Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/1dc97c-ee67-4c2b-80ba-29089da40c99/1/vVhFViKSj0TenBVdcGjh0RtEVPE.mft
File:                     vVhFViKSj0TenBVdcGjh0RtEVPE.mft (raw, json)
Hash identifier:          zGxDTYatu92eW7gnQKUzAfPwznyBSjklwPIDgGQAx/s=
Subject key identifier:   B7:57:05:DD:0D:6B:3B:B3:95:C1:B4:07:BD:70:D1:FF:41:7F:3B:94
Authority key identifier: BD:58:45:56:22:92:8F:44:DE:9C:15:5D:70:68:E1:D1:1B:44:54:F1
Certificate issuer:       /CN=bd58455622928f44de9c155d7068e1d11b4454f1
Certificate serial:       019921B1F1A326DD5046CBDAD41EF8731DBC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vVhFViKSj0TenBVdcGjh0RtEVPE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/1dc97c-ee67-4c2b-80ba-29089da40c99/1/vVhFViKSj0TenBVdcGjh0RtEVPE.mft
Manifest number:          166D
Signing time:             Sun 07 Sep 2025 01:02:13 +0000
Manifest this update:     Sun 07 Sep 2025 01:02:13 +0000
Manifest next update:     Mon 08 Sep 2025 01:02:13 +0000
Files and hashes:         1: vVhFViKSj0TenBVdcGjh0RtEVPE.crl (hash: 4BPSAeCMt3sqdirQu58+0PN3NtACCbPFyg7D8BBXCqs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/1dc97c-ee67-4c2b-80ba-29089da40c99/1/vVhFViKSj0TenBVdcGjh0RtEVPE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/1dc97c-ee67-4c2b-80ba-29089da40c99/1/vVhFViKSj0TenBVdcGjh0RtEVPE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vVhFViKSj0TenBVdcGjh0RtEVPE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:02:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:f1:a3:26:dd:50:46:cb:da:d4:1e:f8:73:1d:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bd58455622928f44de9c155d7068e1d11b4454f1
        Validity
            Not Before: Sep  7 01:02:13 2025 GMT
            Not After : Sep  8 01:02:13 2025 GMT
        Subject: CN=b75705dd0d6b3bb395c1b407bd70d1ff417f3b94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:af:f2:91:d3:7f:aa:31:a9:2e:46:06:6b:71:
                    be:d6:0c:89:8b:ab:cb:3b:25:68:83:41:35:4b:86:
                    a5:ab:57:f0:e3:d1:c2:16:df:33:ad:6b:89:f2:5a:
                    b7:dd:fe:bd:8a:45:e2:73:6b:18:3e:84:05:80:aa:
                    8b:fe:9a:e6:72:e4:c8:30:61:57:ca:93:9a:13:be:
                    ab:13:ea:ed:e5:02:7d:9e:87:57:20:37:91:68:fe:
                    c0:b7:e2:ef:af:14:21:70:be:db:c8:e5:8f:24:82:
                    c9:4b:9f:ad:7d:c7:fe:2b:28:69:86:61:d1:9f:57:
                    4a:ea:f0:ec:b0:5c:28:96:bd:db:53:fc:8e:55:2a:
                    fc:27:1c:44:f1:05:89:5e:a2:19:24:06:e7:33:50:
                    e7:06:9a:61:34:79:33:ea:b4:d0:35:27:c6:47:5d:
                    88:e3:86:88:82:e5:97:60:e9:17:58:93:12:34:f6:
                    d2:3c:34:a8:c5:8a:c4:69:5c:a5:c3:a5:c6:d2:37:
                    f9:a8:2f:33:38:54:db:89:a9:b0:06:b2:17:f3:2f:
                    ce:ee:61:0a:b1:34:fb:b3:ad:13:42:6c:ed:9d:e3:
                    40:f0:d9:0e:d5:45:58:7f:c2:02:7e:cd:e9:89:30:
                    56:07:31:6b:fa:4d:cc:0f:32:5d:42:58:03:5d:4b:
                    be:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:57:05:DD:0D:6B:3B:B3:95:C1:B4:07:BD:70:D1:FF:41:7F:3B:94
