Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4fba0b-7bee-4312-ab89-b4fcefd37ce1/1/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.mft
File:                     XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.mft (raw, json)
Hash identifier:          IGXuJU9+ItnjPEJjd4mgrVmAfJNhR+u94maAuCEBZ0U=
Subject key identifier:   24:5E:5A:F8:2C:CE:85:E2:0C:50:7B:5F:D5:75:D0:40:4B:2F:B1:1E
Authority key identifier: 5D:9F:8E:85:5B:F1:B0:43:09:C4:9C:41:F7:F4:30:DC:C8:F9:45:8D
Certificate issuer:       /CN=5d9f8e855bf1b04309c49c41f7f430dcc8f9458d
Certificate serial:       01985231867D3E053F8D62B8F60F82FA5D93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4fba0b-7bee-4312-ab89-b4fcefd37ce1/1/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.mft
Manifest number:          0104
Signing time:             Mon 28 Jul 2025 18:00:34 +0000
Manifest this update:     Mon 28 Jul 2025 18:00:34 +0000
Manifest next update:     Tue 29 Jul 2025 18:00:34 +0000
Files and hashes:         1: XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.crl (hash: mPj9+pIADFocJbf85eJOp7hwqcWoALNfKWkLaCp3jQI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4fba0b-7bee-4312-ab89-b4fcefd37ce1/1/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4fba0b-7bee-4312-ab89-b4fcefd37ce1/1/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Jul 2025 14:37:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:52:31:86:7d:3e:05:3f:8d:62:b8:f6:0f:82:fa:5d:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d9f8e855bf1b04309c49c41f7f430dcc8f9458d
        Validity
            Not Before: Jul 28 18:00:34 2025 GMT
            Not After : Jul 29 18:00:34 2025 GMT
        Subject: CN=245e5af82cce85e20c507b5fd575d0404b2fb11e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ec:fa:7f:e0:70:53:54:6e:b3:d8:48:9a:93:
                    73:03:4f:46:28:a1:9e:a3:8e:27:85:8b:4a:a2:1e:
                    a6:b1:0b:1a:5a:36:66:1f:f6:71:ea:5c:9c:0f:f4:
                    29:65:ef:46:78:7a:b1:95:03:86:23:db:17:e7:da:
                    42:7d:09:28:64:63:03:ef:da:75:e9:30:65:ea:eb:
                    88:d5:b2:98:c3:3d:f9:40:2d:fb:f1:e9:ff:65:79:
                    a4:cc:ce:22:b7:61:d8:06:02:c5:43:b0:c3:33:86:
                    a5:48:1c:eb:74:41:13:fb:38:12:b5:fd:39:d7:28:
                    54:58:67:a8:b6:58:7f:d9:6e:3d:4a:f8:81:05:41:
                    83:a7:71:ae:c5:11:c6:e5:9e:c8:e6:ea:ec:6e:ed:
                    5c:0d:08:e2:9c:c0:b1:9c:6a:37:61:f9:bc:b2:20:
                    3c:7e:b7:0e:f6:75:5b:c5:09:97:20:f4:cb:25:75:
                    25:c2:f7:72:cf:01:e8:a5:a4:7c:6e:50:dd:0c:2a:
                    77:ac:59:d1:65:6a:4c:22:3b:30:b0:3a:45:25:03:
                    b4:69:c2:7b:07:6c:cc:8a:64:2d:a3:b7:75:0d:1c:
                    4a:da:fe:a2:dc:7a:82:86:a7:9a:da:bc:b8:09:30:
                    87:a0:da:33:c8:16:3f:cc:29:21:1b:b7:58:63:b1:
                    40:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:5E:5A:F8:2C:CE:85:E2:0C:50:7B:5F:D5:75:D0:40:4B:2F:B1:1E
            X509v3 Authority Key Identifier:
                keyid:5D:9F:8E:85:5B:F1:B0:43:09:C4:9C:41:F7:F4:30:DC:C8:F9:45:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4fba0b-7bee-4312-ab89-b4fcefd37ce1/1/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4fba0b-7bee-4312-ab89-b4fcefd37ce1/1/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:48:44:6c:e5:d1:e0:42:55:6c:68:d7:04:ce:30:62:4d:36:
         12:1e:40:d0:6d:00:cf:ef:ae:f4:3c:60:50:21:55:7f:3f:04:
         2a:4a:07:a7:fb:3f:39:7b:ea:b8:58:4e:14:70:cb:4b:3d:85:
         e3:f8:01:53:79:fa:f7:f0:36:7a:fa:ee:c4:06:0f:68:1d:b7:
         8d:1b:32:76:7e:ed:fc:45:46:6a:37:31:f5:ed:7c:a7:81:89:
         4c:eb:d1:d9:34:a7:0e:83:ab:4f:58:d4:94:44:b0:ea:80:80:
         3e:01:9d:20:38:ca:bf:74:3a:2f:f3:65:36:9f:db:28:74:12:
         d2:6b:5e:41:c0:eb:75:8e:5d:40:5c:54:5d:9b:79:62:3e:40:
         5c:34:25:63:e4:63:cf:ff:5b:e3:96:b1:a5:93:83:1f:26:7c:
         88:0d:af:ca:aa:64:74:eb:59:1c:1e:bd:2c:64:00:4f:10:67:
         45:87:37:60:eb:68:e0:14:5b:94:2a:dc:4c:0c:8f:79:5b:7d:
         c0:5b:11:99:ff:70:bc:a9:4f:97:d6:f5:e6:21:3d:4f:61:80:
         9d:8d:80:31:97:32:ee:c0:6f:b2:40:da:ca:5c:58:78:c2:5f:
         55:d1:65:fa:4b:83:f5:f9:88:2f:cb:4a:b4:26:2a:9a:26:b4:
         ed:0e:2b:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhSMYZ9PgU/jWK49g+C+l2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOWY4ZTg1NWJmMWIwNDMwOWM0OWM0MWY3ZjQzMGRjYzhm
OTQ1OGQwHhcNMjUwNzI4MTgwMDM0WhcNMjUwNzI5MTgwMDM0WjAzMTEwLwYDVQQD
EygyNDVlNWFmODJjY2U4NWUyMGM1MDdiNWZkNTc1ZDA0MDRiMmZiMTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruz6f+BwU1Rus9hImpNzA09GKKGe
o44nhYtKoh6msQsaWjZmH/Zx6lycD/QpZe9GeHqxlQOGI9sX59pCfQkoZGMD79p1
6TBl6uuI1bKYwz35QC378en/ZXmkzM4it2HYBgLFQ7DDM4alSBzrdEET+zgStf05
1yhUWGeotlh/2W49SviBBUGDp3GuxRHG5Z7I5ursbu1cDQjinMCxnGo3Yfm8siA8
frcO9nVbxQmXIPTLJXUlwvdyzwHopaR8blDdDCp3rFnRZWpMIjswsDpFJQO0acJ7
B2zMimQto7d1DRxK2v6i3HqChqea2ry4CTCHoNozyBY/zCkhG7dYY7FAYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCReWvgszoXiDFB7X9V10EBLL7EeMB8GA1UdIwQY
MBaAFF2fjoVb8bBDCcScQff0MNzI+UWNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFotT2hWdnhzRU1KeEp4QjlfUXczTWo1UlkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80ZmJhMGItN2JlZS00MzEyLWFiODkt
YjRmY2VmZDM3Y2UxLzEvWFotT2hWdnhzRU1KeEp4QjlfUXczTWo1UlkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80ZmJhMGItN2JlZS00MzEyLWFiODktYjRmY2VmZDM3Y2Ux
LzEvWFotT2hWdnhzRU1KeEp4QjlfUXczTWo1UlkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQEhEbOXR
4EJVbGjXBM4wYk02Eh5A0G0Az++u9DxgUCFVfz8EKkoHp/s/OXvquFhOFHDLSz2F
4/gBU3n69/A2evruxAYPaB23jRsydn7t/EVGajcx9e18p4GJTOvR2TSnDoOrT1jU
lESw6oCAPgGdIDjKv3Q6L/NlNp/bKHQS0mteQcDrdY5dQFxUXZt5Yj5AXDQlY+Rj
z/9b45axpZODHyZ8iA2vyqpkdOtZHB69LGQATxBnRYc3YOto4BRblCrcTAyPeVt9
wFsRmf9wvKlPl9b15iE9T2GAnY2AMZcy7sBvskDaylxYeMJfVdFl+kuD9fmIL8tK
tCYqmia07Q4rGg==
-----END CERTIFICATE-----