Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
File:                     I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft (raw, json)
Hash identifier:          t7wKH8xbCoCMMmJ1zkHpavv424E1HQlXcxTUiG5oPVo=
Subject key identifier:   F3:D1:ED:0B:DD:60:EE:07:8C:41:91:B3:DB:C1:3C:1D:55:D4:13:BB
Authority key identifier: 23:74:3F:E3:17:C3:24:BF:79:43:EA:73:A7:D4:B7:86:CF:DC:1E:9F
Certificate issuer:       /CN=23743fe317c324bf7943ea73a7d4b786cfdc1e9f
Certificate serial:       019923A05B8AE862AD79670D4789D18C1FE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 10:02:15 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:15 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:15 +0000
Files and hashes:         1: I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl (hash: f3lG/6yJRUh1fizXKJ+L6NuooLx6LId3UX0XhNjERS0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:5b:8a:e8:62:ad:79:67:0d:47:89:d1:8c:1f:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23743fe317c324bf7943ea73a7d4b786cfdc1e9f
        Validity
            Not Before: Sep  7 10:02:15 2025 GMT
            Not After : Sep  8 10:02:15 2025 GMT
        Subject: CN=f3d1ed0bdd60ee078c4191b3dbc13c1d55d413bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:9f:fd:e9:d3:8e:80:fb:c8:55:e2:ec:1a:75:
                    ff:41:da:cd:cc:bd:0b:92:73:da:4d:f2:da:58:b5:
                    b9:f8:e4:79:62:8d:bd:50:ca:33:e4:56:ce:d2:34:
                    a7:f5:73:a4:81:9b:68:84:57:a2:c2:1d:79:59:4d:
                    a0:b8:b1:78:85:11:1a:63:25:7e:32:17:62:d6:3e:
                    c4:a7:a8:51:10:fe:d5:f8:ca:9b:0b:bb:01:22:ef:
                    10:6c:a1:03:11:b6:6e:37:63:fc:12:8c:25:2e:1e:
                    bb:d3:72:70:e8:a0:9f:1c:c0:3c:de:40:af:78:18:
                    54:7f:09:49:6b:77:99:69:98:b2:e4:a0:db:10:3a:
                    61:1c:03:56:6e:a6:c8:88:d9:e1:12:a8:bc:ea:cc:
                    70:73:de:c1:6c:bf:f8:7d:10:80:ff:30:75:a3:d6:
                    43:08:f3:05:16:85:79:3a:db:a0:12:60:46:de:d2:
                    73:70:3e:df:9d:0a:6c:d6:7e:0a:39:7f:90:2b:d5:
                    87:70:3d:34:49:ac:36:37:6f:e8:a4:87:71:92:d6:
                    7c:75:8a:10:70:c8:b0:ad:3c:3a:71:39:41:e7:8c:
                    e9:0f:6a:5f:c3:82:4d:a4:60:d4:29:3e:55:f0:af:
                    bf:c7:aa:29:97:6b:72:ff:8e:2b:40:1f:89:a6:6c:
                    c8:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:D1:ED:0B:DD:60:EE:07:8C:41:91:B3:DB:C1:3C:1D:55:D4:13:BB
            X509v3 Authority Key Identifier:
                keyid:23:74:3F:E3:17:C3:24:BF:79:43:EA:73:A7:D4:B7:86:CF:DC:1E:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:66:9d:39:9c:51:73:9d:a3:29:c7:47:71:0f:13:a9:c5:aa:
         6b:9e:4c:5a:d1:6a:5f:d4:a1:1e:bb:bc:4c:97:d9:fd:b8:74:
         e7:94:72:a5:54:3d:56:73:45:e3:93:f4:d1:e2:1d:53:ce:6e:
         7c:e4:81:ed:66:69:d3:bf:04:64:23:7b:31:62:ce:20:35:ce:
         8e:d8:b1:fc:68:26:55:66:87:b9:a4:61:a1:45:67:e4:ec:37:
         6d:43:1a:27:e9:b5:d8:59:bd:94:e7:49:ba:70:c1:ae:3c:9c:
         aa:ff:df:37:d2:aa:c8:bd:42:bd:82:e4:b9:64:e9:45:55:95:
         ae:92:af:61:34:f6:70:ac:ff:50:62:56:77:c9:58:3f:fe:c6:
         4f:b9:3f:d0:5f:36:00:ca:34:fe:33:ea:17:22:98:08:48:17:
         0c:47:93:3b:ba:c6:b5:b5:a4:31:9a:6c:34:77:b7:9d:b8:a7:
         a3:3e:cb:a9:1a:ca:5a:f6:4c:85:e3:24:6d:b8:a3:e9:af:85:
         61:ba:b9:f2:0a:64:34:2a:a1:46:c0:1b:4a:c6:ae:5a:e2:55:
         5b:57:7b:d6:7b:40:cd:f7:36:54:ab:a5:88:4b:f0:85:79:a5:
         42:41:20:de:1d:99:83:1d:b1:1a:a7:62:38:9e:3d:d0:c4:dc:
         07:e6:88:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoFuK6GKteWcNR4nRjB/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzQzZmUzMTdjMzI0YmY3OTQzZWE3M2E3ZDRiNzg2Y2Zk
YzFlOWYwHhcNMjUwOTA3MTAwMjE1WhcNMjUwOTA4MTAwMjE1WjAzMTEwLwYDVQQD
EyhmM2QxZWQwYmRkNjBlZTA3OGM0MTkxYjNkYmMxM2MxZDU1ZDQxM2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35/96dOOgPvIVeLsGnX/QdrNzL0L
knPaTfLaWLW5+OR5Yo29UMoz5FbO0jSn9XOkgZtohFeiwh15WU2guLF4hREaYyV+
Mhdi1j7Ep6hREP7V+MqbC7sBIu8QbKEDEbZuN2P8EowlLh6703Jw6KCfHMA83kCv
eBhUfwlJa3eZaZiy5KDbEDphHANWbqbIiNnhEqi86sxwc97BbL/4fRCA/zB1o9ZD
CPMFFoV5OtugEmBG3tJzcD7fnQps1n4KOX+QK9WHcD00Saw2N2/opIdxktZ8dYoQ
cMiwrTw6cTlB54zpD2pfw4JNpGDUKT5V8K+/x6opl2ty/44rQB+JpmzILwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPPR7QvdYO4HjEGRs9vBPB1V1BO7MB8GA1UdIwQY
MBaAFCN0P+MXwyS/eUPqc6fUt4bP3B6fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zZWY4NDYtZjg0ZC00NTVmLThlZTgt
Zjk2MTNkYTA5ZWViLzEvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zZWY4NDYtZjg0ZC00NTVmLThlZTgtZjk2MTNkYTA5ZWVi
LzEvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR2adOZxR
c52jKcdHcQ8TqcWqa55MWtFqX9ShHru8TJfZ/bh055RypVQ9VnNF45P00eIdU85u
fOSB7WZp078EZCN7MWLOIDXOjtix/GgmVWaHuaRhoUVn5Ow3bUMaJ+m12Fm9lOdJ
unDBrjycqv/fN9KqyL1CvYLkuWTpRVWVrpKvYTT2cKz/UGJWd8lYP/7GT7k/0F82
AMo0/jPqFyKYCEgXDEeTO7rGtbWkMZpsNHe3nbinoz7LqRrKWvZMheMkbbij6a+F
Ybq58gpkNCqhRsAbSsauWuJVW1d71ntAzfc2VKuliEvwhXmlQkEg3h2Zgx2xGqdi
OJ490MTcB+aI8Q==
-----END CERTIFICATE-----