Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
File:                     s9nxe5jDqWQThWY7jNW3X-HwpJg.mft (raw, json)
Hash identifier:          RZ4PXHZADiD3RTi/99BtAy12AgYN68N90qHvMmgv4bI=
Subject key identifier:   80:E5:A1:5D:77:4C:C9:2B:66:28:40:5C:0F:38:22:64:D2:A5:13:D7
Authority key identifier: B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98
Certificate issuer:       /CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
Certificate serial:       019921B0A632C54A2B2354D9C5FEBD228FA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
Manifest number:          166C
Signing time:             Sun 07 Sep 2025 01:00:48 +0000
Manifest this update:     Sun 07 Sep 2025 01:00:48 +0000
Manifest next update:     Mon 08 Sep 2025 01:00:48 +0000
Files and hashes:         1: s9nxe5jDqWQThWY7jNW3X-HwpJg.crl (hash: 820KuAF00eFVXW9WzsHn6li1ibDc5k/gol8fv4+Nlh0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:a6:32:c5:4a:2b:23:54:d9:c5:fe:bd:22:8f:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
        Validity
            Not Before: Sep  7 01:00:48 2025 GMT
            Not After : Sep  8 01:00:48 2025 GMT
        Subject: CN=80e5a15d774cc92b6628405c0f382264d2a513d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:87:c0:93:34:7b:60:8f:be:ee:28:19:1e:27:
                    cf:23:61:47:f8:46:06:3a:c9:07:ac:44:f9:e2:7c:
                    83:f5:88:0f:e3:a8:5b:49:07:9c:a3:a6:06:c8:18:
                    4f:a1:a1:bf:83:78:e2:2a:5e:1d:41:92:88:58:7e:
                    5e:b9:08:f8:f9:5c:a7:90:e2:a0:42:e2:57:f0:2f:
                    84:8d:55:d3:40:e7:8f:09:a9:a1:28:7b:9f:41:0d:
                    fa:d3:a5:55:6b:d1:95:5f:28:47:8b:c2:7a:41:77:
                    1c:0a:c5:1e:f5:e8:68:db:8a:66:f7:c6:ab:54:a5:
                    ff:69:0b:09:b7:b1:b1:a1:c2:dc:0d:37:ea:34:ed:
                    67:17:dd:29:66:1d:9f:e8:58:be:8f:24:81:a4:94:
                    5f:d1:55:cf:32:4e:c7:b4:a1:a8:f8:b5:14:f8:f7:
                    96:ab:13:90:1c:90:f5:ea:4a:9b:39:b5:ef:af:38:
                    e1:a2:06:3e:7f:66:8b:a7:ac:37:48:f5:ac:95:15:
                    b5:29:28:0b:52:9a:11:40:1f:e9:0c:39:f0:ed:55:
                    d8:7f:31:ab:dd:63:fe:eb:b1:8e:58:f0:cb:af:a6:
                    af:7d:4a:f2:81:b9:38:3a:1f:71:72:2f:0f:3b:80:
                    06:42:9c:cb:f4:27:03:67:83:f1:11:6d:03:fd:79:
                    6c:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:E5:A1:5D:77:4C:C9:2B:66:28:40:5C:0F:38:22:64:D2:A5:13:D7
            X509v3 Authority Key Identifier:
                keyid:B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:ff:f5:38:f1:c2:8d:10:ac:d4:ae:43:56:68:0e:f2:14:cd:
         4c:16:91:86:d1:93:8e:34:56:ac:1f:4f:d9:9c:03:0b:5a:b8:
         5c:8c:54:03:d4:72:7a:18:03:07:b6:16:e0:70:84:36:7b:76:
         18:06:20:9a:31:c9:dc:f6:8e:9c:3c:e9:78:09:50:56:03:12:
         4a:c2:04:cc:11:e2:44:58:3e:12:5b:ff:e3:7f:78:09:6f:23:
         8f:06:ff:03:5c:84:d2:2c:2d:ce:a6:dd:c6:bb:7d:fe:07:89:
         16:9b:ee:06:fe:02:43:e4:3b:f4:1c:59:47:48:4c:e7:36:5b:
         85:b5:ee:b7:51:cd:fa:37:3a:45:cc:38:4c:aa:5c:6b:2f:30:
         8f:85:5b:33:f8:89:cd:47:09:ed:fe:0e:4f:70:8f:fa:dd:44:
         80:85:67:9c:54:46:fe:d1:82:85:1c:6d:6c:fe:b7:c0:59:4e:
         f7:10:d2:ec:0d:d0:b3:b8:40:02:71:e0:d3:36:dd:52:60:b4:
         5e:63:da:07:b2:fe:26:85:1c:5e:c9:c2:3c:ac:0e:3f:55:13:
         4b:88:ec:cc:70:a1:7b:74:ce:9a:9d:15:f3:5d:e7:3c:d5:17:
         0c:9e:54:1d:bd:6a:ef:ca:8c:58:a4:95:1e:e0:e1:e2:84:37:
         0b:ec:b2:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsKYyxUorI1TZxf69Io+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDlmMTdiOThjM2E5NjQxMzg1NjYzYjhjZDViNzVmZTFm
MGE0OTgwHhcNMjUwOTA3MDEwMDQ4WhcNMjUwOTA4MDEwMDQ4WjAzMTEwLwYDVQQD
Eyg4MGU1YTE1ZDc3NGNjOTJiNjYyODQwNWMwZjM4MjI2NGQyYTUxM2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4fAkzR7YI++7igZHifPI2FH+EYG
OskHrET54nyD9YgP46hbSQeco6YGyBhPoaG/g3jiKl4dQZKIWH5euQj4+VynkOKg
QuJX8C+EjVXTQOePCamhKHufQQ3606VVa9GVXyhHi8J6QXccCsUe9eho24pm98ar
VKX/aQsJt7GxocLcDTfqNO1nF90pZh2f6Fi+jySBpJRf0VXPMk7HtKGo+LUU+PeW
qxOQHJD16kqbObXvrzjhogY+f2aLp6w3SPWslRW1KSgLUpoRQB/pDDnw7VXYfzGr
3WP+67GOWPDLr6avfUrygbk4Oh9xci8PO4AGQpzL9CcDZ4PxEW0D/Xls6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIDloV13TMkrZihAXA84ImTSpRPXMB8GA1UdIwQY
MBaAFLPZ8XuYw6lkE4VmO4zVt1/h8KSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTkt
MThlYzZhMDA4YzU2LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTktMThlYzZhMDA4YzU2
LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaf/1OPHC
jRCs1K5DVmgO8hTNTBaRhtGTjjRWrB9P2ZwDC1q4XIxUA9RyehgDB7YW4HCENnt2
GAYgmjHJ3PaOnDzpeAlQVgMSSsIEzBHiRFg+Elv/4394CW8jjwb/A1yE0iwtzqbd
xrt9/geJFpvuBv4CQ+Q79BxZR0hM5zZbhbXut1HN+jc6Rcw4TKpcay8wj4VbM/iJ
zUcJ7f4OT3CP+t1EgIVnnFRG/tGChRxtbP63wFlO9xDS7A3Qs7hAAnHg0zbdUmC0
XmPaB7L+JoUcXsnCPKwOP1UTS4jszHChe3TOmp0V813nPNUXDJ5UHb1q78qMWKSV
HuDh4oQ3C+yyvw==
-----END CERTIFICATE-----