Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/cd4f4d-aa58-4a2f-a3c5-7e8c545a97ae/1/tDlkbascuAzWConx-qE0bzlSO_o.mft
File:                     tDlkbascuAzWConx-qE0bzlSO_o.mft (raw, json)
Hash identifier:          SmAeNaWTda+cwAScVSpHyUJyJVh1x9XyblagJszJeWw=
Subject key identifier:   B8:EF:99:67:3D:FE:42:52:65:D5:9A:28:98:5A:0B:E7:CE:46:B0:2A
Authority key identifier: B4:39:64:6D:AB:1C:B8:0C:D6:0A:89:F1:FA:A1:34:6F:39:52:3B:FA
Certificate issuer:       /CN=b439646dab1cb80cd60a89f1faa1346f39523bfa
Certificate serial:       019923A09496B9937C85672CBBC852B5630C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tDlkbascuAzWConx-qE0bzlSO_o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/cd4f4d-aa58-4a2f-a3c5-7e8c545a97ae/1/tDlkbascuAzWConx-qE0bzlSO_o.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 10:02:30 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:30 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:30 +0000
Files and hashes:         1: tDlkbascuAzWConx-qE0bzlSO_o.crl (hash: qnXuqIshFYtoCffayob2crq8q0tvLPjVKadIvNreZm8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/cd4f4d-aa58-4a2f-a3c5-7e8c545a97ae/1/tDlkbascuAzWConx-qE0bzlSO_o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/cd4f4d-aa58-4a2f-a3c5-7e8c545a97ae/1/tDlkbascuAzWConx-qE0bzlSO_o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tDlkbascuAzWConx-qE0bzlSO_o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:94:96:b9:93:7c:85:67:2c:bb:c8:52:b5:63:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b439646dab1cb80cd60a89f1faa1346f39523bfa
        Validity
            Not Before: Sep  7 10:02:30 2025 GMT
            Not After : Sep  8 10:02:30 2025 GMT
        Subject: CN=b8ef99673dfe425265d59a28985a0be7ce46b02a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:b6:b9:ba:fc:20:78:04:d4:14:aa:de:fd:cc:
                    a8:12:04:60:a1:ea:12:b9:12:61:4b:ee:05:aa:d6:
                    e5:56:d7:d8:8c:78:c9:a4:5a:24:e8:16:ef:9f:a5:
                    a9:08:9d:6a:5a:fd:fc:84:2e:c5:11:7a:cd:4f:03:
                    f2:75:87:b0:f4:2f:e0:0d:c4:c6:c8:ab:9e:2a:3b:
                    fb:22:48:c7:d0:a2:83:57:ab:1b:3e:0a:29:86:1e:
                    f3:2d:f0:03:b7:92:96:de:ca:2e:1f:a7:8b:8b:75:
                    ff:aa:1e:f8:34:11:04:e8:7c:11:9c:65:08:e9:27:
                    0b:89:71:0b:c6:74:7c:50:0d:cf:a0:76:f4:36:65:
                    be:d0:38:84:98:e2:15:0d:7c:69:4e:16:b5:43:92:
                    8d:32:f1:9d:6b:a1:8b:d5:b2:1d:c9:ca:cd:1b:f5:
                    f7:0e:09:a3:f5:41:4c:6f:4d:38:c9:9d:4e:e1:c5:
                    4a:e0:67:78:85:1a:e4:fc:0d:3e:12:15:e1:56:77:
                    f1:e1:dc:5e:2e:81:ec:51:83:25:c1:5e:f7:09:7f:
                    8a:75:72:96:90:13:15:6f:05:8e:59:91:4e:30:2b:
                    a9:5b:25:ea:a1:90:1e:6b:4e:08:cd:cb:bb:1c:ff:
                    d9:49:c9:00:d9:5f:58:8f:56:ec:23:19:13:2d:63:
                    42:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:EF:99:67:3D:FE:42:52:65:D5:9A:28:98:5A:0B:E7:CE:46:B0:2A
