Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
File:                     NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft (raw, json)
Hash identifier:          tGWamVeCdHWPojJXhkSuXuccUZUq0iXzN0C7tdrkKvw=
Subject key identifier:   66:27:D1:44:20:93:B5:C1:21:73:42:F2:8F:58:4B:1C:32:42:7C:C0
Authority key identifier: 35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D
Certificate issuer:       /CN=35f49b5d505000b909932c6b4f443e7ef81d780d
Certificate serial:       0199221E4E777878F539EBEE97275190E63F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
Manifest number:          166C
Signing time:             Sun 07 Sep 2025 03:00:35 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:35 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:35 +0000
Files and hashes:         1: NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl (hash: 702DDvJ7vpVqQyPviROYoCGHg5MIUwNPyY1otEvD7Og=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:4e:77:78:78:f5:39:eb:ee:97:27:51:90:e6:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35f49b5d505000b909932c6b4f443e7ef81d780d
        Validity
            Not Before: Sep  7 03:00:35 2025 GMT
            Not After : Sep  8 03:00:35 2025 GMT
        Subject: CN=6627d1442093b5c1217342f28f584b1c32427cc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:ab:47:7d:13:c8:90:d5:9e:dd:eb:03:6e:47:
                    fa:8b:86:21:00:55:7a:ae:5a:3e:2f:da:c9:ea:fd:
                    39:3b:9f:01:04:e2:e0:c7:e5:01:38:98:99:3d:ae:
                    6b:df:c4:44:3b:20:3d:51:88:6c:9d:e3:c3:03:3f:
                    e2:dd:bd:08:a8:db:20:9c:0c:c0:58:15:c2:ee:37:
                    88:4d:c8:79:03:26:38:26:cd:bf:60:f2:ff:b5:20:
                    57:e3:28:16:73:d2:6a:83:56:0a:88:65:3c:f5:42:
                    22:04:ed:af:7f:0f:4f:d7:db:91:a4:5f:ae:53:71:
                    3e:68:73:e1:3c:a0:0f:c4:be:50:55:a2:58:91:42:
                    67:e0:cc:37:55:95:61:b6:49:29:4b:1b:89:a2:b1:
                    8a:c9:d7:be:8d:99:96:4e:6c:03:6a:10:c0:af:4d:
                    8c:6c:57:9e:1f:22:8f:8e:15:e4:2c:6b:74:e4:cd:
                    f0:bd:d7:e0:90:97:5c:a6:c1:bc:99:9f:49:d7:a4:
                    36:bf:24:3d:67:a0:a7:8a:d3:21:83:25:8a:ae:3d:
                    a7:18:1f:87:39:e9:12:63:2e:a7:42:78:46:07:a7:
                    13:07:98:05:80:39:1c:d9:ec:a9:a7:f8:08:cc:08:
                    48:2d:57:0c:e9:d1:f5:d4:de:4c:a8:b4:60:dc:bc:
                    c9:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:27:D1:44:20:93:B5:C1:21:73:42:F2:8F:58:4B:1C:32:42:7C:C0
            X509v3 Authority Key Identifier:
                keyid:35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:6c:b3:df:e4:28:bb:ed:1e:61:bb:2c:71:30:12:77:a5:55:
         43:a5:85:15:43:b2:80:31:7e:0c:07:f3:02:79:30:0e:d3:eb:
         ca:bb:c8:c3:10:16:bc:75:f1:c6:6d:2d:06:2c:ee:e0:4f:b2:
         ac:0a:b0:75:7e:b4:41:59:5b:57:74:ac:e7:92:63:7f:7c:94:
         01:23:a0:3b:f5:82:78:39:f8:8c:ea:ec:6e:d4:10:14:a8:db:
         52:78:3d:12:cf:b7:a3:0c:32:7e:c8:5f:ab:d9:2f:12:6a:2d:
         2c:9d:25:ec:58:7f:e5:a2:70:24:38:aa:d6:c8:d8:46:e6:2e:
         e3:f8:db:f9:9e:41:e5:48:30:06:37:ca:df:17:62:ee:d5:07:
         a1:ce:6d:cd:f9:f2:33:24:32:5e:5b:71:d6:bf:cc:a9:2f:00:
         f7:0a:db:12:1c:54:3e:34:b3:9e:94:ce:9c:94:c7:ae:99:c9:
         fc:57:0f:1d:f8:92:67:04:6f:64:de:b2:54:80:75:26:75:83:
         45:1b:6e:dd:5c:47:c2:4c:e5:a5:98:67:f1:4b:80:c2:83:34:
         3c:2f:4b:0c:bd:50:a6:39:81:24:a2:3d:2a:bd:94:ad:65:54:
         3e:84:67:9d:43:8c:a2:f8:fb:7f:11:47:7f:96:a0:82:29:d4:
         a4:f6:51:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHk53eHj1OevulydRkOY/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZjQ5YjVkNTA1MDAwYjkwOTkzMmM2YjRmNDQzZTdlZjgx
ZDc4MGQwHhcNMjUwOTA3MDMwMDM1WhcNMjUwOTA4MDMwMDM1WjAzMTEwLwYDVQQD
Eyg2NjI3ZDE0NDIwOTNiNWMxMjE3MzQyZjI4ZjU4NGIxYzMyNDI3Y2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKtHfRPIkNWe3esDbkf6i4YhAFV6
rlo+L9rJ6v05O58BBOLgx+UBOJiZPa5r38REOyA9UYhsnePDAz/i3b0IqNsgnAzA
WBXC7jeITch5AyY4Js2/YPL/tSBX4ygWc9Jqg1YKiGU89UIiBO2vfw9P19uRpF+u
U3E+aHPhPKAPxL5QVaJYkUJn4Mw3VZVhtkkpSxuJorGKyde+jZmWTmwDahDAr02M
bFeeHyKPjhXkLGt05M3wvdfgkJdcpsG8mZ9J16Q2vyQ9Z6CnitMhgyWKrj2nGB+H
OekSYy6nQnhGB6cTB5gFgDkc2eypp/gIzAhILVcM6dH11N5MqLRg3LzJGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGYn0UQgk7XBIXNC8o9YSxwyQnzAMB8GA1UdIwQY
MBaAFDX0m11QUAC5CZMsa09EPn74HXgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEt
MDJiM2RlODM0YmY0LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEtMDJiM2RlODM0YmY0
LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc2yz3+Qo
u+0eYbsscTASd6VVQ6WFFUOygDF+DAfzAnkwDtPryrvIwxAWvHXxxm0tBizu4E+y
rAqwdX60QVlbV3Ss55Jjf3yUASOgO/WCeDn4jOrsbtQQFKjbUng9Es+3owwyfshf
q9kvEmotLJ0l7Fh/5aJwJDiq1sjYRuYu4/jb+Z5B5UgwBjfK3xdi7tUHoc5tzfny
MyQyXltx1r/MqS8A9wrbEhxUPjSznpTOnJTHrpnJ/FcPHfiSZwRvZN6yVIB1JnWD
RRtu3VxHwkzlpZhn8UuAwoM0PC9LDL1QpjmBJKI9Kr2UrWVUPoRnnUOMovj7fxFH
f5agginUpPZR9g==
-----END CERTIFICATE-----