Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
File:                     U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft (raw, json)
Hash identifier:          K1+wkNzUUB9MOv7KFCYe5IwfXP/hB7qHwj183MBhD7I=
Subject key identifier:   09:11:58:AD:F1:3D:18:DD:BF:E4:D1:6C:7E:0A:64:2A:B7:3A:9D:FB
Authority key identifier: 53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E
Certificate issuer:       /CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
Certificate serial:       0199239F454342DAF99790B409D02884DAAC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
Manifest number:          166F
Signing time:             Sun 07 Sep 2025 10:01:04 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:04 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:04 +0000
Files and hashes:         1: U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl (hash: hHiB/5ybdFxb7x2rTlETF5Cs027ad451BbXkza7FUHw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:45:43:42:da:f9:97:90:b4:09:d0:28:84:da:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
        Validity
            Not Before: Sep  7 10:01:04 2025 GMT
            Not After : Sep  8 10:01:04 2025 GMT
        Subject: CN=091158adf13d18ddbfe4d16c7e0a642ab73a9dfb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:61:43:e0:56:12:a8:1d:5f:21:89:b3:13:bf:
                    ca:6b:f3:bf:f8:0e:22:b4:32:74:b1:23:34:2e:d5:
                    da:b2:83:d0:86:6c:df:98:72:94:71:06:ad:26:a9:
                    13:d7:60:51:67:b0:a6:36:42:12:f0:85:ac:f9:6b:
                    19:c4:aa:a6:f4:b3:a0:4c:0f:e9:98:2d:90:1b:0c:
                    e9:29:9d:a7:67:af:38:0f:b3:dc:8b:d5:17:ba:da:
                    45:59:d2:8b:55:43:ac:2d:d3:a3:38:7c:39:81:e3:
                    fe:70:93:a1:4a:f8:6a:b3:d7:51:79:51:33:e0:8a:
                    60:89:d3:e8:36:9b:eb:b3:0c:a4:fd:07:fc:b6:dd:
                    21:12:ab:27:e2:77:20:85:87:c0:6c:da:89:73:3f:
                    d7:36:b4:24:75:52:af:e5:72:c9:47:bd:98:5a:63:
                    fa:55:78:c6:8d:9b:fb:c6:64:6d:4d:de:96:ca:67:
                    2c:f8:2b:d2:af:c4:0c:aa:22:ff:47:4a:17:08:84:
                    6d:b4:f0:c7:12:7e:39:2b:c3:dd:f9:f8:ec:5b:09:
                    5a:e6:01:db:ec:21:89:af:c7:34:d8:12:56:cb:f0:
                    9d:93:4b:31:26:f6:4b:51:a8:5e:a5:00:5e:fa:d2:
                    f7:2c:63:9d:6c:dd:c9:a6:5a:bc:06:31:1f:db:b8:
                    dc:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:11:58:AD:F1:3D:18:DD:BF:E4:D1:6C:7E:0A:64:2A:B7:3A:9D:FB
            X509v3 Authority Key Identifier:
                keyid:53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:04:d8:cb:fb:c8:75:dc:36:2e:41:f4:c6:18:27:54:11:75:
         ac:8d:e5:59:a6:ea:6f:86:b1:f4:3e:d5:8f:50:84:b6:32:94:
         b8:22:72:71:d1:ed:b5:df:c3:1c:40:56:47:ed:21:39:3e:ed:
         1c:c4:c7:50:f1:e5:c3:50:9c:cb:06:71:7a:7f:a6:40:4a:5f:
         c2:62:de:56:0e:0e:f4:4e:c7:77:96:54:23:0e:0e:38:89:82:
         b0:55:fb:c6:34:27:0e:a5:b1:c8:bc:d9:77:7c:8d:42:64:16:
         82:72:d1:17:ff:81:b3:de:9f:bb:62:df:4e:9b:7d:3f:19:9b:
         f5:1b:3e:1c:7c:44:be:c2:35:09:94:dd:4c:74:d9:82:55:53:
         55:b7:c4:2b:f0:8a:30:f0:58:fa:60:62:b3:57:5d:f2:21:ae:
         43:ad:4b:69:8f:c4:99:3f:df:ee:67:f9:39:31:86:7d:0e:c9:
         3f:9f:5d:90:0c:0d:6f:f3:63:83:df:92:54:17:15:33:e2:61:
         84:40:ab:7c:a0:70:a6:53:92:63:05:a0:ed:36:4f:ad:e9:6e:
         ea:d4:bf:94:b3:5b:67:b2:c5:08:f3:03:0e:1f:86:32:32:db:
         ed:f7:60:fd:40:47:df:6c:dd:b8:2a:5e:69:10:a7:58:d0:72:
         c9:87:0d:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn0VDQtr5l5C0CdAohNqsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOGIwNjJjYjU0MjZmMDBlNjUzNzNlZWY0ZTRjZDhhMWMy
N2Y2OGUwHhcNMjUwOTA3MTAwMTA0WhcNMjUwOTA4MTAwMTA0WjAzMTEwLwYDVQQD
EygwOTExNThhZGYxM2QxOGRkYmZlNGQxNmM3ZTBhNjQyYWI3M2E5ZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGFD4FYSqB1fIYmzE7/Ka/O/+A4i
tDJ0sSM0LtXasoPQhmzfmHKUcQatJqkT12BRZ7CmNkIS8IWs+WsZxKqm9LOgTA/p
mC2QGwzpKZ2nZ684D7Pci9UXutpFWdKLVUOsLdOjOHw5geP+cJOhSvhqs9dReVEz
4IpgidPoNpvrswyk/Qf8tt0hEqsn4ncghYfAbNqJcz/XNrQkdVKv5XLJR72YWmP6
VXjGjZv7xmRtTd6Wymcs+CvSr8QMqiL/R0oXCIRttPDHEn45K8Pd+fjsWwla5gHb
7CGJr8c02BJWy/Cdk0sxJvZLUahepQBe+tL3LGOdbN3Jplq8BjEf27jcZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAkRWK3xPRjdv+TRbH4KZCq3Op37MB8GA1UdIwQY
MBaAFFOLBiy1Qm8A5lNz7vTkzYocJ/aOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUt
MjBjOGFiOTI2OTZmLzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUtMjBjOGFiOTI2OTZm
LzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGATYy/vI
ddw2LkH0xhgnVBF1rI3lWabqb4ax9D7Vj1CEtjKUuCJycdHttd/DHEBWR+0hOT7t
HMTHUPHlw1CcywZxen+mQEpfwmLeVg4O9E7Hd5ZUIw4OOImCsFX7xjQnDqWxyLzZ
d3yNQmQWgnLRF/+Bs96fu2LfTpt9Pxmb9Rs+HHxEvsI1CZTdTHTZglVTVbfEK/CK
MPBY+mBis1dd8iGuQ61LaY/EmT/f7mf5OTGGfQ7JP59dkAwNb/Njg9+SVBcVM+Jh
hECrfKBwplOSYwWg7TZPrelu6tS/lLNbZ7LFCPMDDh+GMjLb7fdg/UBH32zduCpe
aRCnWNByyYcNhA==
-----END CERTIFICATE-----