            X509v3 Authority Key Identifier:
                keyid:B4:39:64:6D:AB:1C:B8:0C:D6:0A:89:F1:FA:A1:34:6F:39:52:3B:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDlkbascuAzWConx-qE0bzlSO_o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/cd4f4d-aa58-4a2f-a3c5-7e8c545a97ae/1/tDlkbascuAzWConx-qE0bzlSO_o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/cd4f4d-aa58-4a2f-a3c5-7e8c545a97ae/1/tDlkbascuAzWConx-qE0bzlSO_o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:f7:7d:9f:eb:86:9d:21:b3:cf:f4:b8:18:a7:6d:32:ed:c2:
         fa:a7:79:5b:ee:9b:aa:b3:86:5c:c6:f9:08:f0:a4:41:a9:80:
         3e:76:a2:fa:01:eb:3a:cf:ad:12:57:ae:fe:a1:44:88:8c:95:
         cb:a1:77:ed:df:1d:21:83:03:59:ca:fe:45:2f:af:e3:b1:70:
         f1:64:8d:dc:b3:33:d7:1c:3b:9b:cc:6b:7d:82:53:1e:d9:20:
         e1:64:9c:e6:8e:7b:8e:2c:4f:7c:41:1d:6e:39:5b:47:f6:b1:
         a2:c3:c3:f7:bd:ab:ef:89:d9:c4:e2:50:de:84:7f:6b:a2:74:
         55:d4:db:5f:40:e6:f1:7c:0a:ec:a4:95:bd:5c:03:8e:09:24:
         d9:11:98:7e:23:9e:2b:5c:18:62:5a:e2:75:c6:74:55:63:e2:
         f0:06:74:c4:b8:b0:10:e5:c0:e7:92:ff:30:f1:79:bf:27:eb:
         de:0a:f6:a0:c7:11:28:e4:7b:ba:1b:7d:6e:bf:94:c6:9f:98:
         4d:f7:db:92:9f:7f:73:bc:b8:96:da:b1:d1:2e:83:6c:8d:de:
         e3:41:63:d4:94:da:f3:45:c9:e2:7a:bb:9a:93:54:b0:e0:60:
         5c:7c:16:a2:7b:9a:d7:87:dc:4d:63:d0:66:30:6a:2a:ff:90:
         49:6e:8f:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoJSWuZN8hWcsu8hStWMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Mzk2NDZkYWIxY2I4MGNkNjBhODlmMWZhYTEzNDZmMzk1
MjNiZmEwHhcNMjUwOTA3MTAwMjMwWhcNMjUwOTA4MTAwMjMwWjAzMTEwLwYDVQQD
EyhiOGVmOTk2NzNkZmU0MjUyNjVkNTlhMjg5ODVhMGJlN2NlNDZiMDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyba5uvwgeATUFKre/cyoEgRgoeoS
uRJhS+4FqtblVtfYjHjJpFok6Bbvn6WpCJ1qWv38hC7FEXrNTwPydYew9C/gDcTG
yKueKjv7IkjH0KKDV6sbPgophh7zLfADt5KW3souH6eLi3X/qh74NBEE6HwRnGUI
6ScLiXELxnR8UA3PoHb0NmW+0DiEmOIVDXxpTha1Q5KNMvGda6GL1bIdycrNG/X3
Dgmj9UFMb004yZ1O4cVK4Gd4hRrk/A0+EhXhVnfx4dxeLoHsUYMlwV73CX+KdXKW
kBMVbwWOWZFOMCupWyXqoZAea04Izcu7HP/ZSckA2V9Yj1bsIxkTLWNCowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLjvmWc9/kJSZdWaKJhaC+fORrAqMB8GA1UdIwQY
MBaAFLQ5ZG2rHLgM1gqJ8fqhNG85Ujv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERsa2Jhc2N1QXpXQ29ueC1xRTBiemxTT19vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9jZDRmNGQtYWE1OC00YTJmLWEzYzUt
N2U4YzU0NWE5N2FlLzEvdERsa2Jhc2N1QXpXQ29ueC1xRTBiemxTT19vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9jZDRmNGQtYWE1OC00YTJmLWEzYzUtN2U4YzU0NWE5N2Fl
LzEvdERsa2Jhc2N1QXpXQ29ueC1xRTBiemxTT19vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIPd9n+uG
nSGzz/S4GKdtMu3C+qd5W+6bqrOGXMb5CPCkQamAPnai+gHrOs+tEleu/qFEiIyV
y6F37d8dIYMDWcr+RS+v47Fw8WSN3LMz1xw7m8xrfYJTHtkg4WSc5o57jixPfEEd
bjlbR/axosPD972r74nZxOJQ3oR/a6J0VdTbX0Dm8XwK7KSVvVwDjgkk2RGYfiOe
K1wYYlridcZ0VWPi8AZ0xLiwEOXA55L/MPF5vyfr3gr2oMcRKOR7uht9br+Uxp+Y
Tffbkp9/c7y4ltqx0S6DbI3e40Fj1JTa80XJ4nq7mpNUsOBgXHwWonua14fcTWPQ
ZjBqKv+QSW6PBA==
-----END CERTIFICATE-----