Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft
File:                     xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft (raw, json)
Hash identifier:          ZX+Q6bwpBc3999cWYusqIQXs9zfzUmiyfsUYCpH8E0A=
Subject key identifier:   AF:12:DE:9F:27:EE:BA:26:D9:E9:A4:DC:F5:73:6F:96:77:C5:AF:1A
Authority key identifier: C6:CC:F9:CE:97:D1:23:2E:01:62:FC:CD:43:F6:0C:4E:79:83:1E:1A
Certificate issuer:       /CN=c6ccf9ce97d1232e0162fccd43f60c4e79831e1a
Certificate serial:       019921B1D3F29F3151678747DE615BEDAA08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xsz5zpfRIy4BYvzNQ_YMTnmDHho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft
Manifest number:          0DCF
Signing time:             Sun 07 Sep 2025 01:02:06 +0000
Manifest this update:     Sun 07 Sep 2025 01:02:06 +0000
Manifest next update:     Mon 08 Sep 2025 01:02:06 +0000
Files and hashes:         1: xsz5zpfRIy4BYvzNQ_YMTnmDHho.crl (hash: mtvF5QI6dfB05QJSTNb8YAYGwLqGqSZmd50hiFizdYE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xsz5zpfRIy4BYvzNQ_YMTnmDHho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:02:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:d3:f2:9f:31:51:67:87:47:de:61:5b:ed:aa:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6ccf9ce97d1232e0162fccd43f60c4e79831e1a
        Validity
            Not Before: Sep  7 01:02:06 2025 GMT
            Not After : Sep  8 01:02:06 2025 GMT
        Subject: CN=af12de9f27eeba26d9e9a4dcf5736f9677c5af1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:68:55:53:74:b7:d8:25:a8:d5:2a:7a:7d:5e:
                    25:9d:a3:c4:02:d8:66:f9:a5:7f:2a:50:e5:b2:ed:
                    db:f3:8a:2d:3e:94:46:d6:ec:71:98:b6:e1:94:43:
                    2f:3a:0a:eb:e3:cc:09:ea:f9:c3:fe:95:6a:83:01:
                    c1:7b:48:f9:46:e5:6f:6a:5b:86:f5:20:9f:b5:cf:
                    3d:ac:79:20:29:18:63:1a:79:13:ea:7e:12:7f:a7:
                    7d:e2:31:b1:9f:89:ad:59:c1:65:e9:fb:34:16:2b:
                    2d:d0:29:18:0d:c1:43:0d:f5:f7:da:4f:cd:03:ac:
                    af:27:2e:97:2d:97:42:08:27:0a:47:f0:93:c7:26:
                    f7:7a:c7:8b:88:2e:03:2d:93:a9:e5:5a:60:bf:4b:
                    a0:ae:07:22:34:f2:c3:6e:f7:5f:bd:33:20:5f:f8:
                    c4:b3:1f:51:c2:11:76:da:68:bf:b9:dc:5e:a7:de:
                    44:e0:b5:6d:f0:70:5a:02:fe:c0:c4:f7:07:c8:2e:
                    4c:80:ae:6a:f5:7a:95:bd:1d:21:b0:8c:e2:dd:03:
                    85:ec:9f:fb:3b:00:83:ca:00:4d:85:2b:f7:e8:30:
                    0f:e2:ec:17:52:4e:8d:e8:de:52:46:c8:9e:bd:1a:
                    42:8b:04:81:56:98:84:4b:ab:a6:11:ac:78:92:37:
                    c1:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:12:DE:9F:27:EE:BA:26:D9:E9:A4:DC:F5:73:6F:96:77:C5:AF:1A
