Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
File:                     cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft (raw, json)
Hash identifier:          fa5PDZCsPEtU4woGmDRcSjtbfvG+qoF57LPm29N1I0w=
Subject key identifier:   D5:EA:BD:22:47:86:DE:43:B1:46:18:9C:C8:FB:09:9A:15:5C:0C:71
Authority key identifier: 70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4
Certificate issuer:       /CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4
Certificate serial:       0199221F1163535AF07AFC586E951574F6DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 03:01:25 +0000
Manifest this update:     Sun 07 Sep 2025 03:01:25 +0000
Manifest next update:     Mon 08 Sep 2025 03:01:25 +0000
Files and hashes:         1: cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl (hash: EujBJoBHZWcIqLXXYmhhMFo+Y5Kcvq0uKFa1d7vGjN8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1f:11:63:53:5a:f0:7a:fc:58:6e:95:15:74:f6:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4
        Validity
            Not Before: Sep  7 03:01:25 2025 GMT
            Not After : Sep  8 03:01:25 2025 GMT
        Subject: CN=d5eabd224786de43b146189cc8fb099a155c0c71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:de:d7:6a:8f:83:21:a0:26:27:ab:7a:ac:48:
                    24:ba:b2:de:ba:31:38:b8:33:70:65:c7:85:33:86:
                    ff:87:8d:73:6b:f7:1b:aa:7e:5d:2c:1d:57:75:3f:
                    83:d2:6a:f7:55:8f:ae:5a:7b:1d:ba:04:ce:e3:48:
                    58:ce:68:17:15:ce:34:b8:6f:d9:4c:cd:16:cc:b0:
                    f9:99:bb:09:ab:49:58:60:68:b1:5c:11:8f:1e:fd:
                    5b:f6:ec:cf:99:b0:df:94:fb:35:f2:76:8f:d9:43:
                    4b:37:94:38:2e:af:59:52:09:c3:52:4d:8e:ad:7e:
                    56:20:ad:d8:6c:61:ca:f7:53:00:7b:4f:b4:7a:7c:
                    cf:3a:e1:58:0a:7a:12:3e:9d:ba:27:20:68:d5:9a:
                    be:08:28:3b:13:95:c0:6d:01:eb:9d:7a:df:c2:7c:
                    3f:e8:58:3d:67:fc:f4:01:b7:5f:92:3e:74:95:a2:
                    09:dc:44:8d:8a:07:20:39:47:fb:d9:6f:d6:1b:c1:
                    ee:51:1a:45:09:9b:5c:41:d1:a4:03:b1:88:d8:dc:
                    d8:46:e3:9a:8b:84:8d:cf:fc:2e:04:3b:ae:3d:95:
                    e5:28:88:67:22:d3:bb:1b:c1:b5:ce:3b:c2:31:42:
                    23:c6:2f:a2:42:81:8a:d5:97:13:ed:b7:2e:f7:ef:
                    0e:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:EA:BD:22:47:86:DE:43:B1:46:18:9C:C8:FB:09:9A:15:5C:0C:71
            X509v3 Authority Key Identifier:
                keyid:70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:a4:7e:15:8b:49:5a:e0:5a:e0:54:5e:52:7c:0d:86:66:66:
         12:b8:f5:7b:74:a7:35:38:e2:94:3b:d5:1b:ec:3d:03:44:98:
         6c:a3:e8:7c:51:4c:3b:34:d7:a2:77:98:00:4a:be:5b:ae:24:
         56:25:b5:e3:ee:e2:21:6b:6c:94:d4:3a:c3:42:ef:93:a3:97:
         23:2a:61:95:74:20:79:65:50:2f:3c:1f:d7:6a:dc:90:fd:48:
         7f:41:cd:b7:fe:94:f8:8d:6d:29:2f:b6:14:c9:85:6b:ec:84:
         67:dc:a5:ec:3b:76:64:4e:43:88:ba:71:ef:35:c3:8d:6f:5a:
         f2:e0:6e:8c:ee:81:e1:d6:0f:67:3c:ad:3c:7d:e5:ae:e1:0d:
         d6:91:25:7d:18:15:7d:27:4c:6e:95:ce:a5:c4:b9:cd:c9:61:
         38:15:19:95:d1:76:cb:65:a2:06:64:07:68:79:54:dd:28:60:
         55:e6:66:89:42:c3:f7:de:9f:c1:bb:54:4c:c2:bd:1e:d0:25:
         53:b7:fd:0a:bc:c1:0b:78:1c:83:c1:9c:f0:49:0e:5c:85:48:
         30:ce:48:69:1a:66:eb:67:c7:a7:43:b9:ad:50:a7:6b:c7:95:
         15:5f:9f:6e:63:6e:94:54:c1:3b:a7:ea:c4:7e:4c:14:b7:00:
         4a:3f:ea:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHxFjU1rwevxYbpUVdPbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYjQxM2ZhNzgyYTMwNDI4MzBkYTIzYWEzZjM1OTRhN2Q1
ZWEyZjQwHhcNMjUwOTA3MDMwMTI1WhcNMjUwOTA4MDMwMTI1WjAzMTEwLwYDVQQD
EyhkNWVhYmQyMjQ3ODZkZTQzYjE0NjE4OWNjOGZiMDk5YTE1NWMwYzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt97Xao+DIaAmJ6t6rEgkurLeujE4
uDNwZceFM4b/h41za/cbqn5dLB1XdT+D0mr3VY+uWnsdugTO40hYzmgXFc40uG/Z
TM0WzLD5mbsJq0lYYGixXBGPHv1b9uzPmbDflPs18naP2UNLN5Q4Lq9ZUgnDUk2O
rX5WIK3YbGHK91MAe0+0enzPOuFYCnoSPp26JyBo1Zq+CCg7E5XAbQHrnXrfwnw/
6Fg9Z/z0Abdfkj50laIJ3ESNigcgOUf72W/WG8HuURpFCZtcQdGkA7GI2NzYRuOa
i4SNz/wuBDuuPZXlKIhnItO7G8G1zjvCMUIjxi+iQoGK1ZcT7bcu9+8O1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNXqvSJHht5DsUYYnMj7CZoVXAxxMB8GA1UdIwQY
MBaAFHC0E/p4KjBCgw2iOqPzWUp9XqL0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2Et
YTMxMzdiYzgzZDBhLzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2EtYTMxMzdiYzgzZDBh
LzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATaR+FYtJ
WuBa4FReUnwNhmZmErj1e3SnNTjilDvVG+w9A0SYbKPofFFMOzTXoneYAEq+W64k
ViW14+7iIWtslNQ6w0Lvk6OXIyphlXQgeWVQLzwf12rckP1If0HNt/6U+I1tKS+2
FMmFa+yEZ9yl7Dt2ZE5DiLpx7zXDjW9a8uBujO6B4dYPZzytPH3lruEN1pElfRgV
fSdMbpXOpcS5zclhOBUZldF2y2WiBmQHaHlU3ShgVeZmiULD996fwbtUTMK9HtAl
U7f9CrzBC3gcg8Gc8EkOXIVIMM5IaRpm62fHp0O5rVCna8eVFV+fbmNulFTBO6fq
xH5MFLcASj/qQg==
-----END CERTIFICATE-----