Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
File:                     Xl5k_r-lZnT03hZCn13eSdnOk2g.mft (raw, json)
Hash identifier:          F98U5OPo+3g6kqCRHbtU1t5fC0LXJKv+2v51bIf4ysY=
Subject key identifier:   38:3A:42:61:90:08:7C:BA:7E:88:62:E4:82:76:5D:68:8D:FD:F8:6F
Authority key identifier: 5E:5E:64:FE:BF:A5:66:74:F4:DE:16:42:9F:5D:DE:49:D9:CE:93:68
Certificate issuer:       /CN=5e5e64febfa56674f4de16429f5dde49d9ce9368
Certificate serial:       0197B5FC1ECEC17E29C2A5EF447884BF7ADA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
Manifest number:          1246
Signing time:             Sat 28 Jun 2025 10:01:28 +0000
Manifest this update:     Sat 28 Jun 2025 10:01:28 +0000
Manifest next update:     Sun 29 Jun 2025 10:01:28 +0000
Files and hashes:         1: Xl5k_r-lZnT03hZCn13eSdnOk2g.crl (hash: FBkAL99ip0K0Fikn8VNgi7EoUX+RXPBD3vz5fxfUI4E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:fc:1e:ce:c1:7e:29:c2:a5:ef:44:78:84:bf:7a:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e5e64febfa56674f4de16429f5dde49d9ce9368
        Validity
            Not Before: Jun 28 10:01:28 2025 GMT
            Not After : Jun 29 10:01:28 2025 GMT
        Subject: CN=383a426190087cba7e8862e482765d688dfdf86f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:94:ab:8e:4a:2a:f2:68:a7:fc:08:77:de:2a:
                    8c:0f:8b:e7:4f:4e:1f:28:57:74:99:b8:d5:41:0d:
                    e7:37:f7:da:1e:9f:93:cb:61:3e:64:d1:b2:50:e4:
                    43:48:8a:e1:10:43:35:33:88:a4:a8:09:bc:47:46:
                    02:90:15:5e:fa:d3:ac:7b:76:95:86:af:78:1b:d4:
                    de:27:b0:dc:fa:ec:34:a1:0a:65:32:a0:b8:c0:cb:
                    16:94:d4:d4:29:81:43:36:2e:25:10:54:4d:00:a9:
                    09:27:f1:91:fc:3b:1a:21:0f:e7:05:fc:17:20:f1:
                    dc:94:73:5b:79:86:ea:af:bf:73:c5:b3:0d:f9:93:
                    d3:84:2a:b2:cf:d8:47:e5:1a:71:41:dd:f6:cc:bd:
                    5e:bd:92:be:59:95:5c:e0:97:46:d4:da:03:28:8d:
                    30:a1:26:73:38:1c:2d:d5:0e:c5:07:42:d3:13:43:
                    1f:9d:c4:51:d5:81:d9:e4:f9:d1:6b:2b:5c:31:5a:
                    6d:a2:12:dd:22:fd:a7:1d:e4:06:62:5c:a4:06:85:
                    d7:ff:83:1f:5d:09:9c:0d:fd:ff:24:dd:63:4f:62:
                    9c:cf:2e:ee:ce:d5:14:ac:fd:79:28:50:48:38:e8:
                    70:e4:7d:3e:46:11:1e:01:e6:9d:cb:92:d8:54:86:
                    fc:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:3A:42:61:90:08:7C:BA:7E:88:62:E4:82:76:5D:68:8D:FD:F8:6F
