Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
File:                     3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft (raw, json)
Hash identifier:          xUlpCPZuKrQXB7HECXL7lwQJyAnH/ks565Lfp/Nm+Ho=
Subject key identifier:   AD:F1:C5:32:FD:15:10:62:C9:FF:24:AD:4C:4E:C3:46:14:02:E1:C9
Authority key identifier: DD:B7:B0:01:9E:19:F1:12:F4:D2:BC:FD:6E:A1:2D:90:81:FC:58:7E
Certificate issuer:       /CN=ddb7b0019e19f112f4d2bcfd6ea12d9081fc587e
Certificate serial:       0199221E977B277602F57B5E8577D6608EC3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
Manifest number:          166C
Signing time:             Sun 07 Sep 2025 03:00:53 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:53 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:53 +0000
Files and hashes:         1: 3bewAZ4Z8RL00rz9bqEtkIH8WH4.crl (hash: P9W/xRFai28JlcQ+seMPalKZ89BfCdyrp77Qaih8+3U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:97:7b:27:76:02:f5:7b:5e:85:77:d6:60:8e:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddb7b0019e19f112f4d2bcfd6ea12d9081fc587e
        Validity
            Not Before: Sep  7 03:00:53 2025 GMT
            Not After : Sep  8 03:00:53 2025 GMT
        Subject: CN=adf1c532fd151062c9ff24ad4c4ec3461402e1c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:22:3b:14:76:54:87:00:f6:bd:96:e8:e9:5c:
                    07:c3:f6:9c:1d:2a:85:8f:98:ef:ba:50:24:0d:a1:
                    bd:86:c4:ed:77:f2:6b:04:b5:31:84:c7:bc:60:4b:
                    2f:47:90:e7:5c:b2:ae:d0:41:91:81:15:18:4f:db:
                    4a:75:44:4d:38:49:8f:52:0e:94:44:aa:3e:d7:c2:
                    d7:b0:f3:11:db:d5:f3:d1:22:74:24:a1:e1:de:5c:
                    22:65:24:8a:e4:64:8d:69:f0:91:fd:1e:cf:a0:0f:
                    90:2b:2a:b4:9e:69:65:e1:0f:10:0b:cc:40:25:14:
                    bf:03:c0:c3:c2:c9:c9:b1:2b:73:79:cc:e5:f7:70:
                    70:ab:e3:35:dd:4c:76:d3:96:3a:3a:08:34:4e:49:
                    83:ad:0a:7b:9b:73:c3:c3:c8:d6:1a:25:5a:51:ed:
                    5d:ee:55:40:cc:e4:6c:12:31:af:ec:bb:7b:f9:b1:
                    6d:16:85:e9:1b:86:56:95:32:8a:7c:14:f2:d5:40:
                    7b:f5:c0:4b:e4:16:eb:8f:bf:33:68:86:14:2f:58:
                    8b:74:26:b8:93:94:22:99:64:1e:d1:30:e5:67:ce:
                    e1:97:7b:24:7b:5b:a5:c8:11:bc:fd:2b:08:46:9a:
                    f7:b3:ee:d9:0d:83:42:eb:f5:47:50:85:84:8f:c7:
                    b7:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:F1:C5:32:FD:15:10:62:C9:FF:24:AD:4C:4E:C3:46:14:02:E1:C9
            X509v3 Authority Key Identifier:
