Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft
File:                     yKQR5q7CPK13xDcrTXsLH8gtXcA.mft (raw, json)
Hash identifier:          EkywzX84663Q+LtNaTC+Ss3UMfjUj9jUlHTGwua9RU0=
Subject key identifier:   FB:00:15:EF:54:DE:21:6A:7C:8C:97:07:46:E8:65:A4:3A:E0:8F:8D
Authority key identifier: C8:A4:11:E6:AE:C2:3C:AD:77:C4:37:2B:4D:7B:0B:1F:C8:2D:5D:C0
Certificate issuer:       /CN=c8a411e6aec23cad77c4372b4d7b0b1fc82d5dc0
Certificate serial:       019922559F1ED6C28D14F72A211B23D2DCE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft
Manifest number:          166F
Signing time:             Sun 07 Sep 2025 04:01:00 +0000
Manifest this update:     Sun 07 Sep 2025 04:01:00 +0000
Manifest next update:     Mon 08 Sep 2025 04:01:00 +0000
Files and hashes:         1: yKQR5q7CPK13xDcrTXsLH8gtXcA.crl (hash: fB2mzJ3Y7LJuY2qiKxNPse0UhKlG3C8gztLczO3jZP4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:9f:1e:d6:c2:8d:14:f7:2a:21:1b:23:d2:dc:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8a411e6aec23cad77c4372b4d7b0b1fc82d5dc0
        Validity
            Not Before: Sep  7 04:01:00 2025 GMT
            Not After : Sep  8 04:01:00 2025 GMT
        Subject: CN=fb0015ef54de216a7c8c970746e865a43ae08f8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:4e:d7:3a:7c:fb:35:91:5f:df:32:91:e1:f6:
                    e7:95:ba:fa:57:de:f0:3c:57:27:8e:21:97:9a:13:
                    7e:78:cd:15:f3:3e:d7:dd:d6:68:f7:06:44:38:fb:
                    90:ce:5a:08:ae:a6:a1:af:07:46:3f:ca:75:cb:a3:
                    84:e6:8f:3f:6e:c7:88:56:e6:07:0c:79:a5:0f:de:
                    b7:9e:ec:70:52:5c:88:11:67:58:03:27:e4:ed:b0:
                    d1:30:c6:5d:52:96:4c:ce:c4:e4:95:c7:99:d9:7f:
                    54:bb:79:a5:bc:5d:db:62:6a:af:a2:7b:5f:cb:71:
                    1b:16:42:85:5e:a5:57:0b:5e:e5:ce:1a:c7:3d:a2:
                    b8:02:2f:d5:55:1f:88:8d:3d:61:fa:69:e9:a5:be:
                    fe:f4:10:d6:e9:6e:50:de:fd:3d:bf:7d:dc:b3:b9:
                    4f:5e:d5:17:5c:86:94:94:1c:14:94:5b:59:90:c6:
                    6b:17:0b:aa:43:eb:bd:fe:e0:5b:80:b4:d7:60:b3:
                    07:eb:32:b7:22:71:42:cb:ea:07:4a:59:14:ff:32:
                    11:aa:38:25:90:22:41:d5:66:e5:e3:e0:f9:6d:c1:
                    e7:c5:2c:16:3e:ee:17:19:7c:13:82:72:a0:8a:96:
                    db:a6:4f:cc:23:ab:33:e3:42:83:13:ac:73:e3:b0:
                    a9:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:00:15:EF:54:DE:21:6A:7C:8C:97:07:46:E8:65:A4:3A:E0:8F:8D
