Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft
File:                     wq8ZpG9azIz4_QNiSmG3koqBjNA.mft (raw, json)
Hash identifier:          7OaedXH43FGDqETcWggK1nTkLqzZYAeK6TSaaoBtKIo=
Subject key identifier:   71:16:C0:7E:AE:23:7B:2D:EF:B2:06:77:C1:24:A6:F1:9A:24:FF:70
Authority key identifier: C2:AF:19:A4:6F:5A:CC:8C:F8:FD:03:62:4A:61:B7:92:8A:81:8C:D0
Certificate issuer:       /CN=c2af19a46f5acc8cf8fd03624a61b7928a818cd0
Certificate serial:       0199161C68B51B402D536497B750264E9815
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wq8ZpG9azIz4_QNiSmG3koqBjNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft
Manifest number:          1666
Signing time:             Thu 04 Sep 2025 19:03:04 +0000
Manifest this update:     Thu 04 Sep 2025 19:03:04 +0000
Manifest next update:     Fri 05 Sep 2025 19:03:04 +0000
Files and hashes:         1: wq8ZpG9azIz4_QNiSmG3koqBjNA.crl (hash: EeO0xkCkBkr19nVqB7vPHwNg8+q29Yugo0Tz3n4vrrg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wq8ZpG9azIz4_QNiSmG3koqBjNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 19:03:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:16:1c:68:b5:1b:40:2d:53:64:97:b7:50:26:4e:98:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2af19a46f5acc8cf8fd03624a61b7928a818cd0
        Validity
            Not Before: Sep  4 19:03:04 2025 GMT
            Not After : Sep  5 19:03:04 2025 GMT
        Subject: CN=7116c07eae237b2defb20677c124a6f19a24ff70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:62:96:9a:0c:a1:5b:46:11:1f:58:38:c1:0a:
                    ab:0a:f9:c6:41:ab:ad:87:e5:ef:c3:bc:0a:cc:a2:
                    07:50:bb:d6:43:3e:55:e4:0c:72:1f:5b:f8:90:3d:
                    24:d0:85:0d:d7:18:b2:9e:99:42:4d:b3:8a:02:c5:
                    3b:c2:03:b7:4a:e5:0b:83:58:05:06:a5:e0:5a:64:
                    e7:d8:c4:1a:f2:80:30:e6:13:cb:d9:60:f7:06:5f:
                    fc:00:3f:59:12:7e:9b:cd:db:f7:0e:2a:fe:d3:2a:
                    29:90:6f:b6:af:79:1d:96:13:c8:6d:ee:be:9c:41:
                    4f:0d:4e:bb:f0:17:4a:c2:62:e5:37:84:13:79:cf:
                    0e:bf:f8:64:c8:26:63:9e:c1:d2:c6:f7:14:4d:36:
                    b7:63:37:92:88:15:f8:d0:7a:ca:45:ab:5b:c7:b1:
                    38:10:eb:77:71:13:a6:d3:d6:97:b6:3a:39:4e:5d:
                    a5:a1:3d:10:89:42:22:ca:f1:77:9c:4c:de:29:06:
                    a3:34:41:1d:c0:c3:c0:02:64:fb:f0:2e:9d:0f:dc:
                    00:20:5c:6a:19:21:c2:8a:e3:19:72:24:4a:3b:ec:
                    2a:34:0d:97:b9:0e:1a:20:74:8e:c2:dc:1f:87:8c:
                    3d:15:49:9b:ad:5c:82:c5:6a:a2:02:3b:cd:55:f1:
                    64:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:16:C0:7E:AE:23:7B:2D:EF:B2:06:77:C1:24:A6:F1:9A:24:FF:70
