Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
File:                     02jCohY2GiT97Jfx838uHRIHEIc.mft (raw, json)
Hash identifier:          tCpmXe/gop3Oo6SVeapJomZA0I59XHzs1fnJ0zAo1E0=
Subject key identifier:   61:63:CB:CF:42:95:D4:06:11:AB:CE:31:0F:A8:48:92:17:35:7A:2B
Authority key identifier: D3:68:C2:A2:16:36:1A:24:FD:EC:97:F1:F3:7F:2E:1D:12:07:10:87
Certificate issuer:       /CN=d368c2a216361a24fdec97f1f37f2e1d12071087
Certificate serial:       019922FAC124123D0584C1D60C10BF1F3499
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 07:01:22 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:22 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:22 +0000
Files and hashes:         1: 02jCohY2GiT97Jfx838uHRIHEIc.crl (hash: mpCdxwT8grT8HV/kgdYDxVWtr6ChpHAmiFF+e69SZvY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:c1:24:12:3d:05:84:c1:d6:0c:10:bf:1f:34:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d368c2a216361a24fdec97f1f37f2e1d12071087
        Validity
            Not Before: Sep  7 07:01:22 2025 GMT
            Not After : Sep  8 07:01:22 2025 GMT
        Subject: CN=6163cbcf4295d40611abce310fa8489217357a2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:a5:0a:f2:88:e9:cf:92:67:5e:41:93:9b:6f:
                    d4:df:77:4e:f7:14:59:4c:c8:ae:b2:65:6c:24:30:
                    75:bf:79:64:bf:f8:16:8b:db:b2:9f:9d:24:1f:64:
                    ee:96:98:06:dc:3a:48:b5:be:58:0a:81:ae:c5:cc:
                    ed:d2:e5:46:06:d3:1c:15:9e:8f:e7:c8:ef:90:54:
                    33:d1:2b:8a:e3:cb:61:ed:98:63:22:eb:68:1b:70:
                    0f:6c:a1:b6:40:a5:f5:0b:5c:88:ee:96:1c:3f:35:
                    ef:a3:6b:e3:87:af:0b:40:90:64:72:0a:8e:2c:9d:
                    a2:56:c8:0f:a2:e4:54:16:c7:4f:cc:be:5a:e7:da:
                    01:d1:44:56:ca:bc:76:6c:a3:50:a9:e0:53:ed:9d:
                    e8:57:f3:d9:3c:88:34:63:07:ca:6e:f4:b3:19:a4:
                    80:67:b5:50:4c:dc:99:4a:07:6a:46:54:ed:17:8d:
                    94:94:33:94:d0:71:b0:9a:36:74:62:86:6a:63:78:
                    d2:c4:69:a8:f9:65:79:cc:b7:ce:8e:60:9a:1c:2c:
                    9a:fe:82:7e:c7:99:1c:90:d4:8e:85:42:38:7d:20:
                    b0:75:9d:8c:9e:a0:a1:38:5c:68:f7:76:4d:95:77:
                    57:24:df:54:b6:f8:dd:a4:73:ab:aa:a4:ab:be:cd:
                    85:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:63:CB:CF:42:95:D4:06:11:AB:CE:31:0F:A8:48:92:17:35:7A:2B
            X509v3 Authority Key Identifier:
                keyid:D3:68:C2:A2:16:36:1A:24:FD:EC:97:F1:F3:7F:2E:1D:12:07:10:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:21:b0:a1:9c:8f:a1:7f:39:94:6e:21:c7:43:c5:ac:29:3c:
         2e:1f:fa:ef:e6:16:28:8e:d9:24:6e:5b:d4:62:e0:66:62:14:
         0c:dc:db:e5:40:fa:85:46:a2:61:ec:21:c1:49:f7:c5:14:13:
         d2:fa:69:51:7f:d7:59:8e:4a:04:ec:2d:ca:fa:05:7d:37:f4:
         c3:1b:71:bc:53:06:8c:b8:0a:32:43:4c:ab:d9:07:73:4c:93:
         79:de:a2:dc:ab:b2:20:a4:5f:55:3c:4a:10:36:8e:33:8d:f4:
         e2:ab:8a:f7:7d:80:be:27:5b:a1:ad:77:cd:3a:14:65:c3:d7:
         bf:b0:9a:0f:20:46:62:fa:71:69:77:5c:eb:dd:37:c4:3e:c0:
         73:65:a0:96:b2:36:7a:be:86:c3:a7:65:64:90:e5:f4:1a:0b:
         2e:a3:15:bd:12:14:87:48:23:bb:bd:1f:fe:cf:e7:49:9e:87:
         e5:98:53:47:b7:6a:fd:a1:56:42:71:da:1d:77:1b:7c:63:9b:
         51:61:ca:40:a8:ed:36:f3:9f:7d:5b:7a:4c:d9:d1:05:a2:37:
         0c:da:3f:8c:83:3b:75:d3:eb:ee:51:ab:b5:9a:b9:f5:6c:36:
         5b:8a:41:aa:a9:aa:b0:72:36:63:c9:b3:3b:92:ca:15:d1:25:
         1a:3d:13:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+sEkEj0FhMHWDBC/HzSZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjhjMmEyMTYzNjFhMjRmZGVjOTdmMWYzN2YyZTFkMTIw
NzEwODcwHhcNMjUwOTA3MDcwMTIyWhcNMjUwOTA4MDcwMTIyWjAzMTEwLwYDVQQD
Eyg2MTYzY2JjZjQyOTVkNDA2MTFhYmNlMzEwZmE4NDg5MjE3MzU3YTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaUK8ojpz5JnXkGTm2/U33dO9xRZ
TMiusmVsJDB1v3lkv/gWi9uyn50kH2TulpgG3DpItb5YCoGuxczt0uVGBtMcFZ6P
58jvkFQz0SuK48th7ZhjIutoG3APbKG2QKX1C1yI7pYcPzXvo2vjh68LQJBkcgqO
LJ2iVsgPouRUFsdPzL5a59oB0URWyrx2bKNQqeBT7Z3oV/PZPIg0YwfKbvSzGaSA
Z7VQTNyZSgdqRlTtF42UlDOU0HGwmjZ0YoZqY3jSxGmo+WV5zLfOjmCaHCya/oJ+
x5kckNSOhUI4fSCwdZ2MnqChOFxo93ZNlXdXJN9UtvjdpHOrqqSrvs2FSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGFjy89CldQGEavOMQ+oSJIXNXorMB8GA1UdIwQY
MBaAFNNowqIWNhok/eyX8fN/Lh0SBxCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMjJlZGYtZmI0OS00ZTAxLThmZDQt
OTAyMDhlMWYzZGU2LzEvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMjJlZGYtZmI0OS00ZTAxLThmZDQtOTAyMDhlMWYzZGU2
LzEvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAviGwoZyP
oX85lG4hx0PFrCk8Lh/67+YWKI7ZJG5b1GLgZmIUDNzb5UD6hUaiYewhwUn3xRQT
0vppUX/XWY5KBOwtyvoFfTf0wxtxvFMGjLgKMkNMq9kHc0yTed6i3KuyIKRfVTxK
EDaOM4304quK932Avidboa13zToUZcPXv7CaDyBGYvpxaXdc6903xD7Ac2WglrI2
er6Gw6dlZJDl9BoLLqMVvRIUh0gju70f/s/nSZ6H5ZhTR7dq/aFWQnHaHXcbfGOb
UWHKQKjtNvOffVt6TNnRBaI3DNo/jIM7ddPr7lGrtZq59Ww2W4pBqqmqsHI2Y8mz
O5LKFdElGj0T3A==
-----END CERTIFICATE-----