            X509v3 Authority Key Identifier:
                keyid:C8:A4:11:E6:AE:C2:3C:AD:77:C4:37:2B:4D:7B:0B:1F:C8:2D:5D:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:6f:18:5a:49:a2:34:ef:3f:f6:e9:2d:8a:a1:46:93:99:6d:
         36:d1:ca:79:cd:a6:ba:8f:a8:4e:00:e9:f8:fb:0b:51:ec:b9:
         2b:df:e9:e4:80:af:53:e9:7a:9b:b3:c8:3e:e4:0d:d5:7e:1d:
         16:84:67:6d:67:c8:1a:51:c1:67:8a:64:bb:ee:2a:3f:2d:27:
         27:0e:2d:ed:0e:d8:33:f9:79:d7:8c:ac:a8:d1:63:71:83:a7:
         36:76:da:21:24:a1:f0:a0:59:51:54:d5:ee:4a:f6:9e:54:d9:
         0c:cb:db:62:92:84:1a:6d:8b:25:ef:24:f0:d1:89:2c:a7:3e:
         53:20:48:ca:63:54:38:65:5a:c7:d5:e3:03:f0:39:68:dc:25:
         8b:76:fd:79:71:54:ac:e5:ed:3b:d0:8a:34:c5:f8:f4:da:1b:
         01:d3:17:b0:06:1d:f2:2a:38:10:42:7b:75:64:6f:e0:b2:c7:
         c5:9b:d4:2d:94:8b:f1:c3:06:c7:61:fa:bb:bc:cd:f8:4d:87:
         98:60:58:06:d5:71:6e:b8:7f:8e:95:4c:d9:3c:b4:9a:91:98:
         1a:c6:ef:e2:e6:7d:d6:97:b6:c5:9a:4b:73:4e:63:ab:37:47:
         cd:c6:90:00:0f:7a:d6:2f:08:cd:48:d3:ee:e4:f5:98:b3:f8:
         b5:5b:26:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVZ8e1sKNFPcqIRsj0tzgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YTQxMWU2YWVjMjNjYWQ3N2M0MzcyYjRkN2IwYjFmYzgy
ZDVkYzAwHhcNMjUwOTA3MDQwMTAwWhcNMjUwOTA4MDQwMTAwWjAzMTEwLwYDVQQD
EyhmYjAwMTVlZjU0ZGUyMTZhN2M4Yzk3MDc0NmU4NjVhNDNhZTA4ZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsE7XOnz7NZFf3zKR4fbnlbr6V97w
PFcnjiGXmhN+eM0V8z7X3dZo9wZEOPuQzloIrqahrwdGP8p1y6OE5o8/bseIVuYH
DHmlD963nuxwUlyIEWdYAyfk7bDRMMZdUpZMzsTklceZ2X9Uu3mlvF3bYmqvontf
y3EbFkKFXqVXC17lzhrHPaK4Ai/VVR+IjT1h+mnppb7+9BDW6W5Q3v09v33cs7lP
XtUXXIaUlBwUlFtZkMZrFwuqQ+u9/uBbgLTXYLMH6zK3InFCy+oHSlkU/zIRqjgl
kCJB1Wbl4+D5bcHnxSwWPu4XGXwTgnKgipbbpk/MI6sz40KDE6xz47CphwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPsAFe9U3iFqfIyXB0boZaQ64I+NMB8GA1UdIwQY
MBaAFMikEeauwjytd8Q3K017Cx/ILV3AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83YjU0MGYtYjgzYS00MGI5LWFlNmQt
Y2RjZWUyM2E4M2IwLzEveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83YjU0MGYtYjgzYS00MGI5LWFlNmQtY2RjZWUyM2E4M2Iw
LzEveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfW8YWkmi
NO8/9uktiqFGk5ltNtHKec2muo+oTgDp+PsLUey5K9/p5ICvU+l6m7PIPuQN1X4d
FoRnbWfIGlHBZ4pku+4qPy0nJw4t7Q7YM/l514ysqNFjcYOnNnbaISSh8KBZUVTV
7kr2nlTZDMvbYpKEGm2LJe8k8NGJLKc+UyBIymNUOGVax9XjA/A5aNwli3b9eXFU
rOXtO9CKNMX49NobAdMXsAYd8io4EEJ7dWRv4LLHxZvULZSL8cMGx2H6u7zN+E2H
mGBYBtVxbrh/jpVM2Ty0mpGYGsbv4uZ91pe2xZpLc05jqzdHzcaQAA961i8IzUjT
7uT1mLP4tVsmtw==
-----END CERTIFICATE-----