Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
File:                     FYi9izG5XpysnzgSjZW4UvA9V4Q.mft (raw, json)
Hash identifier:          BHHw252PbQe2TA6xaF8wlHW/q5+vXL28agAhit2rTOM=
Subject key identifier:   01:3E:B3:E0:72:70:CE:04:42:E9:AE:26:B1:87:DA:68:B9:DB:D0:E4
Authority key identifier: 15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84
Certificate issuer:       /CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
Certificate serial:       019921B0F4719528F8EA4CA71D2A82F51571
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 01:01:08 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:08 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:08 +0000
Files and hashes:         1: FYi9izG5XpysnzgSjZW4UvA9V4Q.crl (hash: 7eHs54xqrpTifcni7LMp5W8J/UkRbjbe49yZr3Et/wM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:f4:71:95:28:f8:ea:4c:a7:1d:2a:82:f5:15:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
        Validity
            Not Before: Sep  7 01:01:08 2025 GMT
            Not After : Sep  8 01:01:08 2025 GMT
        Subject: CN=013eb3e07270ce0442e9ae26b187da68b9dbd0e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:00:49:92:fc:3f:ee:6e:bd:53:fb:16:63:65:
                    a2:5b:f4:43:a7:48:a6:c2:d2:cd:5e:44:d5:a5:d0:
                    36:3d:fd:ed:31:4b:08:8f:23:9f:aa:d5:dc:2b:08:
                    40:58:90:ec:14:78:60:ff:28:f5:bf:78:b3:10:5f:
                    d1:55:c4:45:50:77:00:7e:2c:f4:3c:54:4e:f7:5a:
                    c9:7b:c1:d8:23:f0:f6:e9:b0:2c:b9:70:d6:9d:55:
                    16:6f:fb:0e:58:30:f0:87:71:86:54:39:f8:d3:cb:
                    00:1a:ee:a9:4f:c1:5d:90:46:6a:05:f8:01:f5:cf:
                    73:d4:f4:7a:aa:fe:8d:54:1c:46:11:85:b1:ac:29:
                    94:05:e9:95:52:b8:90:6b:4a:d1:e9:3e:3a:5e:12:
                    06:db:6a:22:e8:7b:b3:28:b0:88:68:67:b1:42:df:
                    5e:0a:3c:91:e4:c2:d8:3a:55:d3:1a:6c:c8:d6:5b:
                    9e:da:a4:39:69:2f:df:21:b6:d9:1c:b3:fd:eb:dd:
                    a3:94:74:c4:32:9b:e2:53:f0:39:e4:84:7e:b6:fe:
                    8d:f7:dc:a8:5d:7d:e7:4c:ef:bc:d3:c2:28:73:df:
                    ec:3d:f5:2f:ef:3b:8f:68:10:eb:c1:a2:45:df:a2:
                    e8:8c:d6:bd:f6:8f:bd:f9:2a:d8:e7:21:3d:e6:af:
                    fd:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:3E:B3:E0:72:70:CE:04:42:E9:AE:26:B1:87:DA:68:B9:DB:D0:E4
            X509v3 Authority Key Identifier:
                keyid:15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:d4:bf:28:b1:50:d0:49:3b:7d:a7:02:45:a0:70:3b:c7:f8:
         c2:ce:ba:d8:09:ab:9d:a0:94:09:ef:96:51:d2:34:9e:8b:4d:
         20:af:4d:ec:0f:eb:30:a6:92:f4:41:07:54:97:75:d1:f0:12:
         7b:9b:ca:9c:d5:94:c0:28:62:eb:5f:92:29:fc:2a:1f:dc:54:
         04:c3:2d:c2:4e:8a:ec:4b:d9:e1:c9:d5:b4:b4:ba:f2:e3:82:
         42:21:5a:46:b0:75:58:a4:23:1f:47:95:78:80:72:e0:54:2e:
         3f:46:0f:5c:c6:d0:ff:96:80:54:a1:b2:3b:1f:a0:03:4d:cc:
         4e:52:a7:9f:08:82:ad:0b:37:54:cf:b8:7e:9d:a7:b1:63:3e:
         d8:cb:29:4f:b7:34:88:20:c2:d3:f7:bd:00:b3:88:ac:19:b4:
         c8:6c:71:7f:93:57:e4:81:6c:37:c9:8e:d4:92:66:47:eb:e2:
         80:61:84:52:49:c1:59:a1:21:10:e4:d7:b2:33:59:f7:9c:be:
         d8:9f:d8:98:bc:85:ed:9b:9b:52:10:f7:19:93:31:ad:e3:36:
         88:14:5f:29:1d:7e:e5:05:bd:82:71:81:aa:c4:aa:2f:7a:11:
         3a:1c:a1:1f:bd:88:17:d5:98:39:46:8e:13:a2:fc:30:b5:d7:
         5d:a2:bb:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsPRxlSj46kynHSqC9RVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ODhiZDhiMzFiOTVlOWNhYzlmMzgxMjhkOTViODUyZjAz
ZDU3ODQwHhcNMjUwOTA3MDEwMTA4WhcNMjUwOTA4MDEwMTA4WjAzMTEwLwYDVQQD
EygwMTNlYjNlMDcyNzBjZTA0NDJlOWFlMjZiMTg3ZGE2OGI5ZGJkMGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgBJkvw/7m69U/sWY2WiW/RDp0im
wtLNXkTVpdA2Pf3tMUsIjyOfqtXcKwhAWJDsFHhg/yj1v3izEF/RVcRFUHcAfiz0
PFRO91rJe8HYI/D26bAsuXDWnVUWb/sOWDDwh3GGVDn408sAGu6pT8FdkEZqBfgB
9c9z1PR6qv6NVBxGEYWxrCmUBemVUriQa0rR6T46XhIG22oi6HuzKLCIaGexQt9e
CjyR5MLYOlXTGmzI1lue2qQ5aS/fIbbZHLP9692jlHTEMpviU/A55IR+tv6N99yo
XX3nTO+808Ioc9/sPfUv7zuPaBDrwaJF36LojNa99o+9+SrY5yE95q/9RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAE+s+BycM4EQumuJrGH2mi529DkMB8GA1UdIwQY
MBaAFBWIvYsxuV6crJ84Eo2VuFLwPVeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYt
YjVhZTgzOWYzMGUyLzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYtYjVhZTgzOWYzMGUy
LzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAddS/KLFQ
0Ek7facCRaBwO8f4ws662AmrnaCUCe+WUdI0notNIK9N7A/rMKaS9EEHVJd10fAS
e5vKnNWUwChi61+SKfwqH9xUBMMtwk6K7EvZ4cnVtLS68uOCQiFaRrB1WKQjH0eV
eIBy4FQuP0YPXMbQ/5aAVKGyOx+gA03MTlKnnwiCrQs3VM+4fp2nsWM+2MspT7c0
iCDC0/e9ALOIrBm0yGxxf5NX5IFsN8mO1JJmR+vigGGEUknBWaEhEOTXsjNZ95y+
2J/YmLyF7ZubUhD3GZMxreM2iBRfKR1+5QW9gnGBqsSqL3oROhyhH72IF9WYOUaO
E6L8MLXXXaK70A==
-----END CERTIFICATE-----