Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/0619db-ed8e-443d-94d8-d64314da0bb9/1/Z8QeB5653PX62eXUjdzjlpd7eXc.mft
File:                     Z8QeB5653PX62eXUjdzjlpd7eXc.mft (raw, json)
Hash identifier:          jpB1sYumZTWvfQWzVFvvIWsx13814kQjTRjwAc7C+80=
Subject key identifier:   E4:38:34:54:1A:0E:92:E8:12:0D:1A:5D:25:C4:CE:35:5A:FF:94:BF
Authority key identifier: 67:C4:1E:07:9E:B9:DC:F5:FA:D9:E5:D4:8D:DC:E3:96:97:7B:79:77
Certificate issuer:       /CN=67c41e079eb9dcf5fad9e5d48ddce396977b7977
Certificate serial:       0199239FB2E4AB59A2F59E670B400CA6A672
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z8QeB5653PX62eXUjdzjlpd7eXc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/0619db-ed8e-443d-94d8-d64314da0bb9/1/Z8QeB5653PX62eXUjdzjlpd7eXc.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 10:01:32 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:32 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:32 +0000
Files and hashes:         1: Z8QeB5653PX62eXUjdzjlpd7eXc.crl (hash: qYWv8agDSxVKHswkeuo/8zxJn6+E5zHwm4FA8+HFaSI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/0619db-ed8e-443d-94d8-d64314da0bb9/1/Z8QeB5653PX62eXUjdzjlpd7eXc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/0619db-ed8e-443d-94d8-d64314da0bb9/1/Z8QeB5653PX62eXUjdzjlpd7eXc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z8QeB5653PX62eXUjdzjlpd7eXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:b2:e4:ab:59:a2:f5:9e:67:0b:40:0c:a6:a6:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67c41e079eb9dcf5fad9e5d48ddce396977b7977
        Validity
            Not Before: Sep  7 10:01:32 2025 GMT
            Not After : Sep  8 10:01:32 2025 GMT
        Subject: CN=e43834541a0e92e8120d1a5d25c4ce355aff94bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:90:18:c9:ee:a0:90:56:43:99:59:7f:ec:14:
                    46:0c:6b:2d:1f:f1:b2:40:ca:41:34:e9:fe:d6:f1:
                    98:53:1b:a3:2f:c2:f7:91:77:ef:2d:3f:35:6b:8b:
                    93:33:ff:b9:24:ce:96:09:3f:6c:fb:7d:02:e0:f2:
                    ee:f6:e3:64:bf:37:fc:3f:26:ce:3a:65:b5:18:04:
                    f1:b6:5d:d9:06:dd:ad:31:66:38:6d:cc:a6:31:1f:
                    51:a3:16:1b:f1:d4:8e:b8:6f:1a:a0:4d:1c:06:7c:
                    c2:ea:7f:db:5e:ed:2b:ec:44:fd:d7:af:69:19:32:
                    58:34:d7:a7:a2:15:98:1e:b9:9b:fc:03:86:e5:cc:
                    c7:27:91:8d:5e:85:fd:5f:70:87:d4:e2:92:e9:ad:
                    21:b1:fd:b0:f1:fd:e4:40:52:bf:83:5e:78:0d:23:
                    fd:8e:be:e0:5f:90:0c:1b:a6:68:51:72:59:90:95:
                    e3:4a:c6:9e:97:b1:35:59:86:76:6d:9b:55:8d:8c:
                    d6:bc:a8:71:00:27:05:ec:a0:85:a4:90:e4:1d:7b:
                    34:8f:57:c7:bd:4b:ff:f5:d7:f4:37:6d:2f:90:a9:
                    ac:c0:76:85:43:45:96:eb:29:b1:a3:91:3b:30:07:
                    12:75:b3:97:25:38:cb:5a:ed:a5:58:29:84:60:6a:
                    3d:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:38:34:54:1A:0E:92:E8:12:0D:1A:5D:25:C4:CE:35:5A:FF:94:BF
