Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
File:                     XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft (raw, json)
Hash identifier:          MsLAQfmy9xi0JDltzdbojvZ4kDGxf1K5M3Zx2g6Vymo=
Subject key identifier:   A4:15:51:D6:13:CA:43:A6:AF:CE:56:28:B2:18:A2:1A:C0:28:6E:99
Authority key identifier: 5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E
Certificate issuer:       /CN=5ccf12899f358d1c341a207fde21d43c70a6945e
Certificate serial:       0199FB0EF3473621A741F223E5A7D297EE9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
Manifest number:          0329
Signing time:             Sun 19 Oct 2025 06:01:24 +0000
Manifest this update:     Sun 19 Oct 2025 06:01:24 +0000
Manifest next update:     Mon 20 Oct 2025 06:01:24 +0000
Files and hashes:         1: XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl (hash: 13+uE68rjDPFMn06lQmXiJjDiIs1MFwkzS/iVyy5ccE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:0e:f3:47:36:21:a7:41:f2:23:e5:a7:d2:97:ee:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ccf12899f358d1c341a207fde21d43c70a6945e
        Validity
            Not Before: Oct 19 06:01:24 2025 GMT
            Not After : Oct 20 06:01:24 2025 GMT
        Subject: CN=a41551d613ca43a6afce5628b218a21ac0286e99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:5b:37:3b:32:d8:19:55:c2:85:40:89:7a:4b:
                    4b:d2:50:16:c5:ec:dd:34:a0:05:41:82:56:45:cc:
                    59:a3:f8:ab:4f:d0:7a:56:2b:5e:77:b4:0a:df:65:
                    c2:1e:11:6f:6e:7e:3f:0c:3e:90:f6:df:ce:ca:47:
                    ee:cb:bc:46:69:88:5f:4d:83:e4:9b:4a:27:8d:d5:
                    6c:ee:3a:4b:bb:d1:39:9f:b2:f1:32:56:e9:0d:38:
                    64:a5:1d:e0:0f:25:39:0a:50:83:5e:e8:16:0b:4f:
                    20:fe:c4:a6:6c:9d:e0:b3:76:e0:15:8c:e4:24:db:
                    e9:7d:e8:3e:8e:ed:94:45:59:15:86:8a:53:ca:71:
                    8c:06:98:ad:55:a6:c2:ac:f6:37:40:cf:91:f8:43:
                    cc:09:d9:4e:46:a8:77:44:83:69:bf:41:ab:c3:79:
                    65:67:15:e5:48:4a:19:34:2b:76:1c:a4:0f:21:3f:
                    c4:9b:c7:72:0f:70:3d:b9:09:01:64:52:ba:52:a5:
                    5b:16:fc:bb:5e:cc:83:51:95:53:5c:07:c1:1b:b9:
                    30:7f:83:15:91:02:a9:de:2c:95:88:e2:72:12:ec:
                    8e:26:85:79:9d:2a:c4:46:d1:01:08:ba:8f:48:3e:
                    13:e7:38:5d:db:40:70:67:63:97:6d:55:ab:89:30:
                    74:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:15:51:D6:13:CA:43:A6:AF:CE:56:28:B2:18:A2:1A:C0:28:6E:99
            X509v3 Authority Key Identifier:
                keyid:5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:7e:b5:9c:44:5c:5a:da:01:47:66:3e:ac:d4:02:20:9c:4e:
         98:e7:2e:6e:b9:4b:57:d8:2a:0c:2a:3b:57:9e:a3:91:f4:1d:
         d9:5b:98:88:82:c5:65:f6:87:bb:65:ff:28:59:e1:67:af:7a:
         96:c4:6d:95:bd:29:b5:94:ac:0b:27:ef:fc:96:a4:32:90:9c:
         9a:95:15:a7:6e:25:3c:ff:9c:59:25:4b:bf:c8:91:ff:32:68:
         4d:ad:2c:bf:3a:bb:bb:4c:73:22:01:8a:cf:c8:61:bd:2f:51:
         a1:01:37:30:cc:53:f6:15:af:67:fc:0b:75:0c:04:6a:73:c9:
         86:6e:12:5c:2d:1c:a1:8d:71:c2:ae:57:8e:ab:35:5d:d3:94:
         d8:18:34:3b:07:25:4d:63:7d:ff:90:f2:e2:e6:6e:5e:21:0d:
         d4:5c:f7:11:b5:82:b6:98:4a:52:57:16:a0:41:68:2f:9c:b7:
         ce:fd:a1:01:2e:2a:02:34:a0:80:a5:b8:95:f8:3b:04:de:dd:
         dd:f7:38:35:24:78:d9:db:1a:8e:26:3c:18:ed:e8:52:37:5f:
         eb:2b:f9:25:31:5c:9d:c8:d2:fc:35:f4:33:a7:0f:e8:62:d6:
         e3:d1:e4:d1:2b:32:1c:94:d3:dc:4d:13:61:46:a2:c8:8f:49:
         d1:19:9e:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7DvNHNiGnQfIj5afSl+6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2YxMjg5OWYzNThkMWMzNDFhMjA3ZmRlMjFkNDNjNzBh
Njk0NWUwHhcNMjUxMDE5MDYwMTI0WhcNMjUxMDIwMDYwMTI0WjAzMTEwLwYDVQQD
EyhhNDE1NTFkNjEzY2E0M2E2YWZjZTU2MjhiMjE4YTIxYWMwMjg2ZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFs3OzLYGVXChUCJektL0lAWxezd
NKAFQYJWRcxZo/irT9B6Vited7QK32XCHhFvbn4/DD6Q9t/Oykfuy7xGaYhfTYPk
m0onjdVs7jpLu9E5n7LxMlbpDThkpR3gDyU5ClCDXugWC08g/sSmbJ3gs3bgFYzk
JNvpfeg+ju2URVkVhopTynGMBpitVabCrPY3QM+R+EPMCdlORqh3RINpv0Grw3ll
ZxXlSEoZNCt2HKQPIT/Em8dyD3A9uQkBZFK6UqVbFvy7XsyDUZVTXAfBG7kwf4MV
kQKp3iyViOJyEuyOJoV5nSrERtEBCLqPSD4T5zhd20BwZ2OXbVWriTB0wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKQVUdYTykOmr85WKLIYohrAKG6ZMB8GA1UdIwQY
MBaAFFzPEomfNY0cNBogf94h1DxwppReMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2Yt
MjU2MGY4NjkwY2QyLzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2YtMjU2MGY4NjkwY2Qy
LzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjn61nERc
WtoBR2Y+rNQCIJxOmOcubrlLV9gqDCo7V56jkfQd2VuYiILFZfaHu2X/KFnhZ696
lsRtlb0ptZSsCyfv/JakMpCcmpUVp24lPP+cWSVLv8iR/zJoTa0svzq7u0xzIgGK
z8hhvS9RoQE3MMxT9hWvZ/wLdQwEanPJhm4SXC0coY1xwq5Xjqs1XdOU2Bg0Owcl
TWN9/5Dy4uZuXiEN1Fz3EbWCtphKUlcWoEFoL5y3zv2hAS4qAjSggKW4lfg7BN7d
3fc4NSR42dsajiY8GO3oUjdf6yv5JTFcncjS/DX0M6cP6GLW49Hk0SsyHJTT3E0T
YUaiyI9J0RmeLQ==
-----END CERTIFICATE-----