            X509v3 Authority Key Identifier:
                keyid:C2:AF:19:A4:6F:5A:CC:8C:F8:FD:03:62:4A:61:B7:92:8A:81:8C:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wq8ZpG9azIz4_QNiSmG3koqBjNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:98:dd:19:13:c5:d4:28:08:fa:34:65:47:4b:66:61:eb:19:
         5f:80:2d:e2:8d:fe:fb:ab:95:3c:2b:68:d7:f8:7a:ed:95:5c:
         96:cc:9b:31:1b:47:4b:fa:a1:1a:24:91:92:cd:f6:3b:ca:fd:
         39:28:73:45:82:6a:11:3e:4c:a3:a2:8c:e0:2d:24:fb:b6:8c:
         84:31:cb:24:86:cb:f2:69:7f:6c:e1:ce:8f:7f:e3:69:62:92:
         78:7f:8b:de:fc:93:33:60:75:c3:1e:d7:17:b9:ce:6e:61:c1:
         ee:6b:77:37:29:fb:bc:3d:73:f8:a5:96:bc:d4:d1:d0:f4:0d:
         80:e1:89:a4:6c:58:85:cb:95:c9:eb:17:b2:ce:c6:ce:1b:ba:
         de:eb:c8:01:df:ad:b2:a6:bc:e4:f6:de:03:d6:03:f1:c6:49:
         11:9a:ea:a3:23:5c:cf:e0:47:e7:1d:12:f4:68:ed:93:53:9b:
         ba:b9:7e:04:c7:dc:80:6d:4b:f5:9b:83:12:b4:46:ec:b4:f2:
         70:c0:5f:1c:60:86:66:48:4e:3a:1e:45:01:ce:91:b7:00:28:
         49:d9:a3:01:f2:23:ed:c0:07:72:a7:17:ad:ea:39:c8:c8:72:
         3f:13:95:d5:42:91:cb:6e:c1:e4:fa:79:cd:12:b0:fb:ec:a3:
         49:40:56:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkWHGi1G0AtU2SXt1AmTpgVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYWYxOWE0NmY1YWNjOGNmOGZkMDM2MjRhNjFiNzkyOGE4
MThjZDAwHhcNMjUwOTA0MTkwMzA0WhcNMjUwOTA1MTkwMzA0WjAzMTEwLwYDVQQD
Eyg3MTE2YzA3ZWFlMjM3YjJkZWZiMjA2NzdjMTI0YTZmMTlhMjRmZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mKWmgyhW0YRH1g4wQqrCvnGQaut
h+Xvw7wKzKIHULvWQz5V5AxyH1v4kD0k0IUN1xiynplCTbOKAsU7wgO3SuULg1gF
BqXgWmTn2MQa8oAw5hPL2WD3Bl/8AD9ZEn6bzdv3Dir+0yopkG+2r3kdlhPIbe6+
nEFPDU678BdKwmLlN4QTec8Ov/hkyCZjnsHSxvcUTTa3YzeSiBX40HrKRatbx7E4
EOt3cROm09aXtjo5Tl2loT0QiUIiyvF3nEzeKQajNEEdwMPAAmT78C6dD9wAIFxq
GSHCiuMZciRKO+wqNA2XuQ4aIHSOwtwfh4w9FUmbrVyCxWqiAjvNVfFkjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHEWwH6uI3st77IGd8EkpvGaJP9wMB8GA1UdIwQY
MBaAFMKvGaRvWsyM+P0DYkpht5KKgYzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3E4WnBHOWF6SXo0X1FOaVNtRzNrb3FCak5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8yZjk0ZWMtODMzNy00MjQ5LWJhYmMt
NTYzNjgxNGE5MzM3LzEvd3E4WnBHOWF6SXo0X1FOaVNtRzNrb3FCak5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8yZjk0ZWMtODMzNy00MjQ5LWJhYmMtNTYzNjgxNGE5MzM3
LzEvd3E4WnBHOWF6SXo0X1FOaVNtRzNrb3FCak5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwJjdGRPF
1CgI+jRlR0tmYesZX4At4o3++6uVPCto1/h67ZVclsybMRtHS/qhGiSRks32O8r9
OShzRYJqET5Mo6KM4C0k+7aMhDHLJIbL8ml/bOHOj3/jaWKSeH+L3vyTM2B1wx7X
F7nObmHB7mt3Nyn7vD1z+KWWvNTR0PQNgOGJpGxYhcuVyesXss7Gzhu63uvIAd+t
sqa85PbeA9YD8cZJEZrqoyNcz+BH5x0S9Gjtk1Oburl+BMfcgG1L9ZuDErRG7LTy
cMBfHGCGZkhOOh5FAc6RtwAoSdmjAfIj7cAHcqcXreo5yMhyPxOV1UKRy27B5Pp5
zRKw++yjSUBWNQ==
-----END CERTIFICATE-----