Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft
File:                     214_2Taim0KaFIK070HDJuKTfSo.mft (raw, json)
Hash identifier:          72NNPw8YvK1onjQ/X3OX2MJlVST96K1Lk6PRt6nrMfM=
Subject key identifier:   9B:7F:8C:2B:DA:24:2A:D5:43:07:3F:BC:64:38:25:98:48:6B:16:18
Authority key identifier: DB:5E:3F:D9:36:A2:9B:42:9A:14:82:B4:EF:41:C3:26:E2:93:7D:2A
Certificate issuer:       /CN=db5e3fd936a29b429a1482b4ef41c326e2937d2a
Certificate serial:       0199221ED7F184D96F5B13BEB835E061FB0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/214_2Taim0KaFIK070HDJuKTfSo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 03:01:10 +0000
Manifest this update:     Sun 07 Sep 2025 03:01:10 +0000
Manifest next update:     Mon 08 Sep 2025 03:01:10 +0000
Files and hashes:         1: 214_2Taim0KaFIK070HDJuKTfSo.crl (hash: pp10g70puGvlL2t8BhSKW7lyCnSdEOvohdjSEUC8hJA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/214_2Taim0KaFIK070HDJuKTfSo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:d7:f1:84:d9:6f:5b:13:be:b8:35:e0:61:fb:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db5e3fd936a29b429a1482b4ef41c326e2937d2a
        Validity
            Not Before: Sep  7 03:01:10 2025 GMT
            Not After : Sep  8 03:01:10 2025 GMT
        Subject: CN=9b7f8c2bda242ad543073fbc64382598486b1618
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:0c:0b:24:19:77:32:5d:c6:7c:2f:18:8e:78:
                    35:f1:91:b9:5f:0d:64:0a:21:05:2d:40:df:07:8e:
                    f5:37:de:9a:89:a3:be:53:1e:5b:6e:0d:ed:4d:e8:
                    a0:87:fb:ec:db:f8:a4:2b:95:01:36:15:35:13:78:
                    94:be:1a:60:20:c3:67:3f:fc:76:fd:be:d4:18:f4:
                    b7:aa:ab:f4:c9:cc:16:94:08:ae:63:4b:ee:04:eb:
                    c0:3b:17:c6:7b:21:90:a8:db:a1:de:53:bf:89:d0:
                    bc:de:2c:01:be:fa:7d:e3:c1:73:29:09:50:92:a9:
                    40:e8:ca:5c:79:a3:f9:94:42:2f:34:02:09:0d:51:
                    82:12:a7:3e:66:77:32:cc:ce:5b:6e:56:4b:80:b7:
                    f4:68:8f:af:06:b8:be:71:06:18:69:9b:37:1a:9f:
                    0f:82:fb:07:80:ac:b2:3e:f4:83:9b:6d:dd:aa:86:
                    d2:1b:5d:1a:08:7c:66:43:f6:fb:c5:ca:be:43:6d:
                    6f:37:69:5e:32:92:87:cb:07:4c:18:9f:aa:86:88:
                    be:ad:27:bb:4e:39:90:5f:8e:69:35:5e:88:58:b2:
                    5d:80:ac:8f:06:86:ee:9d:ce:6f:9d:1c:0b:d3:9a:
                    c0:60:f8:ed:da:37:36:b0:ef:d7:56:a1:77:fa:50:
                    75:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:7F:8C:2B:DA:24:2A:D5:43:07:3F:BC:64:38:25:98:48:6B:16:18
            X509v3 Authority Key Identifier:
