Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
File:                     4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft (raw, json)
Hash identifier:          RE+j/CZPDAX6l58XZBjEBzKHBkKr2jIqYQ4FbTTsav4=
Subject key identifier:   39:6F:C3:1C:A7:3B:C8:34:38:2F:06:91:0B:5D:BE:64:93:B2:93:E8
Authority key identifier: E3:37:79:B8:38:8D:00:1F:DC:BD:DC:48:AC:E2:27:F0:09:85:06:60
Certificate issuer:       /CN=e33779b8388d001fdcbddc48ace227f009850660
Certificate serial:       0199239F05BA95053B863C43F0D5D2F883C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
Manifest number:          166D
Signing time:             Sun 07 Sep 2025 10:00:48 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:48 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:48 +0000
Files and hashes:         1: 4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl (hash: yo96fS4tXMonQFwIOESmAxwgus021qHknEhyXyRxUjg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:05:ba:95:05:3b:86:3c:43:f0:d5:d2:f8:83:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e33779b8388d001fdcbddc48ace227f009850660
        Validity
            Not Before: Sep  7 10:00:48 2025 GMT
            Not After : Sep  8 10:00:48 2025 GMT
        Subject: CN=396fc31ca73bc834382f06910b5dbe6493b293e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:61:18:b6:ce:84:fd:a2:14:bd:71:44:2e:a9:
                    25:97:ce:f6:50:c2:6e:71:00:38:33:b5:d3:e4:63:
                    a4:20:ef:1c:ae:b8:30:60:6a:74:45:ab:4d:8d:1a:
                    16:1c:df:ad:f5:e5:be:74:b8:4b:cd:35:73:72:9f:
                    7f:fc:36:5b:f0:05:ff:9d:f1:c3:92:00:e2:ba:7b:
                    0f:93:a1:36:f1:ea:e1:38:7f:9f:c1:8a:94:e5:49:
                    09:75:99:eb:d7:9c:3e:bf:f0:75:13:87:77:11:a8:
                    09:21:a1:33:0b:11:0f:bd:f3:86:38:dd:d0:70:77:
                    e1:8d:6d:5d:3f:49:11:c2:2c:31:a3:f5:e8:14:2c:
                    b2:0c:c3:28:91:87:ab:89:1b:c4:b8:8a:67:c1:d2:
                    e1:34:84:7f:c4:83:28:c6:c2:90:6b:79:70:ea:d1:
                    73:13:6b:c2:7e:6f:e1:59:21:3d:fe:54:8b:80:db:
                    57:56:a7:75:fd:e8:10:2e:9b:89:db:b9:14:6c:a7:
                    b7:75:7b:54:b8:ec:7f:3b:93:57:a7:1a:73:ad:98:
                    98:7b:e0:a5:7a:74:12:39:35:c1:da:a7:74:8b:ed:
                    6b:ab:b9:d1:37:e2:73:4e:99:71:4b:46:0a:f5:8f:
                    e8:40:af:b4:8f:a3:5f:b1:80:08:04:eb:4c:5d:69:
                    3b:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:6F:C3:1C:A7:3B:C8:34:38:2F:06:91:0B:5D:BE:64:93:B2:93:E8
            X509v3 Authority Key Identifier:
                keyid:E3:37:79:B8:38:8D:00:1F:DC:BD:DC:48:AC:E2:27:F0:09:85:06:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:2d:4c:b3:67:97:06:c5:a6:1b:6d:8f:4e:e8:6d:b2:88:7b:
         26:ae:07:51:ba:05:aa:8f:4d:b0:8d:02:37:2e:ee:ce:21:e9:
         e7:01:a3:af:63:76:89:4c:90:c5:a7:39:10:16:5d:3f:2c:53:
         26:65:f3:53:f6:99:b6:ef:4b:d7:11:7d:c1:d4:38:e8:b3:05:
         34:83:11:61:e1:38:7f:22:73:d6:2c:26:d8:a2:52:9a:62:ed:
         d5:b1:ac:3a:99:0a:bb:a7:00:43:07:2e:3d:08:68:84:cb:02:
         7b:25:6e:ec:c2:b2:02:d3:d0:cf:71:5d:99:37:fc:0f:a9:57:
         73:ff:7f:e6:48:55:96:ad:ce:6c:36:dd:cc:f9:b9:6a:6b:47:
         bd:60:ab:2d:cb:d7:09:a1:8d:7d:f9:83:a4:53:19:19:88:80:
         7f:5b:41:23:e4:51:5d:93:db:f9:28:c5:0c:c9:7e:6f:18:42:
         bb:ba:7c:93:a4:0a:61:3d:85:83:c8:80:15:42:dd:1f:78:d8:
         61:30:eb:72:2b:27:d2:9d:38:6c:98:6e:37:bc:d9:de:93:81:
         8a:4c:0d:a7:db:c6:93:2d:5a:78:17:1a:59:83:8c:c8:2e:3b:
         7f:1d:1c:6a:39:32:8a:90:83:02:b4:ee:6a:b4:a8:21:25:aa:
         cb:4c:bb:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnwW6lQU7hjxD8NXS+IPAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMzc3OWI4Mzg4ZDAwMWZkY2JkZGM0OGFjZTIyN2YwMDk4
NTA2NjAwHhcNMjUwOTA3MTAwMDQ4WhcNMjUwOTA4MTAwMDQ4WjAzMTEwLwYDVQQD
EygzOTZmYzMxY2E3M2JjODM0MzgyZjA2OTEwYjVkYmU2NDkzYjI5M2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGEYts6E/aIUvXFELqkll872UMJu
cQA4M7XT5GOkIO8crrgwYGp0RatNjRoWHN+t9eW+dLhLzTVzcp9//DZb8AX/nfHD
kgDiunsPk6E28erhOH+fwYqU5UkJdZnr15w+v/B1E4d3EagJIaEzCxEPvfOGON3Q
cHfhjW1dP0kRwiwxo/XoFCyyDMMokYeriRvEuIpnwdLhNIR/xIMoxsKQa3lw6tFz
E2vCfm/hWSE9/lSLgNtXVqd1/egQLpuJ27kUbKe3dXtUuOx/O5NXpxpzrZiYe+Cl
enQSOTXB2qd0i+1rq7nRN+JzTplxS0YK9Y/oQK+0j6NfsYAIBOtMXWk7WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDlvwxynO8g0OC8GkQtdvmSTspPoMB8GA1UdIwQY
MBaAFOM3ebg4jQAf3L3cSKziJ/AJhQZgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi85ZGIzMjYtMTE4OS00YWM5LWI0MTIt
ZjI5NGQzYjEyY2ZkLzEvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi85ZGIzMjYtMTE4OS00YWM5LWI0MTItZjI5NGQzYjEyY2Zk
LzEvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZi1Ms2eX
BsWmG22PTuhtsoh7Jq4HUboFqo9NsI0CNy7uziHp5wGjr2N2iUyQxac5EBZdPyxT
JmXzU/aZtu9L1xF9wdQ46LMFNIMRYeE4fyJz1iwm2KJSmmLt1bGsOpkKu6cAQwcu
PQhohMsCeyVu7MKyAtPQz3FdmTf8D6lXc/9/5khVlq3ObDbdzPm5amtHvWCrLcvX
CaGNffmDpFMZGYiAf1tBI+RRXZPb+SjFDMl+bxhCu7p8k6QKYT2Fg8iAFULdH3jY
YTDrcisn0p04bJhuN7zZ3pOBikwNp9vGky1aeBcaWYOMyC47fx0cajkyipCDArTu
arSoISWqy0y7Zg==
-----END CERTIFICATE-----