Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
File:                     OpzyvclyZDBARldYsyWap8kubhw.mft (raw, json)
Hash identifier:          W9uxZbHVhc/hvT81xwBRtHxZpcfXpGQY+upzlzmtPZU=
Subject key identifier:   90:72:AD:AD:0E:D5:39:96:14:27:BD:80:BC:76:2D:13:76:16:C6:21
Authority key identifier: 3A:9C:F2:BD:C9:72:64:30:40:46:57:58:B3:25:9A:A7:C9:2E:6E:1C
Certificate issuer:       /CN=3a9cf2bdc972643040465758b3259aa7c92e6e1c
Certificate serial:       0199221F2529313C46A180E2092A9BAEC7F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
Manifest number:          166C
Signing time:             Sun 07 Sep 2025 03:01:30 +0000
Manifest this update:     Sun 07 Sep 2025 03:01:30 +0000
Manifest next update:     Mon 08 Sep 2025 03:01:30 +0000
Files and hashes:         1: OpzyvclyZDBARldYsyWap8kubhw.crl (hash: lhbT2xnWTtCTkGImtA/tyktEFSD7JvFk2B293sqDXdQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1f:25:29:31:3c:46:a1:80:e2:09:2a:9b:ae:c7:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a9cf2bdc972643040465758b3259aa7c92e6e1c
        Validity
            Not Before: Sep  7 03:01:30 2025 GMT
            Not After : Sep  8 03:01:30 2025 GMT
        Subject: CN=9072adad0ed539961427bd80bc762d137616c621
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:cf:5c:72:be:ae:b4:3b:4d:72:39:b7:a9:7a:
                    c9:a9:6c:3c:de:73:c6:53:f4:25:64:9d:40:23:be:
                    73:da:a1:09:19:6f:d6:78:f2:d0:e0:70:17:d2:26:
                    c4:e1:ea:ef:7b:c6:44:a0:4f:57:bd:e7:5d:fe:9a:
                    b8:f0:56:56:6f:69:e2:7a:f6:65:8d:ac:ad:9d:f4:
                    06:6a:9c:47:d0:fc:0f:1d:e6:fa:3c:91:63:b2:61:
                    b6:29:bc:44:6f:29:7d:19:0e:00:99:a6:f0:70:18:
                    b6:8a:8c:72:eb:75:d3:f9:f2:87:2a:86:e6:08:ac:
                    c8:2b:36:fa:6a:64:41:7c:e0:86:18:06:25:ab:f3:
                    34:7b:f2:f3:5d:c7:66:45:29:ec:90:86:e4:43:39:
                    40:84:97:99:b1:b6:32:4e:93:9c:93:46:a6:7e:8d:
                    0b:58:4f:f3:2b:47:33:c4:18:f9:2b:45:e3:a1:10:
                    fe:22:c1:79:2a:60:0c:9f:61:ce:0c:24:24:91:03:
                    10:b6:0e:4f:bb:fd:ca:25:8f:88:64:e2:12:5a:d0:
                    1b:55:6c:ef:fa:73:fb:c0:e1:ad:46:2a:d9:25:3a:
                    ff:b0:74:6c:e4:c0:6d:7e:8d:ff:f5:36:74:99:91:
                    1e:d7:15:ca:12:28:c8:89:a1:99:94:57:c7:af:af:
                    e5:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:72:AD:AD:0E:D5:39:96:14:27:BD:80:BC:76:2D:13:76:16:C6:21
