Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
File:                     XX2xSVjPTXheWe9cbGefjvVMHYs.mft (raw, json)
Hash identifier:          XJ1YtC8bLMDDusyCgmYzjDuT4myxvvKtQZwFFoU7FRY=
Subject key identifier:   C3:87:CD:99:86:50:C6:27:FA:08:78:5E:67:C6:19:AD:8D:3E:2C:F8
Authority key identifier: 5D:7D:B1:49:58:CF:4D:78:5E:59:EF:5C:6C:67:9F:8E:F5:4C:1D:8B
Certificate issuer:       /CN=5d7db14958cf4d785e59ef5c6c679f8ef54c1d8b
Certificate serial:       0199221E9559B65743197EF7BE88F4EEA0F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
Manifest number:          0659
Signing time:             Sun 07 Sep 2025 03:00:53 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:53 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:53 +0000
Files and hashes:         1: XX2xSVjPTXheWe9cbGefjvVMHYs.crl (hash: pcHVxIzbCawmZpg5F8A7zSTQwl/EwxYMblot9r1JJfc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:95:59:b6:57:43:19:7e:f7:be:88:f4:ee:a0:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d7db14958cf4d785e59ef5c6c679f8ef54c1d8b
        Validity
            Not Before: Sep  7 03:00:53 2025 GMT
            Not After : Sep  8 03:00:53 2025 GMT
        Subject: CN=c387cd998650c627fa08785e67c619ad8d3e2cf8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:89:77:74:ef:8b:55:5c:48:17:25:89:d5:48:
                    cb:b9:42:31:81:75:52:b7:7f:d8:e0:96:6d:aa:9a:
                    e0:de:66:d1:77:56:90:b5:7e:5d:0a:0a:2e:c3:8c:
                    9d:37:65:b8:16:dd:a3:45:77:40:97:5d:fe:33:5c:
                    5b:e8:39:d4:a2:51:f2:28:f3:fd:07:de:93:b1:38:
                    08:b9:93:90:ed:f9:e5:c2:b1:1c:c1:60:d0:a1:2e:
                    0c:58:5b:ff:29:81:24:93:b6:50:d8:3c:70:ae:94:
                    49:35:5e:6d:71:2e:b3:b4:7f:78:ff:f5:16:0c:17:
                    ca:55:e7:45:1d:8e:6d:3a:0b:6d:ad:24:35:2d:4c:
                    82:fb:44:40:5e:05:2b:32:37:88:24:b5:ac:cc:59:
                    ed:b4:3c:d4:1b:69:dc:2e:3f:ec:51:00:ec:0b:1f:
                    60:11:c2:7f:66:2e:1b:71:d8:76:58:ba:90:54:05:
                    03:44:55:11:37:7b:d3:f6:d2:c6:74:a4:ba:e3:95:
                    e6:89:7f:16:7d:5b:81:73:60:88:bc:c3:2c:b8:91:
                    6a:30:3d:25:f7:97:f4:e9:cf:90:02:4c:7a:f2:2f:
                    af:86:c3:5d:c2:3e:3b:f2:b1:d0:90:ab:16:a0:62:
                    22:5c:17:27:1c:32:9a:9b:e9:1d:cd:55:a9:77:0d:
                    5b:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:87:CD:99:86:50:C6:27:FA:08:78:5E:67:C6:19:AD:8D:3E:2C:F8
