Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
File:                     zTf5VqTOlOsexk52R7Q828uPxEk.mft (raw, json)
Hash identifier:          Vh2cONzCtz/X+GpRHmpuZkJDOJtLCuV/fvuXwoa2msw=
Subject key identifier:   EE:D0:32:6F:94:85:88:EC:0E:2C:5F:C8:F5:C1:EB:4D:BA:BC:6D:60
Authority key identifier: CD:37:F9:56:A4:CE:94:EB:1E:C6:4E:76:47:B4:3C:DB:CB:8F:C4:49
Certificate issuer:       /CN=cd37f956a4ce94eb1ec64e7647b43cdbcb8fc449
Certificate serial:       0199221F2B97FAD4B115D3695723B3031381
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
Manifest number:          162A
Signing time:             Sun 07 Sep 2025 03:01:32 +0000
Manifest this update:     Sun 07 Sep 2025 03:01:32 +0000
Manifest next update:     Mon 08 Sep 2025 03:01:32 +0000
Files and hashes:         1: zTf5VqTOlOsexk52R7Q828uPxEk.crl (hash: B4V1t8Fc4G27u+1NGKfzQUkHyiIURtonzkSBaNkY5qc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1f:2b:97:fa:d4:b1:15:d3:69:57:23:b3:03:13:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd37f956a4ce94eb1ec64e7647b43cdbcb8fc449
        Validity
            Not Before: Sep  7 03:01:32 2025 GMT
            Not After : Sep  8 03:01:32 2025 GMT
        Subject: CN=eed0326f948588ec0e2c5fc8f5c1eb4dbabc6d60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:c0:44:0b:0f:e8:f5:df:b8:e8:fb:5e:1e:0f:
                    e8:48:ad:8d:33:e7:6f:a9:c9:f3:20:37:4b:4d:c0:
                    63:cb:82:0f:11:32:9c:f6:6c:42:a3:1e:7d:ea:27:
                    0a:19:27:a5:59:e1:18:f9:ea:5b:54:2a:3f:18:a3:
                    f9:8d:db:71:b1:95:e8:84:50:0d:57:a2:3e:08:9c:
                    74:a3:7e:10:4d:bc:bc:4e:57:48:ed:31:60:a3:cd:
                    48:2a:5c:66:ef:91:e5:c4:68:e1:a5:ef:46:63:27:
                    3e:62:58:1a:25:66:7b:ed:28:36:64:f8:19:fb:e6:
                    59:f0:af:ff:db:1a:66:5b:c0:cb:cc:b9:b1:b6:30:
                    96:2a:64:07:84:b2:b6:13:11:6c:a2:a1:b3:7a:ee:
                    c4:9c:a5:4e:bf:77:d3:51:7c:58:44:6e:ab:2e:e6:
                    88:d6:e8:c5:12:1d:72:05:66:ff:2d:e2:f2:d2:96:
                    93:a4:80:5b:4c:d4:66:75:96:d7:5b:32:c0:1d:4b:
                    8c:4e:10:52:06:0a:43:32:0c:ba:68:a8:44:6b:23:
                    a3:9b:96:69:05:6d:3d:1e:03:b3:e1:2c:83:f8:1a:
                    3d:a6:28:91:41:e3:27:ad:01:b5:11:4e:bd:dc:71:
                    52:3b:3a:aa:2b:fb:94:ad:2c:72:45:3a:ac:6c:a0:
                    30:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:D0:32:6F:94:85:88:EC:0E:2C:5F:C8:F5:C1:EB:4D:BA:BC:6D:60
