Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
File:                     XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft (raw, json)
Hash identifier:          gnbSZy/wsd0J8tE88jdAiv5CYC+GmWc1MkN2tN2OYlY=
Subject key identifier:   4E:04:17:75:FD:B1:F2:E5:73:CB:37:64:A7:08:1E:0F:73:5B:31:77
Authority key identifier: 5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95
Certificate issuer:       /CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495
Certificate serial:       019A7225A0337428862E5D42874EE9859E19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
Manifest number:          0731
Signing time:             Tue 11 Nov 2025 09:00:59 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:59 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:59 +0000
Files and hashes:         1: XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl (hash: EYoyDQbGAqeRxgpAfbNDQVsORrc5YntByZVJ3X+NJ+8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:a0:33:74:28:86:2e:5d:42:87:4e:e9:85:9e:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495
        Validity
            Not Before: Nov 11 09:00:59 2025 GMT
            Not After : Nov 12 09:00:59 2025 GMT
        Subject: CN=4e041775fdb1f2e573cb3764a7081e0f735b3177
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:7d:50:7c:58:3a:36:4b:01:28:74:51:c9:47:
                    d1:08:c3:68:5a:31:15:af:09:0e:10:a4:77:5c:0a:
                    81:cf:b4:4c:d0:06:f8:76:8b:e6:f5:59:3f:cb:a2:
                    19:9d:34:7a:9d:09:3e:6f:f8:4e:98:83:0c:39:6b:
                    c4:34:74:23:d2:f2:5d:75:b0:8d:a1:dc:95:6b:51:
                    87:47:be:f4:02:26:73:86:b7:44:23:c4:bd:b8:92:
                    be:cb:eb:56:81:f5:ab:91:f3:f7:1c:27:c5:7b:32:
                    b7:75:ee:77:90:4e:66:42:15:1e:4d:55:a7:c0:e7:
                    3e:98:89:a8:ee:68:e0:58:32:6d:a2:de:22:12:4d:
                    14:fd:82:b1:4e:1a:8a:05:71:c9:f7:fa:ed:2e:9c:
                    d4:7d:fc:f1:27:24:ac:b0:9d:e3:88:21:96:46:0a:
                    42:dc:5c:da:6d:98:c3:8f:96:83:8f:69:b4:ab:8f:
                    02:d2:84:96:f4:4d:85:f2:3d:ad:f4:06:6a:be:e5:
                    0b:0f:ff:23:6d:0a:3f:9d:b9:a7:91:ec:8f:f5:d5:
                    bb:f1:86:26:66:ae:f2:aa:69:a2:e9:d4:e0:48:31:
                    3b:72:63:b4:d0:3d:98:c3:d5:f0:21:15:c0:36:51:
                    5f:9a:54:09:d7:18:e3:44:02:89:c9:99:d6:32:8d:
                    61:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:04:17:75:FD:B1:F2:E5:73:CB:37:64:A7:08:1E:0F:73:5B:31:77
            X509v3 Authority Key Identifier:
                keyid:5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:60:3e:5b:fa:2d:02:62:d4:9e:29:e5:40:25:d3:78:d5:d5:
         dc:6d:41:c2:f1:54:32:f9:ce:5f:ee:49:36:14:0a:ff:85:2f:
         ef:f3:d9:f8:a6:90:ce:d6:77:5b:2b:9f:a5:ee:26:55:80:a9:
         9a:52:40:0d:3a:7e:7d:50:6b:91:e8:01:e6:69:ec:32:62:d3:
         75:2f:c9:d1:8a:b7:2a:cc:52:72:05:ac:7e:22:d3:98:e2:d8:
         88:ed:cc:ed:51:41:80:47:da:63:42:82:2a:e4:7c:31:ce:6c:
         aa:00:94:d7:ef:c8:dc:e8:06:90:1b:e4:ef:af:25:a4:7f:27:
         b6:e6:7b:78:a9:26:14:63:b0:63:63:ee:81:79:c5:5d:f1:58:
         b5:f4:58:71:0b:54:78:bd:01:c4:db:8c:77:36:d7:0b:43:29:
         e7:a6:3f:e6:de:ab:42:9c:dc:ef:60:6e:99:04:fa:2b:12:c0:
         b9:b4:59:4b:d4:7e:d2:1a:5e:7e:1f:99:73:af:ab:d0:34:da:
         81:b5:04:c9:bf:55:d2:20:66:00:88:c1:5d:4b:c5:83:47:ef:
         ce:1d:00:22:cd:89:3e:a0:53:09:5f:cc:69:e4:26:69:d9:63:
         74:57:09:ff:25:6a:a0:0b:f2:b8:d8:9f:71:7a:fe:c6:6e:ab:
         81:4f:9a:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJaAzdCiGLl1Ch07phZ4ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMjE5NjhlOTFjMmY0N2YxYjA3YzFmMzVmZTdkMjYzYzU2
ZDA0OTUwHhcNMjUxMTExMDkwMDU5WhcNMjUxMTEyMDkwMDU5WjAzMTEwLwYDVQQD
Eyg0ZTA0MTc3NWZkYjFmMmU1NzNjYjM3NjRhNzA4MWUwZjczNWIzMTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt31QfFg6NksBKHRRyUfRCMNoWjEV
rwkOEKR3XAqBz7RM0Ab4dovm9Vk/y6IZnTR6nQk+b/hOmIMMOWvENHQj0vJddbCN
odyVa1GHR770AiZzhrdEI8S9uJK+y+tWgfWrkfP3HCfFezK3de53kE5mQhUeTVWn
wOc+mImo7mjgWDJtot4iEk0U/YKxThqKBXHJ9/rtLpzUffzxJySssJ3jiCGWRgpC
3FzabZjDj5aDj2m0q48C0oSW9E2F8j2t9AZqvuULD/8jbQo/nbmnkeyP9dW78YYm
Zq7yqmmi6dTgSDE7cmO00D2Yw9XwIRXANlFfmlQJ1xjjRAKJyZnWMo1hhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE4EF3X9sfLlc8s3ZKcIHg9zWzF3MB8GA1UdIwQY
MBaAFF0hlo6RwvR/GwfB81/n0mPFbQSVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUt
MWVjMzc0NjVkM2FmLzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUtMWVjMzc0NjVkM2Fm
LzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAemA+W/ot
AmLUninlQCXTeNXV3G1BwvFUMvnOX+5JNhQK/4Uv7/PZ+KaQztZ3Wyufpe4mVYCp
mlJADTp+fVBrkegB5mnsMmLTdS/J0Yq3KsxScgWsfiLTmOLYiO3M7VFBgEfaY0KC
KuR8Mc5sqgCU1+/I3OgGkBvk768lpH8ntuZ7eKkmFGOwY2PugXnFXfFYtfRYcQtU
eL0BxNuMdzbXC0Mp56Y/5t6rQpzc72BumQT6KxLAubRZS9R+0hpefh+Zc6+r0DTa
gbUEyb9V0iBmAIjBXUvFg0fvzh0AIs2JPqBTCV/MaeQmadljdFcJ/yVqoAvyuNif
cXr+xm6rgU+aEQ==
-----END CERTIFICATE-----