Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
File:                     Xl5k_r-lZnT03hZCn13eSdnOk2g.mft (raw, json)
Hash identifier:          Jv61Cc5fOs8OnstvkJkYLK7orzL+TbBH4/yQ1gZVdqE=
Subject key identifier:   AB:18:40:67:3C:5D:E3:47:4E:FA:87:88:2D:58:5A:52:09:EA:E3:AB
Authority key identifier: 5E:5E:64:FE:BF:A5:66:74:F4:DE:16:42:9F:5D:DE:49:D9:CE:93:68
Certificate issuer:       /CN=5e5e64febfa56674f4de16429f5dde49d9ce9368
Certificate serial:       0198D5BC2EC570A9096A22BFBA615EB719F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
Manifest number:          12DB
Signing time:             Sat 23 Aug 2025 07:02:16 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:16 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:16 +0000
Files and hashes:         1: Xl5k_r-lZnT03hZCn13eSdnOk2g.crl (hash: C3Hyk39stdsdV4s6YEYPFLHPG7okKeTE7pLb+2VaO3M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:2e:c5:70:a9:09:6a:22:bf:ba:61:5e:b7:19:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e5e64febfa56674f4de16429f5dde49d9ce9368
        Validity
            Not Before: Aug 23 07:02:16 2025 GMT
            Not After : Aug 24 07:02:16 2025 GMT
        Subject: CN=ab1840673c5de3474efa87882d585a5209eae3ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:e6:08:fe:1d:7a:d9:de:39:67:ad:22:86:bc:
                    df:0f:9e:b2:f4:81:8c:a1:d5:07:0a:ed:00:5a:e2:
                    b9:33:81:1e:80:59:c8:dc:3f:79:39:bc:15:e4:df:
                    85:2b:54:10:ad:29:72:e8:d6:c8:2c:fd:f0:b6:a6:
                    3d:16:b4:81:fe:60:06:eb:3f:3e:4c:15:09:53:5a:
                    8f:ac:07:17:71:0e:91:eb:42:c3:5a:30:bc:dd:19:
                    5d:cd:dc:e2:ce:6b:af:fc:f9:eb:c3:89:98:a2:cf:
                    e1:8a:f1:f7:b5:b0:fb:30:58:e3:d0:80:28:cb:f7:
                    c9:0d:a7:46:0b:99:4d:08:12:cf:e1:76:f8:9b:d5:
                    49:a2:98:b3:55:a0:a0:98:8c:ea:29:f7:57:bc:e6:
                    16:aa:a4:f9:a4:f3:17:e0:51:c4:19:ef:aa:52:1a:
                    84:78:25:71:14:80:53:fe:9e:3a:87:2f:d2:96:c4:
                    53:11:5f:e7:f5:25:db:1f:cd:39:e0:2c:73:a5:89:
                    64:64:1f:e4:71:90:5b:d9:e0:2d:49:3a:04:72:0d:
                    d0:da:2d:d1:52:6f:1c:22:13:af:d6:1c:93:7b:13:
                    3b:3a:61:90:f1:39:cc:d1:2a:2b:f3:56:75:01:45:
                    24:4b:df:05:bd:5d:10:c4:67:1f:34:d8:a7:ed:e0:
                    3d:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:18:40:67:3C:5D:E3:47:4E:FA:87:88:2D:58:5A:52:09:EA:E3:AB
