Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft
File:                     2nGl-6KA1tAY7MOp1-WMPGEeav0.mft (raw, json)
Hash identifier:          ysVm7GJGTTse0D3AJg/pCrlHUO0DH7hMBMAxzdmJ5fg=
Subject key identifier:   F5:D4:09:DA:45:93:D2:40:07:67:32:C7:C2:45:A9:F5:CA:62:F2:FE
Authority key identifier: DA:71:A5:FB:A2:80:D6:D0:18:EC:C3:A9:D7:E5:8C:3C:61:1E:6A:FD
Certificate issuer:       /CN=da71a5fba280d6d018ecc3a9d7e58c3c611e6afd
Certificate serial:       0199239F576E85458F3E3D8F669549B3C6AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 10:01:09 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:09 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:09 +0000
Files and hashes:         1: 2nGl-6KA1tAY7MOp1-WMPGEeav0.crl (hash: qylRl9vRwvLOcmzLPwZyyj0uiQKxI4f9Ewa9s7iydRI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:57:6e:85:45:8f:3e:3d:8f:66:95:49:b3:c6:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da71a5fba280d6d018ecc3a9d7e58c3c611e6afd
        Validity
            Not Before: Sep  7 10:01:09 2025 GMT
            Not After : Sep  8 10:01:09 2025 GMT
        Subject: CN=f5d409da4593d240076732c7c245a9f5ca62f2fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:4b:61:02:44:f7:30:8f:61:3f:7c:bc:83:9a:
                    fc:4f:14:ce:c1:96:e2:ea:d7:3c:27:71:3a:75:c3:
                    dc:d4:69:43:bd:07:e4:ae:fa:09:17:30:28:d1:7e:
                    17:b2:b5:bf:36:0e:61:7a:b1:09:b1:17:d7:7b:f2:
                    e0:c0:4f:6b:b3:17:5e:4c:b0:34:7f:00:9b:f5:34:
                    d0:d0:ac:1d:9c:28:1b:22:e5:34:65:8e:76:95:81:
                    9e:0b:6a:21:b1:b1:b1:e9:c0:25:75:b7:7a:9b:45:
                    63:30:f7:2b:5b:fb:f8:5c:95:b2:f7:8a:b1:29:8f:
                    90:3a:58:3d:24:07:d8:e8:2a:46:00:74:26:37:59:
                    19:d3:7d:19:82:48:58:39:2d:f5:ac:ac:55:68:23:
                    a3:f6:72:ad:c7:c6:24:73:13:e7:5d:43:b3:16:af:
                    57:7a:8a:19:13:1d:cf:59:d0:ac:8b:8b:e0:94:b6:
                    99:c4:6d:69:c0:ec:31:9a:73:fb:30:99:c2:a4:ef:
                    f3:dd:57:ab:e8:af:c4:4e:04:8c:a6:05:bf:62:94:
                    78:88:89:6a:cd:53:70:2b:b1:27:20:18:56:94:26:
                    b9:1e:dd:b5:c8:30:61:a7:2a:2e:34:14:a5:bc:be:
                    7e:9e:ac:23:a0:fa:ae:c5:a5:d1:4d:dc:28:dc:33:
                    34:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:D4:09:DA:45:93:D2:40:07:67:32:C7:C2:45:A9:F5:CA:62:F2:FE
            X509v3 Authority Key Identifier:
