Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
File:                     nc28ow8_5XpR57bAt_MgOvFnKiI.mft (raw, json)
Hash identifier:          NPyJfEiheIRYk2GdPWRjRaSFeUaTgnh7f9o8YvOfMW8=
Subject key identifier:   1D:94:08:97:B6:11:D2:D9:C2:17:E8:FE:73:DF:C0:D5:36:6E:E7:F3
Authority key identifier: 9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22
Certificate issuer:       /CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22
Certificate serial:       0199239F7A599973C9A67213912EE2107451
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
Manifest number:          166C
Signing time:             Sun 07 Sep 2025 10:01:18 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:18 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:18 +0000
Files and hashes:         1: nc28ow8_5XpR57bAt_MgOvFnKiI.crl (hash: Fsaa6L4JbMMQ8f5NXUqY23bH/jN95yzE8eQchww4LnI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:7a:59:99:73:c9:a6:72:13:91:2e:e2:10:74:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22
        Validity
            Not Before: Sep  7 10:01:18 2025 GMT
            Not After : Sep  8 10:01:18 2025 GMT
        Subject: CN=1d940897b611d2d9c217e8fe73dfc0d5366ee7f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:91:31:62:4b:ac:f2:68:84:a0:f9:fd:b2:09:
                    bd:4c:82:c8:08:75:a7:03:a1:cf:47:c8:2c:c9:c5:
                    df:c8:22:a6:e1:50:88:0c:d5:f3:76:50:2e:0e:ec:
                    78:72:fc:37:dd:d8:08:03:a8:c5:46:f2:3f:d8:db:
                    bb:11:85:f5:3f:b4:74:48:aa:ca:cf:d2:91:e2:e3:
                    38:d6:0e:bd:84:ca:80:a5:d5:46:aa:c8:4d:3b:56:
                    78:0d:45:94:dd:35:9d:14:1d:51:e5:0a:40:3a:74:
                    e3:45:fd:bc:0d:87:aa:bf:42:b3:17:e3:7f:e2:05:
                    22:de:01:cf:6e:ce:b3:50:88:cf:77:30:da:c6:e4:
                    c7:e2:11:d1:74:43:db:f2:47:ff:d3:7e:31:52:95:
                    03:73:20:75:b6:1b:85:54:93:c9:68:c7:c1:35:1e:
                    97:45:ea:5c:8d:54:e3:47:7c:d4:9a:32:82:14:68:
                    91:b2:05:a2:74:2b:e8:3a:73:6c:9f:92:16:64:48:
                    3a:05:84:8d:a7:49:04:a8:14:56:d8:15:66:1e:23:
                    4b:65:53:7b:68:12:ff:6c:59:0c:02:41:17:eb:6e:
                    75:96:4b:8d:3e:93:6a:d1:8f:26:62:76:c2:9d:38:
                    df:a3:96:d9:2e:bc:c7:59:05:df:4b:f6:fc:d1:ac:
                    4e:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:94:08:97:B6:11:D2:D9:C2:17:E8:FE:73:DF:C0:D5:36:6E:E7:F3
            X509v3 Authority Key Identifier:
                keyid:9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:21:eb:7d:75:81:97:50:15:0a:b6:9b:30:bb:70:e5:96:ed:
         c9:4d:70:df:d9:06:64:20:ac:e9:70:96:69:73:b2:3c:cc:44:
         0f:2f:75:03:4b:8e:6e:f7:4f:43:3d:8f:fe:9d:c6:90:69:62:
         e2:44:bb:b7:e6:fe:67:6a:78:01:a8:6f:e4:bc:34:6c:26:c5:
         e8:2d:82:a2:c1:76:8a:01:8b:c8:6e:2a:ce:b1:47:3a:97:55:
         a8:89:a8:13:b1:55:6c:41:0e:7a:bc:2a:ef:72:69:35:6d:e2:
         20:af:b8:9c:81:a8:61:4d:e0:48:d3:6c:46:f4:fd:c1:28:96:
         11:45:70:11:87:31:fd:b2:62:bb:1f:fa:ed:f3:be:5a:df:7d:
         f0:2d:84:a3:f5:02:03:79:ea:68:55:84:e1:2f:df:aa:82:6e:
         3e:9e:05:bb:0b:d2:2c:36:64:63:7b:98:c0:c5:6f:b2:1e:14:
         a9:ff:b9:6b:3d:85:ca:a5:d4:bc:23:d6:93:0c:d1:c7:ba:ee:
         30:b0:4a:ba:a2:2c:1f:2c:06:a5:1b:86:f5:32:d6:28:10:1d:
         22:b0:94:ce:cc:d5:f4:a3:a9:b4:08:b8:42:c6:a7:9e:35:bd:
         3c:65:0d:31:07:11:c4:2d:fc:d1:28:2c:ca:0f:a1:54:a1:8b:
         1c:c8:37:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn3pZmXPJpnITkS7iEHRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkY2RiY2EzMGYzZmU1N2E1MWU3YjZjMGI3ZjMyMDNhZjE2
NzJhMjIwHhcNMjUwOTA3MTAwMTE4WhcNMjUwOTA4MTAwMTE4WjAzMTEwLwYDVQQD
EygxZDk0MDg5N2I2MTFkMmQ5YzIxN2U4ZmU3M2RmYzBkNTM2NmVlN2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypExYkus8miEoPn9sgm9TILICHWn
A6HPR8gsycXfyCKm4VCIDNXzdlAuDux4cvw33dgIA6jFRvI/2Nu7EYX1P7R0SKrK
z9KR4uM41g69hMqApdVGqshNO1Z4DUWU3TWdFB1R5QpAOnTjRf28DYeqv0KzF+N/
4gUi3gHPbs6zUIjPdzDaxuTH4hHRdEPb8kf/034xUpUDcyB1thuFVJPJaMfBNR6X
RepcjVTjR3zUmjKCFGiRsgWidCvoOnNsn5IWZEg6BYSNp0kEqBRW2BVmHiNLZVN7
aBL/bFkMAkEX6251lkuNPpNq0Y8mYnbCnTjfo5bZLrzHWQXfS/b80axOlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB2UCJe2EdLZwhfo/nPfwNU2bufzMB8GA1UdIwQY
MBaAFJ3NvKMPP+V6Uee2wLfzIDrxZyoiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMt
ZmEwNjBiOWEzYjQwLzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMtZmEwNjBiOWEzYjQw
LzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMyHrfXWB
l1AVCrabMLtw5ZbtyU1w39kGZCCs6XCWaXOyPMxEDy91A0uObvdPQz2P/p3GkGli
4kS7t+b+Z2p4Aahv5Lw0bCbF6C2CosF2igGLyG4qzrFHOpdVqImoE7FVbEEOerwq
73JpNW3iIK+4nIGoYU3gSNNsRvT9wSiWEUVwEYcx/bJiux/67fO+Wt998C2Eo/UC
A3nqaFWE4S/fqoJuPp4FuwvSLDZkY3uYwMVvsh4Uqf+5az2FyqXUvCPWkwzRx7ru
MLBKuqIsHywGpRuG9TLWKBAdIrCUzszV9KOptAi4QsannjW9PGUNMQcRxC380Sgs
yg+hVKGLHMg3LQ==
-----END CERTIFICATE-----