                keyid:DB:5E:3F:D9:36:A2:9B:42:9A:14:82:B4:EF:41:C3:26:E2:93:7D:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/214_2Taim0KaFIK070HDJuKTfSo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:a3:fb:d6:08:44:02:2b:4f:6c:c5:ce:a6:25:af:e0:46:ba:
         1b:d4:d0:71:9a:58:7e:2b:28:05:93:34:d0:5e:c3:40:b6:47:
         79:1a:71:f8:ec:08:58:20:ce:1c:4a:4e:74:77:f6:9f:e5:d5:
         1a:f3:d9:e9:e7:ce:5d:c1:35:7e:c1:95:93:eb:78:e2:7d:e8:
         b3:1e:7a:71:4b:00:4a:9d:64:f3:7f:5b:26:0c:be:eb:23:7a:
         f1:b5:40:a8:a2:d5:52:5d:50:cb:c5:54:72:a1:e0:d4:20:11:
         16:2b:2b:bd:e5:05:51:67:5c:80:51:91:05:d2:cf:56:4e:a8:
         cc:12:ac:7e:a4:c9:4d:74:d3:55:f8:74:0d:74:22:dc:50:e0:
         de:37:71:f5:94:a1:e6:8e:81:4d:04:bb:c9:f9:85:61:2d:9d:
         c7:3a:71:74:59:1d:96:ba:0f:ec:c7:56:82:af:f6:ca:f7:6a:
         e0:e1:0d:d1:7b:17:74:4d:65:82:09:d1:15:67:14:b4:37:23:
         1b:62:b2:d8:01:30:89:1d:e7:29:28:c9:1d:1d:31:21:69:f8:
         6c:f1:0e:92:5d:09:81:39:a7:72:9d:07:36:ec:cc:41:7b:76:
         2a:23:2c:f8:59:45:30:a1:36:2c:14:14:9f:10:b3:ba:98:0c:
         c5:7e:5d:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHtfxhNlvWxO+uDXgYfsNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNWUzZmQ5MzZhMjliNDI5YTE0ODJiNGVmNDFjMzI2ZTI5
MzdkMmEwHhcNMjUwOTA3MDMwMTEwWhcNMjUwOTA4MDMwMTEwWjAzMTEwLwYDVQQD
Eyg5YjdmOGMyYmRhMjQyYWQ1NDMwNzNmYmM2NDM4MjU5ODQ4NmIxNjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQwLJBl3Ml3GfC8Yjng18ZG5Xw1k
CiEFLUDfB471N96aiaO+Ux5bbg3tTeigh/vs2/ikK5UBNhU1E3iUvhpgIMNnP/x2
/b7UGPS3qqv0ycwWlAiuY0vuBOvAOxfGeyGQqNuh3lO/idC83iwBvvp948FzKQlQ
kqlA6MpceaP5lEIvNAIJDVGCEqc+ZncyzM5bblZLgLf0aI+vBri+cQYYaZs3Gp8P
gvsHgKyyPvSDm23dqobSG10aCHxmQ/b7xcq+Q21vN2leMpKHywdMGJ+qhoi+rSe7
TjmQX45pNV6IWLJdgKyPBobunc5vnRwL05rAYPjt2jc2sO/XVqF3+lB1iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJt/jCvaJCrVQwc/vGQ4JZhIaxYYMB8GA1UdIwQY
MBaAFNteP9k2optCmhSCtO9Bwybik30qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjE0XzJUYWltMEthRklLMDcwSERKdUtUZlNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hYWUxN2YtYzM1Yi00MDdjLTg5NmIt
N2U1NzY5MWJiZWQ5LzEvMjE0XzJUYWltMEthRklLMDcwSERKdUtUZlNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hYWUxN2YtYzM1Yi00MDdjLTg5NmItN2U1NzY5MWJiZWQ5
LzEvMjE0XzJUYWltMEthRklLMDcwSERKdUtUZlNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaaP71ghE
AitPbMXOpiWv4Ea6G9TQcZpYfisoBZM00F7DQLZHeRpx+OwIWCDOHEpOdHf2n+XV
GvPZ6efOXcE1fsGVk+t44n3osx56cUsASp1k839bJgy+6yN68bVAqKLVUl1Qy8VU
cqHg1CARFisrveUFUWdcgFGRBdLPVk6ozBKsfqTJTXTTVfh0DXQi3FDg3jdx9ZSh
5o6BTQS7yfmFYS2dxzpxdFkdlroP7MdWgq/2yvdq4OEN0XsXdE1lggnRFWcUtDcj
G2Ky2AEwiR3nKSjJHR0xIWn4bPEOkl0JgTmncp0HNuzMQXt2KiMs+FlFMKE2LBQU
nxCzupgMxX5dmA==
-----END CERTIFICATE-----