            X509v3 Authority Key Identifier:
                keyid:5E:5E:64:FE:BF:A5:66:74:F4:DE:16:42:9F:5D:DE:49:D9:CE:93:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:20:c3:49:2a:7e:c2:46:36:08:70:46:fc:f4:b9:5c:cd:ff:
         07:09:df:04:ae:6f:de:8a:89:34:c1:7f:be:d8:7a:fb:28:b3:
         ba:9d:3c:5c:d3:13:c1:13:7d:3b:4c:53:75:d8:d1:48:3d:8e:
         7f:98:79:a6:d2:ee:c9:f2:04:55:5c:30:4f:49:0c:c9:d8:97:
         0f:20:fb:99:3a:71:ce:10:2c:c7:76:b6:b5:77:2f:9d:43:64:
         6d:f6:3c:a5:15:ee:86:4d:b8:49:84:13:8f:3d:ad:a1:11:5b:
         ac:c1:79:b8:08:20:b6:40:cd:8b:1b:fc:aa:4b:fc:5a:71:77:
         47:36:60:55:6e:20:19:88:9f:aa:b4:e8:23:7f:ea:35:be:93:
         0c:16:99:6b:c3:f4:b3:07:fe:aa:8d:a5:9f:13:9b:dd:49:d0:
         40:19:a3:7d:cb:de:d2:20:3f:e5:71:ab:9f:d4:15:3e:18:7c:
         89:c2:65:d7:5c:7e:65:c3:c0:d1:2e:cf:bc:3c:03:80:0e:a9:
         1f:c6:b0:db:08:4d:a4:36:79:01:cb:bf:4d:32:85:3a:05:2f:
         b8:bf:b5:35:81:c4:22:1a:b6:14:eb:eb:bd:8a:ef:f5:e0:3e:
         1b:4b:b6:8c:48:2d:c6:ea:d5:a7:10:54:89:bd:41:27:b0:a0:
         c7:e8:1a:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1/B7OwX4pwqXvRHiEv3raMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNWU2NGZlYmZhNTY2NzRmNGRlMTY0MjlmNWRkZTQ5ZDlj
ZTkzNjgwHhcNMjUwNjI4MTAwMTI4WhcNMjUwNjI5MTAwMTI4WjAzMTEwLwYDVQQD
EygzODNhNDI2MTkwMDg3Y2JhN2U4ODYyZTQ4Mjc2NWQ2ODhkZmRmODZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupSrjkoq8min/Ah33iqMD4vnT04f
KFd0mbjVQQ3nN/faHp+Ty2E+ZNGyUORDSIrhEEM1M4ikqAm8R0YCkBVe+tOse3aV
hq94G9TeJ7Dc+uw0oQplMqC4wMsWlNTUKYFDNi4lEFRNAKkJJ/GR/DsaIQ/nBfwX
IPHclHNbeYbqr79zxbMN+ZPThCqyz9hH5RpxQd32zL1evZK+WZVc4JdG1NoDKI0w
oSZzOBwt1Q7FB0LTE0MfncRR1YHZ5PnRaytcMVptohLdIv2nHeQGYlykBoXX/4Mf
XQmcDf3/JN1jT2Kczy7uztUUrP15KFBIOOhw5H0+RhEeAeady5LYVIb8YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDg6QmGQCHy6fohi5IJ2XWiN/fhvMB8GA1UdIwQY
MBaAFF5eZP6/pWZ09N4WQp9d3knZzpNoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84NWZjMTEtZTIzYS00OTQyLWIwZGUt
MjJmOGQ0YTAyN2FlLzEvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84NWZjMTEtZTIzYS00OTQyLWIwZGUtMjJmOGQ0YTAyN2Fl
LzEvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcCDDSSp+
wkY2CHBG/PS5XM3/BwnfBK5v3oqJNMF/vth6+yizup08XNMTwRN9O0xTddjRSD2O
f5h5ptLuyfIEVVwwT0kMydiXDyD7mTpxzhAsx3a2tXcvnUNkbfY8pRXuhk24SYQT
jz2toRFbrMF5uAggtkDNixv8qkv8WnF3RzZgVW4gGYifqrToI3/qNb6TDBaZa8P0
swf+qo2lnxOb3UnQQBmjfcve0iA/5XGrn9QVPhh8icJl11x+ZcPA0S7PvDwDgA6p
H8aw2whNpDZ5Acu/TTKFOgUvuL+1NYHEIhq2FOvrvYrv9eA+G0u2jEgtxurVpxBU
ib1BJ7Cgx+gaOw==
-----END CERTIFICATE-----