            X509v3 Authority Key Identifier:
                keyid:5D:7D:B1:49:58:CF:4D:78:5E:59:EF:5C:6C:67:9F:8E:F5:4C:1D:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:ec:c1:69:7e:12:a2:f8:98:1c:84:16:d3:eb:02:7e:cd:fe:
         6e:65:e1:20:f1:30:9d:5f:47:5f:cf:a7:1e:2d:e8:c7:e6:58:
         01:47:bd:c7:4c:17:d8:8f:fb:7f:32:5e:66:32:8d:d8:53:07:
         5f:da:bd:f4:c3:69:cf:bc:09:04:56:ad:b5:10:60:a5:32:b4:
         b3:29:9d:48:d0:29:13:66:1a:57:12:bf:4c:bf:24:81:d8:d8:
         c5:10:b9:d4:e4:9f:61:bb:cf:8b:d1:1d:a8:6b:0b:5f:32:5e:
         61:de:45:72:eb:e2:85:ee:d1:f3:4e:4e:bb:fa:5c:5c:b2:eb:
         f7:c9:d5:46:1a:2a:b4:63:b5:27:3e:d3:e5:e9:78:c5:d3:fb:
         27:95:be:c7:6c:a8:3d:90:b4:c7:3e:5d:6e:ef:d8:e9:36:30:
         17:d8:00:06:1a:cb:89:73:28:9b:4b:98:78:f7:46:9f:0e:45:
         44:9f:09:4c:41:22:d8:c1:25:d0:51:7b:48:ef:83:07:79:58:
         64:de:eb:af:92:66:92:c6:3c:91:88:b3:be:35:59:26:81:77:
         dd:08:35:0c:27:4b:92:bd:c5:f3:b8:cb:2c:bd:22:92:0d:99:
         39:0b:db:41:28:b0:43:42:49:38:03:bc:00:27:1d:9d:31:0e:
         87:5f:c0:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHpVZtldDGX73voj07qDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkN2RiMTQ5NThjZjRkNzg1ZTU5ZWY1YzZjNjc5ZjhlZjU0
YzFkOGIwHhcNMjUwOTA3MDMwMDUzWhcNMjUwOTA4MDMwMDUzWjAzMTEwLwYDVQQD
EyhjMzg3Y2Q5OTg2NTBjNjI3ZmEwODc4NWU2N2M2MTlhZDhkM2UyY2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Il3dO+LVVxIFyWJ1UjLuUIxgXVS
t3/Y4JZtqprg3mbRd1aQtX5dCgouw4ydN2W4Ft2jRXdAl13+M1xb6DnUolHyKPP9
B96TsTgIuZOQ7fnlwrEcwWDQoS4MWFv/KYEkk7ZQ2DxwrpRJNV5tcS6ztH94//UW
DBfKVedFHY5tOgttrSQ1LUyC+0RAXgUrMjeIJLWszFnttDzUG2ncLj/sUQDsCx9g
EcJ/Zi4bcdh2WLqQVAUDRFURN3vT9tLGdKS645XmiX8WfVuBc2CIvMMsuJFqMD0l
95f06c+QAkx68i+vhsNdwj478rHQkKsWoGIiXBcnHDKam+kdzVWpdw1bAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMOHzZmGUMYn+gh4XmfGGa2NPiz4MB8GA1UdIwQY
MBaAFF19sUlYz014XlnvXGxnn471TB2LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yMTdlOTctNmIyYy00YTVkLTkxNWIt
OTQ5YzYyOGU1ZjNjLzEvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yMTdlOTctNmIyYy00YTVkLTkxNWItOTQ5YzYyOGU1ZjNj
LzEvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcuzBaX4S
oviYHIQW0+sCfs3+bmXhIPEwnV9HX8+nHi3ox+ZYAUe9x0wX2I/7fzJeZjKN2FMH
X9q99MNpz7wJBFattRBgpTK0symdSNApE2YaVxK/TL8kgdjYxRC51OSfYbvPi9Ed
qGsLXzJeYd5Fcuvihe7R805Ou/pcXLLr98nVRhoqtGO1Jz7T5el4xdP7J5W+x2yo
PZC0xz5dbu/Y6TYwF9gABhrLiXMom0uYePdGnw5FRJ8JTEEi2MEl0FF7SO+DB3lY
ZN7rr5JmksY8kYizvjVZJoF33Qg1DCdLkr3F87jLLL0ikg2ZOQvbQSiwQ0JJOAO8
ACcdnTEOh1/Acw==
-----END CERTIFICATE-----