Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
File:                     XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft (raw, json)
Hash identifier:          DTNKLhWjS7klZzmTCBggvmttsBOi6Ds9GH0nlwLWcR8=
Subject key identifier:   7B:63:98:C2:63:51:A8:2C:52:5C:FE:F4:91:B8:72:91:E4:C3:5F:B9
Authority key identifier: 5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D
Certificate issuer:       /CN=5cdf301ac01526d08cdec242cc5a140141fb153d
Certificate serial:       0199233121639E9F3F86070C7AF08ECDC767
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
Manifest number:          0296
Signing time:             Sun 07 Sep 2025 08:00:46 +0000
Manifest this update:     Sun 07 Sep 2025 08:00:46 +0000
Manifest next update:     Mon 08 Sep 2025 08:00:46 +0000
Files and hashes:         1: XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl (hash: GvYxiLgq7cmCgXyg+iBZ1yjjUDEKuDQU5OK0l7Dej64=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:31:21:63:9e:9f:3f:86:07:0c:7a:f0:8e:cd:c7:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cdf301ac01526d08cdec242cc5a140141fb153d
        Validity
            Not Before: Sep  7 08:00:46 2025 GMT
            Not After : Sep  8 08:00:46 2025 GMT
        Subject: CN=7b6398c26351a82c525cfef491b87291e4c35fb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:68:68:fb:ea:9f:df:0a:4c:8e:0c:5d:db:13:
                    c1:5d:34:c9:95:1d:de:2b:e2:44:22:d9:b4:d9:4e:
                    a4:cb:62:9d:9f:ba:bf:64:f2:c7:ac:81:2a:8c:d2:
                    69:ee:ca:9e:bd:e5:fa:a8:ee:c7:20:b3:2a:9e:48:
                    8b:16:27:24:dd:9e:2b:6f:d6:fc:89:a1:67:41:ab:
                    ae:d6:b9:71:8d:9b:cb:2e:ec:66:27:19:6b:73:f2:
                    38:02:f6:05:12:71:ab:a5:ec:2d:a3:74:af:5b:0c:
                    57:c6:90:ad:99:e6:43:59:fa:c1:b5:2d:32:fc:5a:
                    8a:77:4f:1a:a7:2e:27:af:91:71:22:cb:42:2f:f3:
                    47:8a:16:71:cc:49:7d:7e:ed:69:83:a0:f8:5b:09:
                    d3:1b:64:4e:5c:1f:84:75:85:4f:6a:b1:39:eb:03:
                    79:ec:ac:16:1d:8b:f2:1e:ab:92:86:72:66:ec:72:
                    5b:15:dd:9c:3c:d1:0e:8a:a6:55:91:0a:1a:24:71:
                    63:6d:4c:1d:f9:2a:64:4d:df:46:8e:26:56:de:6e:
                    9d:8a:0b:04:47:48:96:13:a5:6a:b5:82:7e:e0:70:
                    f5:f3:d0:3d:c1:17:e9:72:db:51:12:ff:17:3d:cd:
                    2d:81:b4:47:82:13:12:04:c7:cd:95:3e:08:28:6f:
                    c5:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:63:98:C2:63:51:A8:2C:52:5C:FE:F4:91:B8:72:91:E4:C3:5F:B9
            X509v3 Authority Key Identifier:
                keyid:5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:f0:a0:10:2e:23:58:75:bb:cf:07:8f:9e:e5:ed:11:60:fa:
         d3:67:11:e6:3f:27:b6:29:cc:eb:6c:54:e6:e4:57:ba:3a:33:
         9b:3d:43:e7:40:8f:b6:97:cb:87:bf:c4:3f:8d:e4:42:1c:26:
         2c:d8:10:15:00:91:b9:4b:1e:8a:2b:31:33:9e:8a:b6:5d:b9:
         37:f0:06:54:c1:62:7f:73:00:df:15:ab:e6:05:d9:a2:32:d1:
         14:7c:e0:1c:04:2c:e3:e2:9d:a1:4a:10:ee:65:72:d6:99:76:
         2c:f0:0e:22:86:4a:5a:03:0b:f9:1a:c3:f4:8c:c5:5c:66:70:
         64:b7:79:4d:5b:36:27:59:96:ca:ec:f6:2b:e7:23:5a:b3:25:
         db:2e:8e:c4:f8:c6:1c:c8:78:43:14:db:a9:d1:7a:97:bc:e2:
         60:36:03:01:13:0e:d6:95:b3:ff:a8:07:89:5d:b5:a6:23:61:
         f7:61:4c:42:94:cd:22:7e:91:2d:76:9f:82:e7:ca:84:6d:92:
         00:bd:8d:c3:84:2c:c9:b3:0e:6e:2a:7c:3d:4a:fd:b6:fe:c3:
         06:66:a6:e4:10:e1:ad:37:10:03:36:e7:9b:fd:c1:0a:d1:a3:
         66:ef:d9:d8:4e:66:be:d4:c0:9a:f0:f8:8e:db:19:da:b7:f8:
         90:ef:c8:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMSFjnp8/hgcMevCOzcdnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZGYzMDFhYzAxNTI2ZDA4Y2RlYzI0MmNjNWExNDAxNDFm
YjE1M2QwHhcNMjUwOTA3MDgwMDQ2WhcNMjUwOTA4MDgwMDQ2WjAzMTEwLwYDVQQD
Eyg3YjYzOThjMjYzNTFhODJjNTI1Y2ZlZjQ5MWI4NzI5MWU0YzM1ZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGho++qf3wpMjgxd2xPBXTTJlR3e
K+JEItm02U6ky2Kdn7q/ZPLHrIEqjNJp7sqeveX6qO7HILMqnkiLFick3Z4rb9b8
iaFnQauu1rlxjZvLLuxmJxlrc/I4AvYFEnGrpewto3SvWwxXxpCtmeZDWfrBtS0y
/FqKd08apy4nr5FxIstCL/NHihZxzEl9fu1pg6D4WwnTG2ROXB+EdYVParE56wN5
7KwWHYvyHquShnJm7HJbFd2cPNEOiqZVkQoaJHFjbUwd+SpkTd9GjiZW3m6digsE
R0iWE6VqtYJ+4HD189A9wRfpcttREv8XPc0tgbRHghMSBMfNlT4IKG/F0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHtjmMJjUagsUlz+9JG4cpHkw1+5MB8GA1UdIwQY
MBaAFFzfMBrAFSbQjN7CQsxaFAFB+xU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMt
Yzk2NDIyMGJhZTgwLzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMtYzk2NDIyMGJhZTgw
LzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM/CgEC4j
WHW7zwePnuXtEWD602cR5j8ntinM62xU5uRXujozmz1D50CPtpfLh7/EP43kQhwm
LNgQFQCRuUseiisxM56Ktl25N/AGVMFif3MA3xWr5gXZojLRFHzgHAQs4+KdoUoQ
7mVy1pl2LPAOIoZKWgML+RrD9IzFXGZwZLd5TVs2J1mWyuz2K+cjWrMl2y6OxPjG
HMh4QxTbqdF6l7ziYDYDARMO1pWz/6gHiV21piNh92FMQpTNIn6RLXafgufKhG2S
AL2Nw4QsybMObip8PUr9tv7DBmam5BDhrTcQAzbnm/3BCtGjZu/Z2E5mvtTAmvD4
jtsZ2rf4kO/InQ==
-----END CERTIFICATE-----