Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft
File:                     XZOOJrKYSy-hYarAewS9uFCq3RY.mft (raw, json)
Hash identifier:          t/M7RZOVs5ksUR+CKa5kAEYq5pM7gDJmaK/Bei/RGHQ=
Subject key identifier:   3B:EC:89:F5:FC:48:FF:13:03:1C:A1:C2:B8:DB:D9:72:E5:BF:CC:32
Authority key identifier: 5D:93:8E:26:B2:98:4B:2F:A1:61:AA:C0:7B:04:BD:B8:50:AA:DD:16
Certificate issuer:       /CN=5d938e26b2984b2fa161aac07b04bdb850aadd16
Certificate serial:       019747798E59E1294970B5F38F688D01D776
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XZOOJrKYSy-hYarAewS9uFCq3RY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft
Manifest number:          0961
Signing time:             Fri 06 Jun 2025 23:00:37 +0000
Manifest this update:     Fri 06 Jun 2025 23:00:37 +0000
Manifest next update:     Sat 07 Jun 2025 23:00:37 +0000
Files and hashes:         1: XZOOJrKYSy-hYarAewS9uFCq3RY.crl (hash: 0HgWf8ZJqLoGKvdvhiuKVCt/awhru2lSQOK7eCX60gw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XZOOJrKYSy-hYarAewS9uFCq3RY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 23:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:79:8e:59:e1:29:49:70:b5:f3:8f:68:8d:01:d7:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d938e26b2984b2fa161aac07b04bdb850aadd16
        Validity
            Not Before: Jun  6 23:00:37 2025 GMT
            Not After : Jun  7 23:00:37 2025 GMT
        Subject: CN=3bec89f5fc48ff13031ca1c2b8dbd972e5bfcc32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:32:a3:4c:c7:b0:0e:12:6a:90:36:4d:92:3e:
                    94:1e:b6:d2:39:bd:f5:77:c0:0c:56:53:2d:94:5c:
                    0b:ae:a1:70:5d:ef:51:bb:94:6d:03:84:de:44:e6:
                    04:4a:a0:70:62:42:2f:96:f6:6c:20:30:4d:73:7e:
                    66:1f:99:b4:00:67:43:46:8b:e6:54:66:65:90:95:
                    c7:07:a0:da:7d:4a:1d:9a:03:04:89:ba:c8:1a:63:
                    8d:a4:95:32:c6:f7:93:49:04:44:3b:3e:44:5f:58:
                    a9:82:46:0f:72:55:0f:3b:f5:c2:56:75:43:78:18:
                    eb:42:72:47:da:7c:02:6e:3e:40:d4:7a:83:f1:ee:
                    d5:55:db:ed:57:08:4c:7f:83:0c:73:a6:54:6e:cc:
                    cb:0b:31:94:72:3b:41:81:43:c8:b5:0d:d2:99:7e:
                    21:da:41:6e:d9:1b:07:6d:2c:9f:0a:22:0b:67:5f:
                    5a:0b:c8:dd:bc:15:53:90:f2:87:34:62:d2:78:da:
                    93:d4:f5:e7:fa:b1:d5:07:56:d3:4d:25:a6:b0:fe:
                    fd:6f:8e:22:3d:b1:d7:15:1c:e6:43:03:b4:db:90:
                    85:87:ca:67:16:c3:41:e8:bf:c1:7e:87:41:b3:08:
                    66:6c:12:a2:b4:c5:e7:e6:36:4e:b7:8d:6b:cf:61:
                    5d:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:EC:89:F5:FC:48:FF:13:03:1C:A1:C2:B8:DB:D9:72:E5:BF:CC:32
