Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
File:                     XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft (raw, json)
Hash identifier:          IStii8CYaxNujUv1Kd+zrAfkU5yjhKpeI8N1XZyZYhQ=
Subject key identifier:   38:1F:C5:58:63:79:2E:93:09:CF:12:9C:E2:EE:F9:31:20:73:6F:49
Authority key identifier: 5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E
Certificate issuer:       /CN=5ccf12899f358d1c341a207fde21d43c70a6945e
Certificate serial:       0197B7B3255687E7C6778C90889B4ACBAA7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
Manifest number:          01FD
Signing time:             Sat 28 Jun 2025 18:01:00 +0000
Manifest this update:     Sat 28 Jun 2025 18:01:00 +0000
Manifest next update:     Sun 29 Jun 2025 18:01:00 +0000
Files and hashes:         1: XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl (hash: 45qIZ2Jn83TJpF8IbMny9a3AWdaILWprKc0gOJZUN1w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b3:25:56:87:e7:c6:77:8c:90:88:9b:4a:cb:aa:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ccf12899f358d1c341a207fde21d43c70a6945e
        Validity
            Not Before: Jun 28 18:01:00 2025 GMT
            Not After : Jun 29 18:01:00 2025 GMT
        Subject: CN=381fc55863792e9309cf129ce2eef93120736f49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:00:55:96:8f:43:50:04:3e:70:ee:c1:44:71:
                    b1:b2:ec:46:eb:8d:ce:b1:7a:e4:47:88:5a:79:10:
                    74:8a:e3:f9:6d:b9:1a:57:40:8c:8b:81:79:68:18:
                    db:ec:76:c2:f7:8c:25:09:6c:e8:22:c6:2b:76:93:
                    f1:ec:53:a0:9a:47:a9:64:0d:b6:46:60:c0:cc:70:
                    9f:e3:09:f4:6c:72:ae:c0:52:27:d9:24:45:48:1f:
                    e0:0d:a5:7d:e5:f0:05:05:ae:d4:6c:b8:6d:27:07:
                    b7:df:77:10:66:2a:3b:b0:9f:0c:cb:24:46:9e:fc:
                    67:fe:1a:43:7d:61:46:a8:62:83:ad:44:bb:d0:74:
                    10:af:d6:51:87:4a:0e:48:94:31:da:e3:bc:b9:27:
                    76:2c:7e:36:e1:71:56:d9:c1:39:85:39:50:18:c3:
                    6e:a6:c1:a1:5b:25:ed:9f:fa:e2:55:10:de:34:8e:
                    5b:52:6f:bb:0c:32:14:8d:bd:50:48:b2:de:d3:f2:
                    3c:f3:1f:4f:10:8a:b3:9e:fc:ce:0f:44:27:73:57:
                    04:52:5d:ff:df:ff:69:80:76:62:bc:bb:41:f9:46:
                    29:13:48:bb:2f:3a:4e:e3:67:b5:d3:1e:43:41:b4:
                    37:c1:86:4a:32:e8:67:85:94:6e:58:3b:4d:09:6b:
                    2d:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:1F:C5:58:63:79:2E:93:09:CF:12:9C:E2:EE:F9:31:20:73:6F:49
            X509v3 Authority Key Identifier:
                keyid:5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:b5:4b:c9:7f:cb:36:4c:85:df:c2:23:a8:25:d8:46:27:fa:
         bf:e3:c9:a0:67:69:5c:cb:15:3d:f1:12:42:ab:44:0f:d4:22:
         32:d0:ee:2b:21:bf:22:a6:cf:1d:99:dc:3f:06:9e:47:75:6c:
         0d:d3:ee:09:02:ed:61:51:5e:53:3c:57:88:87:ac:98:67:9f:
         10:b8:ef:af:12:42:53:d5:e4:bc:5b:18:a9:25:e3:7a:a4:13:
         0c:7a:37:59:2b:6b:81:fa:d2:d5:6d:c5:e9:f6:7c:67:2f:2e:
         2c:b6:69:bf:64:d9:0e:b3:d2:5f:e5:b3:f7:34:ef:a4:0e:e1:
         ff:4f:1f:14:12:7d:e8:70:61:ac:42:d7:8c:92:d6:9d:bf:f7:
         b8:dd:66:ef:be:c6:1c:77:66:fc:7e:e6:f8:af:ff:14:f1:82:
         bf:7d:58:c7:35:e3:0b:85:83:6b:89:57:a0:21:13:48:3c:a7:
         f5:8d:ef:3a:ca:74:e4:61:97:70:ca:4c:55:10:30:e3:d3:01:
         4d:92:95:9d:62:7a:a5:04:36:ff:65:11:b1:7f:ad:0a:21:f2:
         6e:31:e8:3b:9c:8e:5e:23:25:07:d7:a7:3f:ce:90:ed:ad:7f:
         2b:a7:f4:c3:fd:29:8a:3f:84:79:98:03:36:f8:f4:bd:84:84:
         b4:b9:49:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3syVWh+fGd4yQiJtKy6p7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2YxMjg5OWYzNThkMWMzNDFhMjA3ZmRlMjFkNDNjNzBh
Njk0NWUwHhcNMjUwNjI4MTgwMTAwWhcNMjUwNjI5MTgwMTAwWjAzMTEwLwYDVQQD
EygzODFmYzU1ODYzNzkyZTkzMDljZjEyOWNlMmVlZjkzMTIwNzM2ZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwBVlo9DUAQ+cO7BRHGxsuxG643O
sXrkR4haeRB0iuP5bbkaV0CMi4F5aBjb7HbC94wlCWzoIsYrdpPx7FOgmkepZA22
RmDAzHCf4wn0bHKuwFIn2SRFSB/gDaV95fAFBa7UbLhtJwe333cQZio7sJ8MyyRG
nvxn/hpDfWFGqGKDrUS70HQQr9ZRh0oOSJQx2uO8uSd2LH424XFW2cE5hTlQGMNu
psGhWyXtn/riVRDeNI5bUm+7DDIUjb1QSLLe0/I88x9PEIqznvzOD0Qnc1cEUl3/
3/9pgHZivLtB+UYpE0i7LzpO42e10x5DQbQ3wYZKMuhnhZRuWDtNCWstKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDgfxVhjeS6TCc8SnOLu+TEgc29JMB8GA1UdIwQY
MBaAFFzPEomfNY0cNBogf94h1DxwppReMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2Yt
MjU2MGY4NjkwY2QyLzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2YtMjU2MGY4NjkwY2Qy
LzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMbVLyX/L
NkyF38IjqCXYRif6v+PJoGdpXMsVPfESQqtED9QiMtDuKyG/IqbPHZncPwaeR3Vs
DdPuCQLtYVFeUzxXiIesmGefELjvrxJCU9XkvFsYqSXjeqQTDHo3WStrgfrS1W3F
6fZ8Zy8uLLZpv2TZDrPSX+Wz9zTvpA7h/08fFBJ96HBhrELXjJLWnb/3uN1m777G
HHdm/H7m+K//FPGCv31YxzXjC4WDa4lXoCETSDyn9Y3vOsp05GGXcMpMVRAw49MB
TZKVnWJ6pQQ2/2URsX+tCiHybjHoO5yOXiMlB9enP86Q7a1/K6f0w/0pij+EeZgD
Nvj0vYSEtLlJIg==
-----END CERTIFICATE-----