Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
File:                     XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft (raw, json)
Hash identifier:          wQOqGBlvTudRt6V5iwofBe1EHp4q1GFiywKV9TbzQyc=
Subject key identifier:   53:0C:0F:26:3A:3B:44:BD:2D:1C:F0:1F:AE:7E:A0:70:B2:1C:36:BC
Authority key identifier: 5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B
Certificate issuer:       /CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
Certificate serial:       0197469E724E6BC28CCB0822C607AB1CF946
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
Manifest number:          1579
Signing time:             Fri 06 Jun 2025 19:01:18 +0000
Manifest this update:     Fri 06 Jun 2025 19:01:18 +0000
Manifest next update:     Sat 07 Jun 2025 19:01:18 +0000
Files and hashes:         1: XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl (hash: k8Ru8z3Sz4zed526dqfXLt3oJgul0XIRjGNMqz0an5g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9e:72:4e:6b:c2:8c:cb:08:22:c6:07:ab:1c:f9:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
        Validity
            Not Before: Jun  6 19:01:18 2025 GMT
            Not After : Jun  7 19:01:18 2025 GMT
        Subject: CN=530c0f263a3b44bd2d1cf01fae7ea070b21c36bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ce:b9:76:85:72:54:2a:30:70:29:f4:8e:73:
                    55:11:0d:2f:df:38:b2:25:39:42:1e:3b:6d:34:97:
                    3c:0c:ed:20:80:79:68:a5:df:2f:a6:2a:d4:66:7a:
                    d9:d9:38:df:10:8e:78:49:e9:fe:28:fa:81:fa:99:
                    40:ef:72:a0:09:9c:00:5c:b9:19:20:c0:3a:3b:82:
                    cf:48:0b:1a:1a:9e:1a:7f:17:96:71:6f:28:7d:55:
                    bf:a4:cc:a1:82:d3:09:66:6f:07:d9:55:bc:2c:c1:
                    e1:54:71:28:3e:40:85:8e:ce:3b:ca:c6:a2:60:21:
                    46:50:06:14:ff:52:cb:02:75:e4:a4:f2:b9:4a:0a:
                    67:ef:73:6a:f4:e1:79:c6:e3:55:d8:e7:9b:71:b7:
                    2c:b3:f0:a6:a6:f9:74:c0:6f:1e:69:01:0b:51:f7:
                    79:d3:6f:78:9f:77:8c:52:ae:65:0e:58:1b:fa:7a:
                    9b:b9:3a:51:20:af:b8:89:e1:20:0b:57:d3:aa:c9:
                    c6:b9:34:4b:0d:ef:05:fe:71:93:2a:c1:1b:c0:7d:
                    a5:e6:22:75:29:a6:95:02:87:75:88:4e:89:33:58:
                    4a:4c:bb:d2:b8:42:b2:47:cd:44:52:60:6f:52:b7:
                    d9:24:48:e2:56:56:7c:ce:d6:66:f4:1a:b0:9e:d2:
                    eb:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:0C:0F:26:3A:3B:44:BD:2D:1C:F0:1F:AE:7E:A0:70:B2:1C:36:BC
            X509v3 Authority Key Identifier:
                keyid:5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:9d:97:55:30:3d:55:fa:2c:dc:60:a3:ab:d1:71:df:cf:91:
         6b:1e:49:cb:cd:22:fc:8b:ca:57:af:f6:50:94:73:81:68:58:
         4a:b7:3b:a6:eb:44:6c:ed:e9:64:c0:b4:ae:ba:f1:35:7b:92:
         16:11:89:02:0a:d1:cf:de:6d:7b:af:07:46:85:b2:f8:03:29:
         6c:62:91:cf:3a:a8:1c:17:54:2a:07:1f:1a:c8:31:7a:57:de:
         2d:d7:17:94:4b:68:a3:09:65:a8:a4:a4:88:0d:e4:17:f7:e6:
         29:94:8e:6c:05:99:79:c0:a0:a4:6b:c0:a8:85:4b:f1:25:46:
         f4:80:b5:29:a3:4d:e6:86:e5:3f:09:17:ee:86:50:b9:65:1c:
         dd:86:46:f1:94:ad:7e:78:52:2a:78:1e:77:14:a8:3c:be:96:
         12:fa:40:4c:48:49:ad:a8:1e:ab:a7:43:20:7b:36:fb:90:fb:
         15:c9:68:f8:e3:93:0a:ff:75:e0:07:c7:e4:6b:45:7b:f6:41:
         92:2c:ea:e6:4c:c4:23:9a:08:75:8f:33:a3:c1:39:39:c4:5a:
         fc:3b:ff:38:fa:f6:6c:b7:0f:3c:81:04:9b:56:e2:3d:9f:f0:
         e4:06:ca:7e:d6:d7:ab:cb:00:be:82:d0:66:ca:f6:71:2b:c5:
         f7:c1:31:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnnJOa8KMywgixgerHPlGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMzQ0YTFhYzBjYmZjNDBjNzVhMGNmYzdiZWM5NmM3YzM1
YmQyN2IwHhcNMjUwNjA2MTkwMTE4WhcNMjUwNjA3MTkwMTE4WjAzMTEwLwYDVQQD
Eyg1MzBjMGYyNjNhM2I0NGJkMmQxY2YwMWZhZTdlYTA3MGIyMWMzNmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuM65doVyVCowcCn0jnNVEQ0v3ziy
JTlCHjttNJc8DO0ggHlopd8vpirUZnrZ2TjfEI54Sen+KPqB+plA73KgCZwAXLkZ
IMA6O4LPSAsaGp4afxeWcW8ofVW/pMyhgtMJZm8H2VW8LMHhVHEoPkCFjs47ysai
YCFGUAYU/1LLAnXkpPK5Sgpn73Nq9OF5xuNV2Oebcbcss/Cmpvl0wG8eaQELUfd5
0294n3eMUq5lDlgb+nqbuTpRIK+4ieEgC1fTqsnGuTRLDe8F/nGTKsEbwH2l5iJ1
KaaVAod1iE6JM1hKTLvSuEKyR81EUmBvUrfZJEjiVlZ8ztZm9BqwntLrLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFMMDyY6O0S9LRzwH65+oHCyHDa8MB8GA1UdIwQY
MBaAFFw0ShrAy/xAx1oM/HvslsfDW9J7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5Yzgt
Y2QxODUxMGVkY2RmLzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5YzgtY2QxODUxMGVkY2Rm
LzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASJ2XVTA9
Vfos3GCjq9Fx38+Rax5Jy80i/IvKV6/2UJRzgWhYSrc7putEbO3pZMC0rrrxNXuS
FhGJAgrRz95te68HRoWy+AMpbGKRzzqoHBdUKgcfGsgxelfeLdcXlEtoowllqKSk
iA3kF/fmKZSObAWZecCgpGvAqIVL8SVG9IC1KaNN5oblPwkX7oZQuWUc3YZG8ZSt
fnhSKngedxSoPL6WEvpATEhJrageq6dDIHs2+5D7Fclo+OOTCv914AfH5GtFe/ZB
kizq5kzEI5oIdY8zo8E5OcRa/Dv/OPr2bLcPPIEEm1biPZ/w5AbKftbXq8sAvoLQ
Zsr2cSvF98ExTw==
-----END CERTIFICATE-----