Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
File:                     MAhC2wg32vMRozS3IjGOcLWIsAk.mft (raw, json)
Hash identifier:          Ux20VJ/YxBqA8KLm5+0zqiFgZNp37oAAJdfltUc9Tuw=
Subject key identifier:   2F:20:34:97:02:01:79:4F:4C:EE:0F:C1:7E:32:21:E4:DE:BE:0A:8E
Authority key identifier: 30:08:42:DB:08:37:DA:F3:11:A3:34:B7:22:31:8E:70:B5:88:B0:09
Certificate issuer:       /CN=300842db0837daf311a334b722318e70b588b009
Certificate serial:       019921B0FFD80633153947575F242C018311
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 01:01:11 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:11 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:11 +0000
Files and hashes:         1: MAhC2wg32vMRozS3IjGOcLWIsAk.crl (hash: Bw7sZgwb1hBrKEx3wnoI8OIHKTlhmr65MLGJptfCKMY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:ff:d8:06:33:15:39:47:57:5f:24:2c:01:83:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=300842db0837daf311a334b722318e70b588b009
        Validity
            Not Before: Sep  7 01:01:11 2025 GMT
            Not After : Sep  8 01:01:11 2025 GMT
        Subject: CN=2f2034970201794f4cee0fc17e3221e4debe0a8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:bb:32:fe:5d:24:26:4e:fa:f1:c6:4e:0f:c5:
                    ad:a5:10:f6:46:cb:79:af:e2:5b:d5:e5:22:8d:e1:
                    a1:e3:b2:89:24:eb:dd:bc:9d:eb:05:6c:b0:33:70:
                    de:45:1a:16:6d:a0:dc:0a:6c:54:05:ac:e4:8d:33:
                    e2:f2:d9:1d:03:f0:3a:44:7b:7c:4b:a4:19:3d:68:
                    21:88:81:9f:66:c2:aa:c2:7e:b7:66:0e:e5:ee:cf:
                    44:3a:11:d1:00:c2:16:e2:49:cd:b6:70:28:02:97:
                    e2:eb:b3:bc:67:0b:11:91:a7:03:a1:fd:f4:42:63:
                    c3:68:32:29:b7:29:2f:ca:68:1e:d5:00:3a:92:27:
                    8f:d6:3a:d8:6e:33:bc:70:83:22:90:02:1b:dd:51:
                    a4:78:f7:8f:3d:30:f7:ff:3c:b0:8d:9c:f6:db:52:
                    12:d8:6b:68:08:cf:cc:2b:06:43:f0:c8:9f:51:09:
                    1d:3b:cf:65:21:c3:e9:79:51:67:b5:06:d0:25:49:
                    24:fe:68:0c:ca:72:68:e5:97:7c:30:3b:9f:ef:33:
                    0d:3a:88:a7:c4:45:d4:6a:7c:40:5b:99:5b:29:a5:
                    cb:36:9e:6f:ac:98:1a:33:1f:91:f7:9a:93:56:e5:
                    bf:74:5d:07:a5:fb:33:e4:1a:dc:3a:7f:9d:3c:5c:
                    77:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:20:34:97:02:01:79:4F:4C:EE:0F:C1:7E:32:21:E4:DE:BE:0A:8E
            X509v3 Authority Key Identifier:
