Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
File:                     YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft (raw, json)
Hash identifier:          Dnx24TPnaCxjXW0WkPzzpWjS42vGxQNaIjPYfgwuWEg=
Subject key identifier:   A2:AA:4F:78:AC:57:16:F5:38:EF:65:5D:8A:0C:07:B7:70:21:0D:E7
Authority key identifier: 60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30
Certificate issuer:       /CN=6062b21fb6655b897923e29d6fcb644ab10ac530
Certificate serial:       0199228CF3853E6E52E13A6630071843E7D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 05:01:26 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:26 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:26 +0000
Files and hashes:         1: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl (hash: Cs0MPNafcfA/rlUDX0rQj5OSEAXCVMSab2SHKiI6t0E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:f3:85:3e:6e:52:e1:3a:66:30:07:18:43:e7:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6062b21fb6655b897923e29d6fcb644ab10ac530
        Validity
            Not Before: Sep  7 05:01:26 2025 GMT
            Not After : Sep  8 05:01:26 2025 GMT
        Subject: CN=a2aa4f78ac5716f538ef655d8a0c07b770210de7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:08:f3:13:16:d6:c0:3e:55:64:75:04:35:19:
                    bf:aa:78:46:18:2e:cc:b2:ba:05:67:5f:f6:39:1a:
                    a6:bf:7e:48:68:dd:30:99:3a:c7:5b:cb:76:03:fb:
                    fa:7d:0b:41:07:59:a3:b1:42:45:e2:2e:07:f8:dc:
                    e7:e5:bc:1d:48:7e:61:16:f6:9a:e1:80:5f:22:e3:
                    4b:ad:71:c5:0b:80:4a:39:54:aa:ab:d3:3a:5b:01:
                    36:66:82:28:ae:d1:0d:78:80:4e:6b:ef:0e:b8:c1:
                    d1:a0:b6:fe:f7:7d:df:d2:da:cf:35:2f:2d:91:b6:
                    ac:d1:0d:a0:ad:b1:f7:57:41:17:d0:bb:e8:17:10:
                    d0:8a:09:7b:c6:6a:0b:86:4b:23:86:da:b2:e0:a7:
                    97:f7:72:f1:4b:d7:ac:17:64:6c:f2:b7:ce:9f:2a:
                    86:c4:0a:aa:67:ed:24:2d:f4:a5:0f:10:6a:9c:7e:
                    60:9d:c5:66:e9:2c:cf:df:48:07:d3:ed:26:55:ed:
                    02:94:4b:49:af:0c:61:07:88:8a:b7:a1:27:62:dc:
                    87:20:c5:48:1b:86:eb:ae:da:c5:5a:3f:e7:6f:92:
                    91:71:e8:32:64:87:b8:99:89:21:ba:94:9a:7b:a5:
                    6f:ed:d8:c1:a5:ee:e3:86:48:28:3d:de:91:49:d7:
                    b0:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:AA:4F:78:AC:57:16:F5:38:EF:65:5D:8A:0C:07:B7:70:21:0D:E7
            X509v3 Authority Key Identifier:
                keyid:60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:f2:6d:a8:0e:6a:d3:b7:c8:f4:4f:9a:22:b2:18:bb:9c:3c:
         ad:39:da:06:55:1d:f4:67:67:e7:cb:7e:51:6e:79:75:d0:34:
         71:e7:3a:15:7a:b9:b9:40:31:a2:52:08:dd:64:86:aa:13:26:
         28:f9:51:e0:bc:f1:56:b3:ff:bf:d3:12:fa:78:1e:d8:5f:b9:
         fc:f6:a0:65:0a:46:49:5f:4c:9d:90:89:d1:de:74:26:e7:8d:
         85:37:94:4c:68:30:c3:2c:df:07:46:f3:e4:ff:cf:b0:ee:ba:
         8b:e7:56:71:73:cd:01:3a:24:b3:ad:26:8c:d7:58:58:0a:b5:
         cf:0f:bc:a8:9e:d0:52:c1:89:69:1e:6a:f6:18:1d:0b:5e:1b:
         b1:8a:62:b6:84:7a:9c:a7:9c:1a:e4:e9:b6:63:b5:b0:7a:b1:
         2c:c3:f6:96:47:28:0a:c1:69:f6:73:c2:21:9c:ed:c4:78:3b:
         3b:8b:28:11:54:8d:17:73:92:c9:0d:b1:ae:81:1f:d2:9a:4b:
         4b:58:47:41:f1:ec:6d:21:9c:ff:c5:20:37:77:9d:c3:b8:31:
         fd:b0:29:05:db:38:4d:ae:f9:40:42:57:54:36:2c:c9:cf:64:
         9e:55:26:f0:9b:cd:5e:86:49:65:c9:65:3f:70:11:2d:24:c5:
         ac:50:86:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijPOFPm5S4TpmMAcYQ+fWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjJiMjFmYjY2NTViODk3OTIzZTI5ZDZmY2I2NDRhYjEw
YWM1MzAwHhcNMjUwOTA3MDUwMTI2WhcNMjUwOTA4MDUwMTI2WjAzMTEwLwYDVQQD
EyhhMmFhNGY3OGFjNTcxNmY1MzhlZjY1NWQ4YTBjMDdiNzcwMjEwZGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswjzExbWwD5VZHUENRm/qnhGGC7M
sroFZ1/2ORqmv35IaN0wmTrHW8t2A/v6fQtBB1mjsUJF4i4H+Nzn5bwdSH5hFvaa
4YBfIuNLrXHFC4BKOVSqq9M6WwE2ZoIortENeIBOa+8OuMHRoLb+933f0trPNS8t
kbas0Q2grbH3V0EX0LvoFxDQigl7xmoLhksjhtqy4KeX93LxS9esF2Rs8rfOnyqG
xAqqZ+0kLfSlDxBqnH5gncVm6SzP30gH0+0mVe0ClEtJrwxhB4iKt6EnYtyHIMVI
G4brrtrFWj/nb5KRcegyZIe4mYkhupSae6Vv7djBpe7jhkgoPd6RSdew9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKKqT3isVxb1OO9lXYoMB7dwIQ3nMB8GA1UdIwQY
MBaAFGBish+2ZVuJeSPinW/LZEqxCsUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYt
YjUyMGJlZGE2NjI2LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYtYjUyMGJlZGE2NjI2
LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkfJtqA5q
07fI9E+aIrIYu5w8rTnaBlUd9Gdn58t+UW55ddA0cec6FXq5uUAxolII3WSGqhMm
KPlR4LzxVrP/v9MS+nge2F+5/PagZQpGSV9MnZCJ0d50JueNhTeUTGgwwyzfB0bz
5P/PsO66i+dWcXPNAToks60mjNdYWAq1zw+8qJ7QUsGJaR5q9hgdC14bsYpitoR6
nKecGuTptmO1sHqxLMP2lkcoCsFp9nPCIZztxHg7O4soEVSNF3OSyQ2xroEf0ppL
S1hHQfHsbSGc/8UgN3edw7gx/bApBds4Ta75QEJXVDYsyc9knlUm8JvNXoZJZcll
P3ARLSTFrFCGvA==
-----END CERTIFICATE-----