Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
File:                     y_nNJDztaTe2vqVxAoFP-bpCZiE.mft (raw, json)
Hash identifier:          Fb4oNi4OAQ8/JI+Vsm3Rvmmce8kmXjwE6Y8lyaUQOkM=
Subject key identifier:   D5:9A:A2:70:AB:99:FA:BF:A8:A5:31:DB:37:AF:7C:60:30:10:51:74
Authority key identifier: CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21
Certificate issuer:       /CN=cbf9cd243ced6937b6bea57102814ff9ba426621
Certificate serial:       0199221ED96DA41E00401292DB5DE84A6F9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 03:01:11 +0000
Manifest this update:     Sun 07 Sep 2025 03:01:11 +0000
Manifest next update:     Mon 08 Sep 2025 03:01:11 +0000
Files and hashes:         1: y_nNJDztaTe2vqVxAoFP-bpCZiE.crl (hash: GPAdeD7K9R0jINbGQjNL1PXlXZglhkfVDQi5UzHe8I8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:d9:6d:a4:1e:00:40:12:92:db:5d:e8:4a:6f:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbf9cd243ced6937b6bea57102814ff9ba426621
        Validity
            Not Before: Sep  7 03:01:11 2025 GMT
            Not After : Sep  8 03:01:11 2025 GMT
        Subject: CN=d59aa270ab99fabfa8a531db37af7c6030105174
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:91:91:cc:b7:3d:29:27:8e:a5:5a:70:40:25:
                    c8:23:a4:dd:84:78:8a:52:44:0d:45:6d:d9:3a:0a:
                    16:a6:bf:15:13:e0:0e:01:d6:76:cb:0e:f7:56:bb:
                    2a:29:36:40:78:be:6b:61:e3:f8:af:66:26:06:01:
                    c6:dc:fb:8f:0a:85:ec:fb:cb:97:63:6b:58:5f:b5:
                    fe:a3:8b:f9:f0:d4:9d:a7:85:29:9d:e1:7e:33:02:
                    69:b2:d6:ca:8d:96:00:18:a5:60:49:ec:45:25:75:
                    ae:c9:0c:c0:51:23:78:0e:9e:bd:64:23:5b:86:12:
                    4b:d8:b9:26:7a:3e:a5:58:05:e9:2a:a2:95:89:15:
                    8f:be:d3:ac:38:16:9a:e7:a1:7d:93:bd:2e:e2:d7:
                    f6:85:1f:0a:2c:85:af:a4:08:4a:c6:e7:3d:3a:17:
                    56:84:ee:ce:97:3f:e5:bb:47:4f:0f:bd:43:b5:5b:
                    a0:c7:f0:31:96:34:10:6d:e3:36:28:c0:fd:b7:83:
                    03:c8:c2:de:18:6c:29:23:d6:c6:95:14:50:76:fb:
                    ad:4d:fb:3a:82:53:f7:19:35:67:21:d4:7f:e5:0e:
                    b8:b7:b1:06:bd:e9:33:26:4d:be:3a:34:e4:a0:27:
                    a8:37:50:b1:8f:3b:43:0a:a5:dc:4f:23:0d:03:cc:
                    41:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:9A:A2:70:AB:99:FA:BF:A8:A5:31:DB:37:AF:7C:60:30:10:51:74
            X509v3 Authority Key Identifier:
                keyid:CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:4c:11:27:35:01:ae:8d:31:2e:94:2f:88:74:df:a8:2c:ab:
         01:69:b6:9c:b1:90:03:3a:21:05:7f:d7:f0:7c:a1:f4:ef:83:
         a4:9c:26:43:d8:0f:32:d7:55:26:8f:7a:78:13:6e:8a:68:7c:
         7b:82:a3:81:d8:76:20:8b:57:eb:d5:46:ec:56:28:08:2b:08:
         78:90:2a:41:de:69:94:83:0a:9a:76:9b:77:f5:cc:33:55:35:
         ea:d6:ce:4e:bc:43:69:0b:a0:33:41:0d:91:ab:44:3c:1b:af:
         d0:81:78:07:22:39:46:0d:d0:96:0f:f1:b5:92:93:cc:2a:f9:
         92:f3:ca:10:89:d1:31:bd:35:c3:87:66:2b:a8:18:49:62:9f:
         15:3a:d1:20:34:aa:3c:47:1b:e1:c3:6e:41:7e:9e:99:9c:9b:
         b9:01:7b:ab:a9:8b:eb:bd:c0:b4:db:80:4d:a2:fa:a6:d7:c5:
         2e:fc:01:da:d1:31:10:77:19:6a:6a:87:d8:3b:20:cf:83:b0:
         9c:c3:d2:bc:ed:b2:05:36:bc:d4:d8:d0:4d:d6:07:6c:5c:fc:
         9b:87:d8:d1:40:10:43:1b:d4:d0:cb:95:25:28:74:08:ce:3f:
         d9:05:7a:af:5d:39:89:ae:88:21:3b:b6:f7:fd:35:d3:b6:51:
         4f:bb:72:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHtltpB4AQBKS213oSm+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjljZDI0M2NlZDY5MzdiNmJlYTU3MTAyODE0ZmY5YmE0
MjY2MjEwHhcNMjUwOTA3MDMwMTExWhcNMjUwOTA4MDMwMTExWjAzMTEwLwYDVQQD
EyhkNTlhYTI3MGFiOTlmYWJmYThhNTMxZGIzN2FmN2M2MDMwMTA1MTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpGRzLc9KSeOpVpwQCXII6TdhHiK
UkQNRW3ZOgoWpr8VE+AOAdZ2yw73VrsqKTZAeL5rYeP4r2YmBgHG3PuPCoXs+8uX
Y2tYX7X+o4v58NSdp4UpneF+MwJpstbKjZYAGKVgSexFJXWuyQzAUSN4Dp69ZCNb
hhJL2Lkmej6lWAXpKqKViRWPvtOsOBaa56F9k70u4tf2hR8KLIWvpAhKxuc9OhdW
hO7Olz/lu0dPD71DtVugx/AxljQQbeM2KMD9t4MDyMLeGGwpI9bGlRRQdvutTfs6
glP3GTVnIdR/5Q64t7EGvekzJk2+OjTkoCeoN1CxjztDCqXcTyMNA8xB7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNWaonCrmfq/qKUx2zevfGAwEFF0MB8GA1UdIwQY
MBaAFMv5zSQ87Wk3tr6lcQKBT/m6QmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQt
MWMxMzI1MGE2YTNjLzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQtMWMxMzI1MGE2YTNj
LzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT0wRJzUB
ro0xLpQviHTfqCyrAWm2nLGQAzohBX/X8Hyh9O+DpJwmQ9gPMtdVJo96eBNuimh8
e4Kjgdh2IItX69VG7FYoCCsIeJAqQd5plIMKmnabd/XMM1U16tbOTrxDaQugM0EN
katEPBuv0IF4ByI5Rg3Qlg/xtZKTzCr5kvPKEInRMb01w4dmK6gYSWKfFTrRIDSq
PEcb4cNuQX6emZybuQF7q6mL673AtNuATaL6ptfFLvwB2tExEHcZamqH2Dsgz4Ow
nMPSvO2yBTa81NjQTdYHbFz8m4fY0UAQQxvU0MuVJSh0CM4/2QV6r105ia6IITu2
9/0107ZRT7tyYw==
-----END CERTIFICATE-----