Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
File:                     xLxp1Co7FePOy5HHcrpkM8URvpk.mft (raw, json)
Hash identifier:          DhqdQVxiFfg+ZoGpxvohjrSoUG4cXpFLXsR2WeHnfdc=
Subject key identifier:   0B:FD:6B:7B:4F:35:5B:B4:6F:C8:39:BB:15:96:10:5A:98:31:E9:21
Authority key identifier: C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99
Certificate issuer:       /CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
Certificate serial:       019922C318E776D6DE0522EF4816D53B38E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
Manifest number:          166D
Signing time:             Sun 07 Sep 2025 06:00:35 +0000
Manifest this update:     Sun 07 Sep 2025 06:00:35 +0000
Manifest next update:     Mon 08 Sep 2025 06:00:35 +0000
Files and hashes:         1: xLxp1Co7FePOy5HHcrpkM8URvpk.crl (hash: cEqpCDMW9HaGHKJ8zyqikap1uGElRQ7ePK34P2PKlS8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 06:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:c3:18:e7:76:d6:de:05:22:ef:48:16:d5:3b:38:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
        Validity
            Not Before: Sep  7 06:00:35 2025 GMT
            Not After : Sep  8 06:00:35 2025 GMT
        Subject: CN=0bfd6b7b4f355bb46fc839bb1596105a9831e921
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:87:12:fb:00:07:9e:f5:5b:a8:d7:25:58:7f:
                    f4:94:f4:3b:0d:c5:72:26:5c:54:14:1e:24:d1:db:
                    7c:c8:16:06:db:e5:61:9a:66:60:44:41:d9:54:b4:
                    36:b6:0d:72:01:48:a8:7c:e9:c6:d9:44:35:ae:9d:
                    da:75:ce:14:23:a3:68:1a:32:ba:b5:b1:5a:f5:87:
                    d1:be:e0:2e:88:55:a0:78:64:22:14:cf:e9:53:2a:
                    4b:5a:81:04:3c:63:2d:31:4d:f7:3f:57:09:5d:bb:
                    dc:0f:a0:37:f2:80:66:57:ac:b9:a4:76:17:b0:8e:
                    8c:f8:bc:1c:d2:64:ae:95:83:1f:ac:7d:a8:f2:d1:
                    20:4d:09:d0:eb:09:cc:a9:2f:f9:b2:6e:b6:30:ed:
                    af:31:4b:dd:c9:1a:92:c2:74:9e:88:f2:2d:75:18:
                    e6:02:68:b2:5e:04:cd:73:29:cd:e2:fc:28:9a:da:
                    2a:a0:9c:9b:c1:2a:6c:bb:1b:b0:e3:91:3a:97:67:
                    27:9b:78:34:54:3f:cf:8c:75:45:62:ad:49:af:14:
                    b7:92:dc:a2:6b:00:ad:9c:74:39:8b:bb:d3:3f:2f:
                    c1:ca:c9:79:4b:a0:a5:2d:99:2a:b6:69:44:52:49:
                    ab:7e:d9:83:a3:ef:ac:d7:36:5f:d5:06:8e:ad:b6:
                    b1:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:FD:6B:7B:4F:35:5B:B4:6F:C8:39:BB:15:96:10:5A:98:31:E9:21
            X509v3 Authority Key Identifier:
                keyid:C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:26:f2:af:d2:bd:b8:0b:a3:c7:97:bd:e8:f7:d0:44:dd:f1:
         a6:a4:ed:6f:96:c2:5e:97:ca:71:0f:60:0d:59:eb:e5:da:d1:
         6e:41:81:d9:a5:94:3f:e8:b3:88:4c:b3:60:da:71:f8:82:b4:
         47:e6:96:60:f7:dd:57:07:a4:90:1a:c9:42:76:ae:08:31:19:
         7f:30:9d:3b:64:a5:72:c5:3c:bc:c9:ec:fa:e4:83:f4:b7:7c:
         0f:bf:f4:17:5a:76:9c:f3:d0:66:d0:2a:69:fc:4d:66:cd:93:
         7e:e5:80:c8:6b:6e:72:be:c5:bd:aa:d7:21:46:f8:94:85:aa:
         fd:c9:de:fd:f8:da:f7:03:4b:41:d9:97:40:32:01:f2:92:f1:
         72:2d:2f:3f:e0:5e:a7:9c:fe:33:65:b8:ed:bb:33:1c:0b:d5:
         59:f4:47:1e:62:e4:4d:d4:e5:0f:10:f3:d7:4b:f1:2f:27:52:
         67:57:cd:8c:c2:07:34:e1:6b:7f:1c:8e:bc:2d:55:41:da:e4:
         bb:dd:16:e5:b5:60:41:60:70:46:c0:71:25:51:72:e9:d2:43:
         15:71:02:50:98:e1:95:dd:a3:63:80:28:7b:33:7a:e0:8e:b4:
         ba:cf:0a:30:6c:5d:17:7f:ed:05:9a:04:b8:49:d4:43:41:b3:
         87:0e:a1:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiwxjndtbeBSLvSBbVOzjjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YmM2OWQ0MmEzYjE1ZTNjZWNiOTFjNzcyYmE2NDMzYzUx
MWJlOTkwHhcNMjUwOTA3MDYwMDM1WhcNMjUwOTA4MDYwMDM1WjAzMTEwLwYDVQQD
EygwYmZkNmI3YjRmMzU1YmI0NmZjODM5YmIxNTk2MTA1YTk4MzFlOTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYcS+wAHnvVbqNclWH/0lPQ7DcVy
JlxUFB4k0dt8yBYG2+VhmmZgREHZVLQ2tg1yAUiofOnG2UQ1rp3adc4UI6NoGjK6
tbFa9YfRvuAuiFWgeGQiFM/pUypLWoEEPGMtMU33P1cJXbvcD6A38oBmV6y5pHYX
sI6M+Lwc0mSulYMfrH2o8tEgTQnQ6wnMqS/5sm62MO2vMUvdyRqSwnSeiPItdRjm
AmiyXgTNcynN4vwomtoqoJybwSpsuxuw45E6l2cnm3g0VD/PjHVFYq1JrxS3ktyi
awCtnHQ5i7vTPy/Bysl5S6ClLZkqtmlEUkmrftmDo++s1zZf1QaOrbaxCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAv9a3tPNVu0b8g5uxWWEFqYMekhMB8GA1UdIwQY
MBaAFMS8adQqOxXjzsuRx3K6ZDPFEb6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUt
ZDE3Zjk4MTE0MDcwLzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUtZDE3Zjk4MTE0MDcw
LzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApCbyr9K9
uAujx5e96PfQRN3xpqTtb5bCXpfKcQ9gDVnr5drRbkGB2aWUP+iziEyzYNpx+IK0
R+aWYPfdVwekkBrJQnauCDEZfzCdO2SlcsU8vMns+uSD9Ld8D7/0F1p2nPPQZtAq
afxNZs2TfuWAyGtucr7FvarXIUb4lIWq/cne/fja9wNLQdmXQDIB8pLxci0vP+Be
p5z+M2W47bszHAvVWfRHHmLkTdTlDxDz10vxLydSZ1fNjMIHNOFrfxyOvC1VQdrk
u90W5bVgQWBwRsBxJVFy6dJDFXECUJjhld2jY4AoezN64I60us8KMGxdF3/tBZoE
uEnUQ0Gzhw6hpQ==
-----END CERTIFICATE-----