Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
File:                     nD_Ua11gbBzKtVixc24mIaS8BAM.mft (raw, json)
Hash identifier:          byWGTRegVUriA0E2vG4skep+I220nKeKkXwwnX2EOpI=
Subject key identifier:   66:DC:09:8F:FE:E9:74:58:EC:F3:90:B6:B4:39:98:76:3E:C8:18:C0
Authority key identifier: 9C:3F:D4:6B:5D:60:6C:1C:CA:B5:58:B1:73:6E:26:21:A4:BC:04:03
Certificate issuer:       /CN=9c3fd46b5d606c1ccab558b1736e2621a4bc0403
Certificate serial:       019921E7868FD8D450731BB60FE5C4FA8A71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
Manifest number:          08FE
Signing time:             Sun 07 Sep 2025 02:00:45 +0000
Manifest this update:     Sun 07 Sep 2025 02:00:45 +0000
Manifest next update:     Mon 08 Sep 2025 02:00:45 +0000
Files and hashes:         1: nD_Ua11gbBzKtVixc24mIaS8BAM.crl (hash: IMmv7F+jzW5gQRwNy3ZdY+sEkmf1l6tn6GkI2kZFbbU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 02:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:e7:86:8f:d8:d4:50:73:1b:b6:0f:e5:c4:fa:8a:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c3fd46b5d606c1ccab558b1736e2621a4bc0403
        Validity
            Not Before: Sep  7 02:00:45 2025 GMT
            Not After : Sep  8 02:00:45 2025 GMT
        Subject: CN=66dc098ffee97458ecf390b6b43998763ec818c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:3e:6b:68:d2:4b:01:ca:62:6d:60:05:38:84:
                    13:e4:26:d3:cf:a0:be:11:d1:e3:ab:67:bb:50:18:
                    04:74:ef:f7:76:44:74:85:6c:99:7d:55:26:f7:f5:
                    c0:e3:5f:8d:89:29:06:1d:23:e7:66:f7:24:16:35:
                    9c:e7:79:ed:33:fc:34:a4:ad:12:a1:d4:99:ae:00:
                    75:c0:ee:bd:d8:3d:b1:65:c8:6a:9e:bc:68:f8:f6:
                    6e:2e:3f:cc:45:4c:b0:2e:fd:98:90:bd:22:f1:03:
                    83:5b:ee:a7:0d:8f:09:ef:e4:ae:51:57:24:14:d4:
                    5f:d0:e1:ce:d3:40:64:99:5d:a0:4c:2d:be:dc:97:
                    74:6a:77:53:38:74:c8:c3:24:30:e2:57:4d:9d:05:
                    46:3f:5e:d7:b7:1b:5d:97:aa:fc:3f:9d:3f:f4:20:
                    96:48:0f:aa:80:a5:23:33:ac:cc:34:36:44:c1:3a:
                    44:08:7e:f0:05:79:34:e9:14:cd:25:2c:8e:43:b5:
                    1f:70:8a:63:97:72:69:fb:2f:43:90:e5:24:ac:24:
                    5d:b5:4f:bb:f8:22:1e:38:66:55:59:42:47:17:1f:
                    3b:ee:1b:bb:81:0a:0f:23:e0:c8:18:fa:2b:53:fe:
                    50:5f:dd:89:68:b7:02:99:e4:fb:90:cb:0a:7c:c6:
                    c8:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:DC:09:8F:FE:E9:74:58:EC:F3:90:B6:B4:39:98:76:3E:C8:18:C0
