Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft
File:                     eH0Q8i5f-ksg99W3goxVuVCal1k.mft (raw, json)
Hash identifier:          hZJNCO1Y/vluq94MgwUFOKaDJabAiozrQOjJepPqGRw=
Subject key identifier:   A7:F3:40:06:81:AC:80:67:81:41:C1:58:7A:05:90:09:CE:A9:31:0B
Authority key identifier: 78:7D:10:F2:2E:5F:FA:4B:20:F7:D5:B7:82:8C:55:B9:50:9A:97:59
Certificate issuer:       /CN=787d10f22e5ffa4b20f7d5b7828c55b9509a9759
Certificate serial:       01992255B38F4AEDA079CF5FB28E45520680
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eH0Q8i5f-ksg99W3goxVuVCal1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft
Manifest number:          166F
Signing time:             Sun 07 Sep 2025 04:01:05 +0000
Manifest this update:     Sun 07 Sep 2025 04:01:05 +0000
Manifest next update:     Mon 08 Sep 2025 04:01:05 +0000
Files and hashes:         1: eH0Q8i5f-ksg99W3goxVuVCal1k.crl (hash: eutXyJy6h91tbb7soLCpNndRh/cQZ4ZDa3VfvnTVhE0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eH0Q8i5f-ksg99W3goxVuVCal1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:b3:8f:4a:ed:a0:79:cf:5f:b2:8e:45:52:06:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=787d10f22e5ffa4b20f7d5b7828c55b9509a9759
        Validity
            Not Before: Sep  7 04:01:05 2025 GMT
            Not After : Sep  8 04:01:05 2025 GMT
        Subject: CN=a7f3400681ac80678141c1587a059009cea9310b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:81:d8:c4:a8:59:2c:3d:26:01:0a:5d:05:a2:
                    42:d2:c0:8b:82:95:34:0f:60:25:d1:c7:f6:a5:7e:
                    44:95:4c:f7:93:ec:6f:94:27:86:63:9d:9b:73:b4:
                    91:88:11:1a:c3:1f:b4:f3:e5:19:38:7d:f7:95:75:
                    54:2a:8d:cd:44:1b:b8:93:bf:be:22:d1:b0:0c:3a:
                    66:c7:68:94:cc:fa:f0:bb:7a:ac:9e:6b:af:6c:4b:
                    13:db:5a:bd:18:95:e9:d5:14:ab:a2:da:0e:38:78:
                    29:1e:ba:95:a1:ef:d6:12:2c:81:c1:f2:df:68:d1:
                    eb:fe:42:af:f2:63:51:08:6a:44:5e:c8:bf:5f:96:
                    7a:ca:78:f1:57:e1:e0:2f:14:31:05:1d:fd:78:4f:
                    b5:f1:c1:6e:55:c0:51:b2:49:2f:d4:a2:2b:1c:7d:
                    e6:bb:29:f7:69:6f:9f:ee:25:e9:01:52:5e:25:3a:
                    43:43:88:e8:b0:02:b6:6f:3b:bf:b8:0a:91:5b:58:
                    3f:e1:46:57:f6:2b:13:7d:43:93:ce:b6:a9:a3:f7:
                    00:2a:46:db:4c:36:23:73:10:c8:26:45:6e:df:18:
                    6a:66:6c:70:3b:8e:8e:bf:7c:26:b2:8f:e3:ad:e5:
                    35:0f:95:d7:3a:f6:fb:da:4d:a2:c8:ec:fb:e4:26:
                    6c:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:F3:40:06:81:AC:80:67:81:41:C1:58:7A:05:90:09:CE:A9:31:0B
            X509v3 Authority Key Identifier:
                keyid:78:7D:10:F2:2E:5F:FA:4B:20:F7:D5:B7:82:8C:55:B9:50:9A:97:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eH0Q8i5f-ksg99W3goxVuVCal1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:7f:b1:60:ee:f6:17:3d:63:32:06:f6:89:6b:a4:25:29:02:
         64:39:b6:8f:2e:a6:41:82:0c:4e:08:b0:21:5f:78:01:88:4a:
         1a:10:0d:a2:3d:b4:cc:33:b5:21:cc:4d:9d:15:9c:39:1f:aa:
         0f:47:12:51:7a:a3:af:8e:27:95:9f:fc:b8:a8:14:13:6b:5c:
         92:00:54:65:20:7a:4c:41:ca:f6:57:82:0b:4a:8e:11:e1:e8:
         a5:74:d3:de:1c:07:61:54:44:b8:6c:b3:d3:a1:77:c1:de:cf:
         d2:93:ba:cb:72:eb:f7:e7:f8:40:1f:41:54:3f:38:59:6e:a3:
         1d:63:0f:90:ff:41:51:f7:6a:67:07:5e:4b:3a:50:d0:a5:fa:
         48:74:b5:a8:05:c3:a0:4c:71:a3:5e:00:96:71:58:c5:64:42:
         68:6c:85:d4:ec:84:e1:63:67:e3:3b:24:80:bd:ce:b4:87:50:
         81:75:30:c9:c6:d2:1d:8f:33:0d:64:45:9e:3b:3e:de:91:33:
         50:c4:84:87:8b:9b:63:a7:e7:1f:1a:62:b3:fa:56:c6:60:e6:
         fd:85:55:68:4c:65:e2:2f:28:e8:db:57:a6:d3:83:39:6e:02:
         44:54:97:36:e1:98:0e:4a:ca:89:32:4e:19:b1:d8:f0:cd:90:
         d9:19:8d:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVbOPSu2gec9fso5FUgaAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4N2QxMGYyMmU1ZmZhNGIyMGY3ZDViNzgyOGM1NWI5NTA5
YTk3NTkwHhcNMjUwOTA3MDQwMTA1WhcNMjUwOTA4MDQwMTA1WjAzMTEwLwYDVQQD
EyhhN2YzNDAwNjgxYWM4MDY3ODE0MWMxNTg3YTA1OTAwOWNlYTkzMTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyoHYxKhZLD0mAQpdBaJC0sCLgpU0
D2Al0cf2pX5ElUz3k+xvlCeGY52bc7SRiBEawx+08+UZOH33lXVUKo3NRBu4k7++
ItGwDDpmx2iUzPrwu3qsnmuvbEsT21q9GJXp1RSrotoOOHgpHrqVoe/WEiyBwfLf
aNHr/kKv8mNRCGpEXsi/X5Z6ynjxV+HgLxQxBR39eE+18cFuVcBRskkv1KIrHH3m
uyn3aW+f7iXpAVJeJTpDQ4josAK2bzu/uAqRW1g/4UZX9isTfUOTzrapo/cAKkbb
TDYjcxDIJkVu3xhqZmxwO46Ov3wmso/jreU1D5XXOvb72k2iyOz75CZsXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKfzQAaBrIBngUHBWHoFkAnOqTELMB8GA1UdIwQY
MBaAFHh9EPIuX/pLIPfVt4KMVblQmpdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUgwUThpNWYta3NnOTlXM2dveFZ1VkNhbDFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hYjgwNTUtMzg5Yy00M2VkLWFiZGUt
YmYwZGUyYmIxYzNjLzEvZUgwUThpNWYta3NnOTlXM2dveFZ1VkNhbDFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9hYjgwNTUtMzg5Yy00M2VkLWFiZGUtYmYwZGUyYmIxYzNj
LzEvZUgwUThpNWYta3NnOTlXM2dveFZ1VkNhbDFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEH+xYO72
Fz1jMgb2iWukJSkCZDm2jy6mQYIMTgiwIV94AYhKGhANoj20zDO1IcxNnRWcOR+q
D0cSUXqjr44nlZ/8uKgUE2tckgBUZSB6TEHK9leCC0qOEeHopXTT3hwHYVREuGyz
06F3wd7P0pO6y3Lr9+f4QB9BVD84WW6jHWMPkP9BUfdqZwdeSzpQ0KX6SHS1qAXD
oExxo14AlnFYxWRCaGyF1OyE4WNn4zskgL3OtIdQgXUwycbSHY8zDWRFnjs+3pEz
UMSEh4ubY6fnHxpis/pWxmDm/YVVaExl4i8o6NtXptODOW4CRFSXNuGYDkrKiTJO
GbHY8M2Q2RmNrQ==
-----END CERTIFICATE-----