Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
File:                     XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft (raw, json)
Hash identifier:          rHNpsFVvVsDH6DcKPO11NGavolNBWsU69a4VzOIN7+s=
Subject key identifier:   C3:A9:46:56:6D:8E:5D:41:0E:BF:A9:F5:69:76:C3:B3:52:7B:8A:48
Authority key identifier: 5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A
Certificate issuer:       /CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
Certificate serial:       019931FF6CEB3AEA9E253DA4CE4ECFDC4C5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
Manifest number:          0C4E
Signing time:             Wed 10 Sep 2025 05:00:47 +0000
Manifest this update:     Wed 10 Sep 2025 05:00:47 +0000
Manifest next update:     Thu 11 Sep 2025 05:00:47 +0000
Files and hashes:         1: XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl (hash: KrZydsWAmtd8zg5XL8IFDAypsQtG4sv8ml9Ll/uyaoE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 11 Sep 2025 05:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:31:ff:6c:eb:3a:ea:9e:25:3d:a4:ce:4e:cf:dc:4c:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
        Validity
            Not Before: Sep 10 05:00:47 2025 GMT
            Not After : Sep 11 05:00:47 2025 GMT
        Subject: CN=c3a946566d8e5d410ebfa9f56976c3b3527b8a48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:b6:3d:06:58:f5:74:33:eb:f5:77:87:d7:4d:
                    a4:8d:48:17:de:0f:e8:c4:a2:fb:b3:40:87:df:f9:
                    53:fa:ea:57:72:05:b9:45:e9:04:9e:02:f5:04:16:
                    15:1e:20:ac:42:b6:5f:14:cd:57:ee:59:c2:67:77:
                    5b:d9:d5:b6:0b:e7:4d:20:36:66:af:b6:09:56:22:
                    bd:07:44:3d:9d:6a:07:6c:e0:4b:95:9d:8d:45:fc:
                    37:8a:8e:fe:63:45:3b:fa:65:2e:cd:56:af:71:5f:
                    6e:b6:5d:2f:60:2f:71:7d:7e:3a:bd:c7:9d:a3:16:
                    12:33:df:0e:82:c6:6c:fd:5a:69:84:16:0b:cd:7b:
                    5c:59:57:47:87:18:5c:11:71:3a:32:46:48:1f:fe:
                    69:17:6b:a6:9b:f3:5f:ea:ae:0a:80:89:f7:dc:97:
                    e8:3b:e5:20:b2:5d:e7:3e:34:b1:c2:08:0e:dc:03:
                    bd:2a:75:e5:54:f3:22:c1:ec:6c:7f:1e:84:7f:c6:
                    3f:de:67:69:a0:99:d4:9f:d4:53:0a:08:05:31:d6:
                    79:f0:8f:42:9b:d5:ca:fc:65:95:af:02:f6:83:0e:
                    ed:96:38:4a:2f:82:91:f3:97:1c:e9:ca:23:d2:e4:
                    0c:ff:ad:33:60:6f:85:92:40:91:c2:c3:ee:39:6c:
                    e1:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:A9:46:56:6D:8E:5D:41:0E:BF:A9:F5:69:76:C3:B3:52:7B:8A:48
            X509v3 Authority Key Identifier:
                keyid:5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d5:59:01:15:da:ba:9b:2c:00:23:c1:b1:38:dc:79:36:c2:50:
         09:eb:ec:85:18:74:b2:24:5f:a0:38:b1:94:f9:17:ab:33:6c:
         ec:91:83:66:b8:65:8c:dc:d0:14:7f:bb:ba:ab:b0:1f:bd:8f:
         55:93:70:08:48:44:05:df:93:37:1c:61:27:46:0c:40:68:33:
         74:8e:21:e7:4f:86:ec:d4:96:43:8e:93:0f:fa:d4:57:40:87:
         d3:2c:cb:f5:f6:46:28:6b:08:fb:db:9e:8c:33:cb:ad:5b:9f:
         e6:12:67:59:35:8b:f2:bb:14:2d:b2:3f:b0:42:33:82:8d:96:
         72:3a:93:3f:cc:e3:5f:22:6a:15:4e:6f:36:e0:dd:08:bf:07:
         2a:0d:dd:c6:31:5c:34:60:df:2c:a7:bd:7f:7f:8a:c0:da:1a:
         ed:84:d1:20:01:52:71:11:90:61:51:a4:e2:fa:eb:6c:66:1b:
         1b:d5:cc:41:5a:40:8a:84:1e:6c:c6:0c:fb:ef:d1:e9:f5:74:
         57:a2:57:b8:9d:bf:f9:be:a5:2f:70:af:02:40:8a:63:18:15:
         cb:05:97:e3:71:63:33:f0:7b:4f:a6:cf:df:5a:da:48:79:b6:
         97:7a:0f:0e:59:2c:86:20:8a:f7:36:d5:c7:2e:93:8c:dc:eb:
         25:b9:90:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkx/2zrOuqeJT2kzk7P3ExaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzhlYjI5NTk1NjA3ZWQ0ZDhmNGQ5YmYwNmNiYTQyOTky
Njg2NGEwHhcNMjUwOTEwMDUwMDQ3WhcNMjUwOTExMDUwMDQ3WjAzMTEwLwYDVQQD
EyhjM2E5NDY1NjZkOGU1ZDQxMGViZmE5ZjU2OTc2YzNiMzUyN2I4YTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorY9Blj1dDPr9XeH102kjUgX3g/o
xKL7s0CH3/lT+upXcgW5RekEngL1BBYVHiCsQrZfFM1X7lnCZ3db2dW2C+dNIDZm
r7YJViK9B0Q9nWoHbOBLlZ2NRfw3io7+Y0U7+mUuzVavcV9utl0vYC9xfX46vced
oxYSM98OgsZs/VpphBYLzXtcWVdHhxhcEXE6MkZIH/5pF2umm/Nf6q4KgIn33Jfo
O+Ugsl3nPjSxwggO3AO9KnXlVPMiwexsfx6Ef8Y/3mdpoJnUn9RTCggFMdZ58I9C
m9XK/GWVrwL2gw7tljhKL4KR85cc6coj0uQM/60zYG+FkkCRwsPuOWzhsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMOpRlZtjl1BDr+p9Wl2w7NSe4pIMB8GA1UdIwQY
MBaAFF046ylZVgftTY9Nm/BsukKZJoZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMt
ZDI0YjRhNWIxY2RjLzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMtZDI0YjRhNWIxY2Rj
LzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1VkBFdq6
mywAI8GxONx5NsJQCevshRh0siRfoDixlPkXqzNs7JGDZrhljNzQFH+7uquwH72P
VZNwCEhEBd+TNxxhJ0YMQGgzdI4h50+G7NSWQ46TD/rUV0CH0yzL9fZGKGsI+9ue
jDPLrVuf5hJnWTWL8rsULbI/sEIzgo2WcjqTP8zjXyJqFU5vNuDdCL8HKg3dxjFc
NGDfLKe9f3+KwNoa7YTRIAFScRGQYVGk4vrrbGYbG9XMQVpAioQebMYM++/R6fV0
V6JXuJ2/+b6lL3CvAkCKYxgVywWX43FjM/B7T6bP31raSHm2l3oPDlkshiCK9zbV
xy6TjNzrJbmQlw==
-----END CERTIFICATE-----