Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft
File:                     XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft (raw, json)
Hash identifier:          d8r/RfalmA2fh4kw1RCZWvPSOocVhE6T5rQ4tGKLTds=
Subject key identifier:   19:3C:9B:AE:01:1E:D1:AF:C5:F1:77:46:D4:05:EF:8F:B8:9F:A4:45
Authority key identifier: 5E:26:43:EC:29:F8:B0:4F:83:8D:6E:5D:C5:06:9C:10:64:C5:BD:25
Certificate issuer:       /CN=5e2643ec29f8b04f838d6e5dc5069c1064c5bd25
Certificate serial:       0199240D82DCA6EB916B660A029C0B7E37BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XiZD7Cn4sE-DjW5dxQacEGTFvSU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft
Manifest number:          1670
Signing time:             Sun 07 Sep 2025 12:01:29 +0000
Manifest this update:     Sun 07 Sep 2025 12:01:29 +0000
Manifest next update:     Mon 08 Sep 2025 12:01:29 +0000
Files and hashes:         1: XiZD7Cn4sE-DjW5dxQacEGTFvSU.crl (hash: axFj4ZYntlzjsFq7qa88lBr04UItz08FFN6dFXFiYDg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XiZD7Cn4sE-DjW5dxQacEGTFvSU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:0d:82:dc:a6:eb:91:6b:66:0a:02:9c:0b:7e:37:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e2643ec29f8b04f838d6e5dc5069c1064c5bd25
        Validity
            Not Before: Sep  7 12:01:29 2025 GMT
            Not After : Sep  8 12:01:29 2025 GMT
        Subject: CN=193c9bae011ed1afc5f17746d405ef8fb89fa445
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:4f:27:99:30:bd:88:e7:7b:cd:5e:4c:32:65:
                    92:93:8b:9a:27:75:4e:72:74:e2:42:45:31:c9:0c:
                    cd:32:fb:e0:91:6a:df:5b:f8:c9:09:48:16:12:17:
                    24:e0:51:3b:e2:c5:22:51:04:26:ca:4c:76:d4:dc:
                    f2:84:43:2b:ad:4a:b1:3d:80:26:f5:0b:38:b7:ff:
                    d4:4d:e5:1f:bf:b9:ba:24:e2:3e:c5:c4:ef:cf:7a:
                    72:80:81:97:df:a7:cb:24:8b:47:1a:6f:3f:30:42:
                    4b:c9:1c:a9:3d:86:28:de:64:06:7a:64:41:8d:da:
                    b7:1d:d3:9a:9b:a5:11:68:47:d2:13:b1:1d:e8:17:
                    0c:38:a7:37:c8:db:35:6a:b6:c2:c6:a4:58:b3:2a:
                    1b:10:e0:a2:7f:90:19:4e:91:7f:5e:73:bf:35:05:
                    01:ce:e0:af:9d:6e:1a:54:c5:da:8e:ea:d0:0c:4c:
                    a1:f2:a6:70:7d:30:60:33:a3:f6:b8:86:43:c7:ac:
                    e3:0f:4d:1f:b4:da:41:96:77:6d:92:ae:06:28:f4:
                    7c:4b:32:ae:95:3f:b3:c9:87:4b:87:4b:4f:e1:1e:
                    17:67:53:74:40:7c:62:78:67:14:77:ab:f6:05:44:
                    d3:0a:f9:eb:4b:6e:ef:12:bc:b7:d8:2d:86:6e:3e:
                    f7:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:3C:9B:AE:01:1E:D1:AF:C5:F1:77:46:D4:05:EF:8F:B8:9F:A4:45
            X509v3 Authority Key Identifier:
                keyid:5E:26:43:EC:29:F8:B0:4F:83:8D:6E:5D:C5:06:9C:10:64:C5:BD:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XiZD7Cn4sE-DjW5dxQacEGTFvSU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:38:a0:e0:1a:b5:78:4e:f4:9e:a1:bc:f7:af:69:35:5a:0f:
         ae:74:f7:99:58:c9:90:90:0a:01:b6:bb:cd:49:5d:6f:31:5c:
         6a:24:66:20:12:39:ab:c1:5c:83:b9:87:bb:20:7b:0c:7b:8d:
         d7:e5:75:05:75:78:c7:f1:13:aa:d0:88:6c:1c:a8:3c:fe:ea:
         5a:a1:a2:e6:21:e0:7c:c4:75:56:6f:27:f0:be:62:44:41:bf:
         71:9c:12:c5:fe:13:e7:a4:e5:06:92:3e:1d:fa:32:97:81:fd:
         f4:94:be:d7:b7:83:ac:f4:98:b7:f0:0b:dd:16:c7:e0:e6:43:
         c7:6f:c8:19:a4:5c:68:79:ab:52:bb:71:90:65:ab:a4:09:72:
         e2:57:fe:b6:eb:07:38:66:65:14:1d:a9:73:bf:4e:af:97:a9:
         ff:c3:3e:e5:2d:fc:1d:41:34:c6:fb:b6:1e:be:aa:b7:d1:c3:
         54:b0:de:a8:88:29:c2:ce:e7:34:6c:3b:1b:43:70:19:03:45:
         ae:37:c0:c3:a3:68:56:7d:58:ad:73:90:2a:fc:27:67:43:c3:
         c1:2b:7a:8a:c8:0b:77:f5:ba:61:88:97:c9:01:03:65:28:11:
         c8:a5:f2:24:ea:77:6b:4d:0b:79:f6:1e:f0:3e:c5:ce:ef:8a:
         97:8a:5e:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDYLcpuuRa2YKApwLfje9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMjY0M2VjMjlmOGIwNGY4MzhkNmU1ZGM1MDY5YzEwNjRj
NWJkMjUwHhcNMjUwOTA3MTIwMTI5WhcNMjUwOTA4MTIwMTI5WjAzMTEwLwYDVQQD
EygxOTNjOWJhZTAxMWVkMWFmYzVmMTc3NDZkNDA1ZWY4ZmI4OWZhNDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7U8nmTC9iOd7zV5MMmWSk4uaJ3VO
cnTiQkUxyQzNMvvgkWrfW/jJCUgWEhck4FE74sUiUQQmykx21NzyhEMrrUqxPYAm
9Qs4t//UTeUfv7m6JOI+xcTvz3pygIGX36fLJItHGm8/MEJLyRypPYYo3mQGemRB
jdq3HdOam6URaEfSE7Ed6BcMOKc3yNs1arbCxqRYsyobEOCif5AZTpF/XnO/NQUB
zuCvnW4aVMXajurQDEyh8qZwfTBgM6P2uIZDx6zjD00ftNpBlndtkq4GKPR8SzKu
lT+zyYdLh0tP4R4XZ1N0QHxieGcUd6v2BUTTCvnrS27vEry32C2Gbj73EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBk8m64BHtGvxfF3RtQF74+4n6RFMB8GA1UdIwQY
MBaAFF4mQ+wp+LBPg41uXcUGnBBkxb0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGlaRDdDbjRzRS1Ealc1ZHhRYWNFR1RGdlNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC84MmM0ZTYtMGFiOC00ZjQ2LWFlZDEt
YTRjM2E4NWYzZjBhLzEvWGlaRDdDbjRzRS1Ealc1ZHhRYWNFR1RGdlNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC84MmM0ZTYtMGFiOC00ZjQ2LWFlZDEtYTRjM2E4NWYzZjBh
LzEvWGlaRDdDbjRzRS1Ealc1ZHhRYWNFR1RGdlNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMjig4Bq1
eE70nqG8969pNVoPrnT3mVjJkJAKAba7zUldbzFcaiRmIBI5q8Fcg7mHuyB7DHuN
1+V1BXV4x/ETqtCIbByoPP7qWqGi5iHgfMR1Vm8n8L5iREG/cZwSxf4T56TlBpI+
Hfoyl4H99JS+17eDrPSYt/AL3RbH4OZDx2/IGaRcaHmrUrtxkGWrpAly4lf+tusH
OGZlFB2pc79Or5ep/8M+5S38HUE0xvu2Hr6qt9HDVLDeqIgpws7nNGw7G0NwGQNF
rjfAw6NoVn1YrXOQKvwnZ0PDwSt6isgLd/W6YYiXyQEDZSgRyKXyJOp3a00LefYe
8D7Fzu+Kl4peBA==
-----END CERTIFICATE-----