Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
File:                     XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft (raw, json)
Hash identifier:          G2CWH+exSoiqpSYahIUdsLiuhhYb9/LENQW1KZCGbK0=
Subject key identifier:   17:B9:81:0B:9D:DC:49:C1:F1:E6:E0:95:76:DC:90:00:D5:66:80:DD
Authority key identifier: 5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D
Certificate issuer:       /CN=5cdf301ac01526d08cdec242cc5a140141fb153d
Certificate serial:       01976EBDD3BD77CF200F5867D163300D366F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
Manifest number:          01B4
Signing time:             Sat 14 Jun 2025 14:00:23 +0000
Manifest this update:     Sat 14 Jun 2025 14:00:23 +0000
Manifest next update:     Sun 15 Jun 2025 14:00:23 +0000
Files and hashes:         1: XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl (hash: Gf8g3JKiIKitbj3rBAIxFeEkTYsRLp01SuthZQsXbH8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:bd:d3:bd:77:cf:20:0f:58:67:d1:63:30:0d:36:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cdf301ac01526d08cdec242cc5a140141fb153d
        Validity
            Not Before: Jun 14 14:00:23 2025 GMT
            Not After : Jun 15 14:00:23 2025 GMT
        Subject: CN=17b9810b9ddc49c1f1e6e09576dc9000d56680dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:32:d5:d4:7d:65:66:12:f6:ae:b8:2f:99:c8:
                    31:30:e6:94:ba:74:f2:6c:77:a8:56:75:81:3c:8e:
                    e6:ff:0a:b2:d5:6b:23:65:39:63:09:78:3a:83:f9:
                    18:45:80:ce:04:d9:da:3e:9d:7b:45:ca:50:94:f3:
                    87:a3:00:a8:c0:72:92:61:bb:26:2e:64:ae:97:7e:
                    74:87:8b:40:97:4d:a5:b8:48:bc:92:b3:18:d6:22:
                    cb:3a:e6:7b:1d:8d:bd:a9:7c:b7:d6:ac:9e:1d:5d:
                    d7:94:07:b4:0a:51:ce:15:a9:c7:b9:9c:fc:13:55:
                    c5:0d:10:d5:c6:0b:d3:95:70:42:f5:bb:dc:61:6b:
                    50:d7:33:0d:ce:d4:47:ae:85:3c:ef:8e:5c:82:7c:
                    48:d8:c1:0a:08:dc:23:d0:32:4e:62:1f:c8:1e:8f:
                    48:04:55:5b:58:c8:4d:7a:45:dc:a7:f3:27:21:32:
                    eb:46:7d:cf:87:75:56:96:b7:9c:35:40:f6:93:15:
                    12:d0:81:ee:2c:03:eb:ea:8d:17:5c:30:d1:a6:29:
                    de:36:b9:8a:ff:00:4f:9a:53:8b:66:23:e9:4e:de:
                    4a:44:57:23:17:3d:71:e9:73:e5:eb:6b:eb:7d:0b:
                    1d:b4:b2:41:7d:af:46:64:4b:d0:63:6f:62:59:81:
                    4b:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:B9:81:0B:9D:DC:49:C1:F1:E6:E0:95:76:DC:90:00:D5:66:80:DD
            X509v3 Authority Key Identifier:
                keyid:5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:25:7b:3c:e9:6c:de:0c:1c:a4:80:b3:07:1d:97:17:66:87:
         ca:1a:07:44:eb:c4:9d:7b:e4:1c:7d:a9:a6:ce:26:1c:49:46:
         26:1c:0e:80:de:29:a6:68:fc:bb:48:9d:61:bf:b9:0f:01:53:
         8e:de:9f:d1:6e:37:6a:81:06:a1:37:1d:ae:28:18:2d:5f:42:
         5e:60:f0:6e:7d:b0:da:ca:5a:1c:09:98:a7:9e:39:cf:a2:9b:
         22:00:d4:83:c1:1e:c7:31:f2:34:49:96:04:a7:1f:39:15:6f:
         88:90:fe:d4:84:a6:7b:fd:bf:d6:55:3c:0b:ef:79:28:26:70:
         9b:4e:23:00:e3:03:ad:c7:0a:2f:5c:41:58:0d:c9:61:05:fa:
         62:6b:c6:7d:e6:6e:f7:7f:f8:34:29:fd:7c:4c:71:fb:78:2a:
         9e:56:d5:97:14:6a:f2:6b:db:4a:aa:82:bd:75:22:56:1f:7a:
         37:a7:02:64:17:3e:b1:3c:e8:0e:85:0e:6f:98:ee:d7:18:f0:
         87:96:03:21:01:82:f1:e0:3b:10:7c:f1:77:7d:5e:a3:2e:bb:
         32:06:55:eb:20:18:2a:b5:e6:64:36:00:31:23:fa:e5:25:7e:
         d1:43:42:31:bf:e4:a5:aa:95:83:d7:fd:fa:60:8f:5a:c9:6a:
         92:e4:2b:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduvdO9d88gD1hn0WMwDTZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZGYzMDFhYzAxNTI2ZDA4Y2RlYzI0MmNjNWExNDAxNDFm
YjE1M2QwHhcNMjUwNjE0MTQwMDIzWhcNMjUwNjE1MTQwMDIzWjAzMTEwLwYDVQQD
EygxN2I5ODEwYjlkZGM0OWMxZjFlNmUwOTU3NmRjOTAwMGQ1NjY4MGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDLV1H1lZhL2rrgvmcgxMOaUunTy
bHeoVnWBPI7m/wqy1WsjZTljCXg6g/kYRYDOBNnaPp17RcpQlPOHowCowHKSYbsm
LmSul350h4tAl02luEi8krMY1iLLOuZ7HY29qXy31qyeHV3XlAe0ClHOFanHuZz8
E1XFDRDVxgvTlXBC9bvcYWtQ1zMNztRHroU8745cgnxI2MEKCNwj0DJOYh/IHo9I
BFVbWMhNekXcp/MnITLrRn3Ph3VWlrecNUD2kxUS0IHuLAPr6o0XXDDRpineNrmK
/wBPmlOLZiPpTt5KRFcjFz1x6XPl62vrfQsdtLJBfa9GZEvQY29iWYFLsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBe5gQud3EnB8ebglXbckADVZoDdMB8GA1UdIwQY
MBaAFFzfMBrAFSbQjN7CQsxaFAFB+xU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMt
Yzk2NDIyMGJhZTgwLzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMtYzk2NDIyMGJhZTgw
LzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoiV7POls
3gwcpICzBx2XF2aHyhoHROvEnXvkHH2pps4mHElGJhwOgN4ppmj8u0idYb+5DwFT
jt6f0W43aoEGoTcdrigYLV9CXmDwbn2w2spaHAmYp545z6KbIgDUg8EexzHyNEmW
BKcfORVviJD+1ISme/2/1lU8C+95KCZwm04jAOMDrccKL1xBWA3JYQX6YmvGfeZu
93/4NCn9fExx+3gqnlbVlxRq8mvbSqqCvXUiVh96N6cCZBc+sTzoDoUOb5ju1xjw
h5YDIQGC8eA7EHzxd31eoy67MgZV6yAYKrXmZDYAMSP65SV+0UNCMb/kpaqVg9f9
+mCPWslqkuQrKw==
-----END CERTIFICATE-----