Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft
File:                     xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft (raw, json)
Hash identifier:          yPg/O9d+etb0AKr6hf8QaW20GDdLaWBIptxLyiCM+mw=
Subject key identifier:   99:F8:8F:1B:AA:28:6E:D1:64:6E:8E:8D:25:E2:6B:A6:8D:CB:DC:F8
Authority key identifier: C6:C0:0C:55:3A:54:DA:05:B9:36:35:A6:54:CA:DA:03:C6:D9:DF:2B
Certificate issuer:       /CN=c6c00c553a54da05b93635a654cada03c6d9df2b
Certificate serial:       019A711322B1A0726E03669796C167FEDE96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xsAMVTpU2gW5NjWmVMraA8bZ3ys.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft
Manifest number:          07F0
Signing time:             Tue 11 Nov 2025 04:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:10 +0000
Files and hashes:         1: xsAMVTpU2gW5NjWmVMraA8bZ3ys.crl (hash: Uty2Dg/Ktm9aXK1dVFTwwEhS1QKD1tVj7sbrpZjkpOw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xsAMVTpU2gW5NjWmVMraA8bZ3ys.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:22:b1:a0:72:6e:03:66:97:96:c1:67:fe:de:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6c00c553a54da05b93635a654cada03c6d9df2b
        Validity
            Not Before: Nov 11 04:01:10 2025 GMT
            Not After : Nov 12 04:01:10 2025 GMT
        Subject: CN=99f88f1baa286ed1646e8e8d25e26ba68dcbdcf8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:87:f8:e8:cf:2f:7f:f8:4a:ba:e4:5f:a6:57:
                    7b:53:51:04:ac:7f:5a:cb:8f:ad:a1:c2:e4:c5:e4:
                    62:f4:95:c7:8d:ff:ac:47:3d:e3:0d:86:a5:54:ea:
                    1f:93:ef:1f:ec:0c:af:af:6a:91:d4:98:6e:ca:15:
                    e2:93:8f:c3:dc:05:a1:63:79:41:e3:8b:c0:a3:23:
                    63:a1:ff:b0:aa:1e:33:a4:37:63:26:81:9f:55:3c:
                    0e:d4:88:05:ba:39:c8:5e:04:06:ed:2a:0b:92:e2:
                    ce:32:94:f1:52:e5:f5:e1:88:98:20:19:c0:d1:d9:
                    c3:22:f0:8e:12:81:50:14:a1:6c:a4:a0:4b:2c:aa:
                    f6:75:a0:b5:49:7a:b3:95:99:9c:b0:25:d7:7b:27:
                    6d:c1:87:5a:f1:ea:b3:a8:1f:ef:18:6a:11:bc:19:
                    ad:f1:6e:f0:f9:ce:00:9d:9b:1f:ed:0e:04:92:ab:
                    6e:0b:e0:b0:ed:94:1e:24:78:d4:c7:d7:67:52:97:
                    a2:73:1f:20:8d:5f:57:8e:d9:31:cf:78:a7:b8:85:
                    59:a3:d4:aa:d2:bf:cb:15:c0:e1:e9:2f:2e:9a:db:
                    de:5d:90:5a:2c:f1:07:f9:90:50:fd:93:52:26:94:
                    84:46:d9:20:f2:1b:cf:e8:97:ac:86:a7:68:f8:c5:
                    74:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:F8:8F:1B:AA:28:6E:D1:64:6E:8E:8D:25:E2:6B:A6:8D:CB:DC:F8
            X509v3 Authority Key Identifier:
