Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
File:                     XYxMrtvxY99oiGrDtz8OTLQX4V4.mft (raw, json)
Hash identifier:          8iHm7LP+01qy5FZ8R9vqsD6BJYC9s0klq9u4KZQpV70=
Subject key identifier:   F6:A6:56:01:B5:1F:A2:60:36:66:0D:11:02:E9:6D:66:BB:B3:38:E3
Authority key identifier: 5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E
Certificate issuer:       /CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
Certificate serial:       019921B1954E4A99E8F8CBDEEF40A458161F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
Manifest number:          0CAE
Signing time:             Sun 07 Sep 2025 01:01:50 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:50 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:50 +0000
Files and hashes:         1: XYxMrtvxY99oiGrDtz8OTLQX4V4.crl (hash: gJVi+pm1TbaXD0Zwdk7FMgzvFNHB/71fnPABPB1fMSA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:95:4e:4a:99:e8:f8:cb:de:ef:40:a4:58:16:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
        Validity
            Not Before: Sep  7 01:01:50 2025 GMT
            Not After : Sep  8 01:01:50 2025 GMT
        Subject: CN=f6a65601b51fa26036660d1102e96d66bbb338e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:17:d9:5f:e5:0e:2b:5c:86:42:85:a3:52:ff:
                    4e:94:1a:ae:d7:aa:6f:55:00:d8:91:d0:23:d3:52:
                    de:97:2a:0e:f8:97:dd:02:13:04:7c:8c:27:64:8b:
                    40:3a:81:ac:fc:33:bf:3b:1a:a3:ac:55:16:89:23:
                    e4:12:2a:4f:96:e4:94:7b:da:3f:42:50:08:e2:80:
                    bb:0b:ae:88:5d:c8:87:5a:70:96:6f:d1:9a:87:41:
                    8d:db:aa:3d:9a:66:7d:2b:a4:5d:e5:ce:77:19:9a:
                    8c:fd:16:1f:6d:1c:85:89:b6:71:41:88:d0:36:a5:
                    80:45:b8:b2:7d:64:90:36:2b:29:71:b7:94:29:f1:
                    00:af:21:84:3c:93:bf:37:f8:d3:0c:56:85:83:af:
                    db:f2:d8:5c:d1:a2:c0:14:aa:e2:47:65:18:51:e3:
                    e4:6f:46:41:72:18:cc:be:08:94:37:c5:00:c4:8f:
                    79:c9:41:20:08:88:51:ff:95:75:91:a0:03:53:3c:
                    3a:0c:22:3f:b9:d1:ce:dc:02:34:76:6e:12:9d:6c:
                    15:c6:77:6d:1b:99:85:22:f9:3e:ec:29:9d:f8:8d:
                    3b:53:a6:67:e8:cf:06:87:69:92:25:5c:2f:e9:64:
                    30:45:b9:12:48:0f:e5:4e:6a:c2:a7:11:da:a7:c5:
                    c2:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:A6:56:01:B5:1F:A2:60:36:66:0D:11:02:E9:6D:66:BB:B3:38:E3
            X509v3 Authority Key Identifier:
                keyid:5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:1c:b5:15:66:ef:b7:64:f9:0b:0c:af:9f:d1:91:8d:e9:35:
         a5:fe:bb:ad:a8:30:58:db:8c:a4:ac:86:a4:23:c7:90:c2:35:
         92:31:a0:6e:8e:6a:e3:05:59:08:66:c2:2b:13:5c:f5:9b:a0:
         53:16:e0:11:15:1d:90:88:31:e2:10:1f:6e:90:b9:f3:f2:34:
         45:2f:94:8e:e6:ba:a8:6a:29:d5:fc:34:07:36:ba:a1:3b:83:
         a9:e0:6f:a2:fc:b9:73:43:16:41:49:13:d7:df:88:6f:f9:0c:
         60:2b:fc:8c:47:da:a7:15:a2:d8:12:18:33:5c:6a:15:a5:3a:
         63:62:ff:70:43:82:08:2a:f0:03:f6:00:1d:61:68:32:1b:cc:
         9d:ec:74:16:ac:48:0b:3c:37:fc:bf:f3:9b:b5:3c:47:38:f6:
         88:86:86:19:f5:5a:78:40:5d:13:d9:36:70:ef:a4:30:37:c0:
         50:79:e5:f5:78:e0:90:9d:60:45:21:0c:1e:4f:d1:80:c2:f8:
         3e:ea:cb:df:1f:b3:0c:e5:ca:a6:f8:ce:d5:06:24:9e:75:f8:
         9d:b4:00:b8:f0:8e:48:7d:98:69:2d:92:f1:30:8b:66:82:c1:
         24:ef:9c:f4:4e:be:ca:20:e2:cc:a5:72:13:81:8b:37:cb:8c:
         25:93:cb:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsZVOSpno+Mve70CkWBYfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGM0Y2FlZGJmMTYzZGY2ODg4NmFjM2I3M2YwZTRjYjQx
N2UxNWUwHhcNMjUwOTA3MDEwMTUwWhcNMjUwOTA4MDEwMTUwWjAzMTEwLwYDVQQD
EyhmNmE2NTYwMWI1MWZhMjYwMzY2NjBkMTEwMmU5NmQ2NmJiYjMzOGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhfZX+UOK1yGQoWjUv9OlBqu16pv
VQDYkdAj01LelyoO+JfdAhMEfIwnZItAOoGs/DO/OxqjrFUWiSPkEipPluSUe9o/
QlAI4oC7C66IXciHWnCWb9Gah0GN26o9mmZ9K6Rd5c53GZqM/RYfbRyFibZxQYjQ
NqWARbiyfWSQNispcbeUKfEAryGEPJO/N/jTDFaFg6/b8thc0aLAFKriR2UYUePk
b0ZBchjMvgiUN8UAxI95yUEgCIhR/5V1kaADUzw6DCI/udHO3AI0dm4SnWwVxndt
G5mFIvk+7Cmd+I07U6Zn6M8Gh2mSJVwv6WQwRbkSSA/lTmrCpxHap8XCuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPamVgG1H6JgNmYNEQLpbWa7szjjMB8GA1UdIwQY
MBaAFF2MTK7b8WPfaIhqw7c/Dky0F+FeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAt
ZmQ2YzQ3MDI5NWQ0LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAtZmQ2YzQ3MDI5NWQ0
LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWRy1FWbv
t2T5Cwyvn9GRjek1pf67ragwWNuMpKyGpCPHkMI1kjGgbo5q4wVZCGbCKxNc9Zug
UxbgERUdkIgx4hAfbpC58/I0RS+Ujua6qGop1fw0Bza6oTuDqeBvovy5c0MWQUkT
19+Ib/kMYCv8jEfapxWi2BIYM1xqFaU6Y2L/cEOCCCrwA/YAHWFoMhvMnex0FqxI
Czw3/L/zm7U8Rzj2iIaGGfVaeEBdE9k2cO+kMDfAUHnl9XjgkJ1gRSEMHk/RgML4
PurL3x+zDOXKpvjO1QYknnX4nbQAuPCOSH2YaS2S8TCLZoLBJO+c9E6+yiDizKVy
E4GLN8uMJZPLfw==
-----END CERTIFICATE-----