Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
File:                     XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft (raw, json)
Hash identifier:          SWPEXdP1dqEzbuzC49auGP8v4moRMyRvTbjbDWcKFdc=
Subject key identifier:   23:B0:FE:6B:B5:00:50:51:41:1F:86:F3:CE:65:44:C5:43:24:04:F6
Authority key identifier: 5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E
Certificate issuer:       /CN=5ccf12899f358d1c341a207fde21d43c70a6945e
Certificate serial:       01974B8D8B1D5E65D6C30C63BD511664710E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
Manifest number:          01C5
Signing time:             Sat 07 Jun 2025 18:00:56 +0000
Manifest this update:     Sat 07 Jun 2025 18:00:56 +0000
Manifest next update:     Sun 08 Jun 2025 18:00:56 +0000
Files and hashes:         1: XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl (hash: H8pANl+39lGuDEH1z3LBoU3rIGG1dLDtXHoVv6lLOpk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:8d:8b:1d:5e:65:d6:c3:0c:63:bd:51:16:64:71:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ccf12899f358d1c341a207fde21d43c70a6945e
        Validity
            Not Before: Jun  7 18:00:56 2025 GMT
            Not After : Jun  8 18:00:56 2025 GMT
        Subject: CN=23b0fe6bb5005051411f86f3ce6544c5432404f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:e4:bb:9c:2c:1e:c8:c3:08:90:78:b1:e3:e7:
                    8e:5f:e7:0b:be:0b:fe:b3:b7:53:11:3e:2a:e8:76:
                    bb:d2:81:2d:c6:ce:77:10:8f:b1:d9:a9:bc:9c:0d:
                    41:a5:e8:dc:14:bf:76:2c:6a:0e:98:01:37:1f:a5:
                    a0:05:9f:87:31:49:37:df:9f:75:5f:ac:aa:5d:79:
                    4a:16:a3:e4:b0:5d:ef:2b:b7:b7:e0:c6:aa:8a:aa:
                    ef:3d:78:26:ae:f3:11:0f:71:91:ce:d5:2d:02:bf:
                    23:4c:99:18:f8:87:06:81:55:a0:22:e9:bc:d8:6f:
                    24:5b:a8:fa:40:7c:12:51:da:bf:d2:6f:38:9a:f7:
                    6f:ca:84:a4:f2:5e:16:d7:49:b7:dc:c9:05:01:59:
                    2a:b4:45:4c:82:9c:1d:73:1d:ac:e3:73:41:60:57:
                    bf:6e:5c:f2:0f:6f:86:8d:35:5f:9b:b6:2e:79:3f:
                    00:ff:d5:fc:b2:a3:13:3d:d1:d3:04:cc:c5:54:6c:
                    cf:8b:65:7e:82:ff:1b:ee:c0:cc:9a:26:1d:09:a8:
                    3c:f6:68:6a:e4:35:06:b3:9c:af:73:1f:8e:1f:cc:
                    3d:37:b0:a7:84:8f:10:61:49:c9:95:fb:30:a9:27:
                    10:a3:28:cc:34:1c:7a:7c:71:8f:66:d8:61:4b:f1:
                    ab:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:B0:FE:6B:B5:00:50:51:41:1F:86:F3:CE:65:44:C5:43:24:04:F6
            X509v3 Authority Key Identifier:
                keyid:5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:37:2b:13:18:a3:cf:82:77:b1:50:e4:c5:59:d3:d8:ca:aa:
         b6:91:4a:c5:49:53:9b:26:ad:42:9c:db:67:8e:09:40:5c:35:
         c8:bb:37:b2:51:b5:28:8d:ef:4b:cb:59:14:2e:0f:79:97:56:
         1e:8b:ea:c8:b5:54:b6:1c:b1:42:a4:f4:df:fc:82:ce:12:bd:
         c7:81:37:ea:45:b5:ae:5f:c7:98:72:c2:71:37:0f:ad:f9:c1:
         19:08:e5:f0:89:76:cd:50:84:3c:65:13:7f:92:85:49:82:7d:
         2f:15:ec:b2:5d:46:ae:eb:84:fd:76:87:66:f6:f6:34:d0:d5:
         5a:db:cd:89:ad:93:8c:bf:02:85:3a:d3:a6:c0:e6:17:96:c1:
         c5:7d:68:dc:bb:43:c3:6b:62:fd:e4:af:fb:e9:06:a4:1d:59:
         fd:10:1a:41:3d:13:12:d8:30:70:12:71:20:91:4a:13:59:83:
         6a:e6:32:8d:6b:a9:91:a4:c1:b9:9f:77:e9:4c:5e:46:9f:36:
         87:52:1c:ab:9d:85:b7:35:96:7f:96:50:77:de:cf:77:b5:a4:
         c4:be:8b:9a:4e:bd:58:43:97:37:26:32:c8:1d:2a:a3:2a:82:
         a5:bc:ad:99:4d:02:c5:e7:7b:94:e9:11:86:62:ee:f3:14:b9:
         fc:68:df:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLjYsdXmXWwwxjvVEWZHEOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2YxMjg5OWYzNThkMWMzNDFhMjA3ZmRlMjFkNDNjNzBh
Njk0NWUwHhcNMjUwNjA3MTgwMDU2WhcNMjUwNjA4MTgwMDU2WjAzMTEwLwYDVQQD
EygyM2IwZmU2YmI1MDA1MDUxNDExZjg2ZjNjZTY1NDRjNTQzMjQwNGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eS7nCweyMMIkHix4+eOX+cLvgv+
s7dTET4q6Ha70oEtxs53EI+x2am8nA1BpejcFL92LGoOmAE3H6WgBZ+HMUk33591
X6yqXXlKFqPksF3vK7e34MaqiqrvPXgmrvMRD3GRztUtAr8jTJkY+IcGgVWgIum8
2G8kW6j6QHwSUdq/0m84mvdvyoSk8l4W10m33MkFAVkqtEVMgpwdcx2s43NBYFe/
blzyD2+GjTVfm7YueT8A/9X8sqMTPdHTBMzFVGzPi2V+gv8b7sDMmiYdCag89mhq
5DUGs5yvcx+OH8w9N7CnhI8QYUnJlfswqScQoyjMNBx6fHGPZthhS/GrtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCOw/mu1AFBRQR+G885lRMVDJAT2MB8GA1UdIwQY
MBaAFFzPEomfNY0cNBogf94h1DxwppReMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2Yt
MjU2MGY4NjkwY2QyLzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2YtMjU2MGY4NjkwY2Qy
LzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANzcrExij
z4J3sVDkxVnT2MqqtpFKxUlTmyatQpzbZ44JQFw1yLs3slG1KI3vS8tZFC4PeZdW
HovqyLVUthyxQqT03/yCzhK9x4E36kW1rl/HmHLCcTcPrfnBGQjl8Il2zVCEPGUT
f5KFSYJ9LxXssl1GruuE/XaHZvb2NNDVWtvNia2TjL8ChTrTpsDmF5bBxX1o3LtD
w2ti/eSv++kGpB1Z/RAaQT0TEtgwcBJxIJFKE1mDauYyjWupkaTBuZ936UxeRp82
h1Icq52FtzWWf5ZQd97Pd7WkxL6Lmk69WEOXNyYyyB0qoyqCpbytmU0Cxed7lOkR
hmLu8xS5/GjfZA==
-----END CERTIFICATE-----