            X509v3 Authority Key Identifier:
                keyid:5D:93:8E:26:B2:98:4B:2F:A1:61:AA:C0:7B:04:BD:B8:50:AA:DD:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XZOOJrKYSy-hYarAewS9uFCq3RY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:28:38:a1:53:cb:dd:b4:b7:70:4e:5a:a5:07:34:8d:f5:6e:
         ce:d0:6f:fe:ea:04:b9:37:76:bb:e0:ab:1c:70:6e:b3:0c:48:
         91:8c:a5:f5:c4:a6:1c:cc:f1:71:27:e6:d9:fc:c6:78:1a:02:
         2b:6b:fd:3e:a8:c2:a6:0c:42:15:ec:ec:ca:9e:b1:c4:aa:c6:
         5d:40:f2:f1:68:a2:7c:24:16:27:5b:83:d6:0f:d8:99:2f:0f:
         d2:00:b8:58:f0:01:af:40:eb:b4:da:05:42:14:70:2e:30:53:
         bc:99:61:d9:fe:bf:83:93:fe:96:4c:e1:1f:b3:06:7a:e8:0d:
         e0:16:e9:25:fb:0b:b6:2e:2e:65:dd:16:c2:cf:50:dc:07:de:
         6f:ee:a2:b5:ba:03:cc:4d:dc:ef:3f:2e:61:09:76:27:9d:df:
         a2:ef:87:d0:58:f8:1e:29:71:51:03:ed:9c:39:9b:d6:8c:fe:
         bb:e4:10:27:2d:1c:54:f5:db:be:d9:3d:6d:d6:2d:9f:f5:8b:
         eb:c4:1e:31:f3:3d:6b:02:e1:3c:26:71:fc:72:90:33:b7:a5:
         aa:dd:07:5c:b7:01:9f:6a:fd:e5:73:a5:39:c5:d0:83:b7:98:
         c9:e8:47:24:2f:f2:17:f4:a1:80:89:96:f2:7a:5c:1c:51:df:
         5f:d1:c2:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHeY5Z4SlJcLXzj2iNAdd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOTM4ZTI2YjI5ODRiMmZhMTYxYWFjMDdiMDRiZGI4NTBh
YWRkMTYwHhcNMjUwNjA2MjMwMDM3WhcNMjUwNjA3MjMwMDM3WjAzMTEwLwYDVQQD
EygzYmVjODlmNWZjNDhmZjEzMDMxY2ExYzJiOGRiZDk3MmU1YmZjYzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zKjTMewDhJqkDZNkj6UHrbSOb31
d8AMVlMtlFwLrqFwXe9Ru5RtA4TeROYESqBwYkIvlvZsIDBNc35mH5m0AGdDRovm
VGZlkJXHB6DafUodmgMEibrIGmONpJUyxveTSQREOz5EX1ipgkYPclUPO/XCVnVD
eBjrQnJH2nwCbj5A1HqD8e7VVdvtVwhMf4MMc6ZUbszLCzGUcjtBgUPItQ3SmX4h
2kFu2RsHbSyfCiILZ19aC8jdvBVTkPKHNGLSeNqT1PXn+rHVB1bTTSWmsP79b44i
PbHXFRzmQwO025CFh8pnFsNB6L/BfodBswhmbBKitMXn5jZOt41rz2FdFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDvsifX8SP8TAxyhwrjb2XLlv8wyMB8GA1UdIwQY
MBaAFF2TjiaymEsvoWGqwHsEvbhQqt0WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFpPT0pyS1lTeS1oWWFyQWV3Uzl1RkNxM1JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8xYmU5ZjEtNWM0OC00NDI3LWEyYjEt
NmVjN2RiZTI3YmIzLzEvWFpPT0pyS1lTeS1oWWFyQWV3Uzl1RkNxM1JZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8xYmU5ZjEtNWM0OC00NDI3LWEyYjEtNmVjN2RiZTI3YmIz
LzEvWFpPT0pyS1lTeS1oWWFyQWV3Uzl1RkNxM1JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIig4oVPL
3bS3cE5apQc0jfVuztBv/uoEuTd2u+CrHHBuswxIkYyl9cSmHMzxcSfm2fzGeBoC
K2v9PqjCpgxCFezsyp6xxKrGXUDy8WiifCQWJ1uD1g/YmS8P0gC4WPABr0DrtNoF
QhRwLjBTvJlh2f6/g5P+lkzhH7MGeugN4BbpJfsLti4uZd0Wws9Q3Afeb+6itboD
zE3c7z8uYQl2J53fou+H0Fj4HilxUQPtnDmb1oz+u+QQJy0cVPXbvtk9bdYtn/WL
68QeMfM9awLhPCZx/HKQM7elqt0HXLcBn2r95XOlOcXQg7eYyehHJC/yF/ShgImW
8npcHFHfX9HC8A==
-----END CERTIFICATE-----