Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
File:                     XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft (raw, json)
Hash identifier:          zSVD/CrA3lItX8OwY++x4Hb06Z0yR2qH4AjeWLQHPEU=
Subject key identifier:   DE:75:4D:1D:F4:E7:5F:7B:4B:DD:42:5B:C5:CC:C9:55:5D:3A:DD:60
Authority key identifier: 5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
Certificate issuer:       /CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Certificate serial:       019916BF6B74933D08143470CC0586EF85C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
Manifest number:          0740
Signing time:             Thu 04 Sep 2025 22:01:07 +0000
Manifest this update:     Thu 04 Sep 2025 22:01:07 +0000
Manifest next update:     Fri 05 Sep 2025 22:01:07 +0000
Files and hashes:         1: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl (hash: nXcUvPdvzUsdshRt3Aa9qVLea6x7rJPn1rel0AOPddM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 22:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:16:bf:6b:74:93:3d:08:14:34:70:cc:05:86:ef:85:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ebb65367d8242b0159a2539cb5a0233542ef963
        Validity
            Not Before: Sep  4 22:01:07 2025 GMT
            Not After : Sep  5 22:01:07 2025 GMT
        Subject: CN=de754d1df4e75f7b4bdd425bc5ccc9555d3add60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d3:e5:ec:6d:c9:8c:73:fc:8e:37:14:57:6f:
                    11:9c:ee:71:8c:b0:ba:6d:25:dc:3a:5f:70:65:a4:
                    df:04:ca:78:0f:05:c2:35:b5:e7:9f:06:c7:50:5f:
                    a8:0e:3c:7d:fa:66:1d:47:ff:f5:13:5c:91:f3:ec:
                    3d:aa:0f:68:15:08:d3:1d:40:8b:b6:93:66:fd:50:
                    11:65:04:d0:72:46:cc:11:7d:c8:04:52:fb:47:12:
                    0b:0f:3e:17:3b:51:4c:d0:6c:c7:5e:49:5b:13:5e:
                    ed:66:6e:4f:a3:c8:2d:fa:35:52:f5:fc:5c:65:a1:
                    28:76:5f:82:cf:e8:54:53:d6:f1:d4:40:47:bd:15:
                    25:62:76:94:51:3d:43:06:55:eb:c7:02:87:31:af:
                    78:65:7a:52:6f:03:ac:63:51:62:4a:ba:a1:c9:f6:
                    3c:c9:86:82:e1:f0:72:06:4f:d7:c9:41:d1:8e:e7:
                    bb:b7:51:f3:bb:65:88:dd:05:9b:ef:0d:6b:cc:98:
                    9e:f3:71:d3:60:5d:b4:4e:e8:04:3d:98:9c:3a:c7:
                    d1:08:5b:ca:02:9c:39:0d:eb:db:d1:8c:7e:c2:97:
                    fa:eb:97:96:9c:a6:1b:92:80:10:75:c8:e9:aa:49:
                    02:da:8f:00:c8:15:c3:19:8c:96:ca:2b:9b:78:29:
                    d1:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:75:4D:1D:F4:E7:5F:7B:4B:DD:42:5B:C5:CC:C9:55:5D:3A:DD:60
            X509v3 Authority Key Identifier:
                keyid:5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:06:29:03:2d:15:28:14:06:2c:68:0a:28:2f:91:0f:0c:44:
         6a:5c:b9:4a:6d:5e:83:41:4c:1f:5d:8d:14:0f:05:61:88:d6:
         43:a5:72:67:97:b7:1d:d2:38:f5:4d:60:2e:a7:cf:d9:f2:1a:
         d4:e3:76:ea:05:35:77:1c:c0:de:be:11:cc:7d:2d:8c:e1:fc:
         b1:08:ca:53:2a:b3:77:49:4e:13:47:89:b9:66:ce:be:23:81:
         46:bc:de:f3:2a:81:8f:5d:af:70:89:b5:37:07:47:a3:c5:68:
         8c:51:ec:ea:ce:21:45:5a:8b:1c:81:53:48:d5:0b:2a:5e:ed:
         25:dd:d5:04:04:ca:a7:81:87:9c:c2:21:63:9c:57:3f:9c:17:
         70:43:73:2b:91:65:8b:7f:96:1d:e4:12:04:98:d2:73:27:72:
         e7:8e:d2:f1:a8:d2:c3:d3:bb:0f:b0:d8:ff:0b:93:d6:44:42:
         3f:24:8e:ce:8e:6d:2e:30:fe:58:73:48:77:cb:39:c5:da:d7:
         23:55:6b:b4:7e:db:a4:9f:db:d1:d6:4d:bf:40:47:25:61:9c:
         73:14:b2:7f:94:8a:65:56:2e:04:2a:9e:12:c1:6a:3a:a6:b1:
         0a:55:a2:2f:f6:6e:1e:61:05:92:ca:b5:a5:ae:69:8e:19:3f:
         24:7a:42:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkWv2t0kz0IFDRwzAWG74XFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmI2NTM2N2Q4MjQyYjAxNTlhMjUzOWNiNWEwMjMzNTQy
ZWY5NjMwHhcNMjUwOTA0MjIwMTA3WhcNMjUwOTA1MjIwMTA3WjAzMTEwLwYDVQQD
EyhkZTc1NGQxZGY0ZTc1ZjdiNGJkZDQyNWJjNWNjYzk1NTVkM2FkZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9Pl7G3JjHP8jjcUV28RnO5xjLC6
bSXcOl9wZaTfBMp4DwXCNbXnnwbHUF+oDjx9+mYdR//1E1yR8+w9qg9oFQjTHUCL
tpNm/VARZQTQckbMEX3IBFL7RxILDz4XO1FM0GzHXklbE17tZm5Po8gt+jVS9fxc
ZaEodl+Cz+hUU9bx1EBHvRUlYnaUUT1DBlXrxwKHMa94ZXpSbwOsY1FiSrqhyfY8
yYaC4fByBk/XyUHRjue7t1Hzu2WI3QWb7w1rzJie83HTYF20TugEPZicOsfRCFvK
Apw5Devb0Yx+wpf665eWnKYbkoAQdcjpqkkC2o8AyBXDGYyWyiubeCnROwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN51TR305197S91CW8XMyVVdOt1gMB8GA1UdIwQY
MBaAFF67ZTZ9gkKwFZolOctaAjNULvljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEt
MzAwZjVjYWJlZTExLzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEtMzAwZjVjYWJlZTEx
LzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiwYpAy0V
KBQGLGgKKC+RDwxEaly5Sm1eg0FMH12NFA8FYYjWQ6VyZ5e3HdI49U1gLqfP2fIa
1ON26gU1dxzA3r4RzH0tjOH8sQjKUyqzd0lOE0eJuWbOviOBRrze8yqBj12vcIm1
NwdHo8VojFHs6s4hRVqLHIFTSNULKl7tJd3VBATKp4GHnMIhY5xXP5wXcENzK5Fl
i3+WHeQSBJjScydy547S8ajSw9O7D7DY/wuT1kRCPySOzo5tLjD+WHNId8s5xdrX
I1VrtH7bpJ/b0dZNv0BHJWGccxSyf5SKZVYuBCqeEsFqOqaxClWiL/ZuHmEFksq1
pa5pjhk/JHpCwA==
-----END CERTIFICATE-----