Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
File:                     xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft (raw, json)
Hash identifier:          /D7ckNFFcDAObpaBPzvPhRMJUgm78TRmJRoD4Z+Mzq0=
Subject key identifier:   86:55:9E:91:DD:79:96:16:27:1A:19:A3:BA:17:E0:16:3F:5C:37:33
Authority key identifier: C5:D1:8E:1A:1D:C6:55:8C:4D:BA:73:1E:FA:32:76:9C:45:F5:4B:A0
Certificate issuer:       /CN=c5d18e1a1dc6558c4dba731efa32769c45f54ba0
Certificate serial:       019A71B831104CCF13CF1059E668C491C3C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 07:01:27 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:27 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:27 +0000
Files and hashes:         1: xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl (hash: 4jJxWTk0oO5TxloXrty7K58ku8VujvDNvOUM30s1TPI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:31:10:4c:cf:13:cf:10:59:e6:68:c4:91:c3:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5d18e1a1dc6558c4dba731efa32769c45f54ba0
        Validity
            Not Before: Nov 11 07:01:27 2025 GMT
            Not After : Nov 12 07:01:27 2025 GMT
        Subject: CN=86559e91dd799616271a19a3ba17e0163f5c3733
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:b8:6e:e5:de:fd:fc:a0:ed:e8:a8:95:f1:a0:
                    0b:f5:17:ae:75:8d:73:91:c0:1e:03:5d:92:f5:9c:
                    e7:bf:d6:3e:7a:56:f6:ed:33:c4:c5:32:7b:c3:e9:
                    00:64:d1:19:71:44:08:62:5f:84:14:9e:8e:b8:f7:
                    ba:72:8f:e9:3f:1c:36:ef:11:2c:ac:06:b7:57:ce:
                    0b:9f:91:8f:32:63:55:c3:5c:1b:5b:3a:28:9f:d7:
                    b1:ab:d7:9a:86:28:06:f2:f6:af:00:9d:ba:a6:b1:
                    b1:05:1e:f6:a4:28:1a:55:39:68:b5:b9:dd:b3:d1:
                    5b:55:2e:a5:9a:fd:6d:d4:9a:5f:d0:d5:59:73:83:
                    f2:f2:98:f8:08:65:49:94:24:44:e7:93:de:0d:18:
                    58:2e:1a:9e:e8:d5:d8:7b:b8:01:d9:37:fd:69:5e:
                    5e:42:53:3f:7a:ac:5a:c5:ff:4b:45:70:2a:d6:7c:
                    17:75:91:6b:a7:cc:bc:f4:fa:22:da:0e:48:99:08:
                    63:e3:29:cc:b0:a3:8b:6d:1a:97:60:d9:af:72:7a:
                    63:85:22:3b:60:45:42:c7:05:db:08:4a:0c:b6:b8:
                    ce:65:57:36:e5:c1:83:64:0e:38:33:46:98:6d:ef:
                    ac:1d:a8:b1:6a:5f:a3:72:0c:d9:b2:e9:59:04:fe:
                    a5:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:55:9E:91:DD:79:96:16:27:1A:19:A3:BA:17:E0:16:3F:5C:37:33
            X509v3 Authority Key Identifier:
                keyid:C5:D1:8E:1A:1D:C6:55:8C:4D:BA:73:1E:FA:32:76:9C:45:F5:4B:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:82:50:38:9c:f2:38:89:9e:fb:ef:65:12:19:f8:9f:74:6a:
         51:0c:56:9e:0a:3e:cf:ca:0a:cb:c0:9a:e9:69:72:88:da:2c:
         c6:89:16:fe:c1:eb:2e:58:d0:53:c5:ac:6a:ff:29:c5:06:6e:
         1e:bb:94:e2:98:9f:b7:4d:04:ce:63:1c:de:56:bf:3d:ac:be:
         b8:10:be:bf:00:5c:02:1a:c7:86:f5:0f:c8:2e:c2:7f:10:e8:
         e5:d6:ed:08:ab:91:fd:21:53:f0:3f:c0:a8:da:55:9c:28:93:
         b7:fa:54:af:33:af:dc:86:78:d8:76:1f:1b:8b:83:63:4b:a5:
         c4:bc:01:e4:7b:dc:ac:c5:35:80:4b:1d:43:a2:2c:a4:19:e0:
         a2:c2:36:0e:ee:ca:ea:8e:ac:c3:9c:91:f9:55:44:c8:5d:62:
         80:21:a5:1e:67:f8:37:60:9a:cf:60:7e:ae:a2:86:1c:81:ac:
         71:c7:bc:2f:29:c2:81:26:ab:2e:6d:58:64:04:e8:41:02:12:
         81:f1:f8:b6:1c:43:e8:ab:ad:41:7d:72:9e:03:82:f2:2e:d7:
         6d:8b:c4:c8:d9:1a:bb:2e:25:03:c2:e4:20:b2:dd:5a:26:51:
         5a:18:22:b4:46:2a:06:56:a7:6e:3d:c9:15:cf:78:6e:27:25:
         7a:bf:0b:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuDEQTM8TzxBZ5mjEkcPJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZDE4ZTFhMWRjNjU1OGM0ZGJhNzMxZWZhMzI3NjljNDVm
NTRiYTAwHhcNMjUxMTExMDcwMTI3WhcNMjUxMTEyMDcwMTI3WjAzMTEwLwYDVQQD
Eyg4NjU1OWU5MWRkNzk5NjE2MjcxYTE5YTNiYTE3ZTAxNjNmNWMzNzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbhu5d79/KDt6KiV8aAL9ReudY1z
kcAeA12S9Zznv9Y+elb27TPExTJ7w+kAZNEZcUQIYl+EFJ6OuPe6co/pPxw27xEs
rAa3V84Ln5GPMmNVw1wbWzoon9exq9eahigG8vavAJ26prGxBR72pCgaVTlotbnd
s9FbVS6lmv1t1Jpf0NVZc4Py8pj4CGVJlCRE55PeDRhYLhqe6NXYe7gB2Tf9aV5e
QlM/eqxaxf9LRXAq1nwXdZFrp8y89Poi2g5ImQhj4ynMsKOLbRqXYNmvcnpjhSI7
YEVCxwXbCEoMtrjOZVc25cGDZA44M0aYbe+sHaixal+jcgzZsulZBP6lNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZVnpHdeZYWJxoZo7oX4BY/XDczMB8GA1UdIwQY
MBaAFMXRjhodxlWMTbpzHvoydpxF9UugMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC82ZjZiMDctMmU0NS00MTBmLTkzMTgt
MWNiZTY2MWE2M2ZmLzEveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC82ZjZiMDctMmU0NS00MTBmLTkzMTgtMWNiZTY2MWE2M2Zm
LzEveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWoJQOJzy
OIme++9lEhn4n3RqUQxWngo+z8oKy8Ca6WlyiNosxokW/sHrLljQU8Wsav8pxQZu
HruU4pift00EzmMc3la/Pay+uBC+vwBcAhrHhvUPyC7CfxDo5dbtCKuR/SFT8D/A
qNpVnCiTt/pUrzOv3IZ42HYfG4uDY0ulxLwB5HvcrMU1gEsdQ6IspBngosI2Du7K
6o6sw5yR+VVEyF1igCGlHmf4N2Caz2B+rqKGHIGscce8LynCgSarLm1YZAToQQIS
gfH4thxD6KutQX1yngOC8i7XbYvEyNkauy4lA8LkILLdWiZRWhgitEYqBlanbj3J
Fc94bicler8LmA==
-----END CERTIFICATE-----