Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.mft
File:                     XKiGCq68SoHT0ibUI4c-M8OICqo.mft (raw, json)
Hash identifier:          ukt1ZFtpMVGCk6FZrHVORfpqrdj0+O72bVCfa6KNkJk=
Subject key identifier:   BF:06:77:FC:A4:90:1A:E0:0C:C4:53:68:C1:26:6E:69:02:6A:69:4B
Authority key identifier: 5C:A8:86:0A:AE:BC:4A:81:D3:D2:26:D4:23:87:3E:33:C3:88:0A:AA
Certificate issuer:       /CN=5ca8860aaebc4a81d3d226d423873e33c3880aaa
Certificate serial:       0197469E53D2D7C1918A92F48C207F0C202C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XKiGCq68SoHT0ibUI4c-M8OICqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.mft
Manifest number:          09F3
Signing time:             Fri 06 Jun 2025 19:01:10 +0000
Manifest this update:     Fri 06 Jun 2025 19:01:10 +0000
Manifest next update:     Sat 07 Jun 2025 19:01:10 +0000
Files and hashes:         1: XKiGCq68SoHT0ibUI4c-M8OICqo.crl (hash: Zk7b9kIRh27uiOXROOIukyO928mF/JE55S++TIPLajU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XKiGCq68SoHT0ibUI4c-M8OICqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9e:53:d2:d7:c1:91:8a:92:f4:8c:20:7f:0c:20:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ca8860aaebc4a81d3d226d423873e33c3880aaa
        Validity
            Not Before: Jun  6 19:01:10 2025 GMT
            Not After : Jun  7 19:01:10 2025 GMT
        Subject: CN=bf0677fca4901ae00cc45368c1266e69026a694b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:31:96:42:46:9c:ae:9b:5b:20:e5:24:d3:2f:
                    31:1b:81:01:6b:a2:d5:ea:20:63:60:47:3a:ca:0d:
                    25:e5:76:80:de:c8:d3:b5:66:41:d6:d9:9b:74:12:
                    f2:73:d8:77:e2:88:f2:d6:94:78:b9:54:e3:61:6d:
                    64:1e:8d:ec:18:7a:ee:4b:c8:fa:b7:74:d5:fb:40:
                    33:da:b7:ed:c6:59:a4:ef:07:15:b2:53:48:4a:7f:
                    32:84:ed:e3:31:f0:f2:60:8b:08:65:df:be:a1:a4:
                    82:97:17:a3:4f:1b:a5:e9:87:7c:70:49:dc:87:55:
                    81:6a:91:7c:8c:8a:dd:80:e7:c3:c9:30:7d:9d:46:
                    f2:cd:00:de:e6:6c:61:dd:1c:1b:25:42:a0:7f:9b:
                    fd:4e:4f:22:7a:e6:38:b0:04:da:59:0f:96:eb:12:
                    6b:90:47:6b:6e:8a:05:f3:5c:1e:ed:09:27:81:1b:
                    c5:9a:b3:ec:48:77:87:6a:29:bd:c5:e7:d9:fd:d0:
                    9f:49:9b:5d:df:5b:80:4c:be:49:ad:a2:0c:b4:6a:
                    f5:fa:b2:de:9f:27:95:7b:a9:80:be:da:dd:12:9e:
                    0a:f4:6e:4f:db:f3:cb:6f:0f:18:8b:10:dd:9a:a8:
                    94:69:3f:18:d0:fc:8e:55:71:dc:54:34:0c:a4:fd:
                    f8:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:06:77:FC:A4:90:1A:E0:0C:C4:53:68:C1:26:6E:69:02:6A:69:4B
            X509v3 Authority Key Identifier:
                keyid:5C:A8:86:0A:AE:BC:4A:81:D3:D2:26:D4:23:87:3E:33:C3:88:0A:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XKiGCq68SoHT0ibUI4c-M8OICqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:61:cf:b1:8c:c4:8c:a2:f5:45:4d:66:e6:4b:1e:c7:c7:71:
         8b:24:a5:66:21:9d:d4:ae:15:28:53:2f:a6:b1:b2:00:d0:04:
         4e:f8:80:c1:31:2c:1b:04:7f:e7:96:31:a4:73:98:64:6c:2a:
         58:d6:ea:37:79:24:9d:07:33:b9:88:6f:c7:57:cc:52:d7:ac:
         63:44:f7:ff:5a:13:d0:12:e0:d1:e3:be:93:7e:1a:d9:5a:0f:
         8f:39:79:04:60:63:d6:2e:28:4b:b3:e8:7c:0e:d3:93:47:00:
         d9:3d:32:94:a7:77:5e:85:9a:84:f1:1c:06:85:cc:bb:20:d0:
         8a:bb:a2:14:35:25:3a:bc:ac:69:b6:9e:73:f9:94:a6:1c:32:
         01:4a:f2:d7:a1:dc:8e:f0:1a:fa:19:79:e0:3f:40:ae:b0:e9:
         6e:f6:38:9d:1f:9d:19:9c:98:f8:1d:9c:9e:c7:2b:bc:f5:2d:
         32:55:c8:73:fd:79:59:f9:7a:32:2a:8d:9c:de:55:14:de:59:
         b4:a3:5a:cf:7b:a8:e3:d6:a6:15:34:2b:c4:1d:f2:f5:fa:be:
         45:92:3d:c9:c1:bd:0c:8f:a5:00:f8:8a:f9:11:45:5f:22:35:
         81:af:da:4f:22:52:e2:17:b6:40:d1:ad:f1:2c:6a:0d:df:ab:
         8c:f2:09:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnlPS18GRipL0jCB/DCAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYTg4NjBhYWViYzRhODFkM2QyMjZkNDIzODczZTMzYzM4
ODBhYWEwHhcNMjUwNjA2MTkwMTEwWhcNMjUwNjA3MTkwMTEwWjAzMTEwLwYDVQQD
EyhiZjA2NzdmY2E0OTAxYWUwMGNjNDUzNjhjMTI2NmU2OTAyNmE2OTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjGWQkacrptbIOUk0y8xG4EBa6LV
6iBjYEc6yg0l5XaA3sjTtWZB1tmbdBLyc9h34ojy1pR4uVTjYW1kHo3sGHruS8j6
t3TV+0Az2rftxlmk7wcVslNISn8yhO3jMfDyYIsIZd++oaSClxejTxul6Yd8cEnc
h1WBapF8jIrdgOfDyTB9nUbyzQDe5mxh3RwbJUKgf5v9Tk8ieuY4sATaWQ+W6xJr
kEdrbooF81we7QkngRvFmrPsSHeHaim9xefZ/dCfSZtd31uATL5JraIMtGr1+rLe
nyeVe6mAvtrdEp4K9G5P2/PLbw8YixDdmqiUaT8Y0PyOVXHcVDQMpP34hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL8Gd/ykkBrgDMRTaMEmbmkCamlLMB8GA1UdIwQY
MBaAFFyohgquvEqB09Im1COHPjPDiAqqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEtpR0NxNjhTb0hUMGliVUk0Yy1NOE9JQ3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC83OTgwYjQtY2Q0NC00NTk3LTg1N2Qt
NjJkMTNiMDMxNDE5LzEvWEtpR0NxNjhTb0hUMGliVUk0Yy1NOE9JQ3FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC83OTgwYjQtY2Q0NC00NTk3LTg1N2QtNjJkMTNiMDMxNDE5
LzEvWEtpR0NxNjhTb0hUMGliVUk0Yy1NOE9JQ3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACWHPsYzE
jKL1RU1m5ksex8dxiySlZiGd1K4VKFMvprGyANAETviAwTEsGwR/55YxpHOYZGwq
WNbqN3kknQczuYhvx1fMUtesY0T3/1oT0BLg0eO+k34a2VoPjzl5BGBj1i4oS7Po
fA7Tk0cA2T0ylKd3XoWahPEcBoXMuyDQiruiFDUlOrysabaec/mUphwyAUry16Hc
jvAa+hl54D9ArrDpbvY4nR+dGZyY+B2cnscrvPUtMlXIc/15Wfl6MiqNnN5VFN5Z
tKNaz3uo49amFTQrxB3y9fq+RZI9ycG9DI+lAPiK+RFFXyI1ga/aTyJS4he2QNGt
8SxqDd+rjPIJkg==
-----END CERTIFICATE-----