                keyid:30:08:42:DB:08:37:DA:F3:11:A3:34:B7:22:31:8E:70:B5:88:B0:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:2d:f1:05:8b:66:ae:50:ad:18:93:20:8a:d3:3e:cb:55:0f:
         25:db:99:c2:16:d3:34:39:0e:70:1c:74:08:0e:33:7e:8d:77:
         8d:f8:a2:b1:3f:c6:3f:9f:cd:ec:60:01:0a:25:0d:21:b3:a2:
         17:ab:7c:5e:88:5f:12:fd:b9:1c:e9:18:68:55:cc:c7:e5:1f:
         95:b7:7d:e1:59:60:75:f8:16:11:7d:1b:25:6d:d5:4d:be:20:
         cc:cf:4f:e0:cd:fb:82:6b:48:9b:ad:c4:d3:a5:f9:ae:e3:31:
         fb:01:44:2f:f6:24:c7:0f:ea:91:3e:57:98:25:85:6a:84:77:
         6f:04:90:fc:8f:e5:bc:90:3a:d6:d5:e7:49:d8:5e:c7:8b:10:
         2e:94:25:bc:be:ba:8b:bf:5a:f6:b1:ce:f3:97:5d:c9:b3:96:
         0c:30:d5:96:81:65:a1:14:2e:4d:e1:dd:8f:6c:0b:67:c6:ae:
         a6:7f:a7:cf:e7:0a:0c:97:51:76:4a:54:47:b3:9f:06:c5:53:
         3c:c7:2a:5e:bd:47:6e:8e:d6:e3:75:1f:84:69:c9:87:aa:7c:
         a1:e2:c1:6c:0c:8d:2d:a4:9c:b8:6e:87:43:17:be:8f:20:32:
         dc:df:8d:7c:46:22:dd:41:a1:07:cd:93:59:8a:81:cd:24:b2:
         d6:c7:85:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsP/YBjMVOUdXXyQsAYMRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDg0MmRiMDgzN2RhZjMxMWEzMzRiNzIyMzE4ZTcwYjU4
OGIwMDkwHhcNMjUwOTA3MDEwMTExWhcNMjUwOTA4MDEwMTExWjAzMTEwLwYDVQQD
EygyZjIwMzQ5NzAyMDE3OTRmNGNlZTBmYzE3ZTMyMjFlNGRlYmUwYThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLsy/l0kJk768cZOD8WtpRD2Rst5
r+Jb1eUijeGh47KJJOvdvJ3rBWywM3DeRRoWbaDcCmxUBazkjTPi8tkdA/A6RHt8
S6QZPWghiIGfZsKqwn63Zg7l7s9EOhHRAMIW4knNtnAoApfi67O8ZwsRkacDof30
QmPDaDIptykvymge1QA6kieP1jrYbjO8cIMikAIb3VGkePePPTD3/zywjZz221IS
2GtoCM/MKwZD8MifUQkdO89lIcPpeVFntQbQJUkk/mgMynJo5Zd8MDuf7zMNOoin
xEXUanxAW5lbKaXLNp5vrJgaMx+R95qTVuW/dF0Hpfsz5BrcOn+dPFx3eQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC8gNJcCAXlPTO4PwX4yIeTevgqOMB8GA1UdIwQY
MBaAFDAIQtsIN9rzEaM0tyIxjnC1iLAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84ZDY0ZDEtNDk0MC00MGU3LTg5NWMt
NTMxMmExMzNiOTRlLzEvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84ZDY0ZDEtNDk0MC00MGU3LTg5NWMtNTMxMmExMzNiOTRl
LzEvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAri3xBYtm
rlCtGJMgitM+y1UPJduZwhbTNDkOcBx0CA4zfo13jfiisT/GP5/N7GABCiUNIbOi
F6t8XohfEv25HOkYaFXMx+Uflbd94VlgdfgWEX0bJW3VTb4gzM9P4M37gmtIm63E
06X5ruMx+wFEL/Ykxw/qkT5XmCWFaoR3bwSQ/I/lvJA61tXnSdhex4sQLpQlvL66
i79a9rHO85ddybOWDDDVloFloRQuTeHdj2wLZ8aupn+nz+cKDJdRdkpUR7OfBsVT
PMcqXr1Hbo7W43UfhGnJh6p8oeLBbAyNLaScuG6HQxe+jyAy3N+NfEYi3UGhB82T
WYqBzSSy1seFJg==
-----END CERTIFICATE-----