Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
File:                     XYxMrtvxY99oiGrDtz8OTLQX4V4.mft (raw, json)
Hash identifier:          wKvLgzGH/SbTYtU+96klRd2tx4QC89i4g3vZ1YzVUDM=
Subject key identifier:   D0:4F:9D:02:45:DC:06:4A:06:7C:A0:4C:25:72:D1:B3:CE:66:FC:82
Authority key identifier: 5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E
Certificate issuer:       /CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
Certificate serial:       01974E571A49733FCC9B9EC4A95EFCE55C9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
Manifest number:          0BBC
Signing time:             Sun 08 Jun 2025 07:00:20 +0000
Manifest this update:     Sun 08 Jun 2025 07:00:20 +0000
Manifest next update:     Mon 09 Jun 2025 07:00:20 +0000
Files and hashes:         1: XYxMrtvxY99oiGrDtz8OTLQX4V4.crl (hash: /OzlJOUrodajtDW8HW/fP6vMSjCrHhV6iYWcwYusSlM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:57:1a:49:73:3f:cc:9b:9e:c4:a9:5e:fc:e5:5c:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
        Validity
            Not Before: Jun  8 07:00:20 2025 GMT
            Not After : Jun  9 07:00:20 2025 GMT
        Subject: CN=d04f9d0245dc064a067ca04c2572d1b3ce66fc82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:fa:ba:3c:80:16:6d:eb:e1:d8:eb:dd:39:6d:
                    b3:77:16:6e:9f:af:ca:63:bb:4f:0d:93:62:e4:90:
                    2c:1a:1f:3f:80:d2:27:1b:ad:b3:cb:e7:eb:21:e2:
                    62:31:46:c9:3f:bc:13:aa:3a:12:a7:32:cb:16:90:
                    6e:0b:5f:91:03:ab:8e:d1:de:44:77:fd:85:c7:50:
                    fd:0f:94:e4:9b:89:34:34:bc:51:8f:e8:49:ac:d0:
                    3b:87:65:36:d0:6a:29:92:93:03:97:ee:4d:b5:bf:
                    e3:d9:19:57:17:9a:d1:4f:04:5e:a0:a8:cb:28:ad:
                    9f:62:c0:b0:6d:29:01:bd:c4:9f:0f:e1:57:ed:03:
                    a4:a3:a1:5b:9d:31:6e:bf:f7:d9:d6:45:b3:f5:48:
                    4a:19:8c:0f:80:7c:74:38:a0:0b:32:11:0a:4a:30:
                    5a:b7:b9:de:c5:50:cf:a1:01:d2:36:0e:c3:4c:76:
                    f0:aa:d6:72:8a:a5:35:51:cd:1c:02:9e:d6:66:44:
                    79:30:c6:1a:dd:22:44:10:7e:cb:e4:31:b9:51:02:
                    42:db:bc:8d:03:ec:6e:8e:10:16:e2:6f:4a:15:83:
                    90:3e:33:55:f2:0e:65:0d:f3:48:76:cb:68:e9:8b:
                    2a:23:16:19:83:86:a7:2f:06:6e:8b:17:8b:1f:7c:
                    d4:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:4F:9D:02:45:DC:06:4A:06:7C:A0:4C:25:72:D1:B3:CE:66:FC:82
            X509v3 Authority Key Identifier:
                keyid:5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:c7:5a:b2:f5:e5:03:72:92:1d:b5:d9:db:e7:bd:4a:f6:b7:
         b9:f7:f4:80:ef:a0:0c:27:6d:bb:ed:c0:e0:27:60:5c:31:c2:
         00:09:e4:9a:70:d0:45:13:97:3d:f4:e1:3a:60:2c:21:f7:c2:
         85:12:29:50:d7:bb:1b:89:0b:98:ab:33:49:5b:9b:c0:7b:ce:
         dc:02:f5:89:31:ca:56:b1:6f:e7:aa:dc:4e:63:f9:d1:93:70:
         4a:47:51:a0:f9:31:75:38:3d:ca:6a:65:e0:6a:3d:6f:0d:b0:
         8c:32:79:ad:26:c6:d5:e0:28:28:17:c6:45:f8:df:3c:f8:cf:
         67:00:54:fd:47:fc:ff:e6:8c:81:88:36:c4:a8:da:42:db:b8:
         d3:3f:8e:13:ed:2c:4e:af:62:5d:66:7c:f7:78:0e:63:10:39:
         f1:62:bf:f3:73:34:2d:2b:c4:09:9a:70:e1:46:10:57:09:88:
         10:5d:7d:2c:90:50:3d:3b:25:88:22:23:b4:e8:72:3f:40:3d:
         31:50:7f:a4:ac:da:b0:fa:2b:ec:1e:c6:98:35:14:ee:9a:21:
         5a:ea:bd:27:6c:62:1b:50:a1:47:9b:84:3b:92:7e:cc:70:3b:
         27:fd:2b:b4:cd:a0:73:cb:63:bf:e1:85:23:06:f3:f2:f5:90:
         d5:87:aa:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOVxpJcz/Mm57EqV785VyaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGM0Y2FlZGJmMTYzZGY2ODg4NmFjM2I3M2YwZTRjYjQx
N2UxNWUwHhcNMjUwNjA4MDcwMDIwWhcNMjUwNjA5MDcwMDIwWjAzMTEwLwYDVQQD
EyhkMDRmOWQwMjQ1ZGMwNjRhMDY3Y2EwNGMyNTcyZDFiM2NlNjZmYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vq6PIAWbevh2OvdOW2zdxZun6/K
Y7tPDZNi5JAsGh8/gNInG62zy+frIeJiMUbJP7wTqjoSpzLLFpBuC1+RA6uO0d5E
d/2Fx1D9D5Tkm4k0NLxRj+hJrNA7h2U20GopkpMDl+5Ntb/j2RlXF5rRTwReoKjL
KK2fYsCwbSkBvcSfD+FX7QOko6FbnTFuv/fZ1kWz9UhKGYwPgHx0OKALMhEKSjBa
t7nexVDPoQHSNg7DTHbwqtZyiqU1Uc0cAp7WZkR5MMYa3SJEEH7L5DG5UQJC27yN
A+xujhAW4m9KFYOQPjNV8g5lDfNIdsto6YsqIxYZg4anLwZuixeLH3zUmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBPnQJF3AZKBnygTCVy0bPOZvyCMB8GA1UdIwQY
MBaAFF2MTK7b8WPfaIhqw7c/Dky0F+FeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAt
ZmQ2YzQ3MDI5NWQ0LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAtZmQ2YzQ3MDI5NWQ0
LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI8dasvXl
A3KSHbXZ2+e9Sva3uff0gO+gDCdtu+3A4CdgXDHCAAnkmnDQRROXPfThOmAsIffC
hRIpUNe7G4kLmKszSVubwHvO3AL1iTHKVrFv56rcTmP50ZNwSkdRoPkxdTg9ympl
4Go9bw2wjDJ5rSbG1eAoKBfGRfjfPPjPZwBU/Uf8/+aMgYg2xKjaQtu40z+OE+0s
Tq9iXWZ893gOYxA58WK/83M0LSvECZpw4UYQVwmIEF19LJBQPTsliCIjtOhyP0A9
MVB/pKzasPor7B7GmDUU7pohWuq9J2xiG1ChR5uEO5J+zHA7J/0rtM2gc8tjv+GF
Iwbz8vWQ1YeqxA==
-----END CERTIFICATE-----