Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
File:                     XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft (raw, json)
Hash identifier:          xI7RzzWoxlJFcMWVLmZW60Gfp02ynRWFnGGCiAxljHI=
Subject key identifier:   FA:A7:BE:6A:5E:BF:2F:BA:B3:41:98:48:7E:9E:E2:A5:1E:FF:97:1F
Authority key identifier: 5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D
Certificate issuer:       /CN=5cdf301ac01526d08cdec242cc5a140141fb153d
Certificate serial:       01976516554C84EF00D747431DEDDAD1D140
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
Manifest number:          01AF
Signing time:             Thu 12 Jun 2025 17:00:51 +0000
Manifest this update:     Thu 12 Jun 2025 17:00:51 +0000
Manifest next update:     Fri 13 Jun 2025 17:00:51 +0000
Files and hashes:         1: XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl (hash: BS3N9oxGxpkMu3GJ5K074r3SPAdms7ac2quqbR2GxLk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 15:17:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:65:16:55:4c:84:ef:00:d7:47:43:1d:ed:da:d1:d1:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cdf301ac01526d08cdec242cc5a140141fb153d
        Validity
            Not Before: Jun 12 17:00:51 2025 GMT
            Not After : Jun 13 17:00:51 2025 GMT
        Subject: CN=faa7be6a5ebf2fbab34198487e9ee2a51eff971f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:e5:d3:d4:40:44:5b:78:28:10:b8:b7:f2:86:
                    d2:0c:50:12:b5:a2:c8:4c:95:a1:c9:c0:c7:ee:ff:
                    42:85:1d:fe:30:61:c0:4f:53:e6:1a:5a:48:a0:9c:
                    7d:ea:92:bc:11:fa:b9:89:71:19:66:fd:aa:61:33:
                    77:5c:44:32:b2:17:06:cc:9d:14:10:a4:33:f0:38:
                    a4:42:84:5a:4d:8e:b4:33:c2:9d:ae:da:b3:ed:4a:
                    f0:41:e4:30:37:f4:83:cd:04:be:74:d3:11:e1:68:
                    b7:4b:d3:c3:3f:ed:b8:37:0c:51:81:44:e9:28:73:
                    e5:e4:b6:c4:49:f0:05:3b:2a:48:ee:61:95:ef:3f:
                    ea:7f:d0:5f:7d:01:0e:70:b9:d8:09:43:da:f6:70:
                    c8:16:78:37:83:9c:44:8c:a3:2b:d3:b0:61:0f:f7:
                    5b:66:20:8e:40:f7:57:46:2c:6a:66:11:f4:e0:d9:
                    a3:0d:ff:e3:3c:24:ba:51:d1:dc:54:aa:1b:dd:2f:
                    3a:2c:03:18:6d:15:43:80:38:f9:ca:2f:5f:57:55:
                    58:1f:96:6b:1b:67:2b:2c:2e:7c:80:b7:a3:7a:5f:
                    82:78:d7:a3:b2:77:87:a0:7f:db:25:d7:03:b3:7a:
                    48:f1:b3:14:4a:c9:f8:01:c2:0d:e5:cd:d0:5f:de:
                    e4:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:A7:BE:6A:5E:BF:2F:BA:B3:41:98:48:7E:9E:E2:A5:1E:FF:97:1F
            X509v3 Authority Key Identifier:
                keyid:5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:a3:7d:cb:e8:02:77:2d:e7:e2:1e:e2:04:a7:6f:ea:06:0b:
         d7:59:23:0d:fc:06:10:b8:9b:09:0f:33:55:37:05:df:e3:8b:
         ce:a8:3a:f0:0a:e3:81:d3:0a:99:1b:1b:c6:f9:d2:43:b7:aa:
         34:1f:5f:83:98:f5:d3:bc:c2:f0:9f:1d:eb:7b:73:47:df:18:
         52:9f:51:99:73:50:d0:f9:e5:5b:30:22:c3:58:9f:82:bf:e0:
         65:1b:0a:bd:6e:2a:f7:7b:1e:36:fd:63:23:80:4d:e3:60:28:
         ea:00:54:b5:a5:2f:7f:68:a6:b3:ad:78:84:b1:3d:8d:de:d7:
         7c:0d:1a:50:49:d0:0f:40:60:8c:83:63:7e:34:ce:99:22:72:
         8d:49:de:b5:3f:74:04:e5:c0:90:9b:26:02:a3:a8:56:96:26:
         4d:ef:2a:7b:33:5a:24:30:05:90:3d:df:5c:dd:e4:25:b7:82:
         32:c5:34:ac:6c:63:be:a3:23:70:eb:a4:92:f8:af:7b:27:0f:
         2c:ad:03:7b:44:fa:c8:31:9e:ab:0e:d7:66:ea:15:d6:db:f2:
         e5:1b:d5:6d:a4:c3:32:16:f5:f1:32:fa:7c:9c:fa:d8:5f:14:
         88:0a:00:8d:88:9d:56:c6:b5:4a:54:c0:33:74:72:66:ed:57:
         0f:18:8d:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdlFlVMhO8A10dDHe3a0dFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZGYzMDFhYzAxNTI2ZDA4Y2RlYzI0MmNjNWExNDAxNDFm
YjE1M2QwHhcNMjUwNjEyMTcwMDUxWhcNMjUwNjEzMTcwMDUxWjAzMTEwLwYDVQQD
EyhmYWE3YmU2YTVlYmYyZmJhYjM0MTk4NDg3ZTllZTJhNTFlZmY5NzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeXT1EBEW3goELi38obSDFAStaLI
TJWhycDH7v9ChR3+MGHAT1PmGlpIoJx96pK8Efq5iXEZZv2qYTN3XEQyshcGzJ0U
EKQz8DikQoRaTY60M8Kdrtqz7UrwQeQwN/SDzQS+dNMR4Wi3S9PDP+24NwxRgUTp
KHPl5LbESfAFOypI7mGV7z/qf9BffQEOcLnYCUPa9nDIFng3g5xEjKMr07BhD/db
ZiCOQPdXRixqZhH04NmjDf/jPCS6UdHcVKob3S86LAMYbRVDgDj5yi9fV1VYH5Zr
G2crLC58gLejel+CeNejsneHoH/bJdcDs3pI8bMUSsn4AcIN5c3QX97kwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqnvmpevy+6s0GYSH6e4qUe/5cfMB8GA1UdIwQY
MBaAFFzfMBrAFSbQjN7CQsxaFAFB+xU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMt
Yzk2NDIyMGJhZTgwLzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMtYzk2NDIyMGJhZTgw
LzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg6N9y+gC
dy3n4h7iBKdv6gYL11kjDfwGELibCQ8zVTcF3+OLzqg68ArjgdMKmRsbxvnSQ7eq
NB9fg5j107zC8J8d63tzR98YUp9RmXNQ0PnlWzAiw1ifgr/gZRsKvW4q93seNv1j
I4BN42Ao6gBUtaUvf2ims614hLE9jd7XfA0aUEnQD0BgjINjfjTOmSJyjUnetT90
BOXAkJsmAqOoVpYmTe8qezNaJDAFkD3fXN3kJbeCMsU0rGxjvqMjcOukkviveycP
LK0De0T6yDGeqw7XZuoV1tvy5RvVbaTDMhb18TL6fJz62F8UiAoAjYidVsa1SlTA
M3RyZu1XDxiNjw==
-----END CERTIFICATE-----