Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
File:                     2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft (raw, json)
Hash identifier:          k2f2hstahEoakJ43YxLidRrjKIVTGXYDJO7TVx3wCOw=
Subject key identifier:   4D:57:07:A2:07:ED:13:10:72:56:60:5E:9A:9A:63:CA:03:AC:DD:D9
Authority key identifier: D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF
Certificate issuer:       /CN=d87d8150d1182385c461b580d5638a570c2bc0bf
Certificate serial:       0199221F00E72FD643A6BDC0F6C5EB0C8B6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
Manifest number:          166D
Signing time:             Sun 07 Sep 2025 03:01:21 +0000
Manifest this update:     Sun 07 Sep 2025 03:01:21 +0000
Manifest next update:     Mon 08 Sep 2025 03:01:21 +0000
Files and hashes:         1: 2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl (hash: fwCDbsCyWFyxMav/Z97eIGRAO8JW8lyyGbTP/LfCPZo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1f:00:e7:2f:d6:43:a6:bd:c0:f6:c5:eb:0c:8b:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87d8150d1182385c461b580d5638a570c2bc0bf
        Validity
            Not Before: Sep  7 03:01:21 2025 GMT
            Not After : Sep  8 03:01:21 2025 GMT
        Subject: CN=4d5707a207ed13107256605e9a9a63ca03acddd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:db:9f:1b:57:86:07:51:4b:dd:5b:0c:4e:d7:
                    21:f1:2c:59:d3:d6:ad:4b:d0:cc:d9:f0:53:50:b5:
                    56:c8:7a:04:e8:f2:63:a3:51:e8:0c:de:07:42:a7:
                    83:04:3b:dd:ba:bd:21:6c:f5:a0:b8:cc:45:74:bb:
                    83:1f:b8:f3:73:42:15:87:63:65:be:03:99:18:06:
                    05:26:4a:7c:8e:02:f8:a6:09:61:78:20:a5:18:78:
                    32:5c:74:89:a5:d1:3d:6c:39:dc:ef:71:14:a0:93:
                    3d:ec:33:e2:4c:84:09:d0:54:44:8a:3f:6b:fe:32:
                    a2:c6:47:a1:f6:07:e0:2d:ee:df:9c:ee:94:04:df:
                    01:c5:d7:3d:6a:0b:60:95:2e:03:d5:e6:8c:15:d2:
                    d2:cb:ba:e4:c3:b9:10:41:22:53:3d:b8:d0:15:ba:
                    2f:07:d1:d5:e6:44:a9:b7:2e:99:19:65:ff:d8:2f:
                    ff:07:3c:44:02:a1:ad:3d:ff:b0:e1:10:ce:f2:a3:
                    98:af:72:b1:e8:fa:9a:11:e0:24:0d:28:dc:01:6a:
                    dd:aa:af:e8:3b:3a:ad:44:8e:2d:9d:91:3e:96:68:
                    10:95:5a:5a:fa:fc:e8:d0:78:b9:59:83:a4:74:c5:
                    39:b3:4f:a2:fd:66:89:63:f8:20:b1:45:38:66:7e:
                    6c:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:57:07:A2:07:ED:13:10:72:56:60:5E:9A:9A:63:CA:03:AC:DD:D9
            X509v3 Authority Key Identifier:
                keyid:D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:25:42:44:e1:9d:13:3e:cd:7f:b5:1c:c1:fa:73:2d:69:e9:
         07:99:c5:44:03:47:32:b7:6b:84:c8:23:36:f4:0c:2e:0f:5b:
         90:3a:89:9f:7f:e7:b5:ce:6b:cc:4a:5c:88:39:4c:d4:23:0d:
         79:7f:09:36:c8:0f:58:86:5f:c0:45:34:1f:14:ef:34:d3:1f:
         78:70:e3:69:d0:f4:4d:8e:a5:3e:60:0b:8a:71:1d:ec:4e:75:
         7e:42:9f:49:d7:d2:08:8e:92:86:5d:8a:c4:55:60:97:d0:6d:
         80:94:11:b1:25:14:d0:46:f6:59:ff:fb:66:ac:1a:e7:a2:e8:
         01:b2:5b:13:8a:c4:2e:d4:0d:0d:3f:f5:37:7d:4a:b4:d1:f3:
         a6:01:46:f7:75:18:e2:ec:03:96:35:96:fb:12:60:9a:b7:81:
         ee:7c:99:5a:bd:a4:35:24:72:8e:2a:ca:bb:53:79:5b:8b:00:
         33:f2:fc:bf:81:75:38:19:25:02:5a:cd:56:68:21:59:e2:32:
         7a:23:91:51:cb:4c:cf:8b:ae:9b:9b:a9:07:73:0c:07:ad:07:
         2d:87:66:10:a9:44:2b:e6:b5:72:10:66:ba:84:e8:7a:46:ee:
         9b:06:13:ea:9d:49:08:50:1e:43:57:a5:d9:9e:27:b2:60:c1:
         cc:41:ed:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHwDnL9ZDpr3A9sXrDItvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2Q4MTUwZDExODIzODVjNDYxYjU4MGQ1NjM4YTU3MGMy
YmMwYmYwHhcNMjUwOTA3MDMwMTIxWhcNMjUwOTA4MDMwMTIxWjAzMTEwLwYDVQQD
Eyg0ZDU3MDdhMjA3ZWQxMzEwNzI1NjYwNWU5YTlhNjNjYTAzYWNkZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdufG1eGB1FL3VsMTtch8SxZ09at
S9DM2fBTULVWyHoE6PJjo1HoDN4HQqeDBDvdur0hbPWguMxFdLuDH7jzc0IVh2Nl
vgOZGAYFJkp8jgL4pglheCClGHgyXHSJpdE9bDnc73EUoJM97DPiTIQJ0FREij9r
/jKixkeh9gfgLe7fnO6UBN8Bxdc9agtglS4D1eaMFdLSy7rkw7kQQSJTPbjQFbov
B9HV5kSpty6ZGWX/2C//BzxEAqGtPf+w4RDO8qOYr3Kx6PqaEeAkDSjcAWrdqq/o
OzqtRI4tnZE+lmgQlVpa+vzo0Hi5WYOkdMU5s0+i/WaJY/ggsUU4Zn5sfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE1XB6IH7RMQclZgXpqaY8oDrN3ZMB8GA1UdIwQY
MBaAFNh9gVDRGCOFxGG1gNVjilcMK8C/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQt
ODY3OTUzYTNiMTgxLzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQtODY3OTUzYTNiMTgx
LzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABSVCROGd
Ez7Nf7UcwfpzLWnpB5nFRANHMrdrhMgjNvQMLg9bkDqJn3/ntc5rzEpciDlM1CMN
eX8JNsgPWIZfwEU0HxTvNNMfeHDjadD0TY6lPmALinEd7E51fkKfSdfSCI6Shl2K
xFVgl9BtgJQRsSUU0Eb2Wf/7Zqwa56LoAbJbE4rELtQNDT/1N31KtNHzpgFG93UY
4uwDljWW+xJgmreB7nyZWr2kNSRyjirKu1N5W4sAM/L8v4F1OBklAlrNVmghWeIy
eiORUctMz4uum5upB3MMB60HLYdmEKlEK+a1chBmuoToekbumwYT6p1JCFAeQ1el
2Z4nsmDBzEHtPg==
-----END CERTIFICATE-----