Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
File:                     xcidUmDLNP27s7wlv0rbr0zcaKA.mft (raw, json)
Hash identifier:          YRTComVmuSnO3hp7prZHaWSDkRl8/FuH2J61Hpz0k0I=
Subject key identifier:   47:99:6B:DD:AF:7A:68:FE:10:01:00:C3:43:BF:80:26:62:8C:FC:0E
Authority key identifier: C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0
Certificate issuer:       /CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
Certificate serial:       01974A7AF0E99E5C4EEF5FA17DCCC516CDE1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
Manifest number:          0539
Signing time:             Sat 07 Jun 2025 13:01:00 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:00 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:00 +0000
Files and hashes:         1: xcidUmDLNP27s7wlv0rbr0zcaKA.crl (hash: BHz1NglQUrBELs2SIR8qdBPfFgn+zTLn22CxferUyI8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:f0:e9:9e:5c:4e:ef:5f:a1:7d:cc:c5:16:cd:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
        Validity
            Not Before: Jun  7 13:01:00 2025 GMT
            Not After : Jun  8 13:01:00 2025 GMT
        Subject: CN=47996bddaf7a68fe100100c343bf8026628cfc0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:3c:1e:0f:9f:3f:ba:28:27:a6:30:2e:a4:ee:
                    6f:5d:e4:a2:d3:fe:75:ef:bc:9a:fb:6a:5a:2b:a6:
                    1c:59:91:89:57:ad:06:e2:c6:dc:19:d0:5f:e7:ef:
                    85:b9:bd:15:91:d9:ea:c3:de:7e:e5:3d:1c:dd:5d:
                    69:ff:d2:46:6b:e3:ac:8b:1b:a5:0b:7d:2b:6e:95:
                    70:79:cf:db:13:ec:a2:cf:c7:17:e2:39:82:26:83:
                    0c:04:47:04:89:6e:dc:d7:9d:3c:d3:53:b1:09:08:
                    82:2e:c7:ca:ac:18:12:09:35:3e:82:b0:42:81:b6:
                    99:6b:22:29:c1:69:67:84:b5:c9:e6:57:79:14:42:
                    df:b1:2b:4a:05:49:c9:91:00:57:81:d0:25:c0:5c:
                    32:8d:73:73:b1:3e:7d:36:e5:03:d4:ff:cb:07:1b:
                    ff:dc:b6:8b:d3:ca:69:d4:dd:f5:c7:3d:d3:ec:c1:
                    7e:ef:65:d6:c6:58:83:29:20:79:5e:1b:8d:18:e8:
                    bc:78:f7:e6:ad:24:a0:59:01:a9:1f:38:94:b4:44:
                    e2:2a:50:65:3b:b8:20:25:6d:ae:97:76:71:b8:cb:
                    96:83:86:6b:81:ad:78:22:88:f8:b0:47:88:d3:fc:
                    df:a6:d1:c0:b6:42:a3:22:49:72:b9:8f:30:11:a0:
                    43:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:99:6B:DD:AF:7A:68:FE:10:01:00:C3:43:BF:80:26:62:8C:FC:0E
            X509v3 Authority Key Identifier:
                keyid:C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:d1:86:25:f3:ae:55:65:d7:e9:2b:8e:4f:85:df:ef:91:fa:
         a6:f1:e0:6e:c5:f7:88:e9:c8:44:37:be:a5:82:79:37:e7:f4:
         73:fe:83:29:e2:7b:af:f5:5b:ad:cc:29:6c:b4:75:e0:c9:cb:
         0e:e4:01:0f:59:f1:3f:f1:fb:94:97:4f:95:b1:78:8f:82:88:
         5d:40:3f:3b:ed:40:4d:74:b3:fb:10:46:bd:97:ec:b4:d6:99:
         d3:10:9b:40:59:9d:6a:35:a9:88:ff:6f:fb:e2:0c:af:7c:fe:
         c8:3d:9d:b1:ba:63:41:fa:bf:97:3f:94:0e:fe:1e:f0:16:8e:
         eb:ed:38:83:c6:94:17:b8:44:37:8a:61:43:1f:1d:2e:bf:e8:
         86:c2:ac:46:29:92:11:ff:7d:17:17:73:67:22:62:97:73:b7:
         c1:13:c9:7f:46:e1:48:d7:df:22:f8:c9:29:18:87:8b:92:0d:
         78:02:20:75:d5:66:76:3d:06:77:cc:44:76:6f:85:f0:d9:34:
         8d:8f:1c:f8:8f:90:9c:ec:35:f1:af:fe:78:b5:34:ef:16:d5:
         e5:2b:69:97:06:80:b8:5d:a1:c4:a8:bb:a1:da:4c:72:5b:a0:
         8d:0e:02:8e:bd:18:02:1b:97:2f:a4:94:18:c9:67:d9:d6:04:
         90:57:80:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKevDpnlxO71+hfczFFs3hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1Yzg5ZDUyNjBjYjM0ZmRiYmIzYmMyNWJmNGFkYmFmNGNk
YzY4YTAwHhcNMjUwNjA3MTMwMTAwWhcNMjUwNjA4MTMwMTAwWjAzMTEwLwYDVQQD
Eyg0Nzk5NmJkZGFmN2E2OGZlMTAwMTAwYzM0M2JmODAyNjYyOGNmYzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6TweD58/uignpjAupO5vXeSi0/51
77ya+2paK6YcWZGJV60G4sbcGdBf5++Fub0Vkdnqw95+5T0c3V1p/9JGa+Osixul
C30rbpVwec/bE+yiz8cX4jmCJoMMBEcEiW7c150801OxCQiCLsfKrBgSCTU+grBC
gbaZayIpwWlnhLXJ5ld5FELfsStKBUnJkQBXgdAlwFwyjXNzsT59NuUD1P/LBxv/
3LaL08pp1N31xz3T7MF+72XWxliDKSB5XhuNGOi8ePfmrSSgWQGpHziUtETiKlBl
O7ggJW2ul3ZxuMuWg4Zrga14Ioj4sEeI0/zfptHAtkKjIklyuY8wEaBDNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEeZa92vemj+EAEAw0O/gCZijPwOMB8GA1UdIwQY
MBaAFMXInVJgyzT9u7O8Jb9K269M3GigMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUt
OGViY2QwOWIyYmNhLzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUtOGViY2QwOWIyYmNh
LzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA9GGJfOu
VWXX6SuOT4Xf75H6pvHgbsX3iOnIRDe+pYJ5N+f0c/6DKeJ7r/VbrcwpbLR14MnL
DuQBD1nxP/H7lJdPlbF4j4KIXUA/O+1ATXSz+xBGvZfstNaZ0xCbQFmdajWpiP9v
++IMr3z+yD2dsbpjQfq/lz+UDv4e8BaO6+04g8aUF7hEN4phQx8dLr/ohsKsRimS
Ef99FxdzZyJil3O3wRPJf0bhSNffIvjJKRiHi5INeAIgddVmdj0Gd8xEdm+F8Nk0
jY8c+I+QnOw18a/+eLU07xbV5StplwaAuF2hxKi7odpMclugjQ4Cjr0YAhuXL6SU
GMln2dYEkFeAGg==
-----END CERTIFICATE-----