Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
File:                     xcidUmDLNP27s7wlv0rbr0zcaKA.mft (raw, json)
Hash identifier:          kIbDZZsTBoSAqB2aSbxW0oky2oIBPf1eEK2XQGRa4EE=
Subject key identifier:   C6:C4:C7:38:42:12:44:3C:56:52:AB:52:39:05:52:FC:C5:D3:75:30
Authority key identifier: C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0
Certificate issuer:       /CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
Certificate serial:       0199180A44CB35F0BC837CF713578BDA57AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
Manifest number:          0628
Signing time:             Fri 05 Sep 2025 04:02:29 +0000
Manifest this update:     Fri 05 Sep 2025 04:02:29 +0000
Manifest next update:     Sat 06 Sep 2025 04:02:29 +0000
Files and hashes:         1: xcidUmDLNP27s7wlv0rbr0zcaKA.crl (hash: rZCaT2Giy+7zkCZTiixpWXR4G3hKHCTKsRXVtoTevuc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:0a:44:cb:35:f0:bc:83:7c:f7:13:57:8b:da:57:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
        Validity
            Not Before: Sep  5 04:02:29 2025 GMT
            Not After : Sep  6 04:02:29 2025 GMT
        Subject: CN=c6c4c7384212443c5652ab52390552fcc5d37530
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:ac:a1:2a:3b:6f:dc:4d:bd:bd:96:e3:27:44:
                    3e:7d:eb:c8:1e:35:a6:cf:86:af:4f:69:e3:6a:cb:
                    3d:c1:21:53:64:18:cf:3b:d4:05:1c:94:15:f5:03:
                    4f:4c:96:f1:5b:90:41:f9:ae:56:73:2f:a6:38:46:
                    25:46:35:0b:de:38:87:3f:2d:28:79:67:86:f0:87:
                    c0:df:f9:d6:0d:bc:c3:96:c9:67:ab:43:df:3a:89:
                    3f:bb:d7:4d:56:08:c0:b8:af:b0:8a:07:07:e7:d2:
                    9d:70:1e:0f:cd:88:ff:4e:d1:e6:d9:6c:8b:49:6e:
                    a2:d4:b9:5b:a6:de:29:bd:6b:24:60:a7:31:7b:e3:
                    ec:b2:6e:9a:27:93:c3:e2:81:86:47:bb:25:6b:ab:
                    63:4f:46:5f:d3:54:85:e5:a4:0c:1a:3f:bd:b1:0c:
                    5d:ea:05:22:2c:8e:06:28:39:a1:0b:e8:40:ad:59:
                    a7:44:5d:f0:88:f5:d7:b8:a0:26:7b:32:cf:60:c9:
                    4f:19:ae:41:12:ae:50:c4:ff:a5:fb:08:0c:a5:6e:
                    08:a0:52:b9:74:b0:4d:c1:13:e5:88:24:9d:6d:2f:
                    a6:7f:8e:ba:fb:98:50:e4:95:b5:43:4d:6d:cc:f9:
                    b6:a9:97:33:eb:5c:3a:b8:33:a7:72:6e:ae:24:42:
                    d0:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:C4:C7:38:42:12:44:3C:56:52:AB:52:39:05:52:FC:C5:D3:75:30
            X509v3 Authority Key Identifier:
                keyid:C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:17:c6:1a:c9:ac:99:68:a5:4b:78:cd:f9:71:5c:83:5b:50:
         1d:50:77:ff:e1:fd:9e:22:eb:83:fc:f8:11:b7:a4:e5:38:16:
         27:54:fb:a1:43:b4:10:cf:c0:01:fe:ad:0b:66:92:f6:73:e6:
         89:22:34:9b:dd:f7:b2:42:b9:3e:22:93:bc:1d:83:ff:40:f4:
         9b:04:99:a0:86:88:d1:ce:d8:9b:ce:14:27:5d:41:c3:67:00:
         b6:78:0b:08:eb:65:a9:03:92:80:21:a5:94:10:f7:eb:2e:6b:
         c2:9c:68:7b:8a:60:d7:19:55:79:1a:41:c5:b0:42:0e:1e:fa:
         dd:71:2b:9d:e7:d9:79:c2:e3:e5:33:7f:92:1c:8d:f8:aa:09:
         46:b7:c7:4c:bf:6c:23:11:95:0c:95:10:c6:97:12:1c:d5:7d:
         3e:eb:c6:04:d7:58:77:86:8a:98:23:57:0b:fa:82:9a:d4:34:
         12:41:30:25:0c:3a:24:42:42:88:58:f2:ac:a5:df:0c:11:10:
         a2:c5:f8:6c:12:c4:b4:8f:d8:c8:9e:96:06:a0:fb:5a:99:ba:
         49:14:97:dc:27:02:6b:27:74:61:64:ba:92:bd:b3:13:98:00:
         80:05:6e:17:f3:c0:ce:a9:dd:3b:01:e9:6d:36:3b:27:13:52:
         bf:c9:e9:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCkTLNfC8g3z3E1eL2lesMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1Yzg5ZDUyNjBjYjM0ZmRiYmIzYmMyNWJmNGFkYmFmNGNk
YzY4YTAwHhcNMjUwOTA1MDQwMjI5WhcNMjUwOTA2MDQwMjI5WjAzMTEwLwYDVQQD
EyhjNmM0YzczODQyMTI0NDNjNTY1MmFiNTIzOTA1NTJmY2M1ZDM3NTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26yhKjtv3E29vZbjJ0Q+fevIHjWm
z4avT2njass9wSFTZBjPO9QFHJQV9QNPTJbxW5BB+a5Wcy+mOEYlRjUL3jiHPy0o
eWeG8IfA3/nWDbzDlslnq0PfOok/u9dNVgjAuK+wigcH59KdcB4PzYj/TtHm2WyL
SW6i1Llbpt4pvWskYKcxe+Pssm6aJ5PD4oGGR7sla6tjT0Zf01SF5aQMGj+9sQxd
6gUiLI4GKDmhC+hArVmnRF3wiPXXuKAmezLPYMlPGa5BEq5QxP+l+wgMpW4IoFK5
dLBNwRPliCSdbS+mf466+5hQ5JW1Q01tzPm2qZcz61w6uDOncm6uJELQjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMbExzhCEkQ8VlKrUjkFUvzF03UwMB8GA1UdIwQY
MBaAFMXInVJgyzT9u7O8Jb9K269M3GigMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUt
OGViY2QwOWIyYmNhLzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUtOGViY2QwOWIyYmNh
LzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJBfGGsms
mWilS3jN+XFcg1tQHVB3/+H9niLrg/z4Ebek5TgWJ1T7oUO0EM/AAf6tC2aS9nPm
iSI0m933skK5PiKTvB2D/0D0mwSZoIaI0c7Ym84UJ11Bw2cAtngLCOtlqQOSgCGl
lBD36y5rwpxoe4pg1xlVeRpBxbBCDh763XErnefZecLj5TN/khyN+KoJRrfHTL9s
IxGVDJUQxpcSHNV9PuvGBNdYd4aKmCNXC/qCmtQ0EkEwJQw6JEJCiFjyrKXfDBEQ
osX4bBLEtI/YyJ6WBqD7Wpm6SRSX3CcCayd0YWS6kr2zE5gAgAVuF/PAzqndOwHp
bTY7JxNSv8npzg==
-----END CERTIFICATE-----