                keyid:DD:B7:B0:01:9E:19:F1:12:F4:D2:BC:FD:6E:A1:2D:90:81:FC:58:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:7f:b0:7a:bf:c8:69:04:2d:89:d7:66:45:ad:9f:a7:e1:40:
         55:21:35:5e:a2:a2:c4:84:03:5a:c5:58:2e:ba:c9:1d:e0:63:
         55:7b:05:3f:c8:35:f3:e8:f9:b5:07:23:09:0e:c6:9b:82:a0:
         4d:00:0a:83:52:a7:c3:af:c8:5c:46:50:97:08:55:5f:b8:1c:
         3b:19:a2:ef:5a:f4:6f:fc:9d:37:57:31:b6:70:d1:59:ea:26:
         b2:26:f3:52:22:dd:0c:58:6f:97:2c:54:18:98:40:39:81:f0:
         61:31:18:3e:8f:70:f7:d5:e0:89:5d:fb:7b:15:d8:bc:56:be:
         14:1b:98:16:5b:4a:35:5b:e1:38:a7:74:dd:e5:d5:a2:cd:dc:
         e1:75:28:9a:c1:45:c9:ad:86:ce:13:ae:b1:ad:12:8d:86:aa:
         16:4b:4f:28:f9:b0:de:7d:bd:26:2b:8f:fb:02:8d:db:09:11:
         e3:80:0a:a2:16:68:56:82:57:95:2f:75:9a:88:cf:e9:c1:4d:
         d5:52:3c:76:1a:14:3d:76:2a:90:12:e6:02:d2:a6:87:5c:11:
         65:60:3e:84:02:f7:ac:a5:0c:b4:be:fc:a3:f6:4e:68:3d:c8:
         e3:f9:50:9c:b2:72:c4:51:31:8b:90:57:ba:2b:05:e3:e9:1a:
         24:f1:ac:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHpd7J3YC9XtehXfWYI7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYjdiMDAxOWUxOWYxMTJmNGQyYmNmZDZlYTEyZDkwODFm
YzU4N2UwHhcNMjUwOTA3MDMwMDUzWhcNMjUwOTA4MDMwMDUzWjAzMTEwLwYDVQQD
EyhhZGYxYzUzMmZkMTUxMDYyYzlmZjI0YWQ0YzRlYzM0NjE0MDJlMWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiI7FHZUhwD2vZbo6VwHw/acHSqF
j5jvulAkDaG9hsTtd/JrBLUxhMe8YEsvR5DnXLKu0EGRgRUYT9tKdURNOEmPUg6U
RKo+18LXsPMR29Xz0SJ0JKHh3lwiZSSK5GSNafCR/R7PoA+QKyq0nmll4Q8QC8xA
JRS/A8DDwsnJsStzeczl93Bwq+M13Ux205Y6Ogg0TkmDrQp7m3PDw8jWGiVaUe1d
7lVAzORsEjGv7Lt7+bFtFoXpG4ZWlTKKfBTy1UB79cBL5Bbrj78zaIYUL1iLdCa4
k5QimWQe0TDlZ87hl3ske1ulyBG8/SsIRpr3s+7ZDYNC6/VHUIWEj8e3/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK3xxTL9FRBiyf8krUxOw0YUAuHJMB8GA1UdIwQY
MBaAFN23sAGeGfES9NK8/W6hLZCB/Fh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2Jld0FaNFo4UkwwMHJ6OWJxRXRrSUg4V0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9lZmEzZjEtNzY3MS00Y2UzLTlmZTEt
YTg2ZGY5ODNhNzRjLzEvM2Jld0FaNFo4UkwwMHJ6OWJxRXRrSUg4V0g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9lZmEzZjEtNzY3MS00Y2UzLTlmZTEtYTg2ZGY5ODNhNzRj
LzEvM2Jld0FaNFo4UkwwMHJ6OWJxRXRrSUg4V0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu3+wer/I
aQQtiddmRa2fp+FAVSE1XqKixIQDWsVYLrrJHeBjVXsFP8g18+j5tQcjCQ7Gm4Kg
TQAKg1Knw6/IXEZQlwhVX7gcOxmi71r0b/ydN1cxtnDRWeomsibzUiLdDFhvlyxU
GJhAOYHwYTEYPo9w99XgiV37exXYvFa+FBuYFltKNVvhOKd03eXVos3c4XUomsFF
ya2GzhOusa0SjYaqFktPKPmw3n29JiuP+wKN2wkR44AKohZoVoJXlS91mojP6cFN
1VI8dhoUPXYqkBLmAtKmh1wRZWA+hAL3rKUMtL78o/ZOaD3I4/lQnLJyxFExi5BX
uisF4+kaJPGsQA==
-----END CERTIFICATE-----