            X509v3 Authority Key Identifier:
                keyid:9C:3F:D4:6B:5D:60:6C:1C:CA:B5:58:B1:73:6E:26:21:A4:BC:04:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:0e:96:47:51:14:9d:4c:07:8b:15:20:32:ac:54:82:9a:77:
         80:0d:26:b4:01:90:09:e5:27:4d:30:b7:eb:80:7b:1d:2e:e9:
         fb:66:86:85:01:a5:4d:99:7a:a8:e9:46:ee:20:25:f7:fc:96:
         a5:40:b8:cf:4b:99:9c:9a:03:46:d7:46:c9:8e:71:a3:7b:95:
         ca:af:81:58:a8:1c:f7:0b:71:c1:b2:3a:17:f6:8b:8a:fa:15:
         f7:ec:51:d2:21:98:a5:69:cc:70:17:7a:09:3f:42:2a:ee:c9:
         64:ad:a1:1b:f7:fc:7b:49:99:07:1f:2c:99:1e:e4:46:bb:31:
         27:74:d5:c2:e4:83:b0:5e:67:29:e1:16:ef:02:1b:fb:e6:2a:
         30:91:26:27:57:f7:2e:b2:80:8b:9a:f7:18:8e:0e:bb:a3:76:
         be:a0:5d:23:e7:1c:62:73:05:10:30:2f:c3:4e:bb:52:29:ab:
         4e:15:99:04:82:d8:cd:92:5f:cb:0e:47:76:93:27:21:46:c1:
         0b:b6:f9:de:07:0f:eb:46:a9:2b:d2:09:cb:c2:66:69:78:09:
         88:f7:ac:af:a5:61:7d:3f:bd:9e:00:9e:82:a8:58:7e:78:b0:
         ae:70:40:c2:70:aa:80:d1:dd:25:58:f0:c4:68:de:4c:1d:62:
         7f:85:05:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkh54aP2NRQcxu2D+XE+opxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljM2ZkNDZiNWQ2MDZjMWNjYWI1NThiMTczNmUyNjIxYTRi
YzA0MDMwHhcNMjUwOTA3MDIwMDQ1WhcNMjUwOTA4MDIwMDQ1WjAzMTEwLwYDVQQD
Eyg2NmRjMDk4ZmZlZTk3NDU4ZWNmMzkwYjZiNDM5OTg3NjNlYzgxOGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhz5raNJLAcpibWAFOIQT5CbTz6C+
EdHjq2e7UBgEdO/3dkR0hWyZfVUm9/XA41+NiSkGHSPnZvckFjWc53ntM/w0pK0S
odSZrgB1wO692D2xZchqnrxo+PZuLj/MRUywLv2YkL0i8QODW+6nDY8J7+SuUVck
FNRf0OHO00BkmV2gTC2+3Jd0andTOHTIwyQw4ldNnQVGP17Xtxtdl6r8P50/9CCW
SA+qgKUjM6zMNDZEwTpECH7wBXk06RTNJSyOQ7UfcIpjl3Jp+y9DkOUkrCRdtU+7
+CIeOGZVWUJHFx877hu7gQoPI+DIGPorU/5QX92JaLcCmeT7kMsKfMbIzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbcCY/+6XRY7POQtrQ5mHY+yBjAMB8GA1UdIwQY
MBaAFJw/1GtdYGwcyrVYsXNuJiGkvAQDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi81Y2VkMjUtOTA5Ni00NzUwLTgyMTkt
MGIzMWMzMzJkNTBkLzEvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi81Y2VkMjUtOTA5Ni00NzUwLTgyMTktMGIzMWMzMzJkNTBk
LzEvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfQ6WR1EU
nUwHixUgMqxUgpp3gA0mtAGQCeUnTTC364B7HS7p+2aGhQGlTZl6qOlG7iAl9/yW
pUC4z0uZnJoDRtdGyY5xo3uVyq+BWKgc9wtxwbI6F/aLivoV9+xR0iGYpWnMcBd6
CT9CKu7JZK2hG/f8e0mZBx8smR7kRrsxJ3TVwuSDsF5nKeEW7wIb++YqMJEmJ1f3
LrKAi5r3GI4Ou6N2vqBdI+ccYnMFEDAvw067UimrThWZBILYzZJfyw5HdpMnIUbB
C7b53gcP60apK9IJy8JmaXgJiPesr6VhfT+9ngCegqhYfniwrnBAwnCqgNHdJVjw
xGjeTB1if4UFvA==
-----END CERTIFICATE-----