            X509v3 Authority Key Identifier:
                keyid:67:C4:1E:07:9E:B9:DC:F5:FA:D9:E5:D4:8D:DC:E3:96:97:7B:79:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8QeB5653PX62eXUjdzjlpd7eXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/0619db-ed8e-443d-94d8-d64314da0bb9/1/Z8QeB5653PX62eXUjdzjlpd7eXc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/0619db-ed8e-443d-94d8-d64314da0bb9/1/Z8QeB5653PX62eXUjdzjlpd7eXc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:f4:c3:91:ca:fc:cc:86:3e:73:c4:ea:8c:e5:10:98:df:cc:
         b1:68:f1:b2:da:2d:be:bf:86:25:0d:e9:f9:25:3b:fc:ef:55:
         7c:96:a5:27:41:37:ec:71:20:83:3a:e4:6b:74:91:5d:1d:f7:
         89:57:43:8a:04:3f:e4:26:67:d6:2a:8c:bb:c4:ce:ba:46:d5:
         28:54:2e:4e:3f:87:57:4d:d9:b1:84:1f:c8:3d:03:38:16:16:
         03:6a:c7:c1:44:f0:77:80:4d:a8:21:98:68:31:3c:39:b2:77:
         13:4b:8d:11:7c:70:5d:3a:f4:1e:e9:33:f8:ce:ce:df:34:4c:
         c2:3c:d6:b8:a8:e1:55:a2:40:e0:4e:df:8c:2a:0e:e5:bb:d4:
         17:81:8e:b2:7b:30:8f:5c:79:00:f5:94:c3:33:25:7f:88:d9:
         9b:64:a8:5b:10:1d:08:50:0d:99:46:80:cc:bb:48:ac:b3:80:
         e4:87:11:25:18:2a:ed:18:3d:10:37:c0:23:b2:24:2e:91:39:
         c3:2c:13:f9:fa:e6:65:0a:5c:7d:b3:56:d3:72:5c:34:07:c3:
         b2:ac:b9:d5:de:e4:84:62:04:91:6d:1e:01:7a:8f:de:cf:45:
         66:9d:fd:dc:3b:9b:da:73:51:99:29:cb:3a:e0:1c:0b:63:e0:
         5d:65:8c:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn7Lkq1mi9Z5nC0AMpqZyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YzQxZTA3OWViOWRjZjVmYWQ5ZTVkNDhkZGNlMzk2OTc3
Yjc5NzcwHhcNMjUwOTA3MTAwMTMyWhcNMjUwOTA4MTAwMTMyWjAzMTEwLwYDVQQD
EyhlNDM4MzQ1NDFhMGU5MmU4MTIwZDFhNWQyNWM0Y2UzNTVhZmY5NGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpAYye6gkFZDmVl/7BRGDGstH/Gy
QMpBNOn+1vGYUxujL8L3kXfvLT81a4uTM/+5JM6WCT9s+30C4PLu9uNkvzf8PybO
OmW1GATxtl3ZBt2tMWY4bcymMR9RoxYb8dSOuG8aoE0cBnzC6n/bXu0r7ET9169p
GTJYNNenohWYHrmb/AOG5czHJ5GNXoX9X3CH1OKS6a0hsf2w8f3kQFK/g154DSP9
jr7gX5AMG6ZoUXJZkJXjSsael7E1WYZ2bZtVjYzWvKhxACcF7KCFpJDkHXs0j1fH
vUv/9df0N20vkKmswHaFQ0WW6ymxo5E7MAcSdbOXJTjLWu2lWCmEYGo9cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQ4NFQaDpLoEg0aXSXEzjVa/5S/MB8GA1UdIwQY
MBaAFGfEHgeeudz1+tnl1I3c45aXe3l3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjhRZUI1NjUzUFg2MmVYVWpkempscGQ3ZVhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8wNjE5ZGItZWQ4ZS00NDNkLTk0ZDgt
ZDY0MzE0ZGEwYmI5LzEvWjhRZUI1NjUzUFg2MmVYVWpkempscGQ3ZVhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8wNjE5ZGItZWQ4ZS00NDNkLTk0ZDgtZDY0MzE0ZGEwYmI5
LzEvWjhRZUI1NjUzUFg2MmVYVWpkempscGQ3ZVhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI/TDkcr8
zIY+c8TqjOUQmN/MsWjxstotvr+GJQ3p+SU7/O9VfJalJ0E37HEggzrka3SRXR33
iVdDigQ/5CZn1iqMu8TOukbVKFQuTj+HV03ZsYQfyD0DOBYWA2rHwUTwd4BNqCGY
aDE8ObJ3E0uNEXxwXTr0Hukz+M7O3zRMwjzWuKjhVaJA4E7fjCoO5bvUF4GOsnsw
j1x5APWUwzMlf4jZm2SoWxAdCFANmUaAzLtIrLOA5IcRJRgq7Rg9EDfAI7IkLpE5
wywT+frmZQpcfbNW03JcNAfDsqy51d7khGIEkW0eAXqP3s9FZp393Dub2nNRmSnL
OuAcC2PgXWWMFA==
-----END CERTIFICATE-----