Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
File:                     XtGkql_QUBs-ptafQzwvFkIRYIk.mft (raw, json)
Hash identifier:          YL9WY9jULwGoWcgNgoiIO+vPIzO1vUSQu3U2JfNfrIw=
Subject key identifier:   EE:40:55:B9:A7:53:4D:89:F2:B4:D6:4C:BD:0E:F8:23:AC:59:F7:0D
Authority key identifier: 5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89
Certificate issuer:       /CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
Certificate serial:       0199240D93DEA7F64C1D42D923104D633EAA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
Manifest number:          166D
Signing time:             Sun 07 Sep 2025 12:01:33 +0000
Manifest this update:     Sun 07 Sep 2025 12:01:33 +0000
Manifest next update:     Mon 08 Sep 2025 12:01:33 +0000
Files and hashes:         1: XtGkql_QUBs-ptafQzwvFkIRYIk.crl (hash: /JP8X7RPzMc3dw0xUtzjPM1QzgNU+mOzNVC3rlsCw6M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:0d:93:de:a7:f6:4c:1d:42:d9:23:10:4d:63:3e:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
        Validity
            Not Before: Sep  7 12:01:33 2025 GMT
            Not After : Sep  8 12:01:33 2025 GMT
        Subject: CN=ee4055b9a7534d89f2b4d64cbd0ef823ac59f70d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:a0:f5:74:cc:45:35:38:4b:b6:7e:10:18:60:
                    12:e7:cf:d0:1b:04:9e:02:9a:f0:85:6f:6e:1a:48:
                    d4:ca:84:13:fc:8c:6b:08:64:64:81:38:ed:a2:36:
                    cd:e1:c4:dc:20:cb:fa:54:d9:cd:2b:2d:79:2e:2a:
                    a1:92:d2:34:e2:8b:b0:06:2e:d9:b3:62:3f:7c:63:
                    3d:70:81:f7:24:21:52:c1:9c:01:4e:16:2b:e4:59:
                    88:9a:6f:13:9d:35:92:25:53:13:0e:2e:16:a8:50:
                    5e:7c:30:2a:04:f6:3c:c3:ed:35:22:a4:61:ca:12:
                    9c:58:3a:96:f9:af:90:aa:b7:51:8c:03:42:0c:a6:
                    9b:d3:01:a4:50:10:be:1b:ba:3d:14:c8:bf:82:6d:
                    5c:09:5b:e9:ba:c2:aa:88:0c:cc:ee:1c:97:be:19:
                    6b:09:b3:f6:56:34:29:3e:ea:c4:c1:b5:9a:18:23:
                    d1:b6:d2:51:25:82:e6:e3:ac:80:7d:bc:09:50:93:
                    1d:8d:af:55:10:27:d2:c9:48:7f:58:1c:b2:bb:e7:
                    4a:14:f9:39:0b:68:b4:25:c9:cb:ee:79:54:23:85:
                    f9:88:8b:77:2c:ad:19:29:eb:2a:d6:99:72:d6:79:
                    8a:73:3c:16:ec:01:36:11:cd:15:70:3d:32:56:ed:
                    92:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:40:55:B9:A7:53:4D:89:F2:B4:D6:4C:BD:0E:F8:23:AC:59:F7:0D
            X509v3 Authority Key Identifier:
                keyid:5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:31:ef:ad:c2:51:f8:f6:ac:78:bd:82:e3:1f:07:7a:93:69:
         24:21:ec:e8:33:15:58:da:12:82:ca:1c:3c:d4:55:f1:22:dc:
         9e:b3:e6:3c:90:8b:89:b1:d9:f9:15:06:a1:bc:99:4b:68:20:
         e3:a8:76:53:78:5d:f2:c6:38:c2:ea:70:fa:2b:fb:95:f3:74:
         42:98:b2:f9:4b:de:81:31:c7:15:df:8d:fd:b5:31:de:51:a2:
         9f:e7:c4:4f:d7:de:7c:12:98:d2:a8:23:27:ea:af:16:97:46:
         af:00:3a:94:e5:01:96:3f:50:ff:e4:5a:5c:17:cb:f2:f3:d0:
         65:9e:55:58:d0:7e:de:6f:bc:c1:a9:dd:35:1b:20:e6:80:63:
         30:05:68:90:03:63:e1:de:68:a4:c4:a6:50:5f:c3:03:e0:22:
         93:42:cb:22:04:86:91:2d:d3:4a:c6:a8:23:7e:5a:2f:1f:f6:
         ef:cd:e8:15:38:36:3f:4e:65:8d:5f:d8:ef:ce:52:95:8b:62:
         90:07:04:08:67:e8:62:22:fa:b8:eb:4a:57:95:bc:b2:94:3c:
         ae:d0:2a:89:b8:a8:51:ff:f0:30:e8:b8:75:c3:6b:6d:79:0c:
         33:33:45:01:0a:c1:36:a8:e7:eb:3b:66:d9:9a:91:7f:85:17:
         de:1c:65:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDZPep/ZMHULZIxBNYz6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDFhNGFhNWZkMDUwMWIzZWE2ZDY5ZjQzM2MyZjE2NDIx
MTYwODkwHhcNMjUwOTA3MTIwMTMzWhcNMjUwOTA4MTIwMTMzWjAzMTEwLwYDVQQD
EyhlZTQwNTViOWE3NTM0ZDg5ZjJiNGQ2NGNiZDBlZjgyM2FjNTlmNzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6D1dMxFNThLtn4QGGAS58/QGwSe
AprwhW9uGkjUyoQT/IxrCGRkgTjtojbN4cTcIMv6VNnNKy15LiqhktI04ouwBi7Z
s2I/fGM9cIH3JCFSwZwBThYr5FmImm8TnTWSJVMTDi4WqFBefDAqBPY8w+01IqRh
yhKcWDqW+a+QqrdRjANCDKab0wGkUBC+G7o9FMi/gm1cCVvpusKqiAzM7hyXvhlr
CbP2VjQpPurEwbWaGCPRttJRJYLm46yAfbwJUJMdja9VECfSyUh/WByyu+dKFPk5
C2i0JcnL7nlUI4X5iIt3LK0ZKesq1ply1nmKczwW7AE2Ec0VcD0yVu2SOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO5AVbmnU02J8rTWTL0O+COsWfcNMB8GA1UdIwQY
MBaAFF7RpKpf0FAbPqbWn0M8LxZCEWCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTkt
YjlhODZhYzNlOGJlLzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTktYjlhODZhYzNlOGJl
LzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAzHvrcJR
+PaseL2C4x8HepNpJCHs6DMVWNoSgsocPNRV8SLcnrPmPJCLibHZ+RUGobyZS2gg
46h2U3hd8sY4wupw+iv7lfN0Qpiy+UvegTHHFd+N/bUx3lGin+fET9fefBKY0qgj
J+qvFpdGrwA6lOUBlj9Q/+RaXBfL8vPQZZ5VWNB+3m+8wandNRsg5oBjMAVokANj
4d5opMSmUF/DA+Aik0LLIgSGkS3TSsaoI35aLx/2783oFTg2P05ljV/Y785SlYti
kAcECGfoYiL6uOtKV5W8spQ8rtAqibioUf/wMOi4dcNrbXkMMzNFAQrBNqjn6ztm
2ZqRf4UX3hxloQ==
-----END CERTIFICATE-----