Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
File:                     XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft (raw, json)
Hash identifier:          NBZZ6GW3raQn8RANMFwYZT7DRseh+J6iPdt5sLLOdGQ=
Subject key identifier:   42:46:BF:F3:0A:F8:DB:05:5D:A8:A1:CF:94:30:FD:40:74:D8:9F:E3
Authority key identifier: 5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B
Certificate issuer:       /CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
Certificate serial:       019923A013279A1043DE490B4343DE7F9ADC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
Manifest number:          1670
Signing time:             Sun 07 Sep 2025 10:01:57 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:57 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:57 +0000
Files and hashes:         1: XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl (hash: 8ekLR2Yu2fYL1vR4ZVvrErSxdu8SWpPS+F9kwxC81Cw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:13:27:9a:10:43:de:49:0b:43:43:de:7f:9a:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
        Validity
            Not Before: Sep  7 10:01:57 2025 GMT
            Not After : Sep  8 10:01:57 2025 GMT
        Subject: CN=4246bff30af8db055da8a1cf9430fd4074d89fe3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:07:b5:03:25:53:16:1b:fa:45:29:ee:ad:ad:
                    c1:10:3a:d3:34:c5:15:c2:c3:85:0f:57:81:9a:45:
                    03:27:19:b0:80:75:b1:5e:55:cf:c1:36:5f:a6:14:
                    66:75:17:9e:30:6a:20:04:77:e1:15:f1:a6:be:7d:
                    4a:62:73:ee:80:9a:c2:30:47:74:c0:ac:3a:fe:bf:
                    02:34:8f:0e:65:1c:b1:08:74:83:cf:1f:53:47:1b:
                    15:80:73:b4:16:c3:14:b8:9b:5e:f0:98:41:de:df:
                    72:81:14:cd:f8:3f:84:89:a4:d1:33:87:aa:87:eb:
                    6d:0c:88:e8:41:0f:ae:73:b8:ab:92:bb:7e:c1:ad:
                    30:84:e1:81:ec:2f:de:e0:6e:ee:79:e5:49:b2:87:
                    11:ee:a7:98:37:b2:e2:c3:27:d9:b1:02:6e:6f:42:
                    5a:c2:52:1a:96:d9:0f:8f:6d:b0:d6:02:7f:6c:1d:
                    70:d8:f1:66:3b:42:93:52:a8:a0:2e:5f:65:6d:9f:
                    9d:1e:fa:e1:46:b8:4f:d5:30:c3:4a:75:ed:e8:77:
                    b1:09:e8:22:6f:5f:44:61:48:01:0c:3d:5a:a9:84:
                    cb:b7:88:20:36:22:d4:b2:54:f9:1c:4c:d7:0e:0a:
                    04:52:3d:f2:f3:64:8e:5b:3c:0b:50:df:65:20:8c:
                    33:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:46:BF:F3:0A:F8:DB:05:5D:A8:A1:CF:94:30:FD:40:74:D8:9F:E3
            X509v3 Authority Key Identifier:
                keyid:5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:92:32:28:64:90:01:3f:ab:05:60:8a:58:67:4f:e1:40:7b:
         98:8e:69:9f:f3:52:47:6f:34:5d:e3:ea:a8:b9:e3:19:f3:51:
         b4:7a:96:f3:9e:1f:16:de:83:d8:4d:dc:4b:13:04:ed:02:4c:
         e0:b5:dd:1f:a3:c0:21:7a:ec:a8:f6:3b:fd:a5:c6:dc:95:ce:
         11:77:21:d2:60:ee:bc:5e:44:3c:0b:59:91:71:2b:87:87:ee:
         1b:b9:bd:0a:d1:c5:11:23:ee:bc:ec:be:da:61:e7:b4:35:f7:
         f9:f9:89:82:f9:ca:55:3f:6c:ac:13:9a:7c:a6:88:42:04:c4:
         a9:c5:1d:62:c4:a9:ce:6b:b1:6d:76:37:f3:cb:19:34:d6:43:
         87:00:88:ad:4f:52:84:b3:17:74:cd:ea:86:92:fb:8a:3e:7c:
         0d:5e:0e:ce:8d:ab:b8:cf:99:ec:bb:0e:73:ca:7a:e1:00:f3:
         b2:3a:46:48:9c:37:08:97:16:1d:30:3f:21:75:47:c4:2d:64:
         ed:17:e1:b3:a8:80:81:a9:c0:d6:09:5c:72:0a:ab:d8:5d:6d:
         89:0d:7a:39:9a:76:d5:72:ef:35:2b:88:6c:2d:a0:c4:16:2b:
         8c:99:c6:7a:2c:f0:39:ee:bd:16:2c:e2:7b:34:f7:dc:5b:bb:
         12:1f:76:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoBMnmhBD3kkLQ0Pef5rcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMzQ0YTFhYzBjYmZjNDBjNzVhMGNmYzdiZWM5NmM3YzM1
YmQyN2IwHhcNMjUwOTA3MTAwMTU3WhcNMjUwOTA4MTAwMTU3WjAzMTEwLwYDVQQD
Eyg0MjQ2YmZmMzBhZjhkYjA1NWRhOGExY2Y5NDMwZmQ0MDc0ZDg5ZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAe1AyVTFhv6RSnura3BEDrTNMUV
wsOFD1eBmkUDJxmwgHWxXlXPwTZfphRmdReeMGogBHfhFfGmvn1KYnPugJrCMEd0
wKw6/r8CNI8OZRyxCHSDzx9TRxsVgHO0FsMUuJte8JhB3t9ygRTN+D+EiaTRM4eq
h+ttDIjoQQ+uc7irkrt+wa0whOGB7C/e4G7ueeVJsocR7qeYN7LiwyfZsQJub0Ja
wlIaltkPj22w1gJ/bB1w2PFmO0KTUqigLl9lbZ+dHvrhRrhP1TDDSnXt6HexCegi
b19EYUgBDD1aqYTLt4ggNiLUslT5HEzXDgoEUj3y82SOWzwLUN9lIIwz0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEJGv/MK+NsFXaihz5Qw/UB02J/jMB8GA1UdIwQY
MBaAFFw0ShrAy/xAx1oM/HvslsfDW9J7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5Yzgt
Y2QxODUxMGVkY2RmLzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5YzgtY2QxODUxMGVkY2Rm
LzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkJIyKGSQ
AT+rBWCKWGdP4UB7mI5pn/NSR280XePqqLnjGfNRtHqW854fFt6D2E3cSxME7QJM
4LXdH6PAIXrsqPY7/aXG3JXOEXch0mDuvF5EPAtZkXErh4fuG7m9CtHFESPuvOy+
2mHntDX3+fmJgvnKVT9srBOafKaIQgTEqcUdYsSpzmuxbXY388sZNNZDhwCIrU9S
hLMXdM3qhpL7ij58DV4Ozo2ruM+Z7LsOc8p64QDzsjpGSJw3CJcWHTA/IXVHxC1k
7Rfhs6iAganA1glccgqr2F1tiQ16OZp21XLvNSuIbC2gxBYrjJnGeizwOe69Fizi
ezT33Fu7Eh92lA==
-----END CERTIFICATE-----