Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.mft
File:                     xnp-TG1V61E8VFdgqP9lba3wuNc.mft (raw, json)
Hash identifier:          y+ZgSzuTmJfFIyqbDv07F1hJFqsAPwxsTYe7Kfa3DgQ=
Subject key identifier:   16:E6:5E:5C:9E:FB:80:18:D0:96:80:BF:EF:EC:92:0E:35:86:8F:6B
Authority key identifier: C6:7A:7E:4C:6D:55:EB:51:3C:54:57:60:A8:FF:65:6D:AD:F0:B8:D7
Certificate issuer:       /CN=c67a7e4c6d55eb513c545760a8ff656dadf0b8d7
Certificate serial:       0199221EBDB86C60E97CF7B1879C5ADEA38A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xnp-TG1V61E8VFdgqP9lba3wuNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.mft
Manifest number:          023B
Signing time:             Sun 07 Sep 2025 03:01:03 +0000
Manifest this update:     Sun 07 Sep 2025 03:01:03 +0000
Manifest next update:     Mon 08 Sep 2025 03:01:03 +0000
Files and hashes:         1: xnp-TG1V61E8VFdgqP9lba3wuNc.crl (hash: e2cB4EVHNQhQkwXzlS6MhdCAfFPivnKs7YRgJ5TDAI0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xnp-TG1V61E8VFdgqP9lba3wuNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:bd:b8:6c:60:e9:7c:f7:b1:87:9c:5a:de:a3:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c67a7e4c6d55eb513c545760a8ff656dadf0b8d7
        Validity
            Not Before: Sep  7 03:01:03 2025 GMT
            Not After : Sep  8 03:01:03 2025 GMT
        Subject: CN=16e65e5c9efb8018d09680bfefec920e35868f6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:06:24:be:e7:78:28:31:01:28:01:77:16:17:
                    18:f6:03:c4:05:ac:98:9d:e9:7d:27:ff:92:bf:7e:
                    b0:14:67:a0:eb:c5:c6:6d:ba:72:aa:b3:cb:56:59:
                    1b:99:a4:71:25:9a:7b:29:6f:48:a7:14:e4:57:e8:
                    a7:5e:52:11:f7:a4:56:04:ba:f5:30:cd:3e:b7:79:
                    3b:4f:5a:52:d6:b3:ec:9f:f1:c3:6a:b1:6b:05:a8:
                    69:8f:23:00:a2:10:2a:66:f0:f5:da:f2:32:72:86:
                    dd:2c:68:ad:f7:e7:cc:f5:07:be:ff:6e:eb:83:c9:
                    a8:12:a4:30:59:43:d6:38:de:20:e4:60:52:f6:87:
                    2d:24:83:10:f2:77:fd:bb:fe:3f:02:ee:d8:85:93:
                    25:1b:e4:49:12:17:a1:29:71:92:18:7d:3a:24:e2:
                    79:44:a6:7a:50:a6:2a:c0:db:48:82:5e:8e:d0:a3:
                    16:71:6b:84:6f:71:e1:0d:d2:6f:c3:3f:60:ca:ba:
                    f5:45:5d:eb:bb:f5:2e:08:df:50:15:7b:aa:37:9b:
                    0d:b9:5b:44:88:79:31:65:b9:bd:ca:e9:82:24:ce:
                    5f:a5:2b:39:63:ce:88:04:05:98:55:ad:ef:2b:e3:
                    42:8b:3c:03:e2:f5:10:10:4b:1b:b8:21:9a:28:94:
                    ab:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:E6:5E:5C:9E:FB:80:18:D0:96:80:BF:EF:EC:92:0E:35:86:8F:6B
            X509v3 Authority Key Identifier:
                keyid:C6:7A:7E:4C:6D:55:EB:51:3C:54:57:60:A8:FF:65:6D:AD:F0:B8:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xnp-TG1V61E8VFdgqP9lba3wuNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:1f:47:1e:8b:d6:9d:02:98:1a:5b:c9:b5:0a:56:24:62:12:
         d9:ac:bd:aa:42:61:6d:51:79:09:39:61:5f:6c:5c:ff:b1:90:
         88:41:29:d1:d7:72:e4:1a:f7:f6:7d:c1:a7:0d:a1:76:04:b1:
         31:e8:16:b6:54:be:f2:68:36:7d:3d:90:47:39:76:0d:0f:65:
         f6:bb:a3:72:17:d9:ef:03:1a:be:ad:ba:22:4a:d3:85:e2:6a:
         1a:3c:a4:f7:2d:58:34:68:90:3b:53:2b:6a:9b:e2:df:ad:52:
         20:69:0e:b6:a2:7e:88:c5:08:e9:ae:f6:fa:fc:cc:09:84:44:
         e4:64:2c:83:43:d3:63:65:2c:12:15:f6:b8:c5:b3:d8:7d:a7:
         b0:22:71:8b:3f:13:56:27:01:2a:85:c7:35:29:d8:74:66:f8:
         d4:88:08:29:af:ff:eb:81:69:c0:05:46:6b:62:7c:9d:b1:cd:
         28:6c:85:e6:96:9c:6d:e7:61:36:a1:1b:3b:0a:b1:c5:99:04:
         56:38:99:c5:94:1f:31:d2:8e:2f:6f:33:d6:63:66:57:d3:66:
         14:39:dd:f9:5d:e5:bb:bb:db:d7:ae:cf:44:7e:69:11:dd:5c:
         fd:d1:74:45:13:f4:e7:a7:60:79:1b:f9:35:23:33:e5:46:8b:
         b8:28:83:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHr24bGDpfPexh5xa3qOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2N2E3ZTRjNmQ1NWViNTEzYzU0NTc2MGE4ZmY2NTZkYWRm
MGI4ZDcwHhcNMjUwOTA3MDMwMTAzWhcNMjUwOTA4MDMwMTAzWjAzMTEwLwYDVQQD
EygxNmU2NWU1YzllZmI4MDE4ZDA5NjgwYmZlZmVjOTIwZTM1ODY4ZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwYkvud4KDEBKAF3FhcY9gPEBayY
nel9J/+Sv36wFGeg68XGbbpyqrPLVlkbmaRxJZp7KW9IpxTkV+inXlIR96RWBLr1
MM0+t3k7T1pS1rPsn/HDarFrBahpjyMAohAqZvD12vIycobdLGit9+fM9Qe+/27r
g8moEqQwWUPWON4g5GBS9octJIMQ8nf9u/4/Au7YhZMlG+RJEhehKXGSGH06JOJ5
RKZ6UKYqwNtIgl6O0KMWcWuEb3HhDdJvwz9gyrr1RV3ru/UuCN9QFXuqN5sNuVtE
iHkxZbm9yumCJM5fpSs5Y86IBAWYVa3vK+NCizwD4vUQEEsbuCGaKJSrVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBbmXlye+4AY0JaAv+/skg41ho9rMB8GA1UdIwQY
MBaAFMZ6fkxtVetRPFRXYKj/ZW2t8LjXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG5wLVRHMVY2MUU4VkZkZ3FQOWxiYTN3dU5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8wOGNkYjctNDE2ZS00M2E2LWEyNzYt
YTAzODk2MDI0NzJmLzEveG5wLVRHMVY2MUU4VkZkZ3FQOWxiYTN3dU5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8wOGNkYjctNDE2ZS00M2E2LWEyNzYtYTAzODk2MDI0NzJm
LzEveG5wLVRHMVY2MUU4VkZkZ3FQOWxiYTN3dU5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACR9HHovW
nQKYGlvJtQpWJGIS2ay9qkJhbVF5CTlhX2xc/7GQiEEp0ddy5Br39n3Bpw2hdgSx
MegWtlS+8mg2fT2QRzl2DQ9l9rujchfZ7wMavq26IkrTheJqGjyk9y1YNGiQO1Mr
apvi361SIGkOtqJ+iMUI6a72+vzMCYRE5GQsg0PTY2UsEhX2uMWz2H2nsCJxiz8T
VicBKoXHNSnYdGb41IgIKa//64FpwAVGa2J8nbHNKGyF5pacbedhNqEbOwqxxZkE
VjiZxZQfMdKOL28z1mNmV9NmFDnd+V3lu7vb167PRH5pEd1c/dF0RRP056dgeRv5
NSMz5UaLuCiDrg==
-----END CERTIFICATE-----