Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
File:                     xxovfXzIw2N0bpa8P8yLBflgb-o.mft (raw, json)
Hash identifier:          8thUcDZdcb5Oyv7/6mSG+I5awqTeL4jpZjkkv1OsyY0=
Subject key identifier:   83:FC:E4:B3:EF:EF:A5:27:B1:55:3D:BD:9B:9A:29:65:6B:FF:52:7F
Authority key identifier: C7:1A:2F:7D:7C:C8:C3:63:74:6E:96:BC:3F:CC:8B:05:F9:60:6F:EA
Certificate issuer:       /CN=c71a2f7d7cc8c363746e96bc3fcc8b05f9606fea
Certificate serial:       0198D7A8D0C029721CCC7E143E21577CE6D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
Manifest number:          1649
Signing time:             Sat 23 Aug 2025 16:00:21 +0000
Manifest this update:     Sat 23 Aug 2025 16:00:21 +0000
Manifest next update:     Sun 24 Aug 2025 16:00:21 +0000
Files and hashes:         1: xxovfXzIw2N0bpa8P8yLBflgb-o.crl (hash: LNJLvQPxR9S4XLagoUCQJNPhsClZCdDL5Sk6rc55gBQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:a8:d0:c0:29:72:1c:cc:7e:14:3e:21:57:7c:e6:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c71a2f7d7cc8c363746e96bc3fcc8b05f9606fea
        Validity
            Not Before: Aug 23 16:00:21 2025 GMT
            Not After : Aug 24 16:00:21 2025 GMT
        Subject: CN=83fce4b3efefa527b1553dbd9b9a29656bff527f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:17:08:8a:75:3f:54:4c:fa:e6:43:95:06:0f:
                    b8:87:81:31:c5:db:3a:86:ca:4e:55:10:7b:04:fe:
                    63:c2:75:b9:7f:ab:0a:cc:2f:c2:45:d1:02:ea:9b:
                    42:ae:c4:86:3d:95:74:10:0a:b1:d1:5b:c0:bd:09:
                    7a:2a:71:dc:28:5a:a3:d6:7f:f6:b2:ab:63:02:32:
                    7b:21:2b:2d:c5:65:c9:fc:f8:3e:56:f0:2a:a9:e2:
                    2f:36:85:f2:5e:81:77:fd:31:64:f8:a0:2a:91:18:
                    9b:e3:85:46:26:0e:68:1a:f5:d0:b7:be:85:25:c5:
                    db:ee:bd:64:bc:7f:ab:e7:b7:47:eb:3e:4f:43:74:
                    d4:77:45:b2:fa:8a:dd:d3:6c:ff:a2:c8:9d:7f:d9:
                    c1:f0:df:90:4d:6f:4a:19:58:2b:6a:75:c5:ea:80:
                    fc:39:a4:8e:37:70:b3:df:73:dc:0d:08:ed:ca:88:
                    d2:84:2e:03:dd:dd:b4:f9:2b:d4:4b:e4:77:fa:80:
                    03:22:11:b4:22:4e:0d:b3:84:83:90:e9:ab:4f:65:
                    d3:a0:13:4a:fc:43:ae:bf:08:8f:c3:30:2a:c2:8d:
                    8d:f2:69:19:0d:c1:e3:61:a0:85:df:40:b6:b5:85:
                    e8:5d:f4:8b:8c:ab:99:cb:f2:9f:d4:f4:6c:50:08:
                    93:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:FC:E4:B3:EF:EF:A5:27:B1:55:3D:BD:9B:9A:29:65:6B:FF:52:7F
