Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
File:                     xndznw-VRrTwJXcsXCsXl4WSOFI.mft (raw, json)
Hash identifier:          RLL+WsDWlh3bVG/NzKtWjxg26pDtOakuRJSaQ+B6cDw=
Subject key identifier:   93:9E:46:30:F3:C4:90:DC:4C:AF:D5:FC:EC:C5:0B:AF:B3:52:54:3D
Authority key identifier: C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52
Certificate issuer:       /CN=c677739f0f9546b4f025772c5c2b179785923852
Certificate serial:       019A725C99D73EAD880EE0159772B1E4F5F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
Manifest number:          1531
Signing time:             Tue 11 Nov 2025 10:01:02 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:02 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:02 +0000
Files and hashes:         1: xndznw-VRrTwJXcsXCsXl4WSOFI.crl (hash: RiKF+yauP6jJY4b90lW3dbteu5CAO52o0tWwHD/w9Ec=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:99:d7:3e:ad:88:0e:e0:15:97:72:b1:e4:f5:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c677739f0f9546b4f025772c5c2b179785923852
        Validity
            Not Before: Nov 11 10:01:02 2025 GMT
            Not After : Nov 12 10:01:02 2025 GMT
        Subject: CN=939e4630f3c490dc4cafd5fcecc50bafb352543d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:bd:07:6f:af:95:f5:13:c0:d6:c4:fb:d3:a4:
                    18:78:d3:47:e7:2c:ea:e0:ec:0f:61:f5:fc:fa:44:
                    18:e8:3c:d4:ab:e7:78:85:45:85:b4:ef:87:5d:04:
                    9f:d6:87:6b:e0:94:ae:e8:b9:a1:86:fc:47:d4:ca:
                    2c:79:92:5f:a8:98:b6:a0:0e:05:23:ee:fa:50:a8:
                    63:4f:ce:f7:0f:34:65:0e:4b:21:e6:18:3f:1d:bf:
                    3c:f8:0f:97:83:bd:21:e4:f6:61:f8:d0:05:b0:17:
                    7f:4e:d1:d0:2b:c7:ca:46:81:f2:f9:0b:1d:6e:23:
                    93:9f:c4:57:0d:33:c9:2c:7f:34:3c:c6:d3:fc:bb:
                    90:49:1c:76:94:41:4d:9e:b3:c5:61:8d:f6:c8:f0:
                    ea:61:58:50:c1:98:5e:a2:c9:0e:48:66:28:08:24:
                    d1:47:a5:2a:f1:9d:f6:23:5c:49:2a:09:22:97:0b:
                    8d:c6:d8:4f:8e:0d:5a:2e:53:e4:e0:21:7d:c8:e9:
                    13:3e:ec:0f:b8:50:6e:34:e0:73:d2:54:52:49:7d:
                    92:fc:bf:26:df:8a:48:2f:3b:44:6f:22:b3:6a:26:
                    ca:b4:18:8c:bb:16:68:c4:6c:bc:1c:f8:1b:c9:ce:
                    40:fc:fc:55:d6:c2:81:b5:51:cd:cb:eb:24:56:00:
                    8e:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:9E:46:30:F3:C4:90:DC:4C:AF:D5:FC:EC:C5:0B:AF:B3:52:54:3D
            X509v3 Authority Key Identifier:
                keyid:C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:e0:3c:28:05:b4:f5:55:15:77:fd:67:39:52:6f:21:d6:58:
         bd:3b:24:27:b5:c4:48:b4:75:a0:c0:45:5d:0a:e3:6c:ce:2d:
         44:d7:bc:ef:3d:38:17:d3:48:a8:93:55:4f:28:18:f8:fa:f0:
         06:ce:f5:d2:e8:6e:50:be:0d:7b:4f:9c:2f:21:de:31:47:99:
         be:1e:5c:f8:73:e0:97:60:3d:4f:bd:39:1c:9e:d0:8a:e5:56:
         09:1d:03:73:4b:79:f6:bc:33:dd:2f:19:69:3a:45:ad:f7:3a:
         b1:09:a8:61:c2:a7:46:b7:da:ff:97:5b:13:a9:a9:0b:6a:2b:
         8f:9b:b7:c9:07:8f:71:c1:46:a5:ab:df:e2:68:ce:a9:65:4c:
         33:89:8f:fc:e7:c7:d6:5b:c1:c6:1d:f1:3c:39:7f:0a:bc:f9:
         11:1e:19:3b:ee:b6:c6:99:1b:99:3a:85:4d:c2:0e:f0:ad:e7:
         f8:2d:f8:ee:c3:58:e5:6b:3f:3b:30:61:6f:66:f2:dd:3d:82:
         61:0f:f0:59:e4:c5:c5:60:43:1d:6d:46:15:b3:c3:d0:cd:39:
         c7:e9:78:29:73:40:8c:b7:8a:1f:df:ba:45:3d:eb:37:b2:26:
         3d:bb:9c:d4:b1:a1:81:c6:9d:f4:8f:fd:ff:f4:af:4a:91:1f:
         eb:40:e5:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXJnXPq2IDuAVl3Kx5PX1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2Nzc3MzlmMGY5NTQ2YjRmMDI1NzcyYzVjMmIxNzk3ODU5
MjM4NTIwHhcNMjUxMTExMTAwMTAyWhcNMjUxMTEyMTAwMTAyWjAzMTEwLwYDVQQD
Eyg5MzllNDYzMGYzYzQ5MGRjNGNhZmQ1ZmNlY2M1MGJhZmIzNTI1NDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAub0Hb6+V9RPA1sT706QYeNNH5yzq
4OwPYfX8+kQY6DzUq+d4hUWFtO+HXQSf1odr4JSu6LmhhvxH1MoseZJfqJi2oA4F
I+76UKhjT873DzRlDksh5hg/Hb88+A+Xg70h5PZh+NAFsBd/TtHQK8fKRoHy+Qsd
biOTn8RXDTPJLH80PMbT/LuQSRx2lEFNnrPFYY32yPDqYVhQwZheoskOSGYoCCTR
R6Uq8Z32I1xJKgkilwuNxthPjg1aLlPk4CF9yOkTPuwPuFBuNOBz0lRSSX2S/L8m
34pILztEbyKzaibKtBiMuxZoxGy8HPgbyc5A/PxV1sKBtVHNy+skVgCOOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJOeRjDzxJDcTK/V/OzFC6+zUlQ9MB8GA1UdIwQY
MBaAFMZ3c58PlUa08CV3LFwrF5eFkjhSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQt
YzY4NWZhOTE2YjA3LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQtYzY4NWZhOTE2YjA3
LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf+A8KAW0
9VUVd/1nOVJvIdZYvTskJ7XESLR1oMBFXQrjbM4tRNe87z04F9NIqJNVTygY+Prw
Bs710uhuUL4Ne0+cLyHeMUeZvh5c+HPgl2A9T705HJ7QiuVWCR0Dc0t59rwz3S8Z
aTpFrfc6sQmoYcKnRrfa/5dbE6mpC2orj5u3yQePccFGpavf4mjOqWVMM4mP/OfH
1lvBxh3xPDl/Crz5ER4ZO+62xpkbmTqFTcIO8K3n+C347sNY5Ws/OzBhb2by3T2C
YQ/wWeTFxWBDHW1GFbPD0M05x+l4KXNAjLeKH9+6RT3rN7ImPbuc1LGhgcad9I/9
//SvSpEf60DlyA==
-----END CERTIFICATE-----