Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
File:                     xVRM5A0R1h07gKfRAyMBI_t9aKU.mft (raw, json)
Hash identifier:          CgtAg3xFxY5vFvQ2co8VyVwvIgzlPNnl+Ae8CrYDR18=
Subject key identifier:   D1:73:34:85:B7:E1:A8:0A:E0:16:1B:63:BD:23:6A:E6:37:63:D1:E8
Authority key identifier: C5:54:4C:E4:0D:11:D6:1D:3B:80:A7:D1:03:23:01:23:FB:7D:68:A5
Certificate issuer:       /CN=c5544ce40d11d61d3b80a7d103230123fb7d68a5
Certificate serial:       01984AAE813CEC3AD767A2542E4328FEA0EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
Manifest number:          0F21
Signing time:             Sun 27 Jul 2025 07:00:06 +0000
Manifest this update:     Sun 27 Jul 2025 07:00:06 +0000
Manifest next update:     Mon 28 Jul 2025 07:00:06 +0000
Files and hashes:         1: xVRM5A0R1h07gKfRAyMBI_t9aKU.crl (hash: DVHkIqFLciKYzfilfUotLAhUkTcDFwB7Vh1UBhcgC8I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:ae:81:3c:ec:3a:d7:67:a2:54:2e:43:28:fe:a0:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5544ce40d11d61d3b80a7d103230123fb7d68a5
        Validity
            Not Before: Jul 27 07:00:06 2025 GMT
            Not After : Jul 28 07:00:06 2025 GMT
        Subject: CN=d1733485b7e1a80ae0161b63bd236ae63763d1e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:c7:2c:13:4f:75:c9:f5:e3:6a:1f:8c:a6:92:
                    da:53:ff:cb:78:52:61:c8:c7:90:a6:fa:31:c9:81:
                    45:c3:0d:0d:83:ce:7b:e9:00:35:28:dd:8a:b1:fd:
                    00:a8:0e:e7:ab:0f:0b:cc:4f:76:59:e5:f9:6f:6d:
                    57:e8:19:5b:b5:a9:6d:bd:d3:6a:7e:10:df:b9:07:
                    78:64:74:77:ef:5f:69:27:e1:36:a1:74:da:c3:53:
                    33:48:89:db:c9:b4:5c:c8:11:05:16:3a:a1:76:14:
                    64:50:78:2f:18:f9:5d:2c:24:fd:49:0c:65:c6:08:
                    43:bb:72:44:b3:82:f9:7d:84:cc:d4:39:17:e5:cc:
                    b6:28:57:a8:25:24:61:cb:66:41:22:c3:d1:22:1c:
                    94:f3:b3:e2:36:23:5d:c2:10:ef:fd:c1:96:e6:9a:
                    bf:75:12:c6:91:37:5f:4f:2d:bf:e0:fa:d2:38:9c:
                    59:23:44:1c:79:b5:d0:d1:4f:05:9e:d7:4e:ea:b6:
                    84:5d:d0:33:f5:c1:b1:4d:46:27:a9:6e:dd:d7:00:
                    76:d5:70:de:e8:9b:f3:46:0e:2d:f4:18:80:d0:1a:
                    23:92:1b:05:19:19:81:0b:cf:54:6f:27:ee:da:98:
                    63:a3:7c:f9:a6:45:b5:d2:b7:84:cd:11:d3:b9:87:
                    01:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:73:34:85:B7:E1:A8:0A:E0:16:1B:63:BD:23:6A:E6:37:63:D1:E8
