Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft
File:                     rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft (raw, json)
Hash identifier:          v1DP52/qsp8tpP29O2qvrMgA0Kf5BvSw3oL6bVQ8X+s=
Subject key identifier:   5F:80:09:6D:2A:34:31:CA:1E:B5:54:98:2F:C7:E9:A6:97:B4:CC:7D
Authority key identifier: AD:D9:20:79:94:BA:9C:7D:91:EA:7E:47:9F:EF:D1:B8:09:9F:62:CE
Certificate issuer:       /CN=add9207994ba9c7d91ea7e479fefd1b8099f62ce
Certificate serial:       019923A05110A775578A8A036FFB34FB6EEF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft
Manifest number:          167C
Signing time:             Sun 07 Sep 2025 10:02:12 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:12 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:12 +0000
Files and hashes:         1: rdkgeZS6nH2R6n5Hn-_RuAmfYs4.crl (hash: tRteRf5G3RG1G61VZFSRQbl1/i9w8/Ok3slvdTMAx10=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:51:10:a7:75:57:8a:8a:03:6f:fb:34:fb:6e:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=add9207994ba9c7d91ea7e479fefd1b8099f62ce
        Validity
            Not Before: Sep  7 10:02:12 2025 GMT
            Not After : Sep  8 10:02:12 2025 GMT
        Subject: CN=5f80096d2a3431ca1eb554982fc7e9a697b4cc7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:f0:e6:b1:b3:4b:7a:8a:e0:d9:64:86:37:b0:
                    76:04:82:52:66:51:a1:6b:33:61:6e:0e:d3:4b:8d:
                    2e:4c:6b:2c:f8:1b:01:87:f9:b9:a1:83:b2:9c:bd:
                    79:d9:d9:a0:aa:ed:98:0e:8a:56:28:e8:96:65:10:
                    12:6c:7e:8e:14:de:4c:6f:1f:d2:4a:95:cf:ce:7a:
                    5f:9f:cb:68:a4:55:20:7f:59:b2:1b:a2:85:d0:d6:
                    e7:fa:71:2f:19:00:f3:71:67:4d:68:05:6e:e8:bb:
                    87:b8:62:ff:45:fc:c3:01:c3:73:cf:9b:04:5c:1d:
                    8f:64:2f:03:2c:1b:45:66:f2:09:e7:ea:ff:5a:39:
                    c8:05:eb:97:80:42:ec:56:f7:b6:3f:f3:a6:e9:eb:
                    b5:97:fb:3d:ba:78:a9:59:c5:ae:71:5d:c6:56:b9:
                    bd:a5:d7:9b:02:d1:e0:b5:fc:8c:da:36:95:4f:cb:
                    a9:7f:fc:f8:79:fe:a1:23:80:43:65:ac:6a:13:12:
                    1b:a9:0e:cf:d0:80:9e:93:a2:95:0f:d0:a6:fc:3a:
                    10:5f:0e:fb:b8:c5:c8:67:65:79:e2:40:d4:20:87:
                    50:80:1c:c6:ab:a0:d9:9e:e6:94:31:5e:84:3f:9c:
                    f5:cd:52:2c:ea:48:a0:b2:7f:ca:a7:82:a1:1e:75:
                    1a:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:80:09:6D:2A:34:31:CA:1E:B5:54:98:2F:C7:E9:A6:97:B4:CC:7D