            X509v3 Authority Key Identifier:
                keyid:CD:37:F9:56:A4:CE:94:EB:1E:C6:4E:76:47:B4:3C:DB:CB:8F:C4:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:0a:c4:8e:0a:0a:d8:fc:21:78:c3:57:bf:01:ec:c8:8b:9a:
         32:20:e0:16:59:98:2c:d2:1c:b7:70:09:fe:99:eb:33:0a:56:
         fc:c5:5b:20:09:40:aa:a0:24:10:5d:c7:d3:82:93:d4:ab:03:
         2b:a6:d9:d4:7c:8a:1f:29:36:9a:15:2b:42:b0:9a:f6:d5:0e:
         33:92:b7:50:d9:92:a0:53:ba:5f:92:41:7d:c1:58:32:7a:73:
         52:e9:5e:c9:eb:73:dc:1b:9d:7e:15:1b:9a:3e:08:ff:5b:66:
         a4:a6:a8:f3:33:c8:86:b4:20:56:bd:8b:a8:f8:4b:4b:3d:8c:
         0c:0e:6a:0c:d8:4a:6c:dc:3c:04:31:de:f5:6f:fc:87:ee:7a:
         69:13:5b:d5:37:cc:79:50:6e:7c:f6:39:7b:d5:4f:f3:32:30:
         4a:b0:bc:f3:15:8f:83:28:5d:1b:f5:75:c8:63:37:59:b6:f8:
         1f:c3:5a:0f:82:94:77:ff:e3:7f:44:ea:3b:6f:20:a7:b4:73:
         0d:29:11:d0:6e:a5:52:91:fa:e2:50:56:44:b3:9c:4a:ae:ba:
         46:49:2c:ac:ab:b9:af:87:ce:77:d1:ca:39:1a:52:9f:ed:15:
         1b:16:a8:d3:44:3c:96:c8:16:bc:cd:9f:27:4b:b2:9c:4b:0f:
         53:1f:6b:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHyuX+tSxFdNpVyOzAxOBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMzdmOTU2YTRjZTk0ZWIxZWM2NGU3NjQ3YjQzY2RiY2I4
ZmM0NDkwHhcNMjUwOTA3MDMwMTMyWhcNMjUwOTA4MDMwMTMyWjAzMTEwLwYDVQQD
EyhlZWQwMzI2Zjk0ODU4OGVjMGUyYzVmYzhmNWMxZWI0ZGJhYmM2ZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsBECw/o9d+46PteHg/oSK2NM+dv
qcnzIDdLTcBjy4IPETKc9mxCox596icKGSelWeEY+epbVCo/GKP5jdtxsZXohFAN
V6I+CJx0o34QTby8TldI7TFgo81IKlxm75HlxGjhpe9GYyc+YlgaJWZ77Sg2ZPgZ
++ZZ8K//2xpmW8DLzLmxtjCWKmQHhLK2ExFsoqGzeu7EnKVOv3fTUXxYRG6rLuaI
1ujFEh1yBWb/LeLy0paTpIBbTNRmdZbXWzLAHUuMThBSBgpDMgy6aKhEayOjm5Zp
BW09HgOz4SyD+Bo9piiRQeMnrQG1EU693HFSOzqqK/uUrSxyRTqsbKAwEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO7QMm+UhYjsDixfyPXB6026vG1gMB8GA1UdIwQY
MBaAFM03+VakzpTrHsZOdke0PNvLj8RJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8yOTQzYzEtMzZiNi00MzAzLWJjMjct
YmJlMTJiZDM4ZTA0LzEvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8yOTQzYzEtMzZiNi00MzAzLWJjMjctYmJlMTJiZDM4ZTA0
LzEvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYgrEjgoK
2PwheMNXvwHsyIuaMiDgFlmYLNIct3AJ/pnrMwpW/MVbIAlAqqAkEF3H04KT1KsD
K6bZ1HyKHyk2mhUrQrCa9tUOM5K3UNmSoFO6X5JBfcFYMnpzUuleyetz3BudfhUb
mj4I/1tmpKao8zPIhrQgVr2LqPhLSz2MDA5qDNhKbNw8BDHe9W/8h+56aRNb1TfM
eVBufPY5e9VP8zIwSrC88xWPgyhdG/V1yGM3Wbb4H8NaD4KUd//jf0TqO28gp7Rz
DSkR0G6lUpH64lBWRLOcSq66RkksrKu5r4fOd9HKORpSn+0VGxao00Q8lsgWvM2f
J0uynEsPUx9rMg==
-----END CERTIFICATE-----