Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
File:                     xDGln2B5ajI2rhAIwtXGxHC8sEU.mft (raw, json)
Hash identifier:          ioo3CCt7dQC4rKes2rjJ1Kvxy3IAZcPwpF5/A8O/3Xw=
Subject key identifier:   1A:D7:95:2C:2B:31:E8:6C:AD:8F:61:B7:B5:94:55:51:AE:2A:DD:02
Authority key identifier: C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45
Certificate issuer:       /CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
Certificate serial:       0198D54EB72D4E23B8CB3AC8BCD7A80901C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
Manifest number:          06E4
Signing time:             Sat 23 Aug 2025 05:02:42 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:42 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:42 +0000
Files and hashes:         1: xDGln2B5ajI2rhAIwtXGxHC8sEU.crl (hash: r3rQ16NyyzL4hAilt7AaLw/XiUGsIyGNX2HzWHzpgYg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:b7:2d:4e:23:b8:cb:3a:c8:bc:d7:a8:09:01:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
        Validity
            Not Before: Aug 23 05:02:42 2025 GMT
            Not After : Aug 24 05:02:42 2025 GMT
        Subject: CN=1ad7952c2b31e86cad8f61b7b5945551ae2add02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:f3:95:a1:47:c0:c7:65:ae:96:18:f2:f2:ca:
                    25:3a:56:a8:9d:02:58:a9:f8:e7:d2:9d:70:f0:13:
                    9b:b2:e8:50:a9:dc:0b:6b:17:c1:38:9e:2f:f8:6e:
                    1c:c5:97:8f:63:17:9a:40:76:c2:3a:b9:63:2f:6a:
                    5b:3e:90:de:71:fc:6a:c0:5d:10:ad:2b:6e:2c:8c:
                    c3:8c:bd:a1:78:85:1f:2a:bb:51:fe:1e:14:82:59:
                    8c:76:ae:2c:b9:41:07:14:0a:9c:56:b5:28:55:e7:
                    72:28:92:0d:d2:a8:f1:08:82:91:86:72:96:8f:bb:
                    76:32:48:e8:e2:91:67:5b:b9:03:f0:98:94:8d:f0:
                    3e:4d:f6:69:2f:ee:5d:8b:14:8f:f1:2e:47:3d:d8:
                    fd:6b:74:04:39:41:60:fc:08:aa:4b:0c:cf:b9:66:
                    1b:37:c0:c2:b0:e8:90:f3:ed:d3:8c:58:ca:82:1a:
                    f5:d1:a1:15:8c:a7:57:7a:72:e7:d4:58:fa:a9:fb:
                    d3:87:da:1d:1c:38:cc:c5:21:d5:c8:43:20:b6:63:
                    be:09:f7:92:4d:6b:15:27:f3:3d:44:4d:a4:a7:81:
                    d0:7c:1e:b8:9f:ef:d4:57:59:71:a3:15:69:cc:51:
                    fc:f3:b6:3c:b5:19:f2:65:26:e1:de:08:b4:e3:e3:
                    df:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:D7:95:2C:2B:31:E8:6C:AD:8F:61:B7:B5:94:55:51:AE:2A:DD:02
            X509v3 Authority Key Identifier:
                keyid:C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:58:ff:89:1e:b6:c1:f7:64:ea:74:e3:82:05:b9:10:c3:71:
         36:ef:23:5f:92:09:0a:5e:5e:88:6a:9b:0b:8a:35:de:c0:92:
         b2:08:64:a9:2c:5e:bc:07:1b:f6:8e:b3:b7:13:38:69:4e:11:
         e4:56:4d:82:0d:ee:7d:1c:a3:7b:fc:ef:b9:bb:25:56:d5:93:
         58:8b:23:5c:5e:10:3c:15:89:a9:67:30:d2:c8:75:e8:d9:a7:
         b2:7d:44:35:45:2c:ef:83:a9:e0:05:c3:78:1f:7f:27:1f:fc:
         d0:fa:ae:a7:2a:60:83:b6:e4:8a:6d:2f:c1:af:40:de:92:4e:
         8f:96:8e:3b:1e:79:99:dc:89:1a:5f:8e:f0:04:99:9f:59:3a:
         f2:88:ba:95:33:46:ac:2c:5e:e4:04:cb:5c:5f:39:ec:be:c9:
         0b:31:7e:7a:aa:74:b6:79:62:c3:30:04:82:d1:0b:3d:12:c0:
         57:7b:56:83:29:13:92:bf:ed:40:57:6a:43:c8:35:98:3e:f9:
         69:07:7a:cd:0d:a3:ce:33:7b:5c:89:15:28:4b:3f:23:07:6e:
         8c:ff:ad:eb:81:df:71:a7:38:ba:4d:3c:fc:9c:70:b9:04:92:
         15:e4:02:40:e5:f2:40:58:89:c4:02:17:f1:24:74:c9:25:f8:
         64:b4:1b:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTrctTiO4yzrIvNeoCQHDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MzFhNTlmNjA3OTZhMzIzNmFlMTAwOGMyZDVjNmM0NzBi
Y2IwNDUwHhcNMjUwODIzMDUwMjQyWhcNMjUwODI0MDUwMjQyWjAzMTEwLwYDVQQD
EygxYWQ3OTUyYzJiMzFlODZjYWQ4ZjYxYjdiNTk0NTU1MWFlMmFkZDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/OVoUfAx2Wulhjy8solOlaonQJY
qfjn0p1w8BObsuhQqdwLaxfBOJ4v+G4cxZePYxeaQHbCOrljL2pbPpDecfxqwF0Q
rStuLIzDjL2heIUfKrtR/h4UglmMdq4suUEHFAqcVrUoVedyKJIN0qjxCIKRhnKW
j7t2Mkjo4pFnW7kD8JiUjfA+TfZpL+5dixSP8S5HPdj9a3QEOUFg/AiqSwzPuWYb
N8DCsOiQ8+3TjFjKghr10aEVjKdXenLn1Fj6qfvTh9odHDjMxSHVyEMgtmO+CfeS
TWsVJ/M9RE2kp4HQfB64n+/UV1lxoxVpzFH887Y8tRnyZSbh3gi04+PfvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBrXlSwrMehsrY9ht7WUVVGuKt0CMB8GA1UdIwQY
MBaAFMQxpZ9geWoyNq4QCMLVxsRwvLBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTct
OTY0ZTVmMWJhZmVmLzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTctOTY0ZTVmMWJhZmVm
LzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcFj/iR62
wfdk6nTjggW5EMNxNu8jX5IJCl5eiGqbC4o13sCSsghkqSxevAcb9o6ztxM4aU4R
5FZNgg3ufRyje/zvubslVtWTWIsjXF4QPBWJqWcw0sh16Nmnsn1ENUUs74Op4AXD
eB9/Jx/80Pqupypgg7bkim0vwa9A3pJOj5aOOx55mdyJGl+O8ASZn1k68oi6lTNG
rCxe5ATLXF857L7JCzF+eqp0tnliwzAEgtELPRLAV3tWgykTkr/tQFdqQ8g1mD75
aQd6zQ2jzjN7XIkVKEs/IwdujP+t64Hfcac4uk08/JxwuQSSFeQCQOXyQFiJxAIX
8SR0ySX4ZLQbrQ==
-----END CERTIFICATE-----