Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft
File:                     XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft (raw, json)
Hash identifier:          +tXyf2yVwNoLIEEYzZ51EWCBSBc/j5RGHhmAZMsQyIc=
Subject key identifier:   D8:FF:8C:39:63:C2:94:C1:C8:D9:0B:B3:E3:D6:FE:3B:9A:BA:13:F9
Authority key identifier: 5E:26:43:EC:29:F8:B0:4F:83:8D:6E:5D:C5:06:9C:10:64:C5:BD:25
Certificate issuer:       /CN=5e2643ec29f8b04f838d6e5dc5069c1064c5bd25
Certificate serial:       01974AE8F8E5772EE0DF61585E9E661CAFE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XiZD7Cn4sE-DjW5dxQacEGTFvSU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft
Manifest number:          157B
Signing time:             Sat 07 Jun 2025 15:01:11 +0000
Manifest this update:     Sat 07 Jun 2025 15:01:11 +0000
Manifest next update:     Sun 08 Jun 2025 15:01:11 +0000
Files and hashes:         1: XiZD7Cn4sE-DjW5dxQacEGTFvSU.crl (hash: e8eSpJCyZuVNyXWcvm9/afnOaFXTn8CZQxnncpEkpHE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XiZD7Cn4sE-DjW5dxQacEGTFvSU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:e8:f8:e5:77:2e:e0:df:61:58:5e:9e:66:1c:af:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e2643ec29f8b04f838d6e5dc5069c1064c5bd25
        Validity
            Not Before: Jun  7 15:01:11 2025 GMT
            Not After : Jun  8 15:01:11 2025 GMT
        Subject: CN=d8ff8c3963c294c1c8d90bb3e3d6fe3b9aba13f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:ec:b2:5c:33:08:d5:44:ad:72:13:40:df:ed:
                    a4:6d:1c:16:06:ad:1e:06:1c:bc:a2:02:a4:6b:0e:
                    3c:bc:ff:1b:ea:e2:f2:b8:a5:1f:c0:cd:ab:15:5c:
                    7e:72:58:4a:be:cd:85:57:d5:fa:50:f6:bf:68:fb:
                    05:a6:07:ef:db:fb:48:4f:cb:d2:c5:ff:db:ef:e6:
                    06:3c:85:b2:0d:13:0a:98:c7:d3:f4:a5:5e:ab:99:
                    2d:59:a8:28:82:1f:fe:72:2b:fb:65:2f:43:c0:57:
                    a4:77:e5:9b:2c:f3:b4:bf:e8:da:87:48:f7:a4:67:
                    96:ca:58:b5:32:de:9e:97:fa:93:0f:46:62:19:07:
                    35:b7:e4:6e:88:2b:09:31:4b:60:1c:c6:9f:3f:a8:
                    3e:9f:2b:cb:1f:ac:6b:d2:d5:01:e0:32:9e:9d:4e:
                    d9:24:4e:82:79:19:0f:3a:5b:c7:00:8d:07:b8:0b:
                    c0:3a:c4:f4:80:63:b5:3b:60:3f:37:ab:07:84:cb:
                    d1:c3:42:07:2c:94:ec:eb:5f:79:37:04:10:21:5c:
                    a2:af:d2:29:81:a0:65:e7:8a:37:7d:00:b6:a6:ca:
                    0e:3e:8d:fe:7c:5c:a1:cf:c9:37:54:52:8f:83:e8:
                    d1:6b:8c:fb:3e:8e:86:af:12:97:a1:ed:14:e2:04:
                    86:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:FF:8C:39:63:C2:94:C1:C8:D9:0B:B3:E3:D6:FE:3B:9A:BA:13:F9
            X509v3 Authority Key Identifier:
                keyid:5E:26:43:EC:29:F8:B0:4F:83:8D:6E:5D:C5:06:9C:10:64:C5:BD:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XiZD7Cn4sE-DjW5dxQacEGTFvSU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:17:46:00:8e:ce:29:df:4e:21:f0:cd:d3:bc:8c:d4:39:fc:
         c1:ed:47:9f:54:2f:fd:86:a1:db:0a:58:78:f8:15:df:6a:8a:
         80:f4:fb:33:0e:82:08:4d:7d:a8:4d:9c:67:45:94:63:6d:d5:
         71:95:2a:06:b4:e6:b3:68:82:60:ea:bb:d3:40:b3:df:85:09:
         b3:b9:73:fb:0c:eb:c6:9e:2f:56:b1:43:33:ae:3f:1c:aa:4a:
         39:9d:f7:63:3a:89:1d:f1:7c:e1:e8:a7:8a:dd:53:7f:73:7c:
         06:cd:59:31:5f:20:79:c6:f4:59:d0:a4:c0:17:73:53:73:31:
         4e:36:98:45:42:6d:d7:10:02:82:52:ee:0b:ec:ca:89:36:88:
         dc:93:23:f9:c2:19:8b:0b:23:b8:10:8d:3c:b0:90:0b:a9:3a:
         7e:af:3d:99:b3:cb:ba:db:55:4a:a3:6d:af:dd:2c:bf:d9:f6:
         be:34:92:f7:b2:13:c7:80:8a:54:1d:0e:4b:26:64:66:c4:09:
         de:2a:5d:17:36:bc:6a:ed:db:ab:33:46:a9:36:84:8b:aa:ee:
         76:89:a9:d5:d1:6d:ff:5e:f5:38:36:e4:6d:8f:ef:64:19:9a:
         18:48:ba:8d:f7:fc:cb:39:93:16:4a:ae:ad:20:5c:85:17:94:
         a5:97:f2:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdK6Pjldy7g32FYXp5mHK/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMjY0M2VjMjlmOGIwNGY4MzhkNmU1ZGM1MDY5YzEwNjRj
NWJkMjUwHhcNMjUwNjA3MTUwMTExWhcNMjUwNjA4MTUwMTExWjAzMTEwLwYDVQQD
EyhkOGZmOGMzOTYzYzI5NGMxYzhkOTBiYjNlM2Q2ZmUzYjlhYmExM2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOyyXDMI1UStchNA3+2kbRwWBq0e
Bhy8ogKkaw48vP8b6uLyuKUfwM2rFVx+clhKvs2FV9X6UPa/aPsFpgfv2/tIT8vS
xf/b7+YGPIWyDRMKmMfT9KVeq5ktWagogh/+civ7ZS9DwFekd+WbLPO0v+jah0j3
pGeWyli1Mt6el/qTD0ZiGQc1t+RuiCsJMUtgHMafP6g+nyvLH6xr0tUB4DKenU7Z
JE6CeRkPOlvHAI0HuAvAOsT0gGO1O2A/N6sHhMvRw0IHLJTs6195NwQQIVyir9Ip
gaBl54o3fQC2psoOPo3+fFyhz8k3VFKPg+jRa4z7Po6GrxKXoe0U4gSGywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNj/jDljwpTByNkLs+PW/juauhP5MB8GA1UdIwQY
MBaAFF4mQ+wp+LBPg41uXcUGnBBkxb0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGlaRDdDbjRzRS1Ealc1ZHhRYWNFR1RGdlNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC84MmM0ZTYtMGFiOC00ZjQ2LWFlZDEt
YTRjM2E4NWYzZjBhLzEvWGlaRDdDbjRzRS1Ealc1ZHhRYWNFR1RGdlNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC84MmM0ZTYtMGFiOC00ZjQ2LWFlZDEtYTRjM2E4NWYzZjBh
LzEvWGlaRDdDbjRzRS1Ealc1ZHhRYWNFR1RGdlNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPxdGAI7O
Kd9OIfDN07yM1Dn8we1Hn1Qv/Yah2wpYePgV32qKgPT7Mw6CCE19qE2cZ0WUY23V
cZUqBrTms2iCYOq700Cz34UJs7lz+wzrxp4vVrFDM64/HKpKOZ33YzqJHfF84ein
it1Tf3N8Bs1ZMV8gecb0WdCkwBdzU3MxTjaYRUJt1xACglLuC+zKiTaI3JMj+cIZ
iwsjuBCNPLCQC6k6fq89mbPLuttVSqNtr90sv9n2vjSS97ITx4CKVB0OSyZkZsQJ
3ipdFza8au3bqzNGqTaEi6rudomp1dFt/171ODbkbY/vZBmaGEi6jff8yzmTFkqu
rSBchReUpZfyOQ==
-----END CERTIFICATE-----