Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft
File:                     XZOOJrKYSy-hYarAewS9uFCq3RY.mft (raw, json)
Hash identifier:          gxp8JwHZVOH2ZwRyvUjxjfHeoeVfmfIY645/YZcV0HQ=
Subject key identifier:   9E:2A:E2:2A:BC:2C:05:4B:C4:61:32:2F:F7:BD:0D:6E:F1:26:F4:AC
Authority key identifier: 5D:93:8E:26:B2:98:4B:2F:A1:61:AA:C0:7B:04:BD:B8:50:AA:DD:16
Certificate issuer:       /CN=5d938e26b2984b2fa161aac07b04bdb850aadd16
Certificate serial:       019A70A5126AC4BE9611C36FE2E6C0105C7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XZOOJrKYSy-hYarAewS9uFCq3RY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft
Manifest number:          0B04
Signing time:             Tue 11 Nov 2025 02:00:57 +0000
Manifest this update:     Tue 11 Nov 2025 02:00:57 +0000
Manifest next update:     Wed 12 Nov 2025 02:00:57 +0000
Files and hashes:         1: XZOOJrKYSy-hYarAewS9uFCq3RY.crl (hash: Z8SXUWRy2rikcapiA4joz7jX/xSQj06M8qOV+hAGYro=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XZOOJrKYSy-hYarAewS9uFCq3RY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a5:12:6a:c4:be:96:11:c3:6f:e2:e6:c0:10:5c:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d938e26b2984b2fa161aac07b04bdb850aadd16
        Validity
            Not Before: Nov 11 02:00:57 2025 GMT
            Not After : Nov 12 02:00:57 2025 GMT
        Subject: CN=9e2ae22abc2c054bc461322ff7bd0d6ef126f4ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:0c:7e:eb:01:18:15:ef:67:40:3c:d6:dc:f2:
                    00:b7:a2:9c:de:f0:df:47:0e:c4:25:a4:08:16:40:
                    8e:cf:b2:23:e9:f2:ed:2d:18:35:31:72:40:57:1d:
                    f4:6b:14:8e:07:b6:20:4a:14:50:fb:83:3f:2b:21:
                    c3:44:d8:0b:8d:e3:6c:1e:f2:df:cb:c3:d8:b3:bc:
                    81:d4:e9:dd:d9:ad:93:60:58:e3:7d:12:fb:3d:b6:
                    bd:d5:50:c6:22:77:bf:ac:a6:c1:7f:af:fe:15:d5:
                    79:ae:08:bc:62:cb:ee:2f:28:6a:a7:db:c3:a8:5b:
                    07:b0:1c:05:82:3e:ff:b9:70:d0:9a:32:4d:bf:7c:
                    34:cd:07:21:48:5a:f0:14:b3:1f:09:35:5e:74:d2:
                    20:8e:24:9a:fc:d7:cf:7e:b4:6c:ad:df:88:ba:ff:
                    d0:31:1e:bc:6f:d6:37:50:9d:36:5b:94:f9:ff:de:
                    a5:84:e6:cf:21:f1:c0:40:0f:a8:d1:17:be:58:8a:
                    12:c6:dd:bc:6c:c2:34:73:c3:0f:97:37:fc:1c:29:
                    ea:4f:cd:76:0c:57:53:96:09:0f:fe:4e:56:9b:e7:
                    96:f7:a2:de:2f:f7:3b:bb:51:3a:ed:ed:7d:d0:b3:
                    9b:28:7d:03:42:48:6d:a1:c4:64:b8:72:05:4f:44:
                    5a:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:2A:E2:2A:BC:2C:05:4B:C4:61:32:2F:F7:BD:0D:6E:F1:26:F4:AC
            X509v3 Authority Key Identifier:
                keyid:5D:93:8E:26:B2:98:4B:2F:A1:61:AA:C0:7B:04:BD:B8:50:AA:DD:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XZOOJrKYSy-hYarAewS9uFCq3RY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:27:dc:14:c3:a9:88:d6:6c:ce:c0:5a:0e:a5:4c:f9:ed:52:
         1f:09:0c:7f:d9:04:a5:a9:50:10:75:b7:f8:f7:33:cf:fd:f9:
         26:e3:41:b7:1a:3b:2c:8f:2f:0b:53:42:7b:73:03:d3:64:9a:
         f1:f9:ff:4e:ce:6c:7d:4e:a6:69:c3:bf:98:3e:54:79:e1:26:
         68:65:cf:27:e9:fb:e5:65:67:6a:1a:79:12:52:2b:18:bd:82:
         3b:ab:cd:22:45:bd:6d:9b:6f:6a:97:79:4b:c8:85:de:c5:b0:
         ec:a9:b0:7f:c0:b2:c0:b4:ce:64:35:e0:c7:3f:8f:31:00:5d:
         d4:3c:72:17:c7:fd:3a:6e:28:2e:16:0d:7d:b4:6a:e4:96:9c:
         74:55:34:58:1e:8c:74:e3:99:78:b8:9b:0a:18:bc:45:69:47:
         7a:42:62:f0:cb:ea:96:97:f3:35:84:fc:9d:d3:02:3d:87:29:
         52:af:97:62:95:c3:2c:c2:2f:b6:75:04:f1:a1:b2:45:25:fe:
         7e:11:aa:6f:35:4b:45:b0:68:f9:83:cb:da:6e:ca:9e:1f:8a:
         42:cc:62:a3:c6:ce:06:eb:4d:7a:e9:e9:0b:63:c8:a9:4b:3f:
         c7:6d:ba:49:25:37:e5:8e:70:f8:14:d7:3d:14:ea:43:2b:da:
         e7:3e:3f:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpRJqxL6WEcNv4ubAEFx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOTM4ZTI2YjI5ODRiMmZhMTYxYWFjMDdiMDRiZGI4NTBh
YWRkMTYwHhcNMjUxMTExMDIwMDU3WhcNMjUxMTEyMDIwMDU3WjAzMTEwLwYDVQQD
Eyg5ZTJhZTIyYWJjMmMwNTRiYzQ2MTMyMmZmN2JkMGQ2ZWYxMjZmNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwx+6wEYFe9nQDzW3PIAt6Kc3vDf
Rw7EJaQIFkCOz7Ij6fLtLRg1MXJAVx30axSOB7YgShRQ+4M/KyHDRNgLjeNsHvLf
y8PYs7yB1Ond2a2TYFjjfRL7Pba91VDGIne/rKbBf6/+FdV5rgi8YsvuLyhqp9vD
qFsHsBwFgj7/uXDQmjJNv3w0zQchSFrwFLMfCTVedNIgjiSa/NfPfrRsrd+Iuv/Q
MR68b9Y3UJ02W5T5/96lhObPIfHAQA+o0Re+WIoSxt28bMI0c8MPlzf8HCnqT812
DFdTlgkP/k5Wm+eW96LeL/c7u1E67e190LObKH0DQkhtocRkuHIFT0RaqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ4q4iq8LAVLxGEyL/e9DW7xJvSsMB8GA1UdIwQY
MBaAFF2TjiaymEsvoWGqwHsEvbhQqt0WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFpPT0pyS1lTeS1oWWFyQWV3Uzl1RkNxM1JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8xYmU5ZjEtNWM0OC00NDI3LWEyYjEt
NmVjN2RiZTI3YmIzLzEvWFpPT0pyS1lTeS1oWWFyQWV3Uzl1RkNxM1JZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8xYmU5ZjEtNWM0OC00NDI3LWEyYjEtNmVjN2RiZTI3YmIz
LzEvWFpPT0pyS1lTeS1oWWFyQWV3Uzl1RkNxM1JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbCfcFMOp
iNZszsBaDqVM+e1SHwkMf9kEpalQEHW3+Pczz/35JuNBtxo7LI8vC1NCe3MD02Sa
8fn/Ts5sfU6macO/mD5UeeEmaGXPJ+n75WVnahp5ElIrGL2CO6vNIkW9bZtvapd5
S8iF3sWw7Kmwf8CywLTOZDXgxz+PMQBd1DxyF8f9Om4oLhYNfbRq5JacdFU0WB6M
dOOZeLibChi8RWlHekJi8MvqlpfzNYT8ndMCPYcpUq+XYpXDLMIvtnUE8aGyRSX+
fhGqbzVLRbBo+YPL2m7Knh+KQsxio8bOButNeunpC2PIqUs/x226SSU35Y5w+BTX
PRTqQyva5z4/nw==
-----END CERTIFICATE-----