Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
File:                     XzoD6voEyDkjvYaTJGGFDfX3gUY.mft (raw, json)
Hash identifier:          uXWRdiCPnlWEJpUUIDRIIh0XyP64ZcbczB8hMRopO5o=
Subject key identifier:   CD:97:E3:6B:A1:17:1F:FE:B0:31:E1:3C:CE:62:CE:C4:94:54:1D:3B
Authority key identifier: 5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46
Certificate issuer:       /CN=5f3a03eafa04c83923bd86932461850df5f78146
Certificate serial:       0197537DA70E941220FF8B658B877B53E4C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
Manifest number:          11DC
Signing time:             Mon 09 Jun 2025 07:00:32 +0000
Manifest this update:     Mon 09 Jun 2025 07:00:32 +0000
Manifest next update:     Tue 10 Jun 2025 07:00:32 +0000
Files and hashes:         1: XzoD6voEyDkjvYaTJGGFDfX3gUY.crl (hash: BggYlC5KV5p3kCwz65y6dbTAr54HsyGCRD2TmvV43aQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:7d:a7:0e:94:12:20:ff:8b:65:8b:87:7b:53:e4:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f3a03eafa04c83923bd86932461850df5f78146
        Validity
            Not Before: Jun  9 07:00:32 2025 GMT
            Not After : Jun 10 07:00:32 2025 GMT
        Subject: CN=cd97e36ba1171ffeb031e13cce62cec494541d3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:f2:ad:0c:55:f1:59:d0:eb:48:66:cf:0e:47:
                    ce:9b:d9:b5:f4:ca:ae:fb:33:af:b0:27:1e:95:41:
                    f7:e0:70:fb:15:03:5c:69:fa:43:40:1e:5b:3d:33:
                    f9:84:82:22:50:28:92:8d:3d:92:51:6c:17:c1:36:
                    10:65:67:49:6b:a4:03:6e:c5:79:f4:03:f0:d8:ca:
                    94:89:96:ea:68:f8:8e:70:02:c8:72:c9:c8:d9:45:
                    26:25:d3:bf:fc:11:2d:f8:02:31:ab:71:e7:70:d9:
                    23:dc:da:5d:4b:30:70:6c:69:f8:e4:a5:f3:03:d5:
                    0d:89:0e:76:53:da:19:e1:e8:2c:0f:5a:6b:39:b6:
                    71:cb:4b:fb:ac:35:6b:d6:f1:7b:ad:a3:1d:18:36:
                    3e:f8:e0:23:76:84:cc:b2:bd:0e:9d:b6:4b:bc:65:
                    fe:9c:ee:26:84:59:df:66:2f:dc:70:d2:d2:23:7c:
                    ea:eb:9a:66:90:62:83:1e:1c:4c:b6:09:44:d7:24:
                    59:ef:6d:7c:99:c3:29:c5:ea:50:de:94:a6:f5:ab:
                    44:78:e7:dc:ab:c2:13:85:c5:15:7f:fb:71:0b:7d:
                    12:25:a6:da:ab:1a:2f:ac:53:d4:88:e0:d5:e6:81:
                    35:ac:f9:b2:dd:7c:82:f6:1d:0d:47:f7:af:b7:e7:
                    e7:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:97:E3:6B:A1:17:1F:FE:B0:31:E1:3C:CE:62:CE:C4:94:54:1D:3B
            X509v3 Authority Key Identifier:
                keyid:5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:8b:03:9c:d4:32:d0:86:23:79:8e:95:00:0d:a4:49:62:03:
         3b:20:ff:72:9c:3b:ed:29:6d:34:c1:3b:34:79:c9:7e:0d:47:
         d1:12:d7:e2:9c:11:38:71:a9:ff:05:7b:cf:d2:07:f6:62:47:
         e7:76:eb:9d:8d:6f:45:3b:fe:a5:ba:61:a7:07:ce:3f:b8:8c:
         0a:45:e9:88:fc:ed:12:f0:c1:e3:c2:d7:11:b0:45:f2:e3:39:
         d2:19:de:08:7a:74:11:69:41:0d:99:5b:ff:01:da:f3:3b:56:
         29:ed:57:e8:9e:76:ec:71:59:9a:cb:d2:16:0e:12:aa:d4:bc:
         00:73:78:20:9b:78:41:11:d8:8d:49:9e:b0:be:4e:ac:99:74:
         c9:e6:94:e5:63:50:e4:ed:6b:dd:5a:4e:06:74:27:3f:cd:3c:
         f5:1b:8a:69:57:fc:55:c0:e7:58:87:81:63:f6:be:13:2e:d7:
         c2:06:af:02:7a:48:83:31:16:1e:cb:4e:fa:d7:46:50:1f:cb:
         3c:aa:81:30:26:b2:17:52:5d:63:3f:7c:1b:ee:8e:bd:2d:82:
         bb:bf:32:a6:46:b2:60:d1:35:29:69:bf:f1:91:c0:96:ab:7a:
         de:11:5f:9e:51:01:17:e2:52:00:65:69:32:89:19:2d:25:38:
         ea:b8:1f:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTfacOlBIg/4tli4d7U+TEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmM2EwM2VhZmEwNGM4MzkyM2JkODY5MzI0NjE4NTBkZjVm
NzgxNDYwHhcNMjUwNjA5MDcwMDMyWhcNMjUwNjEwMDcwMDMyWjAzMTEwLwYDVQQD
EyhjZDk3ZTM2YmExMTcxZmZlYjAzMWUxM2NjZTYyY2VjNDk0NTQxZDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfKtDFXxWdDrSGbPDkfOm9m19Mqu
+zOvsCcelUH34HD7FQNcafpDQB5bPTP5hIIiUCiSjT2SUWwXwTYQZWdJa6QDbsV5
9APw2MqUiZbqaPiOcALIcsnI2UUmJdO//BEt+AIxq3HncNkj3NpdSzBwbGn45KXz
A9UNiQ52U9oZ4egsD1prObZxy0v7rDVr1vF7raMdGDY++OAjdoTMsr0OnbZLvGX+
nO4mhFnfZi/ccNLSI3zq65pmkGKDHhxMtglE1yRZ7218mcMpxepQ3pSm9atEeOfc
q8IThcUVf/txC30SJabaqxovrFPUiODV5oE1rPmy3XyC9h0NR/evt+fndwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM2X42uhFx/+sDHhPM5izsSUVB07MB8GA1UdIwQY
MBaAFF86A+r6BMg5I72GkyRhhQ3194FGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTIt
ZDU0MGU4YjEzZjdkLzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTItZDU0MGU4YjEzZjdk
LzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgIsDnNQy
0IYjeY6VAA2kSWIDOyD/cpw77SltNME7NHnJfg1H0RLX4pwROHGp/wV7z9IH9mJH
53brnY1vRTv+pbphpwfOP7iMCkXpiPztEvDB48LXEbBF8uM50hneCHp0EWlBDZlb
/wHa8ztWKe1X6J527HFZmsvSFg4SqtS8AHN4IJt4QRHYjUmesL5OrJl0yeaU5WNQ
5O1r3VpOBnQnP8089RuKaVf8VcDnWIeBY/a+Ey7XwgavAnpIgzEWHstO+tdGUB/L
PKqBMCayF1JdYz98G+6OvS2Cu78ypkayYNE1KWm/8ZHAlqt63hFfnlEBF+JSAGVp
MokZLSU46rgfAg==
-----END CERTIFICATE-----