Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.mft
File:                     wtVzsWdwcfL9bUS4QBthISBZjM8.mft (raw, json)
Hash identifier:          yZQnfyac5z3j3GRWBrClkCpoxPfAaNTZl+ZdXtNjGKU=
Subject key identifier:   CF:22:D2:22:0B:0B:6D:1D:64:F9:85:8E:D4:D6:E2:11:8A:1F:78:05
Authority key identifier: C2:D5:73:B1:67:70:71:F2:FD:6D:44:B8:40:1B:61:21:20:59:8C:CF
Certificate issuer:       /CN=c2d573b1677071f2fd6d44b8401b612120598ccf
Certificate serial:       019923A036F94E8B8FAEF5E2EE7EA89AB28D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wtVzsWdwcfL9bUS4QBthISBZjM8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 10:02:06 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:06 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:06 +0000
Files and hashes:         1: wtVzsWdwcfL9bUS4QBthISBZjM8.crl (hash: QDDGv1hfggL3dIukXYPZJUSiBKJMc9aM+adrlyUkfiE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wtVzsWdwcfL9bUS4QBthISBZjM8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:36:f9:4e:8b:8f:ae:f5:e2:ee:7e:a8:9a:b2:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2d573b1677071f2fd6d44b8401b612120598ccf
        Validity
            Not Before: Sep  7 10:02:06 2025 GMT
            Not After : Sep  8 10:02:06 2025 GMT
        Subject: CN=cf22d2220b0b6d1d64f9858ed4d6e2118a1f7805
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:33:67:11:22:83:1b:81:3b:13:5d:e4:69:30:
                    11:24:18:2e:03:a0:19:da:66:78:d0:2c:da:48:aa:
                    0c:22:89:87:62:9e:03:a4:04:1a:e9:e9:56:87:db:
                    a8:66:3d:0c:fd:90:84:7e:8d:92:58:cc:ee:8f:44:
                    7e:a5:df:cb:ed:6b:94:7b:e2:ee:93:e9:40:f9:3a:
                    7a:d8:05:a2:69:6d:20:f2:48:af:40:b8:78:94:02:
                    30:c9:80:38:ba:bb:0f:37:2e:53:fa:fa:6f:01:ba:
                    13:49:d0:64:59:a0:be:9a:94:a8:03:a5:23:a2:74:
                    ff:36:a8:3d:92:5a:95:42:9d:17:33:9f:77:31:8c:
                    8a:4a:74:ee:90:83:3a:31:c1:8c:19:72:ba:11:d9:
                    65:30:e7:6d:b6:c8:26:40:19:e7:17:25:b1:ab:d9:
                    bf:99:17:18:05:be:78:c7:92:e8:93:04:0d:65:68:
                    99:a7:58:92:fb:6f:8d:19:df:18:38:e5:c1:73:5c:
                    e5:02:c6:9d:6e:ef:9b:df:ac:7b:e6:88:58:97:54:
                    e4:6e:9a:b9:12:d3:fe:53:24:85:1b:46:fa:ba:b1:
                    66:a3:99:d7:e9:28:e0:e3:4b:8d:3d:2d:9a:e1:ad:
                    76:7f:77:25:d1:61:af:ad:e3:72:33:c8:55:0f:8d:
                    be:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:22:D2:22:0B:0B:6D:1D:64:F9:85:8E:D4:D6:E2:11:8A:1F:78:05
            X509v3 Authority Key Identifier:
                keyid:C2:D5:73:B1:67:70:71:F2:FD:6D:44:B8:40:1B:61:21:20:59:8C:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtVzsWdwcfL9bUS4QBthISBZjM8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:60:7e:a6:38:db:2e:87:fc:3c:53:91:de:e0:51:76:41:5d:
         50:c4:f4:7e:5f:a2:6e:74:94:e9:90:6b:79:2a:5c:48:81:94:
         b1:90:60:cc:27:63:c6:41:60:cb:f6:e0:f3:d9:a4:e2:b9:0a:
         00:3e:26:28:b1:4b:ba:8c:ab:74:11:0e:33:48:de:c8:20:ee:
         a3:81:5e:6b:9e:55:cf:2b:96:68:53:51:4b:ed:ea:6e:b5:ed:
         21:af:48:46:9f:c0:f6:e4:2b:5d:86:6d:da:fc:c0:f8:62:d2:
         7e:78:3f:62:ef:9e:94:d5:ed:f1:1b:90:b5:b7:c4:c0:69:f7:
         03:99:2b:70:54:db:7d:c0:31:2a:05:36:58:47:1d:78:a7:1f:
         e1:8f:cf:66:de:e8:9d:dc:58:93:f0:90:65:2d:3e:88:2a:eb:
         ff:8e:e2:ed:63:a7:a7:89:ba:34:82:a9:a0:bc:f8:4e:13:f9:
         38:cf:c0:22:8b:ae:74:aa:69:d0:f9:2f:b9:39:80:9e:82:54:
         93:e8:bd:03:3a:ba:42:ec:75:c1:b6:19:32:e4:e1:1b:76:28:
         11:d8:97:8c:cc:86:41:f1:f3:3b:ae:18:6c:f0:b3:ca:f0:e5:
         e5:46:0e:8b:bf:f7:22:ec:63:37:00:0d:41:86:e2:76:f6:0e:
         d1:0b:1f:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoDb5TouPrvXi7n6omrKNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDU3M2IxNjc3MDcxZjJmZDZkNDRiODQwMWI2MTIxMjA1
OThjY2YwHhcNMjUwOTA3MTAwMjA2WhcNMjUwOTA4MTAwMjA2WjAzMTEwLwYDVQQD
EyhjZjIyZDIyMjBiMGI2ZDFkNjRmOTg1OGVkNGQ2ZTIxMThhMWY3ODA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjNnESKDG4E7E13kaTARJBguA6AZ
2mZ40CzaSKoMIomHYp4DpAQa6elWh9uoZj0M/ZCEfo2SWMzuj0R+pd/L7WuUe+Lu
k+lA+Tp62AWiaW0g8kivQLh4lAIwyYA4ursPNy5T+vpvAboTSdBkWaC+mpSoA6Uj
onT/Nqg9klqVQp0XM593MYyKSnTukIM6McGMGXK6EdllMOdttsgmQBnnFyWxq9m/
mRcYBb54x5LokwQNZWiZp1iS+2+NGd8YOOXBc1zlAsadbu+b36x75ohYl1Tkbpq5
EtP+UySFG0b6urFmo5nX6Sjg40uNPS2a4a12f3cl0WGvreNyM8hVD42+5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM8i0iILC20dZPmFjtTW4hGKH3gFMB8GA1UdIwQY
MBaAFMLVc7FncHHy/W1EuEAbYSEgWYzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RWenNXZHdjZkw5YlVTNFFCdGhJU0Jaak04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9iNWY1OTEtZDVlYS00N2UyLTllNjkt
MDRkMTJmMmQwNzBhLzEvd3RWenNXZHdjZkw5YlVTNFFCdGhJU0Jaak04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9iNWY1OTEtZDVlYS00N2UyLTllNjktMDRkMTJmMmQwNzBh
LzEvd3RWenNXZHdjZkw5YlVTNFFCdGhJU0Jaak04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs2B+pjjb
Lof8PFOR3uBRdkFdUMT0fl+ibnSU6ZBreSpcSIGUsZBgzCdjxkFgy/bg89mk4rkK
AD4mKLFLuoyrdBEOM0jeyCDuo4Fea55VzyuWaFNRS+3qbrXtIa9IRp/A9uQrXYZt
2vzA+GLSfng/Yu+elNXt8RuQtbfEwGn3A5krcFTbfcAxKgU2WEcdeKcf4Y/PZt7o
ndxYk/CQZS0+iCrr/47i7WOnp4m6NIKpoLz4ThP5OM/AIouudKpp0PkvuTmAnoJU
k+i9Azq6Qux1wbYZMuThG3YoEdiXjMyGQfHzO64YbPCzyvDl5UYOi7/3IuxjNwAN
QYbidvYO0Qsf4A==
-----END CERTIFICATE-----