Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
File:                     XeHEMjIqoQWMPm_lf2N0qSlgacE.mft (raw, json)
Hash identifier:          SE8ZiCQxECawurzW9OG/K/hR2t1hAMuXbKABfUO2YFk=
Subject key identifier:   C3:98:F8:41:8A:69:0B:17:F2:6D:76:1E:81:74:10:F5:25:A3:A7:AE
Authority key identifier: 5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1
Certificate issuer:       /CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
Certificate serial:       019A7112F45B072A70CA3C2DFD6193394B7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
Manifest number:          0C01
Signing time:             Tue 11 Nov 2025 04:00:58 +0000
Manifest this update:     Tue 11 Nov 2025 04:00:58 +0000
Manifest next update:     Wed 12 Nov 2025 04:00:58 +0000
Files and hashes:         1: XeHEMjIqoQWMPm_lf2N0qSlgacE.crl (hash: 63/B9m8NyDIyk7wAYO6AfFgJgI+sWpmR1JVT5gLLP5A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:12:f4:5b:07:2a:70:ca:3c:2d:fd:61:93:39:4b:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
        Validity
            Not Before: Nov 11 04:00:58 2025 GMT
            Not After : Nov 12 04:00:58 2025 GMT
        Subject: CN=c398f8418a690b17f26d761e817410f525a3a7ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:b4:21:23:f7:26:3f:1a:21:32:85:59:53:17:
                    f5:0e:24:cd:35:ed:dd:ed:a0:56:e5:c5:15:31:e4:
                    83:4c:51:74:af:fe:15:92:09:e3:e7:9a:3f:1e:76:
                    11:0b:dd:a8:22:9e:c6:2f:99:2d:8c:d1:f0:27:66:
                    d0:df:8b:8b:70:1a:35:55:8a:a3:80:fd:3a:5d:3f:
                    a3:a1:79:11:56:72:ea:31:08:f1:71:66:74:87:aa:
                    ca:3b:f0:65:3c:5e:98:d2:0c:96:61:a0:11:f3:ae:
                    db:b7:c7:e6:0e:fb:30:c0:fc:61:8b:2f:06:18:4a:
                    17:ea:0e:65:b2:7c:d0:94:c5:8a:48:11:05:82:dc:
                    a8:67:41:ea:12:92:61:20:df:38:e5:b5:a5:dc:46:
                    85:2c:09:fe:58:2c:59:3c:ee:61:1e:e0:e5:b1:0d:
                    47:93:cc:25:2d:00:60:4a:99:ec:fc:2a:81:22:8e:
                    1a:76:55:0a:34:13:8a:7f:b6:95:df:1e:88:80:0a:
                    0e:ad:61:db:81:da:da:1a:37:2d:49:25:d5:b6:69:
                    23:68:47:de:e3:58:c0:25:ce:c1:90:00:f4:82:11:
                    31:f1:c1:ab:56:4a:be:7c:47:61:16:d6:89:7e:f4:
                    e2:b4:14:3c:b3:bf:d4:78:44:38:44:bc:b4:04:c5:
                    bf:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:98:F8:41:8A:69:0B:17:F2:6D:76:1E:81:74:10:F5:25:A3:A7:AE
            X509v3 Authority Key Identifier:
                keyid:5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:75:e9:d0:65:6c:0c:90:cb:a8:d5:9c:f3:0b:88:22:c9:db:
         89:7a:0c:af:93:69:fd:d6:07:cc:d7:c0:52:b5:b0:6d:02:0f:
         ee:f3:f7:25:03:81:04:02:3a:98:45:a3:23:f0:80:ca:f5:bb:
         c3:d3:3a:c3:4d:e8:9c:bd:c5:89:f8:64:bb:81:4a:9c:ff:15:
         e4:d2:e0:12:0c:f7:e4:6f:10:32:42:78:7b:6e:b0:b2:3a:45:
         59:d9:7e:27:e4:23:98:b2:62:4e:08:28:f3:49:62:4b:c8:39:
         83:8d:00:b9:c6:9a:bf:53:9c:27:1d:3a:20:a1:1c:08:e9:74:
         7c:45:0d:ad:3b:3d:f6:73:19:c6:dd:af:6b:37:b3:8f:7a:34:
         c9:05:bc:24:40:c5:20:e3:81:73:56:1f:72:07:78:b2:79:77:
         58:26:31:5a:71:87:af:56:0a:2a:2c:bf:88:e7:af:08:c1:77:
         d2:0a:34:6b:c4:ee:cf:48:b1:cd:52:e7:bd:a6:55:e4:f7:e8:
         1a:29:fc:ae:b5:13:5b:b0:25:35:c0:7f:bf:b9:0f:c8:3a:81:
         00:8e:32:75:2a:9b:77:0d:61:e9:59:8a:ec:57:47:03:27:f5:
         f8:1c:b2:4c:29:a4:06:7f:34:4c:57:e3:61:cb:91:da:ff:06:
         66:b2:9d:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEvRbBypwyjwt/WGTOUt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTFjNDMyMzIyYWExMDU4YzNlNmZlNTdmNjM3NGE5Mjk2
MDY5YzEwHhcNMjUxMTExMDQwMDU4WhcNMjUxMTEyMDQwMDU4WjAzMTEwLwYDVQQD
EyhjMzk4Zjg0MThhNjkwYjE3ZjI2ZDc2MWU4MTc0MTBmNTI1YTNhN2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbQhI/cmPxohMoVZUxf1DiTNNe3d
7aBW5cUVMeSDTFF0r/4Vkgnj55o/HnYRC92oIp7GL5ktjNHwJ2bQ34uLcBo1VYqj
gP06XT+joXkRVnLqMQjxcWZ0h6rKO/BlPF6Y0gyWYaAR867bt8fmDvswwPxhiy8G
GEoX6g5lsnzQlMWKSBEFgtyoZ0HqEpJhIN845bWl3EaFLAn+WCxZPO5hHuDlsQ1H
k8wlLQBgSpns/CqBIo4adlUKNBOKf7aV3x6IgAoOrWHbgdraGjctSSXVtmkjaEfe
41jAJc7BkAD0ghEx8cGrVkq+fEdhFtaJfvTitBQ8s7/UeEQ4RLy0BMW/rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMOY+EGKaQsX8m12HoF0EPUlo6euMB8GA1UdIwQY
MBaAFF3hxDIyKqEFjD5v5X9jdKkpYGnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1Njkt
ZDc4YmI2ZjViOGY1LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1NjktZDc4YmI2ZjViOGY1
LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXHXp0GVs
DJDLqNWc8wuIIsnbiXoMr5Np/dYHzNfAUrWwbQIP7vP3JQOBBAI6mEWjI/CAyvW7
w9M6w03onL3Fifhku4FKnP8V5NLgEgz35G8QMkJ4e26wsjpFWdl+J+QjmLJiTggo
80liS8g5g40Aucaav1OcJx06IKEcCOl0fEUNrTs99nMZxt2vazezj3o0yQW8JEDF
IOOBc1Yfcgd4snl3WCYxWnGHr1YKKiy/iOevCMF30go0a8Tuz0ixzVLnvaZV5Pfo
Gin8rrUTW7AlNcB/v7kPyDqBAI4ydSqbdw1h6VmK7FdHAyf1+ByyTCmkBn80TFfj
YcuR2v8GZrKdqQ==
-----END CERTIFICATE-----