Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
File:                     XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft (raw, json)
Hash identifier:          mryb7LpePUm6VUU6uI+bvt+r/CHez1if+kAOFchVwdg=
Subject key identifier:   53:72:04:06:DB:44:98:50:54:D4:EB:9C:80:DF:3F:B3:06:21:4E:B4
Authority key identifier: 5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A
Certificate issuer:       /CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
Certificate serial:       019749D5B739C60BCC538A0181256BF5A2B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
Manifest number:          0276
Signing time:             Sat 07 Jun 2025 10:00:32 +0000
Manifest this update:     Sat 07 Jun 2025 10:00:32 +0000
Manifest next update:     Sun 08 Jun 2025 10:00:32 +0000
Files and hashes:         1: XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl (hash: J/YfEG2a0Y8Oc+j9TciUkYd6qtSHDWflS518yZe5eM4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d5:b7:39:c6:0b:cc:53:8a:01:81:25:6b:f5:a2:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
        Validity
            Not Before: Jun  7 10:00:32 2025 GMT
            Not After : Jun  8 10:00:32 2025 GMT
        Subject: CN=53720406db44985054d4eb9c80df3fb306214eb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:6a:a2:9e:cb:4b:3e:e1:92:20:42:91:d5:d3:
                    a1:b1:f3:57:20:40:2d:68:ef:8b:f7:68:d9:06:93:
                    a2:b7:c1:03:10:9d:0a:5f:cc:98:41:5c:c1:29:ed:
                    16:4a:cc:1b:19:d2:e7:8d:04:96:a1:79:45:70:04:
                    6d:d2:fd:fe:2c:6d:76:08:87:4b:c9:7c:72:bc:8e:
                    a5:26:ba:a3:dd:b1:5c:1d:a7:9f:61:bc:61:18:74:
                    88:19:41:c9:5b:30:8e:ee:f7:98:74:a9:f1:6a:51:
                    ad:86:24:47:f8:1c:a1:7f:8e:7c:ab:63:06:63:5f:
                    f7:0d:1f:a6:77:00:7c:b4:d4:78:fa:66:c2:ad:12:
                    66:73:88:d4:54:0a:20:4d:e2:40:1a:21:1f:98:9b:
                    8c:e0:a9:fd:a1:58:08:6d:46:51:c4:0a:e8:8d:c4:
                    84:8e:b3:56:29:d4:4b:78:6e:15:01:fb:88:c3:c8:
                    d6:d5:0e:4c:e8:51:70:5e:15:f2:f6:45:a5:8f:0e:
                    ea:8a:80:a8:5f:5b:56:93:a7:c3:06:7d:d9:af:0d:
                    8c:1e:89:eb:53:55:a4:37:56:1b:25:4e:c9:ac:3b:
                    4e:d3:98:bf:b9:de:e9:a7:b7:9b:55:b9:98:f3:be:
                    7e:f3:d9:db:7a:78:98:28:76:81:6a:23:4d:b4:68:
                    0e:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:72:04:06:DB:44:98:50:54:D4:EB:9C:80:DF:3F:B3:06:21:4E:B4
            X509v3 Authority Key Identifier:
                keyid:5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:10:fc:83:9a:95:97:88:9a:5c:7a:a8:30:70:28:e2:02:c7:
         7d:60:21:ae:d2:e2:88:3e:5e:75:c8:b3:22:f5:d2:b6:5f:5e:
         9d:fc:35:33:47:8a:98:78:d7:df:2e:e5:14:64:d3:82:25:f1:
         95:1e:f5:d7:f4:09:75:cd:7d:e6:8a:9b:96:37:20:08:04:b0:
         76:71:8b:f1:25:1c:eb:c6:c8:49:5f:c2:2a:7a:93:06:56:12:
         8d:d9:f8:3b:11:6f:f9:1b:7e:20:ab:2b:b0:f3:b6:46:7f:34:
         ca:a0:4c:39:12:07:45:b9:38:70:e8:f6:70:0a:c1:5a:15:94:
         63:0a:4c:d9:15:10:a3:ca:7e:0e:c2:6f:f0:18:82:5f:c5:b9:
         8a:86:61:ea:d3:ac:86:d0:65:1d:c9:3f:0d:37:d7:f0:65:68:
         10:12:fa:5a:2d:74:b3:c6:c4:5c:7b:05:c5:30:f7:6b:e2:81:
         bd:5a:79:92:80:fa:d6:79:04:68:45:13:93:3f:b7:ce:59:e4:
         81:56:e2:b2:9d:86:09:9d:d0:3f:32:02:42:a6:ae:d0:b1:01:
         6d:95:9f:df:ad:15:d9:cf:71:4c:f9:ca:0b:eb:5c:10:35:e5:
         28:0d:55:2d:35:2a:ea:49:ee:12:d5:8f:1d:63:60:47:01:45:
         cb:4e:93:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1bc5xgvMU4oBgSVr9aKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZjMTM4NGI0YTRjYTUwMWRkMzNjNWYwZDg1ODBkNDQx
NmViM2EwHhcNMjUwNjA3MTAwMDMyWhcNMjUwNjA4MTAwMDMyWjAzMTEwLwYDVQQD
Eyg1MzcyMDQwNmRiNDQ5ODUwNTRkNGViOWM4MGRmM2ZiMzA2MjE0ZWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWqinstLPuGSIEKR1dOhsfNXIEAt
aO+L92jZBpOit8EDEJ0KX8yYQVzBKe0WSswbGdLnjQSWoXlFcARt0v3+LG12CIdL
yXxyvI6lJrqj3bFcHaefYbxhGHSIGUHJWzCO7veYdKnxalGthiRH+Byhf458q2MG
Y1/3DR+mdwB8tNR4+mbCrRJmc4jUVAogTeJAGiEfmJuM4Kn9oVgIbUZRxArojcSE
jrNWKdRLeG4VAfuIw8jW1Q5M6FFwXhXy9kWljw7qioCoX1tWk6fDBn3Zrw2MHonr
U1WkN1YbJU7JrDtO05i/ud7pp7ebVbmY875+89nbeniYKHaBaiNNtGgO3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFNyBAbbRJhQVNTrnIDfP7MGIU60MB8GA1UdIwQY
MBaAFF3WwThLSkylAd0zxfDYWA1EFus6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQt
ZDgyZDA2YTg3YmZlLzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQtZDgyZDA2YTg3YmZl
LzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwhD8g5qV
l4iaXHqoMHAo4gLHfWAhrtLiiD5edcizIvXStl9enfw1M0eKmHjX3y7lFGTTgiXx
lR711/QJdc195oqbljcgCASwdnGL8SUc68bISV/CKnqTBlYSjdn4OxFv+Rt+IKsr
sPO2Rn80yqBMORIHRbk4cOj2cArBWhWUYwpM2RUQo8p+DsJv8BiCX8W5ioZh6tOs
htBlHck/DTfX8GVoEBL6Wi10s8bEXHsFxTD3a+KBvVp5koD61nkEaEUTkz+3zlnk
gVbisp2GCZ3QPzICQqau0LEBbZWf360V2c9xTPnKC+tcEDXlKA1VLTUq6knuEtWP
HWNgRwFFy06TMg==
-----END CERTIFICATE-----