Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
File:                     I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft (raw, json)
Hash identifier:          RiyWDpocOwvha5oT2zjuDJIVGCpbbS8qp0odHz598oI=
Subject key identifier:   AB:58:CA:12:B7:87:76:8C:5A:CE:8D:A2:02:82:21:7B:30:DB:0B:95
Authority key identifier: 23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0
Certificate issuer:       /CN=23f91084058819889a4a8f32ea347759543134f0
Certificate serial:       0199221EA3524BDBBE181B6A083C9CC48FE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 03:00:57 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:57 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:57 +0000
Files and hashes:         1: I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl (hash: YZzMopnS4DPayJsrivo/bbxTJAVZ5WcCRHvnUYyaD2s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:a3:52:4b:db:be:18:1b:6a:08:3c:9c:c4:8f:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23f91084058819889a4a8f32ea347759543134f0
        Validity
            Not Before: Sep  7 03:00:57 2025 GMT
            Not After : Sep  8 03:00:57 2025 GMT
        Subject: CN=ab58ca12b787768c5ace8da20282217b30db0b95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:f8:a1:8a:e4:3a:64:31:98:5f:49:38:e9:22:
                    47:8f:0c:65:fc:27:6c:f5:17:0b:39:c4:00:99:e2:
                    30:4f:67:94:64:c1:f3:f9:f2:41:ca:bb:a9:56:61:
                    aa:6d:d7:e4:1a:24:25:dd:88:e1:03:6c:ad:37:64:
                    e8:10:b0:43:32:45:5c:4b:57:70:27:67:aa:69:7a:
                    8c:86:52:2c:68:e8:16:72:47:1e:d7:09:40:f2:54:
                    e7:e6:e5:1c:29:a4:27:08:11:c5:e0:00:8c:ed:ec:
                    65:29:2f:3f:de:7c:83:56:a3:00:7a:45:14:80:b5:
                    09:75:09:fa:71:8c:a4:57:cc:b0:88:bc:59:17:08:
                    59:da:b2:e3:ab:e6:14:0a:de:17:d4:55:6c:86:a0:
                    e3:f7:48:af:81:ca:e5:35:82:29:5f:15:6f:dc:0b:
                    b5:7e:83:a5:dc:f2:70:77:9a:cb:1f:40:ba:6a:62:
                    ca:9d:9d:c7:bd:15:5f:03:b3:2d:03:91:11:eb:9a:
                    d6:11:51:25:d4:84:39:79:2f:ec:80:2b:3b:9b:ff:
                    84:3f:41:f0:ff:24:43:8e:73:8a:9c:8a:29:db:8e:
                    95:30:8a:b3:a6:2a:c2:db:7a:eb:72:df:e9:1e:7c:
                    ac:c4:4a:36:6f:1a:85:8e:5e:e1:e3:be:45:33:00:
                    20:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:58:CA:12:B7:87:76:8C:5A:CE:8D:A2:02:82:21:7B:30:DB:0B:95
            X509v3 Authority Key Identifier:
                keyid:23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:da:df:e7:47:9a:f5:8f:1a:bc:08:55:0b:d6:a3:5b:81:b4:
         38:1e:f2:bb:23:1d:e8:28:3a:52:e4:e1:83:e8:0e:f9:44:b4:
         36:76:26:4a:43:89:1b:a8:bf:9e:d1:6c:a8:7f:5a:1a:98:39:
         b8:8e:12:86:3c:d2:1e:ad:43:bf:5d:db:b2:3c:cf:9c:dd:7d:
         fd:98:fe:a9:a1:bf:30:d2:34:db:52:aa:1f:1f:c7:fe:db:8a:
         26:5f:dd:0f:2b:c0:0b:6a:eb:b4:60:ef:83:32:8e:52:74:3c:
         4e:29:7e:08:6f:b1:ad:48:53:66:c6:16:df:03:94:19:df:2a:
         b1:69:8f:b2:3c:00:15:33:66:90:ca:ff:db:35:b4:af:41:ae:
         3d:87:c4:ca:0a:31:9a:92:df:81:3c:7f:d2:01:5f:46:fe:16:
         04:dc:5a:1b:06:ed:50:ee:2e:38:aa:ac:c5:4e:9b:80:88:f3:
         18:09:92:0c:01:ca:4d:e0:d3:d8:71:30:cb:3f:a1:ee:b6:f7:
         e5:26:42:fd:3a:c6:61:5a:55:05:8b:f8:93:c1:ba:1a:02:6c:
         d1:b7:95:ef:5c:4e:16:e4:52:5a:cf:71:ff:40:8b:42:29:d4:
         de:81:ff:2a:cd:6f:1d:14:17:23:61:17:47:dc:eb:a5:18:ab:
         c2:4f:e3:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHqNSS9u+GBtqCDycxI/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjkxMDg0MDU4ODE5ODg5YTRhOGYzMmVhMzQ3NzU5NTQz
MTM0ZjAwHhcNMjUwOTA3MDMwMDU3WhcNMjUwOTA4MDMwMDU3WjAzMTEwLwYDVQQD
EyhhYjU4Y2ExMmI3ODc3NjhjNWFjZThkYTIwMjgyMjE3YjMwZGIwYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/ihiuQ6ZDGYX0k46SJHjwxl/Cds
9RcLOcQAmeIwT2eUZMHz+fJByrupVmGqbdfkGiQl3YjhA2ytN2ToELBDMkVcS1dw
J2eqaXqMhlIsaOgWckce1wlA8lTn5uUcKaQnCBHF4ACM7exlKS8/3nyDVqMAekUU
gLUJdQn6cYykV8ywiLxZFwhZ2rLjq+YUCt4X1FVshqDj90ivgcrlNYIpXxVv3Au1
foOl3PJwd5rLH0C6amLKnZ3HvRVfA7MtA5ER65rWEVEl1IQ5eS/sgCs7m/+EP0Hw
/yRDjnOKnIop246VMIqzpirC23rrct/pHnysxEo2bxqFjl7h475FMwAg+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKtYyhK3h3aMWs6NogKCIXsw2wuVMB8GA1UdIwQY
MBaAFCP5EIQFiBmImkqPMuo0d1lUMTTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQt
ZmRjZWQ0NWQyZmVjLzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQtZmRjZWQ0NWQyZmVj
LzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbdrf50ea
9Y8avAhVC9ajW4G0OB7yuyMd6Cg6UuThg+gO+US0NnYmSkOJG6i/ntFsqH9aGpg5
uI4ShjzSHq1Dv13bsjzPnN19/Zj+qaG/MNI021KqHx/H/tuKJl/dDyvAC2rrtGDv
gzKOUnQ8Til+CG+xrUhTZsYW3wOUGd8qsWmPsjwAFTNmkMr/2zW0r0GuPYfEygox
mpLfgTx/0gFfRv4WBNxaGwbtUO4uOKqsxU6bgIjzGAmSDAHKTeDT2HEwyz+h7rb3
5SZC/TrGYVpVBYv4k8G6GgJs0beV71xOFuRSWs9x/0CLQinU3oH/Ks1vHRQXI2EX
R9zrpRirwk/jVw==
-----END CERTIFICATE-----