            X509v3 Authority Key Identifier:
                keyid:3A:9C:F2:BD:C9:72:64:30:40:46:57:58:B3:25:9A:A7:C9:2E:6E:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:0c:77:df:6a:8e:12:1e:cd:e7:65:60:ec:5b:74:da:2e:04:
         16:88:2c:26:82:3e:7f:47:94:8a:ef:ee:18:5c:e9:b8:64:7d:
         fa:76:18:8a:8d:ea:51:45:5c:5c:39:15:f1:a9:98:de:39:18:
         5d:90:b4:1c:ec:64:4c:85:09:13:a7:2c:6a:5d:f7:c3:b8:b6:
         ac:24:d8:44:ac:89:cb:b2:74:67:c0:c7:d7:48:90:ff:53:7f:
         b9:14:32:56:62:44:8a:f6:83:d7:a4:9a:8d:33:c8:c1:e7:ba:
         a2:37:b0:1a:54:5e:20:58:96:ff:38:f7:8f:c2:42:83:cd:14:
         97:01:8a:e3:2a:65:49:24:9f:32:48:2a:58:8c:d5:56:73:46:
         56:a4:92:63:3d:80:62:c6:50:aa:ac:f5:60:19:45:d3:3a:3e:
         13:16:63:47:3d:5f:42:ee:51:cf:01:6a:b2:b1:66:52:da:30:
         91:a9:c4:8a:ba:66:92:3a:55:c6:1f:4c:6c:0c:af:54:56:45:
         7b:cc:f5:17:1b:81:4a:fc:a8:a4:17:9f:89:0d:4c:cc:e8:e7:
         fb:1a:2e:02:79:e6:85:1e:01:19:b7:b2:e8:91:ed:87:ca:4c:
         c3:15:2b:be:b1:6c:ca:f9:f1:27:7c:50:16:1d:d5:ac:93:27:
         5a:81:f0:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHyUpMTxGoYDiCSqbrsfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOWNmMmJkYzk3MjY0MzA0MDQ2NTc1OGIzMjU5YWE3Yzky
ZTZlMWMwHhcNMjUwOTA3MDMwMTMwWhcNMjUwOTA4MDMwMTMwWjAzMTEwLwYDVQQD
Eyg5MDcyYWRhZDBlZDUzOTk2MTQyN2JkODBiYzc2MmQxMzc2MTZjNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkM9ccr6utDtNcjm3qXrJqWw83nPG
U/QlZJ1AI75z2qEJGW/WePLQ4HAX0ibE4erve8ZEoE9Xvedd/pq48FZWb2nievZl
jaytnfQGapxH0PwPHeb6PJFjsmG2KbxEbyl9GQ4AmabwcBi2ioxy63XT+fKHKobm
CKzIKzb6amRBfOCGGAYlq/M0e/LzXcdmRSnskIbkQzlAhJeZsbYyTpOck0amfo0L
WE/zK0czxBj5K0XjoRD+IsF5KmAMn2HODCQkkQMQtg5Pu/3KJY+IZOISWtAbVWzv
+nP7wOGtRirZJTr/sHRs5MBtfo3/9TZ0mZEe1xXKEijIiaGZlFfHr6/lzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJByra0O1TmWFCe9gLx2LRN2FsYhMB8GA1UdIwQY
MBaAFDqc8r3JcmQwQEZXWLMlmqfJLm4cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83MWM1NzktNTA4MC00MWZlLTg2NTMt
MDI0ZjdjNTBmNDI4LzEvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83MWM1NzktNTA4MC00MWZlLTg2NTMtMDI0ZjdjNTBmNDI4
LzEvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjAx332qO
Eh7N52Vg7Ft02i4EFogsJoI+f0eUiu/uGFzpuGR9+nYYio3qUUVcXDkV8amY3jkY
XZC0HOxkTIUJE6csal33w7i2rCTYRKyJy7J0Z8DH10iQ/1N/uRQyVmJEivaD16Sa
jTPIwee6ojewGlReIFiW/zj3j8JCg80UlwGK4yplSSSfMkgqWIzVVnNGVqSSYz2A
YsZQqqz1YBlF0zo+ExZjRz1fQu5RzwFqsrFmUtowkanEirpmkjpVxh9MbAyvVFZF
e8z1FxuBSvyopBefiQ1MzOjn+xouAnnmhR4BGbey6JHth8pMwxUrvrFsyvnxJ3xQ
Fh3VrJMnWoHwdQ==
-----END CERTIFICATE-----