Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
File:                     y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft (raw, json)
Hash identifier:          oDOsvMpbZaZlsbdTIZ/E9NAWrVaThowv00PhSzV8OnQ=
Subject key identifier:   1C:AC:2C:8A:D2:EE:A7:43:FC:32:D6:6A:9F:B8:45:29:1C:B0:C4:1D
Authority key identifier: CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42
Certificate issuer:       /CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
Certificate serial:       019921B1C1A199CBBC1CF0B094EE0BB76164
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
Manifest number:          166D
Signing time:             Sun 07 Sep 2025 01:02:01 +0000
Manifest this update:     Sun 07 Sep 2025 01:02:01 +0000
Manifest next update:     Mon 08 Sep 2025 01:02:01 +0000
Files and hashes:         1: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl (hash: xwYDYlnL1uFhcbrRrOcEDK9NRJm6ryqQKDHKGr3J934=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:02:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:c1:a1:99:cb:bc:1c:f0:b0:94:ee:0b:b7:61:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
        Validity
            Not Before: Sep  7 01:02:01 2025 GMT
            Not After : Sep  8 01:02:01 2025 GMT
        Subject: CN=1cac2c8ad2eea743fc32d66a9fb845291cb0c41d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:3b:6b:ce:ff:5a:2f:ff:10:a8:e8:96:09:c9:
                    be:e9:74:39:28:b2:05:00:64:d5:69:3b:d2:c8:5f:
                    fc:6d:35:11:45:c3:5f:4c:86:18:ac:7a:96:b8:68:
                    b4:50:77:36:4c:a1:8d:12:c1:f4:50:59:5c:4e:14:
                    da:cb:8d:4b:dd:81:b6:18:3a:6a:17:05:5b:23:54:
                    62:66:b3:66:21:9c:d4:c7:46:f3:9c:02:78:89:51:
                    3f:91:bf:bb:9f:b5:f9:88:cf:6b:c8:99:04:c3:f1:
                    78:72:69:75:2b:8a:c9:8e:d5:25:ad:b2:ab:ee:66:
                    d9:bb:44:3f:f5:0e:9e:50:86:c0:0b:43:2a:53:26:
                    31:10:f9:38:f1:cf:a0:7a:72:57:76:b4:12:30:c9:
                    5a:24:46:c6:aa:1b:8e:74:ce:09:ee:9b:a0:e5:3a:
                    c5:bc:88:c5:72:91:97:1e:76:ff:6e:ff:4b:ff:e9:
                    e0:cb:04:5a:a2:ca:f3:2a:f1:c6:ed:73:4c:50:96:
                    45:35:e4:74:b6:c7:54:ea:7e:70:a1:a6:bd:52:7d:
                    82:fb:51:b1:2c:96:66:58:67:db:4c:78:77:1d:fc:
                    d3:f2:d0:a5:cf:8f:41:de:88:89:2f:d3:92:a0:e4:
                    9d:45:45:03:42:5f:86:a8:e6:26:4d:65:db:9e:be:
                    b7:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:AC:2C:8A:D2:EE:A7:43:FC:32:D6:6A:9F:B8:45:29:1C:B0:C4:1D
            X509v3 Authority Key Identifier:
                keyid:CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:a3:84:68:13:45:06:1a:bb:dd:e5:a2:d5:16:48:8a:14:ad:
         96:5b:bf:e7:e2:e4:58:ea:ee:a4:dd:a6:80:08:a2:d0:87:46:
         e6:f8:a6:30:3b:e0:01:dc:df:5a:11:72:04:ac:a3:db:3b:b1:
         45:bf:52:f4:b7:45:d1:e3:ea:70:42:4b:5a:52:61:c2:4f:07:
         bf:e3:c6:74:e1:70:42:d6:6e:47:5c:95:96:db:c9:7d:96:ca:
         06:4d:b3:c6:19:90:ab:18:af:fe:6a:99:65:bd:4e:03:0c:bc:
         3d:0c:ce:4d:b6:91:33:e1:bf:a3:d3:9f:4d:bd:e6:89:57:7c:
         b0:34:dd:4b:ba:38:b5:e5:0b:32:84:2a:ce:b1:c5:3c:20:37:
         4e:07:9f:a6:6c:b7:87:56:0a:58:c7:47:25:a9:38:6f:2d:a9:
         14:0d:4d:cb:54:e8:00:43:26:1c:19:33:32:4c:6f:ab:61:29:
         fe:bc:9f:79:96:5c:b8:15:a5:7b:8b:56:5c:f9:bf:f2:43:48:
         ef:fb:42:2f:0b:d0:5b:ac:6e:de:a3:6e:55:da:b6:3f:7a:75:
         97:94:b9:37:3b:8e:0c:ec:08:b6:d9:2d:bf:24:da:6d:d6:c5:
         3b:95:1d:f2:d9:bc:2b:98:6e:b5:0b:d6:6e:93:eb:8c:40:fe:
         74:c5:20:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhscGhmcu8HPCwlO4Lt2FkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYzJlYmRhM2FiMDg1MTBlYmU5YTEwZTYwYmUyMzE2MDIy
OGE5NDIwHhcNMjUwOTA3MDEwMjAxWhcNMjUwOTA4MDEwMjAxWjAzMTEwLwYDVQQD
EygxY2FjMmM4YWQyZWVhNzQzZmMzMmQ2NmE5ZmI4NDUyOTFjYjBjNDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Dtrzv9aL/8QqOiWCcm+6XQ5KLIF
AGTVaTvSyF/8bTURRcNfTIYYrHqWuGi0UHc2TKGNEsH0UFlcThTay41L3YG2GDpq
FwVbI1RiZrNmIZzUx0bznAJ4iVE/kb+7n7X5iM9ryJkEw/F4cml1K4rJjtUlrbKr
7mbZu0Q/9Q6eUIbAC0MqUyYxEPk48c+genJXdrQSMMlaJEbGqhuOdM4J7pug5TrF
vIjFcpGXHnb/bv9L/+ngywRaosrzKvHG7XNMUJZFNeR0tsdU6n5woaa9Un2C+1Gx
LJZmWGfbTHh3HfzT8tClz49B3oiJL9OSoOSdRUUDQl+GqOYmTWXbnr63TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBysLIrS7qdD/DLWap+4RSkcsMQdMB8GA1UdIwQY
MBaAFMvC69o6sIUQ6+mhDmC+IxYCKKlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2Et
NzQ2MzgxNWEzZjRlLzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2EtNzQ2MzgxNWEzZjRl
LzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEKOEaBNF
Bhq73eWi1RZIihStllu/5+LkWOrupN2mgAii0IdG5vimMDvgAdzfWhFyBKyj2zux
Rb9S9LdF0ePqcEJLWlJhwk8Hv+PGdOFwQtZuR1yVltvJfZbKBk2zxhmQqxiv/mqZ
Zb1OAwy8PQzOTbaRM+G/o9OfTb3miVd8sDTdS7o4teULMoQqzrHFPCA3Tgefpmy3
h1YKWMdHJak4by2pFA1Ny1ToAEMmHBkzMkxvq2Ep/ryfeZZcuBWle4tWXPm/8kNI
7/tCLwvQW6xu3qNuVdq2P3p1l5S5NzuODOwIttktvyTabdbFO5Ud8tm8K5hutQvW
bpPrjED+dMUgUA==
-----END CERTIFICATE-----