Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
File:                     XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft (raw, json)
Hash identifier:          NYzDDDNnAVEqdieFaCYP+5NKhCIwkaLI+9ZtXsJKXFs=
Subject key identifier:   5C:81:17:AE:D6:72:26:B2:A7:1D:45:26:54:2C:F6:38:11:C4:3B:20
Authority key identifier: 5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B
Certificate issuer:       /CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
Certificate serial:       019A71B77EF53759E3FA1B76FD2847EC5E66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 07:00:42 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:42 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:42 +0000
Files and hashes:         1: XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl (hash: dyshKumZMN4sqYZIApalW/upbktUmyDu1jbBpOEhpi0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:7e:f5:37:59:e3:fa:1b:76:fd:28:47:ec:5e:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
        Validity
            Not Before: Nov 11 07:00:42 2025 GMT
            Not After : Nov 12 07:00:42 2025 GMT
        Subject: CN=5c8117aed67226b2a71d4526542cf63811c43b20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:94:f9:2c:33:7b:7e:1e:d8:f6:eb:7c:08:a4:
                    99:d4:b8:6e:bd:c0:64:82:36:5f:40:d8:23:5d:8c:
                    5e:f1:43:15:d2:25:2b:4a:af:21:ba:6c:bf:b1:68:
                    8d:6e:95:db:fc:61:12:01:e1:cc:5b:fc:72:b5:4f:
                    e6:29:cc:83:a7:53:5e:85:e1:df:2a:86:1e:f8:ce:
                    55:77:41:1c:85:c3:bd:0b:0a:06:08:d5:bb:bb:2d:
                    7c:aa:f6:de:a0:4e:79:32:35:3e:5b:24:de:19:08:
                    86:f3:a3:d2:6e:29:c0:27:29:a8:b0:e9:0a:d3:2c:
                    b8:75:69:ba:3a:65:bb:09:0a:5f:c5:df:c8:65:1f:
                    e3:de:77:23:d4:30:d1:c7:12:28:df:18:2c:1d:35:
                    1b:f0:7d:df:85:48:97:a7:ef:82:34:ec:ad:81:2d:
                    b0:cb:15:1e:ae:7f:e2:d9:ee:99:f1:1d:6c:93:99:
                    f6:b8:31:ff:33:18:e7:ef:ab:ce:ee:c6:de:de:83:
                    78:10:43:69:9a:04:68:c7:f1:12:2e:e0:fa:f1:4c:
                    a4:9c:09:c7:70:2c:25:da:16:48:b3:40:4e:88:e7:
                    6c:e4:c1:bd:48:47:9d:7a:a1:9c:3a:a9:e3:66:a8:
                    80:de:27:a2:27:15:e7:41:17:42:3b:dd:8a:17:1f:
                    da:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:81:17:AE:D6:72:26:B2:A7:1D:45:26:54:2C:F6:38:11:C4:3B:20
            X509v3 Authority Key Identifier:
                keyid:5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:ef:69:2b:f5:7c:f0:87:c9:75:13:4f:40:cf:1d:1c:d3:1a:
         09:cd:92:a8:f7:e7:44:cc:32:34:75:27:44:81:fa:a1:ae:ba:
         14:24:ed:e2:12:15:90:14:d2:48:72:de:a7:ba:19:af:aa:54:
         c7:a3:54:23:5c:55:72:b0:85:a9:5d:b0:91:36:d9:a5:84:fb:
         67:ce:13:05:6c:b4:f0:e6:c6:bd:08:f8:96:03:4e:61:fd:f9:
         69:e3:c4:33:99:0b:89:90:92:dd:f5:75:4a:49:32:e3:97:b4:
         98:d5:f1:73:61:ed:3a:c5:a2:d0:b5:42:7b:ba:aa:be:66:b1:
         90:41:bd:c7:5c:82:9e:b1:7f:41:28:65:34:26:a7:b8:22:45:
         f3:ac:db:38:d1:5c:3f:24:fb:d1:dd:08:73:26:6a:9b:c3:c9:
         d8:e6:e4:cf:d5:7d:56:b8:e1:82:2f:c7:57:fe:16:70:23:69:
         32:be:bc:bb:ab:bb:49:06:f0:7c:d4:a3:7a:9d:39:66:4d:38:
         0e:5e:7a:55:d0:82:f3:cd:08:ea:37:54:c7:fe:52:60:2e:ec:
         bc:9f:33:18:48:a8:55:bb:95:19:ca:37:57:ac:c5:14:8c:a3:
         4f:9e:23:41:35:d2:82:57:3b:c7:73:39:e1:be:02:c9:b5:9b:
         8c:52:b4:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt371N1nj+ht2/ShH7F5mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMzQ0YTFhYzBjYmZjNDBjNzVhMGNmYzdiZWM5NmM3YzM1
YmQyN2IwHhcNMjUxMTExMDcwMDQyWhcNMjUxMTEyMDcwMDQyWjAzMTEwLwYDVQQD
Eyg1YzgxMTdhZWQ2NzIyNmIyYTcxZDQ1MjY1NDJjZjYzODExYzQzYjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZT5LDN7fh7Y9ut8CKSZ1LhuvcBk
gjZfQNgjXYxe8UMV0iUrSq8humy/sWiNbpXb/GESAeHMW/xytU/mKcyDp1NeheHf
KoYe+M5Vd0EchcO9CwoGCNW7uy18qvbeoE55MjU+WyTeGQiG86PSbinAJymosOkK
0yy4dWm6OmW7CQpfxd/IZR/j3ncj1DDRxxIo3xgsHTUb8H3fhUiXp++CNOytgS2w
yxUern/i2e6Z8R1sk5n2uDH/Mxjn76vO7sbe3oN4EENpmgRox/ESLuD68UyknAnH
cCwl2hZIs0BOiOds5MG9SEedeqGcOqnjZqiA3ieiJxXnQRdCO92KFx/a7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFyBF67Wciaypx1FJlQs9jgRxDsgMB8GA1UdIwQY
MBaAFFw0ShrAy/xAx1oM/HvslsfDW9J7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5Yzgt
Y2QxODUxMGVkY2RmLzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5YzgtY2QxODUxMGVkY2Rm
LzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoO9pK/V8
8IfJdRNPQM8dHNMaCc2SqPfnRMwyNHUnRIH6oa66FCTt4hIVkBTSSHLep7oZr6pU
x6NUI1xVcrCFqV2wkTbZpYT7Z84TBWy08ObGvQj4lgNOYf35aePEM5kLiZCS3fV1
Skky45e0mNXxc2HtOsWi0LVCe7qqvmaxkEG9x1yCnrF/QShlNCanuCJF86zbONFc
PyT70d0IcyZqm8PJ2Obkz9V9Vrjhgi/HV/4WcCNpMr68u6u7SQbwfNSjep05Zk04
Dl56VdCC880I6jdUx/5SYC7svJ8zGEioVbuVGco3V6zFFIyjT54jQTXSglc7x3M5
4b4CybWbjFK0FQ==
-----END CERTIFICATE-----