJz66ffHFnPI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:e0:1c:f9:48:4f:3b:e5:e9:4a:5e:18:1c:1d:19:10:59:a1:
         8c:a9:80:e4:b0:e6:72:e4:5e:0e:39:72:ee:85:b2:d8:8f:13:
         38:47:c9:ba:3f:13:11:57:0e:28:6c:bf:99:de:4f:48:0a:94:
         d8:81:0d:a2:b9:76:98:c5:3b:93:74:f1:55:04:ee:16:72:1c:
         41:16:21:d7:22:f6:40:88:1c:7d:ca:ad:3f:0f:a0:b1:13:01:
         8b:e1:68:7b:db:eb:e8:04:b1:d2:06:de:9e:68:b0:1c:82:bf:
         14:1b:60:2d:f2:82:bd:b0:73:1d:36:e7:3b:81:7a:94:af:71:
         16:29:1d:2e:f9:29:d1:45:85:ea:86:f5:b5:f6:d4:7d:50:1a:
         81:c5:b4:49:ab:9f:78:5f:aa:d1:12:b1:f3:3a:ea:8b:49:08:
         e2:5e:9e:44:d5:f1:2b:a5:da:78:de:c0:4d:3a:a5:39:62:64:
         4b:13:b7:53:a2:a3:09:3f:1e:dd:7d:9c:6b:00:66:48:d5:69:
         6a:15:b3:0d:3f:76:aa:de:2a:ee:69:b9:e0:eb:0e:cc:0f:b7:
         1c:0d:0e:69:e7:76:20:0e:d0:1f:fe:67:8e:97:cd:4b:04:41:
         7b:34:72:24:f4:83:65:5a:92:1c:21:a6:89:61:fa:45:e9:65:
         31:2f:14:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoAaoc1nF+qLrfaHNiaIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMTcxZDVhNzZkM2JhYjkzNzJhY2NjOTI3M2ViYTdkZjFj
NTljZjIwHhcNMjUwOTA3MTAwMTUzWhcNMjUwOTA4MTAwMTUzWjAzMTEwLwYDVQQD
EygwNDBkZmU3ZGEwNjRhMmQxODFmOTc2MTk1YzE1OWRjY2ViOWJkM2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtT7RQCax6JNKS8jTLEzGi3KrmtXo
XvcA/uKmfOy1s3BK2+qm89tss6XrB7dGZNueBphy2/KeRLtEZNVaBkMJYDrURSQ8
7G99BjjFclG8YOs+9+mhiSl4nK4SvDeyEtFFwYgjJzr1Yaxk6GTz7PEA8R0HFQ7t
xkSpIT5XT682hTJ+r30hG3j1HCmCwcVoWez5KUpl9/4ZlUfl+yoplw4HIH1yX/Gb
94MVfwFEJrIR3nNtku7gd61zNmC2qKXkBIPupDA0FW5Bcu4Uw6IQNZgAw3zn1bTL
XW7F0QfvytOVHBnifeDCjYQLZejn+mcM/+wryv4xokxLsV14fEc0xZ+EGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQN/n2gZKLRgfl2GVwVnczrm9PwMB8GA1UdIwQY
MBaAFHEXHVp207q5NyrMySc+un3xxZzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1JjZFduYlR1cmszS3N6Skp6NjZmZkhGblBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kZWU4YjktYzMwMC00NWViLTg5ZTEt
ODA2OTk1MjljY2ViLzEvY1JjZFduYlR1cmszS3N6Skp6NjZmZkhGblBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kZWU4YjktYzMwMC00NWViLTg5ZTEtODA2OTk1MjljY2Vi
LzEvY1JjZFduYlR1cmszS3N6Skp6NjZmZkhGblBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm+Ac+UhP
O+XpSl4YHB0ZEFmhjKmA5LDmcuReDjly7oWy2I8TOEfJuj8TEVcOKGy/md5PSAqU
2IENorl2mMU7k3TxVQTuFnIcQRYh1yL2QIgcfcqtPw+gsRMBi+Foe9vr6ASx0gbe
nmiwHIK/FBtgLfKCvbBzHTbnO4F6lK9xFikdLvkp0UWF6ob1tfbUfVAagcW0Sauf
eF+q0RKx8zrqi0kI4l6eRNXxK6XaeN7ATTqlOWJkSxO3U6KjCT8e3X2cawBmSNVp
ahWzDT92qt4q7mm54OsOzA+3HA0Oaed2IA7QH/5njpfNSwRBezRyJPSDZVqSHCGm
iWH6RellMS8UOw==
-----END CERTIFICATE-----