            X509v3 Authority Key Identifier:
                keyid:C7:1A:2F:7D:7C:C8:C3:63:74:6E:96:BC:3F:CC:8B:05:F9:60:6F:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:84:23:e3:ca:23:cc:ea:54:89:5e:03:91:0a:77:eb:2a:ff:
         bf:98:6e:f8:3b:76:09:90:05:7b:b0:2b:e6:91:54:55:c0:d0:
         8e:d5:b2:ed:9b:47:69:79:47:c0:61:b5:86:01:d9:bf:4d:58:
         05:97:09:a1:02:b0:c9:0d:c0:67:01:20:43:fb:20:f2:1c:4e:
         ea:35:94:80:30:c2:18:32:e7:75:3d:ea:2f:ec:7c:c7:0e:2f:
         1e:5c:04:6a:af:cd:9b:3a:02:60:38:56:45:90:d5:73:3a:bf:
         29:e2:19:35:3b:a6:d4:6e:9e:b2:b2:3c:3e:42:37:80:99:68:
         e2:b3:01:65:53:c1:4e:4e:f3:f2:41:6c:83:83:76:db:7b:87:
         d9:60:ef:64:2c:8d:4e:b6:b8:a3:9d:86:6b:15:20:f0:68:35:
         cb:9e:ae:62:8e:8c:05:10:fe:cb:2d:51:d5:71:24:b7:89:64:
         33:4b:87:87:6f:1d:c5:36:4e:d2:0a:9f:84:50:ce:94:f7:f5:
         d6:57:05:0d:86:8d:18:fb:1a:76:dc:cd:ca:38:74:f5:e5:70:
         7d:7d:b5:ea:c3:62:02:4c:0f:e2:05:f9:92:15:ec:86:40:89:
         3a:3e:a2:cc:24:76:50:f5:c6:17:c3:5b:01:b1:e9:1d:aa:41:
         e4:b1:2a:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXqNDAKXIczH4UPiFXfObZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MWEyZjdkN2NjOGMzNjM3NDZlOTZiYzNmY2M4YjA1Zjk2
MDZmZWEwHhcNMjUwODIzMTYwMDIxWhcNMjUwODI0MTYwMDIxWjAzMTEwLwYDVQQD
Eyg4M2ZjZTRiM2VmZWZhNTI3YjE1NTNkYmQ5YjlhMjk2NTZiZmY1MjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshcIinU/VEz65kOVBg+4h4Exxds6
hspOVRB7BP5jwnW5f6sKzC/CRdEC6ptCrsSGPZV0EAqx0VvAvQl6KnHcKFqj1n/2
sqtjAjJ7ISstxWXJ/Pg+VvAqqeIvNoXyXoF3/TFk+KAqkRib44VGJg5oGvXQt76F
JcXb7r1kvH+r57dH6z5PQ3TUd0Wy+ord02z/osidf9nB8N+QTW9KGVgranXF6oD8
OaSON3Cz33PcDQjtyojShC4D3d20+SvUS+R3+oADIhG0Ik4Ns4SDkOmrT2XToBNK
/EOuvwiPwzAqwo2N8mkZDcHjYaCF30C2tYXoXfSLjKuZy/Kf1PRsUAiTxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIP85LPv76UnsVU9vZuaKWVr/1J/MB8GA1UdIwQY
MBaAFMcaL318yMNjdG6WvD/MiwX5YG/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wZGM5MjUtYTMzYi00ZDNhLWFkZDMt
ZDZkMTQwZTRjZTZkLzEveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wZGM5MjUtYTMzYi00ZDNhLWFkZDMtZDZkMTQwZTRjZTZk
LzEveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATYQj48oj
zOpUiV4DkQp36yr/v5hu+Dt2CZAFe7Ar5pFUVcDQjtWy7ZtHaXlHwGG1hgHZv01Y
BZcJoQKwyQ3AZwEgQ/sg8hxO6jWUgDDCGDLndT3qL+x8xw4vHlwEaq/NmzoCYDhW
RZDVczq/KeIZNTum1G6esrI8PkI3gJlo4rMBZVPBTk7z8kFsg4N223uH2WDvZCyN
Tra4o52GaxUg8Gg1y56uYo6MBRD+yy1R1XEkt4lkM0uHh28dxTZO0gqfhFDOlPf1
1lcFDYaNGPsadtzNyjh09eVwfX216sNiAkwP4gX5khXshkCJOj6izCR2UPXGF8Nb
AbHpHapB5LEqNw==
-----END CERTIFICATE-----