Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
File:                     MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft (raw, json)
Hash identifier:          2+GhI3BdI0d2UKgyXgxEkubtPnMVCUpcGKUY7kFkQkY=
Subject key identifier:   9E:6B:45:5D:DC:B9:15:32:6F:5E:BE:A4:5E:C9:F2:FF:97:7E:0B:49
Authority key identifier: 30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34
Certificate issuer:       /CN=30fd95ce80eace734e340ddd723110fa5252fa34
Certificate serial:       019921E7E0B3E7021A5E4663B92F480F497F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
Manifest number:          166F
Signing time:             Sun 07 Sep 2025 02:01:08 +0000
Manifest this update:     Sun 07 Sep 2025 02:01:08 +0000
Manifest next update:     Mon 08 Sep 2025 02:01:08 +0000
Files and hashes:         1: MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl (hash: 5pAs4c/sFfg8RA6r4ojyauAAYvaxREGjWVPv9MHnF0U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 02:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:e7:e0:b3:e7:02:1a:5e:46:63:b9:2f:48:0f:49:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30fd95ce80eace734e340ddd723110fa5252fa34
        Validity
            Not Before: Sep  7 02:01:08 2025 GMT
            Not After : Sep  8 02:01:08 2025 GMT
        Subject: CN=9e6b455ddcb915326f5ebea45ec9f2ff977e0b49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:06:e3:36:68:b7:6d:4e:a6:c6:13:7d:6d:a3:
                    80:6b:b0:9e:53:84:c0:d7:94:32:0c:21:52:a9:62:
                    26:66:c3:5a:f0:f6:a6:a1:d9:f5:51:b4:7c:af:fb:
                    d7:19:b9:68:ac:1c:fe:a0:f2:e5:28:20:ce:fc:c2:
                    99:b2:41:b8:a9:d4:48:ac:25:77:c6:88:22:aa:e6:
                    fd:c7:49:1c:b1:f8:29:84:b5:89:d2:d5:db:1b:11:
                    6c:d5:2b:c1:b1:0e:71:f6:67:35:fd:a2:2e:8a:cc:
                    fe:d4:5e:51:bd:89:c5:65:61:5c:8a:44:ce:d7:8d:
                    6e:ba:a1:cc:c3:6a:9b:91:67:c6:55:e7:5b:46:5a:
                    fd:2a:20:6a:22:00:ed:ec:9d:f5:ba:1b:6f:df:ab:
                    b2:f8:08:11:76:2a:b0:1d:3c:e2:9d:76:53:33:85:
                    fd:8d:17:74:94:eb:65:69:fe:9c:ac:b1:37:bc:c0:
                    88:f9:8e:f5:fe:64:8d:e0:99:aa:47:7f:2c:79:50:
                    d8:50:67:ac:25:78:f7:fb:30:07:7b:ec:49:41:f8:
                    c6:39:d3:a4:55:52:cd:12:93:bf:df:e2:a1:57:23:
                    ef:51:71:d3:8c:69:93:b7:26:51:90:d8:3d:a4:fb:
                    6b:9c:56:c1:5b:0a:1d:e2:3d:27:ca:9c:52:cb:dd:
                    51:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:6B:45:5D:DC:B9:15:32:6F:5E:BE:A4:5E:C9:F2:FF:97:7E:0B:49
            X509v3 Authority Key Identifier:
                keyid:30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:e1:dd:fc:78:12:3c:cb:4d:35:dc:39:5d:94:07:7d:74:eb:
         0a:c7:df:82:ec:da:1b:66:1a:0a:15:ad:d2:6e:75:46:1f:49:
         62:c5:13:3a:a8:30:66:cd:4a:8d:13:fe:1e:e4:73:43:bf:72:
         1f:6d:09:d7:0e:60:e4:9c:e6:f2:fa:9f:90:e6:ec:46:ad:83:
         a3:48:eb:6f:f9:a4:f5:26:1b:91:90:b1:ef:17:cd:1c:46:40:
         97:46:2c:e4:2e:dd:50:53:4a:2b:5b:74:41:1b:72:3c:80:8d:
         19:59:7c:50:0b:d2:b2:a2:70:14:2c:8c:3f:8e:3d:fe:4f:fc:
         9b:58:de:3a:c5:ab:0f:fc:62:26:03:86:92:68:4b:26:52:a1:
         d1:68:a3:9a:b0:69:8c:96:5b:4c:8e:46:cd:3d:34:20:a5:fa:
         a1:1d:07:ec:bc:dc:c3:28:8a:ac:cc:31:00:d3:e5:12:81:89:
         11:fc:d4:18:2c:87:90:ef:bd:29:24:5d:6a:43:68:5a:27:28:
         77:bf:47:9b:bd:3f:e9:a7:bc:49:fe:51:91:f7:08:d0:6b:6a:
         44:62:5e:02:64:e7:e3:ec:72:cb:46:6a:d8:c6:31:b7:21:44:
         6e:37:ca:b6:52:b1:37:eb:e2:8d:26:0a:5e:b7:dd:97:f8:b9:
         e1:f9:3b:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkh5+Cz5wIaXkZjuS9ID0l/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZmQ5NWNlODBlYWNlNzM0ZTM0MGRkZDcyMzExMGZhNTI1
MmZhMzQwHhcNMjUwOTA3MDIwMTA4WhcNMjUwOTA4MDIwMTA4WjAzMTEwLwYDVQQD
Eyg5ZTZiNDU1ZGRjYjkxNTMyNmY1ZWJlYTQ1ZWM5ZjJmZjk3N2UwYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQbjNmi3bU6mxhN9baOAa7CeU4TA
15QyDCFSqWImZsNa8Pamodn1UbR8r/vXGblorBz+oPLlKCDO/MKZskG4qdRIrCV3
xogiqub9x0kcsfgphLWJ0tXbGxFs1SvBsQ5x9mc1/aIuisz+1F5RvYnFZWFcikTO
141uuqHMw2qbkWfGVedbRlr9KiBqIgDt7J31uhtv36uy+AgRdiqwHTzinXZTM4X9
jRd0lOtlaf6crLE3vMCI+Y71/mSN4JmqR38seVDYUGesJXj3+zAHe+xJQfjGOdOk
VVLNEpO/3+KhVyPvUXHTjGmTtyZRkNg9pPtrnFbBWwod4j0nypxSy91RzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ5rRV3cuRUyb16+pF7J8v+XfgtJMB8GA1UdIwQY
MBaAFDD9lc6A6s5zTjQN3XIxEPpSUvo0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAt
YzdkM2U5NmZkMzViLzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAtYzdkM2U5NmZkMzVi
LzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp+Hd/HgS
PMtNNdw5XZQHfXTrCsffguzaG2YaChWt0m51Rh9JYsUTOqgwZs1KjRP+HuRzQ79y
H20J1w5g5Jzm8vqfkObsRq2Do0jrb/mk9SYbkZCx7xfNHEZAl0Ys5C7dUFNKK1t0
QRtyPICNGVl8UAvSsqJwFCyMP449/k/8m1jeOsWrD/xiJgOGkmhLJlKh0WijmrBp
jJZbTI5GzT00IKX6oR0H7LzcwyiKrMwxANPlEoGJEfzUGCyHkO+9KSRdakNoWico
d79Hm70/6ae8Sf5RkfcI0GtqRGJeAmTn4+xyy0Zq2MYxtyFEbjfKtlKxN+vijSYK
Xrfdl/i54fk7Tg==
-----END CERTIFICATE-----