Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
File:                     7bKno-y66qV0GCMdsLYkq797pkU.mft (raw, json)
Hash identifier:          3Xxpkk0lTIo6ba3r5jWbWhHcxE89XdJJQ/ywMFEUn3g=
Subject key identifier:   47:61:1F:5F:A4:CE:5B:9B:20:B9:3B:8F:BC:51:B3:45:8B:2E:94:C9
Authority key identifier: ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45
Certificate issuer:       /CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
Certificate serial:       0199221E3BB9B3A5F1C3CCD7E70C2D1607D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
Manifest number:          166D
Signing time:             Sun 07 Sep 2025 03:00:30 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:30 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:30 +0000
Files and hashes:         1: 7bKno-y66qV0GCMdsLYkq797pkU.crl (hash: oeioJJRCq7e5e8+8XjuKiQBW2JY3oRSMtGAWi8VTnJc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:3b:b9:b3:a5:f1:c3:cc:d7:e7:0c:2d:16:07:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
        Validity
            Not Before: Sep  7 03:00:30 2025 GMT
            Not After : Sep  8 03:00:30 2025 GMT
        Subject: CN=47611f5fa4ce5b9b20b93b8fbc51b3458b2e94c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ae:f2:f1:f0:56:9d:66:7d:75:41:6d:13:f8:
                    da:2c:e4:e6:ba:46:ee:d4:8b:58:c5:74:1f:ca:2b:
                    1a:cf:60:f8:a9:06:ba:54:d2:68:6a:6c:8d:e0:58:
                    a8:2f:bb:f5:e4:6f:09:07:12:39:e1:9d:c5:b2:ac:
                    ac:d6:c7:eb:d4:56:13:07:cf:3c:26:b4:29:95:f7:
                    05:a1:b6:d4:4c:09:6e:7d:fe:1c:24:ce:c2:1f:21:
                    aa:d3:c0:20:d6:b5:a3:c6:e4:5d:1d:5f:11:48:78:
                    31:fc:b4:0e:b1:a1:36:6c:80:2a:64:5d:6b:8f:fa:
                    e2:46:ea:06:3f:4b:21:2d:46:9c:d4:7b:57:6c:41:
                    8f:29:cd:7a:93:e2:8b:04:7b:9c:f7:a4:ed:0d:13:
                    f4:d9:22:18:91:14:5a:cd:90:48:1b:7d:ae:dc:76:
                    d3:db:76:40:a2:ae:6e:1c:e0:d2:43:38:98:56:e4:
                    94:fa:b6:61:71:75:c9:d8:0c:73:f0:69:88:63:96:
                    7d:74:b5:47:95:e5:6d:66:93:36:98:1a:57:dc:94:
                    49:e7:ca:35:89:90:f0:84:f5:7d:38:21:d0:a4:e1:
                    10:2b:66:e8:c9:ab:64:0c:e6:ba:43:09:ed:91:26:
                    ab:ae:c9:9d:bf:f1:2e:5b:fe:a2:0b:88:bf:47:dd:
                    cb:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:61:1F:5F:A4:CE:5B:9B:20:B9:3B:8F:BC:51:B3:45:8B:2E:94:C9
            X509v3 Authority Key Identifier:
                keyid:ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:ac:fb:e3:73:4b:12:39:42:ad:31:0d:1b:ce:8f:57:40:64:
         f3:64:16:ba:96:ea:4c:18:19:30:87:42:b6:ac:4a:8c:3d:9d:
         dc:d4:27:cc:08:69:a6:08:0d:1f:e1:61:9a:f5:e7:b9:91:a0:
         ef:d1:4d:0e:c8:26:80:fa:56:df:ac:75:cd:79:18:bd:ed:26:
         26:2e:63:9f:71:c6:a6:56:02:99:db:c0:24:73:5e:89:8e:e2:
         a7:25:6c:7f:81:ff:be:40:1b:17:34:af:3b:cc:92:91:d4:a7:
         3b:14:55:e9:40:29:d0:df:c8:6f:c0:10:3f:f3:40:59:c2:65:
         ee:b2:3d:87:70:60:b0:fe:3c:f7:ec:b3:df:cc:0d:1b:7c:d9:
         91:6d:02:57:9a:fa:65:7e:db:b7:df:8a:f0:97:c1:ef:8e:c1:
         0f:56:d5:38:d5:08:6e:19:5c:62:92:93:f8:39:c2:01:cc:c2:
         0d:39:40:bd:3c:ac:23:6b:05:4f:db:de:98:3e:7c:ac:dd:b4:
         c7:38:56:7d:db:2f:01:a0:2d:e9:da:5c:84:66:c4:80:ac:05:
         2b:8d:c0:43:38:57:fa:8a:98:64:aa:38:07:67:7e:18:4d:25:
         7f:86:1e:d8:ef:21:a6:09:44:07:b0:a3:61:9e:83:83:17:05:
         41:58:92:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHju5s6Xxw8zX5wwtFgfYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYjJhN2EzZWNiYWVhYTU3NDE4MjMxZGIwYjYyNGFiYmY3
YmE2NDUwHhcNMjUwOTA3MDMwMDMwWhcNMjUwOTA4MDMwMDMwWjAzMTEwLwYDVQQD
Eyg0NzYxMWY1ZmE0Y2U1YjliMjBiOTNiOGZiYzUxYjM0NThiMmU5NGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsa7y8fBWnWZ9dUFtE/jaLOTmukbu
1ItYxXQfyisaz2D4qQa6VNJoamyN4FioL7v15G8JBxI54Z3Fsqys1sfr1FYTB888
JrQplfcFobbUTAluff4cJM7CHyGq08Ag1rWjxuRdHV8RSHgx/LQOsaE2bIAqZF1r
j/riRuoGP0shLUac1HtXbEGPKc16k+KLBHuc96TtDRP02SIYkRRazZBIG32u3HbT
23ZAoq5uHODSQziYVuSU+rZhcXXJ2Axz8GmIY5Z9dLVHleVtZpM2mBpX3JRJ58o1
iZDwhPV9OCHQpOEQK2boyatkDOa6QwntkSarrsmdv/EuW/6iC4i/R93LAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEdhH1+kzlubILk7j7xRs0WLLpTJMB8GA1UdIwQY
MBaAFO2yp6PsuuqldBgjHbC2JKu/e6ZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQt
YWYyNTRjZTNmZTY5LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQtYWYyNTRjZTNmZTY5
LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOaz743NL
EjlCrTENG86PV0Bk82QWupbqTBgZMIdCtqxKjD2d3NQnzAhppggNH+FhmvXnuZGg
79FNDsgmgPpW36x1zXkYve0mJi5jn3HGplYCmdvAJHNeiY7ipyVsf4H/vkAbFzSv
O8ySkdSnOxRV6UAp0N/Ib8AQP/NAWcJl7rI9h3BgsP489+yz38wNG3zZkW0CV5r6
ZX7bt9+K8JfB747BD1bVONUIbhlcYpKT+DnCAczCDTlAvTysI2sFT9vemD58rN20
xzhWfdsvAaAt6dpchGbEgKwFK43AQzhX+oqYZKo4B2d+GE0lf4Ye2O8hpglEB7Cj
YZ6DgxcFQViSvA==
-----END CERTIFICATE-----