            X509v3 Authority Key Identifier:
                keyid:C5:54:4C:E4:0D:11:D6:1D:3B:80:A7:D1:03:23:01:23:FB:7D:68:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:0a:8a:cc:3b:33:b2:b9:7e:03:da:5d:e8:3d:85:4a:ea:66:
         aa:23:04:7c:84:98:6d:78:b8:a3:30:e8:20:f6:c8:58:ad:65:
         fe:c3:fe:8f:f9:84:19:4d:4d:8e:50:8d:26:33:46:ab:1d:8f:
         53:64:eb:63:6d:da:4d:b2:4e:43:3b:94:3f:3c:b9:85:07:4d:
         e3:92:07:64:d5:0b:a7:e3:70:49:43:49:16:d5:20:5a:3c:aa:
         5b:ad:17:49:03:99:75:34:fb:ac:80:2e:9a:14:67:fe:ec:86:
         92:31:49:01:8b:e4:98:58:38:4a:e8:bc:6e:23:ec:b9:34:b0:
         16:c2:55:e2:06:86:33:0f:1f:89:9a:61:12:00:70:4b:df:db:
         42:57:9d:9c:cf:1d:92:10:16:a6:f0:cd:e0:75:d2:b7:8a:91:
         f8:ee:37:0a:db:fe:d6:c7:03:38:3f:1b:71:70:28:63:dc:7d:
         b2:22:0b:79:58:ec:ee:e5:e9:35:03:22:43:f5:78:c1:ae:01:
         3f:f4:7e:ba:26:aa:34:bb:47:c0:bd:d9:9f:57:8d:76:51:b6:
         a4:b7:7a:03:64:da:1f:c4:de:78:d2:92:af:f4:c6:94:ab:87:
         6e:9e:f4:65:80:ba:6f:f0:8a:ac:c6:ee:ba:87:7a:c6:9d:1c:
         b7:19:06:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKroE87DrXZ6JULkMo/qDuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NTQ0Y2U0MGQxMWQ2MWQzYjgwYTdkMTAzMjMwMTIzZmI3
ZDY4YTUwHhcNMjUwNzI3MDcwMDA2WhcNMjUwNzI4MDcwMDA2WjAzMTEwLwYDVQQD
EyhkMTczMzQ4NWI3ZTFhODBhZTAxNjFiNjNiZDIzNmFlNjM3NjNkMWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8csE091yfXjah+MppLaU//LeFJh
yMeQpvoxyYFFww0Ng8576QA1KN2Ksf0AqA7nqw8LzE92WeX5b21X6BlbtaltvdNq
fhDfuQd4ZHR3719pJ+E2oXTaw1MzSInbybRcyBEFFjqhdhRkUHgvGPldLCT9SQxl
xghDu3JEs4L5fYTM1DkX5cy2KFeoJSRhy2ZBIsPRIhyU87PiNiNdwhDv/cGW5pq/
dRLGkTdfTy2/4PrSOJxZI0QcebXQ0U8FntdO6raEXdAz9cGxTUYnqW7d1wB21XDe
6JvzRg4t9BiA0BojkhsFGRmBC89Ubyfu2phjo3z5pkW10reEzRHTuYcBpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNFzNIW34agK4BYbY70jauY3Y9HoMB8GA1UdIwQY
MBaAFMVUTOQNEdYdO4Cn0QMjASP7fWilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82NDYyOTYtZTRiZC00ZmViLTlmOWQt
NTI3Y2IyNGRiZDQwLzEveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82NDYyOTYtZTRiZC00ZmViLTlmOWQtNTI3Y2IyNGRiZDQw
LzEveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvAqKzDsz
srl+A9pd6D2FSupmqiMEfISYbXi4ozDoIPbIWK1l/sP+j/mEGU1NjlCNJjNGqx2P
U2TrY23aTbJOQzuUPzy5hQdN45IHZNULp+NwSUNJFtUgWjyqW60XSQOZdTT7rIAu
mhRn/uyGkjFJAYvkmFg4Sui8biPsuTSwFsJV4gaGMw8fiZphEgBwS9/bQlednM8d
khAWpvDN4HXSt4qR+O43Ctv+1scDOD8bcXAoY9x9siILeVjs7uXpNQMiQ/V4wa4B
P/R+uiaqNLtHwL3Zn1eNdlG2pLd6A2TaH8TeeNKSr/TGlKuHbp70ZYC6b/CKrMbu
uod6xp0ctxkGnw==
-----END CERTIFICATE-----