                keyid:C6:C0:0C:55:3A:54:DA:05:B9:36:35:A6:54:CA:DA:03:C6:D9:DF:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsAMVTpU2gW5NjWmVMraA8bZ3ys.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:31:8c:ab:ef:1f:51:42:5b:15:ab:06:1c:fd:04:f0:4e:65:
         68:5d:0b:43:58:a0:48:e4:d5:8c:3e:17:09:29:4a:4f:b3:4c:
         1d:41:6d:06:38:7a:40:72:a8:1e:6c:3b:b0:33:0f:81:2d:2e:
         9c:f9:52:78:c8:b3:86:d0:ca:26:5d:ef:58:08:86:e2:c4:b8:
         0f:f6:b2:b7:0f:57:ea:00:6b:52:7a:08:63:4e:77:10:ef:49:
         7c:30:7f:60:76:73:cb:51:82:06:14:ba:db:3a:ba:93:a2:0f:
         31:53:5f:07:6c:aa:22:aa:1d:84:fd:77:ce:50:13:9b:59:33:
         50:06:3a:1b:5b:3f:fb:34:9f:c3:91:a2:4f:33:75:b4:41:c5:
         04:cd:2f:f2:89:3f:2d:00:47:d3:8f:e6:1c:42:54:ff:0a:de:
         28:18:fa:b3:99:d1:6d:56:59:ef:e6:9a:c2:a2:56:ac:8a:18:
         01:06:25:a2:06:c9:8e:c0:eb:e4:ec:c0:4c:36:8d:0b:cb:5c:
         05:34:a5:90:47:2f:0d:de:c8:bd:56:3a:b1:e1:fb:d7:98:18:
         5c:1d:07:b6:bb:20:aa:b6:8e:1c:cf:50:c0:fb:04:b9:45:e3:
         c8:40:6d:67:ae:d3:3d:a9:24:83:ae:d9:59:07:b1:25:94:aa:
         f6:b4:f6:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEyKxoHJuA2aXlsFn/t6WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YzAwYzU1M2E1NGRhMDViOTM2MzVhNjU0Y2FkYTAzYzZk
OWRmMmIwHhcNMjUxMTExMDQwMTEwWhcNMjUxMTEyMDQwMTEwWjAzMTEwLwYDVQQD
Eyg5OWY4OGYxYmFhMjg2ZWQxNjQ2ZThlOGQyNWUyNmJhNjhkY2JkY2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIf46M8vf/hKuuRfpld7U1EErH9a
y4+tocLkxeRi9JXHjf+sRz3jDYalVOofk+8f7Ayvr2qR1JhuyhXik4/D3AWhY3lB
44vAoyNjof+wqh4zpDdjJoGfVTwO1IgFujnIXgQG7SoLkuLOMpTxUuX14YiYIBnA
0dnDIvCOEoFQFKFspKBLLKr2daC1SXqzlZmcsCXXeydtwYda8eqzqB/vGGoRvBmt
8W7w+c4AnZsf7Q4EkqtuC+Cw7ZQeJHjUx9dnUpeicx8gjV9Xjtkxz3inuIVZo9Sq
0r/LFcDh6S8umtveXZBaLPEH+ZBQ/ZNSJpSERtkg8hvP6Jeshqdo+MV0FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJn4jxuqKG7RZG6OjSXia6aNy9z4MB8GA1UdIwQY
MBaAFMbADFU6VNoFuTY1plTK2gPG2d8rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHNBTVZUcFUyZ1c1TmpXbVZNcmFBOGJaM3lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82ZmRhMWQtYjk2Yi00Y2Y5LWJiNjgt
M2ZiZGQ5ZGJiZDkyLzEveHNBTVZUcFUyZ1c1TmpXbVZNcmFBOGJaM3lzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82ZmRhMWQtYjk2Yi00Y2Y5LWJiNjgtM2ZiZGQ5ZGJiZDky
LzEveHNBTVZUcFUyZ1c1TmpXbVZNcmFBOGJaM3lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXDGMq+8f
UUJbFasGHP0E8E5laF0LQ1igSOTVjD4XCSlKT7NMHUFtBjh6QHKoHmw7sDMPgS0u
nPlSeMizhtDKJl3vWAiG4sS4D/aytw9X6gBrUnoIY053EO9JfDB/YHZzy1GCBhS6
2zq6k6IPMVNfB2yqIqodhP13zlATm1kzUAY6G1s/+zSfw5GiTzN1tEHFBM0v8ok/
LQBH04/mHEJU/wreKBj6s5nRbVZZ7+aawqJWrIoYAQYlogbJjsDr5OzATDaNC8tc
BTSlkEcvDd7IvVY6seH715gYXB0HtrsgqraOHM9QwPsEuUXjyEBtZ67TPakkg67Z
WQexJZSq9rT2Wg==
-----END CERTIFICATE-----