            X509v3 Authority Key Identifier:
                keyid:C6:CC:F9:CE:97:D1:23:2E:01:62:FC:CD:43:F6:0C:4E:79:83:1E:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsz5zpfRIy4BYvzNQ_YMTnmDHho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:4c:2d:0c:6a:8b:ae:65:62:07:6f:b0:5f:88:a7:af:db:f7:
         2c:85:62:14:75:f6:77:5e:b9:0b:1e:75:e4:02:b5:5b:7d:c4:
         b0:15:f2:d4:9b:f9:d5:d6:f1:6b:b7:bb:15:1f:26:13:c2:46:
         b1:e4:58:27:2b:d4:d3:53:4b:c5:e9:58:1d:8a:ec:84:05:8b:
         de:9c:cc:f1:66:39:4b:6f:3d:20:b7:5b:c6:65:ae:09:d1:67:
         34:d0:d9:3d:d6:7d:94:e5:50:49:e5:f9:d9:93:dd:57:9a:03:
         17:49:f2:df:4e:7d:78:be:f7:62:a5:a2:af:f1:83:d2:ae:5a:
         cb:89:ba:6b:ca:89:32:d3:d4:3e:b6:56:25:46:0d:23:5c:f5:
         dc:bd:9e:2e:da:d8:33:45:41:0d:eb:c2:ac:fe:c4:7d:9e:1b:
         df:20:85:51:2d:55:61:ca:7d:86:e1:71:8e:03:06:18:3b:5a:
         69:9b:e9:a7:c6:c4:60:f5:8b:e9:2c:33:4b:e1:f8:bd:aa:f4:
         38:27:6f:b7:76:5b:8d:79:e5:fb:d0:1f:c5:bb:04:40:94:d1:
         08:2c:2e:90:b6:97:76:69:e3:e4:9c:fd:28:dc:24:59:7a:fc:
         36:dc:68:b6:3d:6e:6c:28:b0:1c:91:51:aa:4f:2b:34:7a:80:
         d8:8d:c0:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsdPynzFRZ4dH3mFb7aoIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2Y2NmOWNlOTdkMTIzMmUwMTYyZmNjZDQzZjYwYzRlNzk4
MzFlMWEwHhcNMjUwOTA3MDEwMjA2WhcNMjUwOTA4MDEwMjA2WjAzMTEwLwYDVQQD
EyhhZjEyZGU5ZjI3ZWViYTI2ZDllOWE0ZGNmNTczNmY5Njc3YzVhZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWhVU3S32CWo1Sp6fV4lnaPEAthm
+aV/KlDlsu3b84otPpRG1uxxmLbhlEMvOgrr48wJ6vnD/pVqgwHBe0j5RuVvaluG
9SCftc89rHkgKRhjGnkT6n4Sf6d94jGxn4mtWcFl6fs0Fist0CkYDcFDDfX32k/N
A6yvJy6XLZdCCCcKR/CTxyb3eseLiC4DLZOp5Vpgv0ugrgciNPLDbvdfvTMgX/jE
sx9RwhF22mi/udxep95E4LVt8HBaAv7AxPcHyC5MgK5q9XqVvR0hsIzi3QOF7J/7
OwCDygBNhSv36DAP4uwXUk6N6N5SRsievRpCiwSBVpiES6umEax4kjfBOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8S3p8n7rom2emk3PVzb5Z3xa8aMB8GA1UdIwQY
MBaAFMbM+c6X0SMuAWL8zUP2DE55gx4aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHN6NXpwZlJJeTRCWXZ6TlFfWU1Ubm1ESGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xODZiZjItZmI4OC00NzI4LWJmNjct
NWExZTVmYTczZTRkLzEveHN6NXpwZlJJeTRCWXZ6TlFfWU1Ubm1ESGhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8xODZiZjItZmI4OC00NzI4LWJmNjctNWExZTVmYTczZTRk
LzEveHN6NXpwZlJJeTRCWXZ6TlFfWU1Ubm1ESGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF0wtDGqL
rmViB2+wX4inr9v3LIViFHX2d165Cx515AK1W33EsBXy1Jv51dbxa7e7FR8mE8JG
seRYJyvU01NLxelYHYrshAWL3pzM8WY5S289ILdbxmWuCdFnNNDZPdZ9lOVQSeX5
2ZPdV5oDF0ny3059eL73YqWir/GD0q5ay4m6a8qJMtPUPrZWJUYNI1z13L2eLtrY
M0VBDevCrP7EfZ4b3yCFUS1VYcp9huFxjgMGGDtaaZvpp8bEYPWL6SwzS+H4var0
OCdvt3ZbjXnl+9AfxbsEQJTRCCwukLaXdmnj5Jz9KNwkWXr8Ntxotj1ubCiwHJFR
qk8rNHqA2I3AJA==
-----END CERTIFICATE-----