            X509v3 Authority Key Identifier:
                keyid:5E:5E:64:FE:BF:A5:66:74:F4:DE:16:42:9F:5D:DE:49:D9:CE:93:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:30:0f:b8:2e:4e:45:a5:a0:b8:57:73:fa:3a:4a:21:82:64:
         67:25:23:fb:ba:b9:de:21:ae:ce:41:fc:19:98:3c:20:ac:c0:
         63:ee:8b:0b:c6:28:00:c2:4a:72:15:c3:ed:d2:7f:b1:aa:f8:
         67:cf:4f:e0:91:f6:8d:a2:73:fd:39:f9:73:b2:63:03:57:f9:
         3d:07:d2:dd:62:7f:56:75:1a:21:02:6f:80:1b:33:a1:05:04:
         45:37:92:27:e2:52:bc:55:d7:23:28:cf:1d:9e:d1:8f:a6:43:
         a0:50:48:a4:c1:59:31:b9:b6:2a:b0:30:1c:af:90:ee:f3:5b:
         4b:69:77:de:2a:ef:6e:e9:15:15:69:09:4b:66:6f:c1:ad:7e:
         36:10:4c:18:7c:cc:6a:9d:2a:1a:28:6d:da:27:16:63:23:98:
         b3:09:0d:66:53:58:c8:cb:22:02:ec:99:9c:87:d5:f1:a4:64:
         ec:f7:4d:4c:26:e6:48:d1:fe:13:69:f3:3f:38:c1:aa:e2:6f:
         42:62:3b:56:74:8c:db:d4:04:e7:90:53:cc:99:43:11:15:d3:
         6c:cc:54:79:75:bd:20:74:ab:4b:0c:23:ed:b2:90:6a:1e:57:
         73:37:9a:2d:ed:b3:55:7d:41:44:02:d1:45:c2:f3:51:b3:b8:
         23:5a:ac:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvC7FcKkJaiK/umFetxnxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNWU2NGZlYmZhNTY2NzRmNGRlMTY0MjlmNWRkZTQ5ZDlj
ZTkzNjgwHhcNMjUwODIzMDcwMjE2WhcNMjUwODI0MDcwMjE2WjAzMTEwLwYDVQQD
EyhhYjE4NDA2NzNjNWRlMzQ3NGVmYTg3ODgyZDU4NWE1MjA5ZWFlM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OYI/h162d45Z60ihrzfD56y9IGM
odUHCu0AWuK5M4EegFnI3D95ObwV5N+FK1QQrSly6NbILP3wtqY9FrSB/mAG6z8+
TBUJU1qPrAcXcQ6R60LDWjC83Rldzdzizmuv/Pnrw4mYos/hivH3tbD7MFjj0IAo
y/fJDadGC5lNCBLP4Xb4m9VJopizVaCgmIzqKfdXvOYWqqT5pPMX4FHEGe+qUhqE
eCVxFIBT/p46hy/SlsRTEV/n9SXbH8054CxzpYlkZB/kcZBb2eAtSToEcg3Q2i3R
Um8cIhOv1hyTexM7OmGQ8TnM0Sor81Z1AUUkS98FvV0QxGcfNNin7eA9AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKsYQGc8XeNHTvqHiC1YWlIJ6uOrMB8GA1UdIwQY
MBaAFF5eZP6/pWZ09N4WQp9d3knZzpNoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84NWZjMTEtZTIzYS00OTQyLWIwZGUt
MjJmOGQ0YTAyN2FlLzEvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84NWZjMTEtZTIzYS00OTQyLWIwZGUtMjJmOGQ0YTAyN2Fl
LzEvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjjAPuC5O
RaWguFdz+jpKIYJkZyUj+7q53iGuzkH8GZg8IKzAY+6LC8YoAMJKchXD7dJ/sar4
Z89P4JH2jaJz/Tn5c7JjA1f5PQfS3WJ/VnUaIQJvgBszoQUERTeSJ+JSvFXXIyjP
HZ7Rj6ZDoFBIpMFZMbm2KrAwHK+Q7vNbS2l33irvbukVFWkJS2Zvwa1+NhBMGHzM
ap0qGiht2icWYyOYswkNZlNYyMsiAuyZnIfV8aRk7PdNTCbmSNH+E2nzPzjBquJv
QmI7VnSM29QE55BTzJlDERXTbMxUeXW9IHSrSwwj7bKQah5XczeaLe2zVX1BRALR
RcLzUbO4I1qsNA==
-----END CERTIFICATE-----