Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
File:                     XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft (raw, json)
Hash identifier:          qaBCJV3pOKcIMp5DMv/sLUP6qA73yJ9t2jU4WF6xc9o=
Subject key identifier:   93:FC:75:4E:67:2A:01:8D:B1:79:D8:6F:6D:1F:38:59:4D:0B:0F:53
Authority key identifier: 5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A
Certificate issuer:       /CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
Certificate serial:       0197496850125DF781BCD607926912751306
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
Manifest number:          0B51
Signing time:             Sat 07 Jun 2025 08:01:02 +0000
Manifest this update:     Sat 07 Jun 2025 08:01:02 +0000
Manifest next update:     Sun 08 Jun 2025 08:01:02 +0000
Files and hashes:         1: XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl (hash: zYRM6wXhK7eieGWgIBhjLDBJNJ7U+xV0CwcRll4n0X0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 08:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:68:50:12:5d:f7:81:bc:d6:07:92:69:12:75:13:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
        Validity
            Not Before: Jun  7 08:01:02 2025 GMT
            Not After : Jun  8 08:01:02 2025 GMT
        Subject: CN=93fc754e672a018db179d86f6d1f38594d0b0f53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:74:b6:52:0f:61:24:f8:58:f9:0f:e3:24:df:
                    1e:77:61:cf:8d:73:fe:2a:fd:01:6d:c9:eb:7a:5e:
                    26:1c:7a:5c:f9:e3:46:99:9d:9e:d2:78:7c:3a:58:
                    eb:ba:0f:bb:ca:09:40:56:7a:8d:db:e2:32:d0:48:
                    52:dd:0e:7a:71:c6:e5:30:38:7a:e3:97:97:1c:5f:
                    dd:ee:ca:11:8f:d8:c0:93:e9:e7:a7:b5:00:ec:d4:
                    45:83:b7:44:04:30:cc:37:7c:63:76:78:21:e2:1b:
                    68:1c:87:50:fb:f1:f2:ff:8a:69:21:c6:f2:b0:8f:
                    ed:e8:e6:bc:56:a9:94:62:2c:2e:3e:a6:4b:98:a4:
                    da:db:1b:bc:35:f0:af:e8:eb:d8:b0:26:07:e9:a7:
                    8d:cc:b5:00:27:3f:7a:ae:d9:d0:30:5c:f1:0c:fe:
                    52:af:dc:b7:34:37:8a:60:d5:27:59:28:0d:a8:62:
                    e8:b2:5a:ef:0c:a3:9b:c7:32:67:76:57:1a:78:1a:
                    cb:82:12:33:34:c9:9a:66:34:6c:50:85:a9:c6:51:
                    c6:6f:06:14:89:ad:88:13:2e:08:af:70:63:d5:80:
                    bc:bd:1c:75:95:da:1e:37:ee:a4:c2:3a:51:68:4e:
                    26:ac:44:e1:58:f1:ec:eb:42:74:e6:52:80:c7:63:
                    29:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:FC:75:4E:67:2A:01:8D:B1:79:D8:6F:6D:1F:38:59:4D:0B:0F:53
            X509v3 Authority Key Identifier:
                keyid:5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:ae:d8:c1:19:a5:78:c4:97:9c:fb:41:14:a3:b7:9b:b2:96:
         2d:f8:b8:ab:b1:6f:45:d8:68:4d:ce:70:3d:74:ae:5e:20:76:
         a9:73:f9:34:2f:6f:43:23:d8:41:bc:09:0a:78:39:58:4b:0f:
         98:32:fb:e2:76:dd:72:06:c1:1a:4c:f3:4c:ba:02:7c:28:67:
         82:ab:20:35:44:a8:17:82:65:69:4e:d8:93:30:d4:29:1b:b4:
         2a:cb:1f:f4:04:2d:3b:93:99:4b:8e:6b:e2:cb:ca:1b:9e:67:
         1f:ad:2e:7c:e5:77:1d:8e:e4:ee:cc:63:37:1f:c2:1d:7b:c3:
         6f:cf:d3:c6:6c:77:65:45:c8:ad:42:58:37:ba:3f:08:7e:d9:
         e1:01:d9:ef:cd:98:45:77:dc:57:6f:81:2c:34:b2:c5:49:0f:
         47:b4:3d:80:b9:bf:9d:3a:f6:08:b0:15:4f:2c:09:bb:a9:a1:
         50:53:b8:96:ef:88:4b:ea:7b:01:da:76:9d:2b:ea:64:cb:1d:
         0e:14:34:2a:8d:5e:33:42:fe:ab:e2:b1:b6:a3:cf:8f:9a:ed:
         84:e4:f7:99:f3:0c:41:1f:ea:6d:8f:94:94:e0:b1:75:3b:cc:
         f2:e1:fc:91:e5:1a:96:22:e7:60:f6:86:29:7e:93:b7:5f:3a:
         63:6d:d6:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJaFASXfeBvNYHkmkSdRMGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzhlYjI5NTk1NjA3ZWQ0ZDhmNGQ5YmYwNmNiYTQyOTky
Njg2NGEwHhcNMjUwNjA3MDgwMTAyWhcNMjUwNjA4MDgwMTAyWjAzMTEwLwYDVQQD
Eyg5M2ZjNzU0ZTY3MmEwMThkYjE3OWQ4NmY2ZDFmMzg1OTRkMGIwZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA73S2Ug9hJPhY+Q/jJN8ed2HPjXP+
Kv0Bbcnrel4mHHpc+eNGmZ2e0nh8Oljrug+7yglAVnqN2+Iy0EhS3Q56ccblMDh6
45eXHF/d7soRj9jAk+nnp7UA7NRFg7dEBDDMN3xjdngh4htoHIdQ+/Hy/4ppIcby
sI/t6Oa8VqmUYiwuPqZLmKTa2xu8NfCv6OvYsCYH6aeNzLUAJz96rtnQMFzxDP5S
r9y3NDeKYNUnWSgNqGLoslrvDKObxzJndlcaeBrLghIzNMmaZjRsUIWpxlHGbwYU
ia2IEy4Ir3Bj1YC8vRx1ldoeN+6kwjpRaE4mrEThWPHs60J05lKAx2Mp6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJP8dU5nKgGNsXnYb20fOFlNCw9TMB8GA1UdIwQY
MBaAFF046ylZVgftTY9Nm/BsukKZJoZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMt
ZDI0YjRhNWIxY2RjLzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMtZDI0YjRhNWIxY2Rj
LzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYq7YwRml
eMSXnPtBFKO3m7KWLfi4q7FvRdhoTc5wPXSuXiB2qXP5NC9vQyPYQbwJCng5WEsP
mDL74nbdcgbBGkzzTLoCfChngqsgNUSoF4JlaU7YkzDUKRu0Kssf9AQtO5OZS45r
4svKG55nH60ufOV3HY7k7sxjNx/CHXvDb8/Txmx3ZUXIrUJYN7o/CH7Z4QHZ782Y
RXfcV2+BLDSyxUkPR7Q9gLm/nTr2CLAVTywJu6mhUFO4lu+IS+p7Adp2nSvqZMsd
DhQ0Ko1eM0L+q+KxtqPPj5rthOT3mfMMQR/qbY+UlOCxdTvM8uH8keUaliLnYPaG
KX6Tt186Y23WUQ==
-----END CERTIFICATE-----