Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.mft
File:                     veWU40bxTQmDwaa_S7XHFP-bhEI.mft (raw, json)
Hash identifier:          uXrchp1lxSvx17S9VELSrd6ZCLY0s0GM1HXjVXhpDXM=
Subject key identifier:   46:11:4D:A9:D1:25:19:8F:12:B8:2F:00:1B:4F:99:54:5E:BE:19:4B
Authority key identifier: BD:E5:94:E3:46:F1:4D:09:83:C1:A6:BF:4B:B5:C7:14:FF:9B:84:42
Certificate issuer:       /CN=bde594e346f14d0983c1a6bf4bb5c714ff9b8442
Certificate serial:       0199221E254886E53E1E213A0E8D40E7DF5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/veWU40bxTQmDwaa_S7XHFP-bhEI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 03:00:24 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:24 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:24 +0000
Files and hashes:         1: veWU40bxTQmDwaa_S7XHFP-bhEI.crl (hash: U++Zegxw2MBEfjClypjKe8Jvt5B92iA9kgPhmJDJLF0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/veWU40bxTQmDwaa_S7XHFP-bhEI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:25:48:86:e5:3e:1e:21:3a:0e:8d:40:e7:df:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bde594e346f14d0983c1a6bf4bb5c714ff9b8442
        Validity
            Not Before: Sep  7 03:00:24 2025 GMT
            Not After : Sep  8 03:00:24 2025 GMT
        Subject: CN=46114da9d125198f12b82f001b4f99545ebe194b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:50:62:d7:e4:ee:e1:e5:d3:de:95:e3:7f:a8:
                    d4:a6:24:2f:f6:81:db:f3:2d:ec:77:fe:03:e8:8d:
                    ee:9c:56:ac:87:0a:f8:df:62:b6:8d:d0:80:a5:7c:
                    3c:d0:19:6b:8a:e7:b0:35:fe:48:aa:da:a0:36:fa:
                    ee:4f:ea:b5:28:db:cd:10:15:d1:3d:1c:62:a6:5a:
                    61:bd:dc:66:bd:52:ec:4a:36:3a:31:73:73:d4:7f:
                    eb:b2:25:f3:96:ac:d3:29:17:14:de:2e:54:8f:9f:
                    6b:66:05:3f:a6:06:9a:77:16:09:d0:39:b7:8b:d2:
                    c9:cb:0e:7f:42:9a:f9:b3:2c:f4:02:9d:1e:ae:17:
                    33:92:cb:31:a4:62:6a:d7:a2:c9:a8:0a:16:7e:30:
                    86:97:c6:e8:19:05:e1:cb:37:93:bf:8b:de:8e:a4:
                    04:66:09:b4:72:67:f1:1c:ca:3b:6a:c6:8a:db:f3:
                    94:49:76:5e:42:35:b1:d0:c4:d3:38:9d:db:c0:28:
                    9d:ee:22:41:a6:6d:c9:1d:de:bf:fa:f5:48:c6:82:
                    49:73:6b:78:ff:45:f8:72:01:3e:6e:af:b4:99:e1:
                    17:d5:19:e4:64:36:c9:90:b8:e8:a4:be:fc:3b:38:
                    d4:13:42:fa:3e:cd:40:c9:1c:cf:95:f0:3b:44:88:
                    dc:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:11:4D:A9:D1:25:19:8F:12:B8:2F:00:1B:4F:99:54:5E:BE:19:4B
            X509v3 Authority Key Identifier:
                keyid:BD:E5:94:E3:46:F1:4D:09:83:C1:A6:BF:4B:B5:C7:14:FF:9B:84:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veWU40bxTQmDwaa_S7XHFP-bhEI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:60:f0:4d:ff:dd:ac:c6:59:49:a1:66:5e:c9:8b:34:e6:68:
         c1:e4:b9:e4:b1:43:73:e5:08:80:b5:0b:95:9b:0d:0b:a0:a4:
         0b:05:7c:fd:4e:e3:44:22:4d:5e:5c:cc:00:f7:be:b8:d4:35:
         e5:38:11:5f:6e:4c:a3:e1:e9:8d:36:d3:bf:eb:ad:3f:6c:62:
         d0:f2:e6:3d:bf:38:68:44:8f:26:e0:98:e7:42:18:8d:f9:24:
         1b:17:04:39:a3:10:5e:48:c8:34:9d:0d:d0:eb:f3:24:08:ce:
         a4:23:27:81:52:2a:b5:9d:5d:7e:c9:42:ad:a1:b0:59:a0:8e:
         21:75:bb:da:13:be:9c:58:84:3d:88:b8:74:36:6a:f7:26:56:
         89:4d:62:30:d5:39:02:96:fb:8d:00:e3:22:d4:2a:02:15:0f:
         b0:7e:54:d6:e0:cb:fa:00:2f:4e:f7:7c:23:ad:34:f6:ef:2b:
         59:39:e1:89:cc:af:3e:1c:61:e9:2e:bc:3c:76:0e:7e:e4:e8:
         df:8e:ee:37:6b:88:d9:5e:ca:8e:cb:80:b4:ce:be:6c:8f:74:
         e0:1b:bb:df:d5:d1:2e:93:2a:30:14:32:04:5a:fa:71:df:2e:
         15:c7:a4:2d:04:ec:6a:8e:4c:21:b6:6e:3d:b4:f5:ad:1a:f3:
         80:d3:f5:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHiVIhuU+HiE6Do1A599dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTU5NGUzNDZmMTRkMDk4M2MxYTZiZjRiYjVjNzE0ZmY5
Yjg0NDIwHhcNMjUwOTA3MDMwMDI0WhcNMjUwOTA4MDMwMDI0WjAzMTEwLwYDVQQD
Eyg0NjExNGRhOWQxMjUxOThmMTJiODJmMDAxYjRmOTk1NDVlYmUxOTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFBi1+Tu4eXT3pXjf6jUpiQv9oHb
8y3sd/4D6I3unFashwr432K2jdCApXw80BlriuewNf5IqtqgNvruT+q1KNvNEBXR
PRxiplphvdxmvVLsSjY6MXNz1H/rsiXzlqzTKRcU3i5Uj59rZgU/pgaadxYJ0Dm3
i9LJyw5/Qpr5syz0Ap0erhczkssxpGJq16LJqAoWfjCGl8boGQXhyzeTv4vejqQE
Zgm0cmfxHMo7asaK2/OUSXZeQjWx0MTTOJ3bwCid7iJBpm3JHd6/+vVIxoJJc2t4
/0X4cgE+bq+0meEX1RnkZDbJkLjopL78OzjUE0L6Ps1AyRzPlfA7RIjcmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEYRTanRJRmPErgvABtPmVRevhlLMB8GA1UdIwQY
MBaAFL3llONG8U0Jg8Gmv0u1xxT/m4RCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVXVTQwYnhUUW1Ed2FhX1M3WEhGUC1iaEVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lYmIzOWUtYmU2Yi00MjhkLWI1MGUt
YzdhMzY2YjkxZjQzLzEvdmVXVTQwYnhUUW1Ed2FhX1M3WEhGUC1iaEVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lYmIzOWUtYmU2Yi00MjhkLWI1MGUtYzdhMzY2YjkxZjQz
LzEvdmVXVTQwYnhUUW1Ed2FhX1M3WEhGUC1iaEVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh2DwTf/d
rMZZSaFmXsmLNOZoweS55LFDc+UIgLULlZsNC6CkCwV8/U7jRCJNXlzMAPe+uNQ1
5TgRX25Mo+HpjTbTv+utP2xi0PLmPb84aESPJuCY50IYjfkkGxcEOaMQXkjINJ0N
0OvzJAjOpCMngVIqtZ1dfslCraGwWaCOIXW72hO+nFiEPYi4dDZq9yZWiU1iMNU5
Apb7jQDjItQqAhUPsH5U1uDL+gAvTvd8I6009u8rWTnhicyvPhxh6S68PHYOfuTo
347uN2uI2V7KjsuAtM6+bI904Bu739XRLpMqMBQyBFr6cd8uFcekLQTsao5MIbZu
PbT1rRrzgNP1Tg==
-----END CERTIFICATE-----