            X509v3 Authority Key Identifier:
                keyid:AD:D9:20:79:94:BA:9C:7D:91:EA:7E:47:9F:EF:D1:B8:09:9F:62:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:3b:cf:6f:b5:aa:82:e7:da:cd:60:d2:12:23:0f:b0:cd:26:
         c2:a9:dc:77:b7:73:de:6f:b7:43:d2:c4:f2:72:b9:8a:f9:6b:
         34:bb:c4:d2:14:1a:47:08:b9:09:ef:fe:64:3c:cb:df:32:7d:
         a0:94:f7:9b:e2:71:91:99:b8:5a:6f:3c:ef:8e:6b:20:e8:be:
         07:51:e9:8d:75:e4:c4:ec:cd:52:d5:db:a7:8e:73:34:cc:87:
         6e:e6:81:b8:ec:1d:0e:fb:9a:8b:51:5b:82:0b:73:50:b8:5f:
         1c:30:d6:2b:a3:c7:29:3f:ea:2f:9b:18:85:f3:82:7e:a4:3a:
         2b:2e:09:db:58:59:fa:fb:0e:50:b3:69:ab:72:16:d1:a3:d7:
         e2:36:39:c6:f8:e2:d5:ce:b1:01:9f:8e:3d:80:83:ea:c4:87:
         01:14:86:77:17:6c:96:4b:be:d7:d6:83:48:d0:9b:eb:83:98:
         4c:92:1a:62:a2:05:1e:67:c1:37:7d:5e:14:23:b4:9c:49:53:
         4d:59:b6:da:12:46:5d:55:8b:1d:9e:4d:99:b5:90:29:ba:e1:
         e6:fb:3e:c6:e5:6d:ad:5f:34:71:06:a6:00:aa:2f:14:42:70:
         dc:8c:55:33:9a:62:80:5b:79:f6:df:1d:6c:66:91:ab:67:19:
         2d:92:d1:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoFEQp3VXiooDb/s0+27vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDkyMDc5OTRiYTljN2Q5MWVhN2U0NzlmZWZkMWI4MDk5
ZjYyY2UwHhcNMjUwOTA3MTAwMjEyWhcNMjUwOTA4MTAwMjEyWjAzMTEwLwYDVQQD
Eyg1ZjgwMDk2ZDJhMzQzMWNhMWViNTU0OTgyZmM3ZTlhNjk3YjRjYzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvDmsbNLeorg2WSGN7B2BIJSZlGh
azNhbg7TS40uTGss+BsBh/m5oYOynL152dmgqu2YDopWKOiWZRASbH6OFN5Mbx/S
SpXPznpfn8topFUgf1myG6KF0Nbn+nEvGQDzcWdNaAVu6LuHuGL/RfzDAcNzz5sE
XB2PZC8DLBtFZvIJ5+r/WjnIBeuXgELsVve2P/Om6eu1l/s9unipWcWucV3GVrm9
pdebAtHgtfyM2jaVT8upf/z4ef6hI4BDZaxqExIbqQ7P0ICek6KVD9Cm/DoQXw77
uMXIZ2V54kDUIIdQgBzGq6DZnuaUMV6EP5z1zVIs6kigsn/Kp4KhHnUaRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF+ACW0qNDHKHrVUmC/H6aaXtMx9MB8GA1UdIwQY
MBaAFK3ZIHmUupx9kep+R5/v0bgJn2LOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC80N2E5YzktZDQ1Ny00NTc5LWIyYjAt
ZTUyMTI1NzRmOWVjLzEvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC80N2E5YzktZDQ1Ny00NTc5LWIyYjAtZTUyMTI1NzRmOWVj
LzEvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYjvPb7Wq
gufazWDSEiMPsM0mwqncd7dz3m+3Q9LE8nK5ivlrNLvE0hQaRwi5Ce/+ZDzL3zJ9
oJT3m+JxkZm4Wm88745rIOi+B1HpjXXkxOzNUtXbp45zNMyHbuaBuOwdDvuai1Fb
ggtzULhfHDDWK6PHKT/qL5sYhfOCfqQ6Ky4J21hZ+vsOULNpq3IW0aPX4jY5xvji
1c6xAZ+OPYCD6sSHARSGdxdslku+19aDSNCb64OYTJIaYqIFHmfBN31eFCO0nElT
TVm22hJGXVWLHZ5NmbWQKbrh5vs+xuVtrV80cQamAKovFEJw3IxVM5pigFt59t8d
bGaRq2cZLZLRLw==
-----END CERTIFICATE-----