Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.mft
File:                     xnp-TG1V61E8VFdgqP9lba3wuNc.mft (raw, json)
Hash identifier:          s+Z4F4bfQqZPxlZKbOOW0hMhsDfixxC2pkGfe21DiyM=
Subject key identifier:   AB:96:95:53:07:A7:12:CF:1E:23:9D:B4:A4:33:5E:9A:5D:0E:CA:C5
Authority key identifier: C6:7A:7E:4C:6D:55:EB:51:3C:54:57:60:A8:FF:65:6D:AD:F0:B8:D7
Certificate issuer:       /CN=c67a7e4c6d55eb513c545760a8ff656dadf0b8d7
Certificate serial:       01974EC54D880B4ECAA8181C65B92934E38B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xnp-TG1V61E8VFdgqP9lba3wuNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.mft
Manifest number:          0149
Signing time:             Sun 08 Jun 2025 09:00:42 +0000
Manifest this update:     Sun 08 Jun 2025 09:00:42 +0000
Manifest next update:     Mon 09 Jun 2025 09:00:42 +0000
Files and hashes:         1: xnp-TG1V61E8VFdgqP9lba3wuNc.crl (hash: EF5l8toF0OMmTwOcjDd61eES5+2VSSfo6kgZGsfgzkY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xnp-TG1V61E8VFdgqP9lba3wuNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:c5:4d:88:0b:4e:ca:a8:18:1c:65:b9:29:34:e3:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c67a7e4c6d55eb513c545760a8ff656dadf0b8d7
        Validity
            Not Before: Jun  8 09:00:42 2025 GMT
            Not After : Jun  9 09:00:42 2025 GMT
        Subject: CN=ab96955307a712cf1e239db4a4335e9a5d0ecac5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:b2:5e:ad:68:98:5b:27:96:72:00:6b:71:44:
                    dd:e1:82:10:db:c2:5d:33:b5:0e:5d:32:7f:94:db:
                    da:f1:ae:25:b0:4a:3a:56:e4:42:a1:e3:94:ae:de:
                    de:72:a0:23:fe:1d:a8:c5:dc:78:f6:59:24:91:cd:
                    ed:c9:f5:c0:5d:f7:22:79:1b:93:f6:fe:ff:b7:c5:
                    00:df:79:22:a1:1e:d3:e0:59:90:a8:08:4f:14:53:
                    f2:03:14:d2:f2:92:33:f7:1a:74:20:e9:79:d3:30:
                    1c:0e:d0:46:9b:8c:70:04:37:63:3e:34:2a:03:1b:
                    6e:63:0d:ff:6c:09:07:3c:09:9b:75:87:12:73:18:
                    fd:7e:bb:21:38:ce:42:74:62:0b:3d:8b:0d:1d:dd:
                    ac:28:0b:7a:f6:b6:63:29:2a:13:f9:d0:3e:02:00:
                    31:de:5d:1a:34:28:ad:9d:fe:66:1e:16:56:95:fd:
                    24:a1:7a:36:3c:6c:18:79:b7:8b:45:36:84:d1:b4:
                    fa:99:8d:a4:bf:1d:a8:d6:1a:c0:be:90:a2:fe:76:
                    0c:d9:6f:be:04:2d:ce:ef:f5:8e:a2:9f:96:46:df:
                    34:06:29:e7:d9:22:d6:c5:00:f3:a2:41:6f:ad:c1:
                    ee:16:37:1d:4f:93:48:66:21:0e:cb:75:c7:6a:3c:
                    db:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:96:95:53:07:A7:12:CF:1E:23:9D:B4:A4:33:5E:9A:5D:0E:CA:C5
            X509v3 Authority Key Identifier:
                keyid:C6:7A:7E:4C:6D:55:EB:51:3C:54:57:60:A8:FF:65:6D:AD:F0:B8:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xnp-TG1V61E8VFdgqP9lba3wuNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:d8:90:2f:a1:12:42:7f:87:6c:98:2c:02:3b:36:4c:90:61:
         ee:b9:15:79:2a:65:3a:49:19:bc:01:62:13:31:25:89:aa:1f:
         e3:c3:55:07:00:22:8e:db:cd:3e:c8:4a:8f:e0:57:c0:90:27:
         a3:9f:07:2d:bc:76:fc:65:ff:60:39:af:58:1c:ec:87:02:b5:
         03:22:81:71:57:0f:4b:b7:b0:87:bd:1c:1c:33:43:39:4b:6e:
         56:24:d1:10:fb:cf:2d:75:08:bc:4f:fa:48:47:1a:68:64:20:
         7f:82:53:2f:90:22:d4:6e:f7:73:c9:66:f6:53:ce:20:63:b4:
         62:e2:13:c0:2a:0a:49:fb:0d:d1:92:d1:4b:9c:58:ac:62:cc:
         00:33:d6:bf:c7:5a:ae:05:a6:9e:41:56:6d:70:ef:d9:8f:3d:
         b2:d1:d1:64:51:fd:0c:5a:80:5e:5b:d5:d8:e0:93:14:cb:85:
         3c:b1:df:ee:f6:ae:71:91:d9:5a:2d:70:d1:e4:52:b2:5e:43:
         d9:c5:2d:34:64:ad:3c:c0:77:8c:4f:2d:92:aa:f0:10:26:21:
         58:f1:4e:86:de:60:ac:b5:81:c6:f5:f5:56:49:7f:b0:1d:4e:
         34:49:05:0d:75:07:15:41:91:85:8b:af:ac:1a:fa:55:a7:e7:
         6e:9c:8e:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOxU2IC07KqBgcZbkpNOOLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2N2E3ZTRjNmQ1NWViNTEzYzU0NTc2MGE4ZmY2NTZkYWRm
MGI4ZDcwHhcNMjUwNjA4MDkwMDQyWhcNMjUwNjA5MDkwMDQyWjAzMTEwLwYDVQQD
EyhhYjk2OTU1MzA3YTcxMmNmMWUyMzlkYjRhNDMzNWU5YTVkMGVjYWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLJerWiYWyeWcgBrcUTd4YIQ28Jd
M7UOXTJ/lNva8a4lsEo6VuRCoeOUrt7ecqAj/h2oxdx49lkkkc3tyfXAXfcieRuT
9v7/t8UA33kioR7T4FmQqAhPFFPyAxTS8pIz9xp0IOl50zAcDtBGm4xwBDdjPjQq
AxtuYw3/bAkHPAmbdYcScxj9frshOM5CdGILPYsNHd2sKAt69rZjKSoT+dA+AgAx
3l0aNCitnf5mHhZWlf0koXo2PGwYebeLRTaE0bT6mY2kvx2o1hrAvpCi/nYM2W++
BC3O7/WOop+WRt80Binn2SLWxQDzokFvrcHuFjcdT5NIZiEOy3XHajzb4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKuWlVMHpxLPHiOdtKQzXppdDsrFMB8GA1UdIwQY
MBaAFMZ6fkxtVetRPFRXYKj/ZW2t8LjXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG5wLVRHMVY2MUU4VkZkZ3FQOWxiYTN3dU5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8wOGNkYjctNDE2ZS00M2E2LWEyNzYt
YTAzODk2MDI0NzJmLzEveG5wLVRHMVY2MUU4VkZkZ3FQOWxiYTN3dU5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8wOGNkYjctNDE2ZS00M2E2LWEyNzYtYTAzODk2MDI0NzJm
LzEveG5wLVRHMVY2MUU4VkZkZ3FQOWxiYTN3dU5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe9iQL6ES
Qn+HbJgsAjs2TJBh7rkVeSplOkkZvAFiEzEliaof48NVBwAijtvNPshKj+BXwJAn
o58HLbx2/GX/YDmvWBzshwK1AyKBcVcPS7ewh70cHDNDOUtuViTREPvPLXUIvE/6
SEcaaGQgf4JTL5Ai1G73c8lm9lPOIGO0YuITwCoKSfsN0ZLRS5xYrGLMADPWv8da
rgWmnkFWbXDv2Y89stHRZFH9DFqAXlvV2OCTFMuFPLHf7vaucZHZWi1w0eRSsl5D
2cUtNGStPMB3jE8tkqrwECYhWPFOht5grLWBxvX1Vkl/sB1ONEkFDXUHFUGRhYuv
rBr6VafnbpyOeQ==
-----END CERTIFICATE-----