            X509v3 Authority Key Identifier:
                keyid:BD:58:45:56:22:92:8F:44:DE:9C:15:5D:70:68:E1:D1:1B:44:54:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vVhFViKSj0TenBVdcGjh0RtEVPE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/1dc97c-ee67-4c2b-80ba-29089da40c99/1/vVhFViKSj0TenBVdcGjh0RtEVPE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/1dc97c-ee67-4c2b-80ba-29089da40c99/1/vVhFViKSj0TenBVdcGjh0RtEVPE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:51:f2:16:48:ee:44:bb:1a:63:fc:41:83:ff:1c:9f:c6:69:
         2c:bb:c6:a2:69:cf:6b:76:ef:f5:fd:8d:da:c6:62:99:ea:b8:
         d7:92:61:55:5c:f1:d1:2e:c0:15:b8:d5:93:2f:00:fe:8d:95:
         b7:a6:b0:18:0d:88:ff:d0:4f:15:c1:94:4c:ea:26:98:97:00:
         48:67:e2:af:10:f6:91:87:35:e5:a8:11:7c:89:72:3a:5a:25:
         4e:d5:d0:33:08:10:be:2c:61:c9:25:78:54:09:63:05:93:ad:
         35:9b:49:b9:26:88:27:b4:eb:e9:bd:10:f9:5c:96:7c:8a:45:
         75:20:d8:91:d7:c6:da:e9:7b:b9:70:ee:fb:b0:47:a0:f8:22:
         b9:8e:d5:22:a9:dc:02:7f:a5:f0:9f:21:28:2a:10:7d:90:12:
         76:7d:8a:6f:21:01:70:bb:90:12:a7:b6:ed:64:b3:2f:b6:39:
         e0:1f:fa:77:2a:7d:94:f8:84:e8:51:79:31:66:bd:a8:18:8e:
         2e:0e:5a:6e:5c:e0:d0:de:8f:a1:f6:54:76:be:8a:85:32:16:
         c9:d9:46:8a:db:32:ab:38:25:d6:69:12:6c:b5:f6:dc:ce:32:
         31:c7:0d:b4:55:bc:05:76:1d:dc:f6:4a:df:99:f5:0a:43:61:
         0b:5d:47:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsfGjJt1QRsva1B74cx28MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNTg0NTU2MjI5MjhmNDRkZTljMTU1ZDcwNjhlMWQxMWI0
NDU0ZjEwHhcNMjUwOTA3MDEwMjEzWhcNMjUwOTA4MDEwMjEzWjAzMTEwLwYDVQQD
EyhiNzU3MDVkZDBkNmIzYmIzOTVjMWI0MDdiZDcwZDFmZjQxN2YzYjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoa/ykdN/qjGpLkYGa3G+1gyJi6vL
OyVog0E1S4alq1fw49HCFt8zrWuJ8lq33f69ikXic2sYPoQFgKqL/prmcuTIMGFX
ypOaE76rE+rt5QJ9nodXIDeRaP7At+LvrxQhcL7byOWPJILJS5+tfcf+KyhphmHR
n1dK6vDssFwolr3bU/yOVSr8JxxE8QWJXqIZJAbnM1DnBpphNHkz6rTQNSfGR12I
44aIguWXYOkXWJMSNPbSPDSoxYrEaVylw6XG0jf5qC8zOFTbiamwBrIX8y/O7mEK
sTT7s60TQmztneNA8NkO1UVYf8ICfs3piTBWBzFr+k3MDzJdQlgDXUu+jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLdXBd0NazuzlcG0B71w0f9BfzuUMB8GA1UdIwQY
MBaAFL1YRVYiko9E3pwVXXBo4dEbRFTxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlZoRlZpS1NqMFRlbkJWZGNHamgwUnRFVlBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8xZGM5N2MtZWU2Ny00YzJiLTgwYmEt
MjkwODlkYTQwYzk5LzEvdlZoRlZpS1NqMFRlbkJWZGNHamgwUnRFVlBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8xZGM5N2MtZWU2Ny00YzJiLTgwYmEtMjkwODlkYTQwYzk5
LzEvdlZoRlZpS1NqMFRlbkJWZGNHamgwUnRFVlBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW1HyFkju
RLsaY/xBg/8cn8ZpLLvGomnPa3bv9f2N2sZimeq415JhVVzx0S7AFbjVky8A/o2V
t6awGA2I/9BPFcGUTOommJcASGfirxD2kYc15agRfIlyOlolTtXQMwgQvixhySV4
VAljBZOtNZtJuSaIJ7Tr6b0Q+VyWfIpFdSDYkdfG2ul7uXDu+7BHoPgiuY7VIqnc
An+l8J8hKCoQfZASdn2KbyEBcLuQEqe27WSzL7Y54B/6dyp9lPiE6FF5MWa9qBiO
Lg5ablzg0N6PofZUdr6KhTIWydlGitsyqzgl1mkSbLX23M4yMccNtFW8BXYd3PZK
35n1CkNhC11HJQ==
-----END CERTIFICATE-----