Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
File:                     XeHEMjIqoQWMPm_lf2N0qSlgacE.mft (raw, json)
Hash identifier:          89LAj/XZWT1JtOWOSSUYsPBX2DhYlxpEVIHBRK4TKqI=
Subject key identifier:   F9:FF:A1:81:23:5F:6C:D8:CA:13:68:E6:3C:A0:73:51:66:50:68:3C
Authority key identifier: 5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1
Certificate issuer:       /CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
Certificate serial:       0197B5FBE6283BF7E85DC76541609CB65E25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
Manifest number:          0A97
Signing time:             Sat 28 Jun 2025 10:01:13 +0000
Manifest this update:     Sat 28 Jun 2025 10:01:13 +0000
Manifest next update:     Sun 29 Jun 2025 10:01:13 +0000
Files and hashes:         1: XeHEMjIqoQWMPm_lf2N0qSlgacE.crl (hash: mICNg03pjmKpo+y6liBq1IIxRXkib3zrv45/4gDBaDI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:fb:e6:28:3b:f7:e8:5d:c7:65:41:60:9c:b6:5e:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
        Validity
            Not Before: Jun 28 10:01:13 2025 GMT
            Not After : Jun 29 10:01:13 2025 GMT
        Subject: CN=f9ffa181235f6cd8ca1368e63ca073516650683c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:ce:6a:62:43:82:40:b9:96:3b:01:31:f3:d1:
                    2e:fa:80:30:c6:55:db:cf:9b:b1:63:4f:5f:d9:06:
                    78:16:9a:d0:b4:d4:3e:e5:d3:a7:96:2b:f4:56:8b:
                    65:ea:9a:89:5f:8c:d3:1b:b0:89:a1:0d:08:f6:55:
                    84:25:41:5f:9c:de:7b:de:11:ca:df:61:ab:69:62:
                    c6:6c:f5:45:aa:eb:a8:83:8a:c8:dd:3f:87:60:51:
                    04:8f:ef:b2:6e:3d:95:af:a6:73:65:20:c0:38:27:
                    b3:df:a7:8e:98:d5:60:7d:cb:a8:be:67:80:aa:48:
                    27:49:62:2e:78:fa:a7:a8:35:3c:6d:18:5b:60:b6:
                    03:5f:ce:f8:07:4e:1d:ca:75:8d:bf:ad:08:84:bb:
                    b8:9d:1c:00:00:3a:f2:60:fd:a7:a8:68:02:35:60:
                    5d:d3:e3:78:72:2e:7d:fd:b3:5f:c8:07:43:6e:b6:
                    20:00:e9:e2:91:5d:2d:50:1a:a7:bc:66:88:63:96:
                    bc:b3:95:d4:7d:21:aa:c0:d6:5c:db:38:5a:db:b8:
                    5e:be:7f:97:7d:d9:3c:73:7d:d6:62:49:01:af:51:
                    2c:d9:b0:85:d2:14:b2:69:86:a0:25:b7:8e:73:40:
                    24:6c:80:0d:8f:dc:55:15:62:a2:14:b6:6a:cc:b2:
                    28:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:FF:A1:81:23:5F:6C:D8:CA:13:68:E6:3C:A0:73:51:66:50:68:3C
            X509v3 Authority Key Identifier:
                keyid:5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:47:9a:b5:5b:05:9e:0e:c6:94:b6:c7:02:72:0a:b3:fd:c4:
         4f:34:9c:58:03:c0:7e:31:ce:3f:9d:22:5e:dd:65:4f:15:f5:
         c3:a8:da:e0:c5:5a:f9:eb:ab:40:23:98:29:cc:89:98:12:eb:
         3f:2a:68:16:f8:e9:27:a2:fb:d6:ac:27:46:d9:90:9b:e6:aa:
         ce:41:95:29:da:6b:6e:e2:8b:7d:1f:c5:1d:bf:f3:04:71:11:
         b1:91:4a:a8:36:d3:38:ee:39:63:02:13:82:67:24:4c:d9:b5:
         61:2e:ec:d1:ab:f2:da:6f:91:88:7a:42:a0:ac:85:6f:dd:aa:
         f4:a0:c3:a5:f5:5c:1c:49:6c:42:5e:b7:86:d7:5f:c7:21:05:
         54:4d:ef:e2:43:ce:ec:f5:b3:1a:bd:ed:02:2f:77:ab:6b:9d:
         5b:6d:90:02:a7:13:39:ee:ae:ec:1c:3a:41:86:ab:af:8b:46:
         48:72:29:88:18:72:6f:e8:d7:c4:71:36:6a:8f:dd:a7:de:9d:
         bc:f9:34:1a:53:b1:3f:b5:10:ce:df:cd:e5:7d:b1:92:b0:ab:
         b5:36:ff:38:2b:c3:26:3f:79:46:30:56:2b:5e:c0:1d:a8:a9:
         0e:ba:18:70:39:68:2b:f9:f6:75:99:bf:fb:dd:ce:5c:f7:6e:
         cd:b0:21:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1++YoO/foXcdlQWCctl4lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTFjNDMyMzIyYWExMDU4YzNlNmZlNTdmNjM3NGE5Mjk2
MDY5YzEwHhcNMjUwNjI4MTAwMTEzWhcNMjUwNjI5MTAwMTEzWjAzMTEwLwYDVQQD
EyhmOWZmYTE4MTIzNWY2Y2Q4Y2ExMzY4ZTYzY2EwNzM1MTY2NTA2ODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArM5qYkOCQLmWOwEx89Eu+oAwxlXb
z5uxY09f2QZ4FprQtNQ+5dOnliv0Votl6pqJX4zTG7CJoQ0I9lWEJUFfnN573hHK
32GraWLGbPVFquuog4rI3T+HYFEEj++ybj2Vr6ZzZSDAOCez36eOmNVgfcuovmeA
qkgnSWIuePqnqDU8bRhbYLYDX874B04dynWNv60IhLu4nRwAADryYP2nqGgCNWBd
0+N4ci59/bNfyAdDbrYgAOnikV0tUBqnvGaIY5a8s5XUfSGqwNZc2zha27hevn+X
fdk8c33WYkkBr1Es2bCF0hSyaYagJbeOc0AkbIANj9xVFWKiFLZqzLIoXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPn/oYEjX2zYyhNo5jygc1FmUGg8MB8GA1UdIwQY
MBaAFF3hxDIyKqEFjD5v5X9jdKkpYGnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1Njkt
ZDc4YmI2ZjViOGY1LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1NjktZDc4YmI2ZjViOGY1
LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAw0eatVsF
ng7GlLbHAnIKs/3ETzScWAPAfjHOP50iXt1lTxX1w6ja4MVa+eurQCOYKcyJmBLr
PypoFvjpJ6L71qwnRtmQm+aqzkGVKdprbuKLfR/FHb/zBHERsZFKqDbTOO45YwIT
gmckTNm1YS7s0avy2m+RiHpCoKyFb92q9KDDpfVcHElsQl63htdfxyEFVE3v4kPO
7PWzGr3tAi93q2udW22QAqcTOe6u7Bw6QYarr4tGSHIpiBhyb+jXxHE2ao/dp96d
vPk0GlOxP7UQzt/N5X2xkrCrtTb/OCvDJj95RjBWK17AHaipDroYcDloK/n2dZm/
+93OXPduzbAhsQ==
-----END CERTIFICATE-----