Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
File:                     XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft (raw, json)
Hash identifier:          49DULmZFdVgykASZf72PSB4OydX6uGpjI69mcEIPOX8=
Subject key identifier:   CF:4C:84:AE:F0:78:56:3D:07:14:6E:6C:C8:F1:69:61:8B:EB:BC:B4
Authority key identifier: 5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E
Certificate issuer:       /CN=5ccf12899f358d1c341a207fde21d43c70a6945e
Certificate serial:       0198D58401F2CB8287805C0F46AEE64C9E8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
Manifest number:          0291
Signing time:             Sat 23 Aug 2025 06:00:54 +0000
Manifest this update:     Sat 23 Aug 2025 06:00:54 +0000
Manifest next update:     Sun 24 Aug 2025 06:00:54 +0000
Files and hashes:         1: XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl (hash: HqOUEL31yDnEXeYuSpc0wv88ZU9CsNsRfJWEcNVW28g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:84:01:f2:cb:82:87:80:5c:0f:46:ae:e6:4c:9e:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ccf12899f358d1c341a207fde21d43c70a6945e
        Validity
            Not Before: Aug 23 06:00:54 2025 GMT
            Not After : Aug 24 06:00:54 2025 GMT
        Subject: CN=cf4c84aef078563d07146e6cc8f169618bebbcb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:18:09:38:b3:c0:8c:e6:79:a4:2d:a8:0f:9a:
                    0c:a4:8a:1d:0a:c9:e3:b8:3c:45:e6:bf:fc:eb:16:
                    5f:60:75:38:5f:48:30:8f:49:4b:94:7d:bf:c0:7a:
                    8e:4e:e4:b4:c9:ca:77:ef:80:46:88:f2:aa:e1:fb:
                    37:f1:fa:9e:6a:a9:27:96:45:e0:3b:8f:d8:2f:9c:
                    48:1f:d9:7f:5c:7d:0c:15:21:42:08:c5:f6:bf:f5:
                    b9:dd:f1:83:6c:32:95:bb:5d:fd:1f:2d:92:b8:6d:
                    25:9e:d9:ca:3a:07:e3:e5:65:9a:3d:a0:35:d4:3b:
                    c6:fe:b3:d3:75:04:5e:82:96:d8:53:bf:16:53:a5:
                    e2:b8:57:b6:d0:d2:99:86:31:67:e2:51:dc:29:df:
                    6c:a1:53:39:bf:26:b9:a0:83:0b:f3:58:fd:ea:72:
                    1d:8c:3d:91:fa:fd:b8:86:6e:49:e8:1e:aa:c8:dd:
                    74:fa:93:02:8d:da:74:b9:10:69:6d:bd:e4:a1:e4:
                    c8:f0:7b:26:fc:8b:18:d7:e3:56:49:13:19:a2:55:
                    73:97:cb:fc:e0:40:21:06:b9:f9:77:d6:4a:13:6c:
                    77:2d:fc:9e:4e:ab:6f:b2:49:83:c2:3f:96:29:26:
                    8f:f8:a5:2a:b8:27:04:59:b8:3c:61:04:95:70:04:
                    f8:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:4C:84:AE:F0:78:56:3D:07:14:6E:6C:C8:F1:69:61:8B:EB:BC:B4
            X509v3 Authority Key Identifier:
                keyid:5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:5b:af:71:8b:c7:d1:8c:3f:65:cf:13:54:c9:9b:25:37:40:
         fb:33:5e:30:08:53:fa:53:b2:57:44:fd:71:86:74:c1:98:fe:
         25:9f:30:fa:93:89:c5:f1:3d:2f:24:7d:e2:87:10:2b:68:af:
         57:0d:68:e3:82:1e:ee:64:25:47:ee:d0:ed:75:0e:c1:82:db:
         ed:84:7b:d9:9a:3d:f8:b8:71:54:57:a3:6e:fe:e4:3c:6f:35:
         71:10:e7:4a:f0:62:b2:2b:3a:e7:68:67:c1:f3:1c:30:32:e2:
         6c:16:c4:99:f4:93:47:70:ff:99:23:84:39:fc:f5:51:92:4e:
         48:75:81:b2:b4:08:a3:cb:32:86:38:54:a9:0d:24:fb:39:f7:
         f7:c0:b2:f6:75:ec:95:67:95:7b:5c:eb:2a:e5:1c:3e:ea:d1:
         e9:b4:b9:45:e6:94:bc:b6:fd:91:16:40:00:b5:df:86:3d:01:
         b6:51:b7:a3:3b:ef:3d:03:0f:4b:47:48:07:a7:b9:4e:cc:32:
         44:e3:34:45:0c:fa:11:8f:8a:85:f5:9b:b2:9d:92:6b:c6:78:
         56:04:1f:c9:9e:ea:9c:5f:cc:1e:24:e9:ad:aa:5e:7c:bb:3e:
         41:dd:68:7d:ed:51:16:74:c1:08:5d:c7:0f:32:ca:b6:fb:e1:
         8c:7d:82:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVhAHyy4KHgFwPRq7mTJ6LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2YxMjg5OWYzNThkMWMzNDFhMjA3ZmRlMjFkNDNjNzBh
Njk0NWUwHhcNMjUwODIzMDYwMDU0WhcNMjUwODI0MDYwMDU0WjAzMTEwLwYDVQQD
EyhjZjRjODRhZWYwNzg1NjNkMDcxNDZlNmNjOGYxNjk2MThiZWJiY2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRgJOLPAjOZ5pC2oD5oMpIodCsnj
uDxF5r/86xZfYHU4X0gwj0lLlH2/wHqOTuS0ycp374BGiPKq4fs38fqeaqknlkXg
O4/YL5xIH9l/XH0MFSFCCMX2v/W53fGDbDKVu139Hy2SuG0lntnKOgfj5WWaPaA1
1DvG/rPTdQRegpbYU78WU6XiuFe20NKZhjFn4lHcKd9soVM5vya5oIML81j96nId
jD2R+v24hm5J6B6qyN10+pMCjdp0uRBpbb3koeTI8Hsm/IsY1+NWSRMZolVzl8v8
4EAhBrn5d9ZKE2x3LfyeTqtvskmDwj+WKSaP+KUquCcEWbg8YQSVcAT4HQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM9MhK7weFY9BxRubMjxaWGL67y0MB8GA1UdIwQY
MBaAFFzPEomfNY0cNBogf94h1DxwppReMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2Yt
MjU2MGY4NjkwY2QyLzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2YtMjU2MGY4NjkwY2Qy
LzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALVuvcYvH
0Yw/Zc8TVMmbJTdA+zNeMAhT+lOyV0T9cYZ0wZj+JZ8w+pOJxfE9LyR94ocQK2iv
Vw1o44Ie7mQlR+7Q7XUOwYLb7YR72Zo9+LhxVFejbv7kPG81cRDnSvBisis652hn
wfMcMDLibBbEmfSTR3D/mSOEOfz1UZJOSHWBsrQIo8syhjhUqQ0k+zn398Cy9nXs
lWeVe1zrKuUcPurR6bS5ReaUvLb9kRZAALXfhj0BtlG3ozvvPQMPS0dIB6e5Tswy
ROM0RQz6EY+KhfWbsp2Sa8Z4VgQfyZ7qnF/MHiTprapefLs+Qd1ofe1RFnTBCF3H
DzLKtvvhjH2Cpg==
-----END CERTIFICATE-----