Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
File:                     XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft (raw, json)
Hash identifier:          ydaVHLrmFjkYDlfPZEFDSXiNegsFqmZSGVnQjWee3ZY=
Subject key identifier:   95:3F:6A:53:B4:CD:50:36:6C:5E:B7:D0:21:5B:15:9C:1D:77:A1:34
Authority key identifier: 5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E
Certificate issuer:       /CN=5ccf12899f358d1c341a207fde21d43c70a6945e
Certificate serial:       019A70DBED008CC9D9F7DC26BC240E6A7FA0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
Manifest number:          0366
Signing time:             Tue 11 Nov 2025 03:00:52 +0000
Manifest this update:     Tue 11 Nov 2025 03:00:52 +0000
Manifest next update:     Wed 12 Nov 2025 03:00:52 +0000
Files and hashes:         1: XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl (hash: WGGI209XwxF6oYr+zrV0ycjfRHAQJUlviQlqFd0Pq8Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:db:ed:00:8c:c9:d9:f7:dc:26:bc:24:0e:6a:7f:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ccf12899f358d1c341a207fde21d43c70a6945e
        Validity
            Not Before: Nov 11 03:00:52 2025 GMT
            Not After : Nov 12 03:00:52 2025 GMT
        Subject: CN=953f6a53b4cd50366c5eb7d0215b159c1d77a134
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:70:08:13:c6:b7:d0:e7:9b:c4:fe:a1:c0:2c:
                    fb:9b:91:a9:ef:b5:56:7e:c5:3c:63:92:b7:1b:18:
                    a8:e5:39:a4:a5:e3:7c:42:a1:39:0a:e1:34:e7:95:
                    fe:c3:cf:d8:0e:6b:04:0f:1b:0d:2a:59:11:79:3a:
                    e5:d3:41:7d:b4:f3:14:eb:c5:98:89:97:b4:34:83:
                    04:98:a6:f7:af:70:7e:f1:6e:b0:ba:4b:23:e2:e9:
                    0f:f9:5d:bf:b0:cd:3e:23:89:38:aa:db:d6:5e:5a:
                    3c:f0:c5:fc:ad:42:b7:c4:70:31:6a:a2:19:dd:6c:
                    a4:e5:59:e8:cd:00:d5:6b:dd:9c:3d:dc:96:1b:cf:
                    9d:58:7f:95:34:59:6f:d0:17:c9:b2:d7:4b:e0:29:
                    92:d4:7c:03:41:fd:c5:35:28:c0:30:30:01:40:85:
                    21:ac:c0:0c:80:54:cb:90:7c:1d:32:24:75:38:03:
                    ba:fd:ac:db:b2:4d:92:11:60:22:15:2c:77:9b:57:
                    f7:df:4e:8b:2b:d4:cd:9c:2d:03:fd:d7:d6:d5:42:
                    96:54:7a:0b:3e:50:cf:50:3b:7f:bf:a9:1d:f8:a2:
                    b5:93:4d:f9:12:2c:ad:29:42:a0:41:25:88:08:90:
                    02:be:cf:c1:62:d5:df:a3:4d:15:f3:58:e5:eb:d0:
                    78:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:3F:6A:53:B4:CD:50:36:6C:5E:B7:D0:21:5B:15:9C:1D:77:A1:34
            X509v3 Authority Key Identifier:
                keyid:5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:1f:db:8f:c0:a3:72:ae:4a:8a:8c:10:fe:60:80:52:f6:2b:
         62:9d:fd:02:3b:ed:de:1c:74:f4:05:36:81:81:48:c2:ae:f8:
         19:8c:26:96:1c:93:67:13:77:a4:98:6b:50:b2:58:52:2e:11:
         db:67:77:ca:47:20:e6:09:03:90:38:e9:30:24:42:d7:a7:70:
         29:83:8a:64:45:64:6d:fe:48:06:0b:22:b6:06:b7:ea:a9:ab:
         02:98:11:d8:c3:4b:ad:fd:2d:f8:60:35:08:07:32:61:69:6e:
         d9:7b:ed:53:a4:f5:0a:69:00:d3:9f:58:a3:bd:b3:cc:34:36:
         04:b2:be:7b:8f:d0:fb:76:bd:0e:20:db:e2:a3:87:49:dc:17:
         46:16:3a:ef:fe:fa:62:32:b4:2f:7b:79:90:f8:5a:c5:83:84:
         f1:d4:1b:e3:ec:39:49:12:48:53:ed:81:9b:59:d1:ac:fb:ed:
         5d:90:5e:f9:96:85:1a:c4:6d:54:39:b9:a2:2a:33:80:ee:b6:
         22:d7:be:f2:26:a6:8e:4e:de:87:ed:fc:88:3c:74:d5:45:be:
         56:34:c2:81:b0:9e:71:4a:bd:e1:1c:e8:67:dd:55:97:c7:6c:
         9e:95:aa:93:9e:32:70:cc:0a:63:58:c7:86:d1:d1:bf:29:93:
         d6:5e:a3:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw2+0AjMnZ99wmvCQOan+gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2YxMjg5OWYzNThkMWMzNDFhMjA3ZmRlMjFkNDNjNzBh
Njk0NWUwHhcNMjUxMTExMDMwMDUyWhcNMjUxMTEyMDMwMDUyWjAzMTEwLwYDVQQD
Eyg5NTNmNmE1M2I0Y2Q1MDM2NmM1ZWI3ZDAyMTViMTU5YzFkNzdhMTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3AIE8a30OebxP6hwCz7m5Gp77VW
fsU8Y5K3Gxio5TmkpeN8QqE5CuE055X+w8/YDmsEDxsNKlkReTrl00F9tPMU68WY
iZe0NIMEmKb3r3B+8W6wuksj4ukP+V2/sM0+I4k4qtvWXlo88MX8rUK3xHAxaqIZ
3Wyk5VnozQDVa92cPdyWG8+dWH+VNFlv0BfJstdL4CmS1HwDQf3FNSjAMDABQIUh
rMAMgFTLkHwdMiR1OAO6/azbsk2SEWAiFSx3m1f3306LK9TNnC0D/dfW1UKWVHoL
PlDPUDt/v6kd+KK1k035EiytKUKgQSWICJACvs/BYtXfo00V81jl69B4AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJU/alO0zVA2bF630CFbFZwdd6E0MB8GA1UdIwQY
MBaAFFzPEomfNY0cNBogf94h1DxwppReMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2Yt
MjU2MGY4NjkwY2QyLzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2YtMjU2MGY4NjkwY2Qy
LzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGx/bj8Cj
cq5KiowQ/mCAUvYrYp39Ajvt3hx09AU2gYFIwq74GYwmlhyTZxN3pJhrULJYUi4R
22d3ykcg5gkDkDjpMCRC16dwKYOKZEVkbf5IBgsitga36qmrApgR2MNLrf0t+GA1
CAcyYWlu2XvtU6T1CmkA059Yo72zzDQ2BLK+e4/Q+3a9DiDb4qOHSdwXRhY67/76
YjK0L3t5kPhaxYOE8dQb4+w5SRJIU+2Bm1nRrPvtXZBe+ZaFGsRtVDm5oiozgO62
Ite+8iamjk7eh+38iDx01UW+VjTCgbCecUq94RzoZ91Vl8dsnpWqk54ycMwKY1jH
htHRvymT1l6jbQ==
-----END CERTIFICATE-----