Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
File:                     XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft (raw, json)
Hash identifier:          ZGDfT8iuaZZTAyNUcrApXAgshfCeKkTijlBjpJiKs+w=
Subject key identifier:   29:84:DC:8E:67:D7:30:68:09:39:66:76:9E:6F:C7:F9:59:BD:C2:4A
Authority key identifier: 5E:A8:5F:1D:D4:D0:34:64:80:F0:09:87:4A:8F:56:70:E3:10:85:C2
Certificate issuer:       /CN=5ea85f1dd4d0346480f009874a8f5670e31085c2
Certificate serial:       019922FABB33F91371CD4BAACE5E9384DD16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
Manifest number:          1670
Signing time:             Sun 07 Sep 2025 07:01:21 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:21 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:21 +0000
Files and hashes:         1: XqhfHdTQNGSA8AmHSo9WcOMQhcI.crl (hash: lSjI5RA6dZCiw+/GbSVL+fR+2sDuXXmB4yhHwiwVhSo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:bb:33:f9:13:71:cd:4b:aa:ce:5e:93:84:dd:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ea85f1dd4d0346480f009874a8f5670e31085c2
        Validity
            Not Before: Sep  7 07:01:21 2025 GMT
            Not After : Sep  8 07:01:21 2025 GMT
        Subject: CN=2984dc8e67d73068093966769e6fc7f959bdc24a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:23:e2:22:7d:d5:19:d9:ed:cd:be:1b:8a:4e:
                    74:9d:35:46:88:fa:88:7b:fa:ae:5a:bf:85:86:a3:
                    b0:b3:ac:59:6c:50:a3:3e:82:46:a1:39:8f:89:cc:
                    54:38:4b:99:7e:b7:b2:25:4c:77:9a:d7:7b:fc:82:
                    96:65:f4:f2:f8:5d:8e:76:c5:6a:d6:16:38:3a:25:
                    fb:d0:b2:82:c1:7b:1e:19:6b:02:88:76:b3:7c:9d:
                    f2:a3:48:02:aa:81:4d:c1:bb:57:34:55:99:75:cf:
                    df:8d:98:15:18:45:e6:80:57:8a:5a:5c:74:f1:21:
                    82:dc:44:80:04:1e:e5:ba:8e:64:f5:9c:74:0c:29:
                    2a:14:f1:05:47:af:1f:6a:b1:c6:08:51:02:62:a1:
                    c9:e6:4c:8d:d9:2e:b2:cf:dd:33:b4:91:8a:49:8a:
                    32:24:e0:96:36:36:2b:5b:ed:06:c8:43:25:a7:4f:
                    ba:ac:79:7d:b3:89:4e:9b:12:11:90:d9:f4:09:e1:
                    92:9c:90:4e:fe:e1:b0:3f:b5:09:5a:3b:6f:3c:8b:
                    69:2b:24:75:03:cc:a1:03:31:28:1d:f4:db:f7:09:
                    59:6c:8a:d1:a0:d3:c1:de:e8:b5:38:b5:35:d0:2d:
                    13:d0:8c:1f:8f:61:ea:c9:f2:4a:fa:a3:e9:69:e5:
                    64:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:84:DC:8E:67:D7:30:68:09:39:66:76:9E:6F:C7:F9:59:BD:C2:4A
            X509v3 Authority Key Identifier:
                keyid:5E:A8:5F:1D:D4:D0:34:64:80:F0:09:87:4A:8F:56:70:E3:10:85:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:6c:a3:0d:f3:c1:b0:c9:53:a7:0d:4d:e3:bc:22:0c:22:d5:
         45:c7:1c:e8:52:7e:60:dc:7d:97:e4:ea:7a:d8:c4:db:92:48:
         65:81:aa:10:d9:e6:db:1a:31:ab:c3:90:0e:6b:87:00:52:61:
         60:0d:80:71:26:41:3e:63:cb:b3:0e:71:79:d4:c3:55:d3:40:
         39:c4:4d:1f:13:e2:3d:9b:b3:4f:78:b4:ae:55:11:4b:75:ab:
         78:37:dd:53:7d:fe:a9:60:cb:16:50:fe:0b:f8:56:32:a8:a7:
         78:1f:08:4f:1f:de:e4:bb:b2:7e:f3:a9:d4:d9:fd:97:8c:b8:
         ae:60:49:37:1a:1a:8f:81:5e:47:31:b0:4e:62:1f:3f:e9:d1:
         56:a6:86:0b:4b:f6:9b:15:9f:f6:40:d3:39:ea:e0:7d:46:c5:
         b6:6f:b7:51:c7:e6:78:7d:f6:0b:4e:cf:0a:84:39:0a:0b:6f:
         a9:ba:2e:aa:8f:50:cb:7e:f2:45:be:e0:ba:a7:3f:4c:b3:b4:
         6a:b9:52:ac:57:82:6e:0d:18:fa:b1:32:0b:47:e8:19:b5:c9:
         3e:7e:a6:f2:57:6c:22:b1:56:d5:a7:85:7a:2b:42:69:72:14:
         c5:f8:b4:74:b3:73:21:51:08:b2:9a:d7:34:36:74:45:50:07:
         cd:03:90:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+rsz+RNxzUuqzl6ThN0WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTg1ZjFkZDRkMDM0NjQ4MGYwMDk4NzRhOGY1NjcwZTMx
MDg1YzIwHhcNMjUwOTA3MDcwMTIxWhcNMjUwOTA4MDcwMTIxWjAzMTEwLwYDVQQD
EygyOTg0ZGM4ZTY3ZDczMDY4MDkzOTY2NzY5ZTZmYzdmOTU5YmRjMjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yPiIn3VGdntzb4bik50nTVGiPqI
e/quWr+FhqOws6xZbFCjPoJGoTmPicxUOEuZfreyJUx3mtd7/IKWZfTy+F2OdsVq
1hY4OiX70LKCwXseGWsCiHazfJ3yo0gCqoFNwbtXNFWZdc/fjZgVGEXmgFeKWlx0
8SGC3ESABB7luo5k9Zx0DCkqFPEFR68farHGCFECYqHJ5kyN2S6yz90ztJGKSYoy
JOCWNjYrW+0GyEMlp0+6rHl9s4lOmxIRkNn0CeGSnJBO/uGwP7UJWjtvPItpKyR1
A8yhAzEoHfTb9wlZbIrRoNPB3ui1OLU10C0T0Iwfj2HqyfJK+qPpaeVkAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCmE3I5n1zBoCTlmdp5vx/lZvcJKMB8GA1UdIwQY
MBaAFF6oXx3U0DRkgPAJh0qPVnDjEIXCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFoZkhkVFFOR1NBOEFtSFNvOVdjT01RaGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9lZjc4MDgtMTIyYi00Yjg5LTkzNTgt
NTkwYzVmMWIwMWIzLzEvWHFoZkhkVFFOR1NBOEFtSFNvOVdjT01RaGNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9lZjc4MDgtMTIyYi00Yjg5LTkzNTgtNTkwYzVmMWIwMWIz
LzEvWHFoZkhkVFFOR1NBOEFtSFNvOVdjT01RaGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADGyjDfPB
sMlTpw1N47wiDCLVRccc6FJ+YNx9l+TqetjE25JIZYGqENnm2xoxq8OQDmuHAFJh
YA2AcSZBPmPLsw5xedTDVdNAOcRNHxPiPZuzT3i0rlURS3WreDfdU33+qWDLFlD+
C/hWMqineB8ITx/e5LuyfvOp1Nn9l4y4rmBJNxoaj4FeRzGwTmIfP+nRVqaGC0v2
mxWf9kDTOergfUbFtm+3UcfmeH32C07PCoQ5Cgtvqbouqo9Qy37yRb7guqc/TLO0
arlSrFeCbg0Y+rEyC0foGbXJPn6m8ldsIrFW1aeFeitCaXIUxfi0dLNzIVEIsprX
NDZ0RVAHzQOQ/Q==
-----END CERTIFICATE-----