Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
File:                     xndznw-VRrTwJXcsXCsXl4WSOFI.mft (raw, json)
Hash identifier:          aamtZIB5KheeN/0do3Ap1UbCZGW4QOlWTAN4K6wiS4A=
Subject key identifier:   AA:EF:26:C0:1E:0A:14:7E:31:60:D5:04:A5:98:73:2C:77:C2:16:5F
Authority key identifier: C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52
Certificate issuer:       /CN=c677739f0f9546b4f025772c5c2b179785923852
Certificate serial:       0197493147FD9BB27B97AD0D913131C89E6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
Manifest number:          138E
Signing time:             Sat 07 Jun 2025 07:00:55 +0000
Manifest this update:     Sat 07 Jun 2025 07:00:55 +0000
Manifest next update:     Sun 08 Jun 2025 07:00:55 +0000
Files and hashes:         1: xndznw-VRrTwJXcsXCsXl4WSOFI.crl (hash: 0Sm4rDtHMymZyu+kbpv50T856GgJXUt66EBjBiSN5Ls=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:47:fd:9b:b2:7b:97:ad:0d:91:31:31:c8:9e:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c677739f0f9546b4f025772c5c2b179785923852
        Validity
            Not Before: Jun  7 07:00:55 2025 GMT
            Not After : Jun  8 07:00:55 2025 GMT
        Subject: CN=aaef26c01e0a147e3160d504a598732c77c2165f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:c0:66:84:64:e9:ee:3a:54:5e:41:f5:b9:62:
                    ea:cb:bf:78:15:c0:6e:ac:c4:f9:68:c1:d4:50:a1:
                    96:dd:84:bc:a0:43:3f:3f:93:98:54:e8:b8:a2:31:
                    4f:5c:d0:31:58:47:55:0d:a6:6e:ef:c4:98:fa:1a:
                    da:c1:c9:ef:27:af:82:f8:ce:cd:21:e0:91:84:13:
                    1a:43:89:f8:90:7f:58:cf:bb:24:3e:50:0d:31:e4:
                    bd:91:e0:3e:38:9f:7d:cb:25:18:47:b7:ad:ec:8c:
                    7e:33:9b:53:f1:2c:a2:78:33:76:14:81:38:c9:67:
                    62:64:ff:fd:c2:ec:61:13:f1:8e:d2:d6:c9:9a:22:
                    a6:e0:0b:69:61:c5:dd:0d:d1:cc:b7:4d:72:b9:51:
                    a3:8c:55:4a:ea:4c:39:6c:e5:47:48:6c:55:d3:f0:
                    ec:90:90:fd:3c:ea:12:33:eb:aa:c1:64:15:b1:a8:
                    03:0d:0f:fe:01:16:22:e1:89:87:84:e3:00:e7:e2:
                    b8:cf:c2:13:58:8e:7c:1b:c3:55:0f:f8:81:6a:e0:
                    50:64:ac:f9:f3:24:21:07:4d:de:f4:85:3e:d9:b9:
                    b9:73:fb:e0:39:fd:f2:c0:6d:16:7a:69:dd:8d:63:
                    c6:e0:e6:05:c0:dc:23:87:66:97:31:23:94:8a:a8:
                    8a:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:EF:26:C0:1E:0A:14:7E:31:60:D5:04:A5:98:73:2C:77:C2:16:5F
            X509v3 Authority Key Identifier:
                keyid:C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:32:4f:a0:ea:49:45:46:ee:1d:29:aa:da:d7:25:cd:71:de:
         c3:59:eb:4e:2d:ee:3e:10:48:df:f8:eb:9d:6c:e8:5d:c8:ab:
         8c:45:0c:7a:2b:a6:56:26:78:03:27:87:d1:f5:ed:2c:ba:93:
         09:81:f9:a7:d1:d5:f8:b7:c7:3a:a2:08:ed:55:36:6f:0a:3c:
         18:b7:0c:c9:66:8b:58:e0:12:b4:fc:4f:11:3d:80:7c:76:6b:
         3f:0d:b0:22:10:2b:03:c2:a1:5f:d2:02:5f:1e:63:0b:d6:b2:
         cf:85:a6:03:65:a6:f3:bd:95:63:7e:59:3d:f6:b2:d4:a0:40:
         b3:39:f7:b5:d6:89:a8:10:b3:31:a8:a1:58:74:05:1a:44:92:
         e1:a5:de:ed:44:7e:05:92:9e:3f:d9:ad:f5:ac:b5:f5:52:7a:
         6f:48:53:d6:29:4e:09:d7:a9:25:5f:b1:32:df:71:41:16:77:
         a1:0b:93:ac:74:b7:1f:6f:70:d8:99:43:87:31:dc:67:c3:dc:
         26:3f:fc:75:0b:2a:34:45:8e:09:0b:1b:88:e0:26:be:f9:3a:
         4c:5f:e1:cc:45:8c:11:7a:8f:6c:9d:e8:a7:6d:15:fe:98:93:
         77:af:a2:2c:f6:9e:75:dc:7b:17:34:2e:b4:21:26:df:d0:08:
         b3:75:b3:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMUf9m7J7l60NkTExyJ5rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2Nzc3MzlmMGY5NTQ2YjRmMDI1NzcyYzVjMmIxNzk3ODU5
MjM4NTIwHhcNMjUwNjA3MDcwMDU1WhcNMjUwNjA4MDcwMDU1WjAzMTEwLwYDVQQD
EyhhYWVmMjZjMDFlMGExNDdlMzE2MGQ1MDRhNTk4NzMyYzc3YzIxNjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18BmhGTp7jpUXkH1uWLqy794FcBu
rMT5aMHUUKGW3YS8oEM/P5OYVOi4ojFPXNAxWEdVDaZu78SY+hrawcnvJ6+C+M7N
IeCRhBMaQ4n4kH9Yz7skPlANMeS9keA+OJ99yyUYR7et7Ix+M5tT8SyieDN2FIE4
yWdiZP/9wuxhE/GO0tbJmiKm4AtpYcXdDdHMt01yuVGjjFVK6kw5bOVHSGxV0/Ds
kJD9POoSM+uqwWQVsagDDQ/+ARYi4YmHhOMA5+K4z8ITWI58G8NVD/iBauBQZKz5
8yQhB03e9IU+2bm5c/vgOf3ywG0WemndjWPG4OYFwNwjh2aXMSOUiqiKCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKrvJsAeChR+MWDVBKWYcyx3whZfMB8GA1UdIwQY
MBaAFMZ3c58PlUa08CV3LFwrF5eFkjhSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQt
YzY4NWZhOTE2YjA3LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQtYzY4NWZhOTE2YjA3
LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsjJPoOpJ
RUbuHSmq2tclzXHew1nrTi3uPhBI3/jrnWzoXcirjEUMeiumViZ4AyeH0fXtLLqT
CYH5p9HV+LfHOqII7VU2bwo8GLcMyWaLWOAStPxPET2AfHZrPw2wIhArA8KhX9IC
Xx5jC9ayz4WmA2Wm872VY35ZPfay1KBAszn3tdaJqBCzMaihWHQFGkSS4aXe7UR+
BZKeP9mt9ay19VJ6b0hT1ilOCdepJV+xMt9xQRZ3oQuTrHS3H29w2JlDhzHcZ8Pc
Jj/8dQsqNEWOCQsbiOAmvvk6TF/hzEWMEXqPbJ3op20V/piTd6+iLPaeddx7FzQu
tCEm39AIs3WzLQ==
-----END CERTIFICATE-----