                keyid:DA:71:A5:FB:A2:80:D6:D0:18:EC:C3:A9:D7:E5:8C:3C:61:1E:6A:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:5a:d1:30:dd:b7:ed:36:59:e5:90:11:6e:42:4d:67:e4:30:
         1c:2e:7d:92:2c:4c:68:c1:32:d4:c8:3f:fd:d0:16:b1:1b:ce:
         f9:ae:b0:0f:d7:7b:ed:ba:17:f7:97:6b:09:cf:fb:30:78:91:
         1c:6f:62:12:5e:99:dd:04:01:59:38:25:4c:e9:94:31:d2:79:
         7e:87:eb:8a:04:35:97:9c:42:b6:87:b0:9f:ae:b9:87:39:1f:
         a4:7d:18:7b:2d:3d:54:63:ea:7f:7e:c0:25:bd:75:8b:8b:05:
         5d:89:d4:ee:8d:fa:cf:19:49:24:28:42:32:56:8d:22:44:d9:
         4f:ba:d0:14:11:51:ae:82:3a:a0:d1:27:6c:bc:7e:f8:6f:62:
         e8:62:0d:6a:13:0c:05:60:ec:23:3b:3e:ba:c1:1c:03:de:5e:
         79:52:2d:15:33:1b:18:fd:1d:fb:ad:c6:64:47:41:a8:22:f1:
         15:1a:78:e2:f1:17:ad:81:72:6a:94:57:e5:fc:30:16:f1:f5:
         e2:d0:c6:28:1b:0e:8f:45:17:72:22:3b:86:80:29:8f:57:85:
         fd:6d:c1:8a:56:f7:06:de:ac:49:d5:b3:f1:41:bb:38:76:68:
         91:91:f7:0c:63:98:d0:52:c8:95:16:95:6e:78:35:bd:77:6e:
         86:cd:75:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn1duhUWPPj2PZpVJs8atMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzFhNWZiYTI4MGQ2ZDAxOGVjYzNhOWQ3ZTU4YzNjNjEx
ZTZhZmQwHhcNMjUwOTA3MTAwMTA5WhcNMjUwOTA4MTAwMTA5WjAzMTEwLwYDVQQD
EyhmNWQ0MDlkYTQ1OTNkMjQwMDc2NzMyYzdjMjQ1YTlmNWNhNjJmMmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kthAkT3MI9hP3y8g5r8TxTOwZbi
6tc8J3E6dcPc1GlDvQfkrvoJFzAo0X4XsrW/Ng5herEJsRfXe/LgwE9rsxdeTLA0
fwCb9TTQ0KwdnCgbIuU0ZY52lYGeC2ohsbGx6cAldbd6m0VjMPcrW/v4XJWy94qx
KY+QOlg9JAfY6CpGAHQmN1kZ030ZgkhYOS31rKxVaCOj9nKtx8YkcxPnXUOzFq9X
eooZEx3PWdCsi4vglLaZxG1pwOwxmnP7MJnCpO/z3Ver6K/ETgSMpgW/YpR4iIlq
zVNwK7EnIBhWlCa5Ht21yDBhpyouNBSlvL5+nqwjoPquxaXRTdwo3DM0ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPXUCdpFk9JAB2cyx8JFqfXKYvL+MB8GA1UdIwQY
MBaAFNpxpfuigNbQGOzDqdfljDxhHmr9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8yNDI2OTItYTA1MC00NzgzLThmN2Yt
NGMyNDBhOTczZDFlLzEvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8yNDI2OTItYTA1MC00NzgzLThmN2YtNGMyNDBhOTczZDFl
LzEvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASlrRMN23
7TZZ5ZARbkJNZ+QwHC59kixMaMEy1Mg//dAWsRvO+a6wD9d77boX95drCc/7MHiR
HG9iEl6Z3QQBWTglTOmUMdJ5fofrigQ1l5xCtoewn665hzkfpH0Yey09VGPqf37A
Jb11i4sFXYnU7o36zxlJJChCMlaNIkTZT7rQFBFRroI6oNEnbLx++G9i6GINahMM
BWDsIzs+usEcA95eeVItFTMbGP0d+63GZEdBqCLxFRp44vEXrYFyapRX5fwwFvH1
4tDGKBsOj0UXciI7hoApj1eF/W3Bilb3Bt6sSdWz8UG7OHZokZH3DGOY0FLIlRaV
bng1vXduhs11SQ==
-----END CERTIFICATE-----