Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft
File:                     XTsXLoFhyBzo6VSv01pzsvrQuzo.mft (raw, json)
Hash identifier:          n4CA04z7yn2//C1N4vPXdRDFMZEb5wuPT5nE2JgpiW4=
Subject key identifier:   1F:37:22:B9:3E:F8:40:2A:1C:1A:83:98:79:33:D0:F8:A9:76:B6:3F
Authority key identifier: 5D:3B:17:2E:81:61:C8:1C:E8:E9:54:AF:D3:5A:73:B2:FA:D0:BB:3A
Certificate issuer:       /CN=5d3b172e8161c81ce8e954afd35a73b2fad0bb3a
Certificate serial:       0199FFC8BC8A9A477ED4A86B138B72ABDE5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XTsXLoFhyBzo6VSv01pzsvrQuzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft
Manifest number:          0972
Signing time:             Mon 20 Oct 2025 04:02:49 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:49 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:49 +0000
Files and hashes:         1: XTsXLoFhyBzo6VSv01pzsvrQuzo.crl (hash: Yj5hbM23yD3DFY8U4ntk1jw3weqi2oterk0eUfUI+cg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XTsXLoFhyBzo6VSv01pzsvrQuzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:bc:8a:9a:47:7e:d4:a8:6b:13:8b:72:ab:de:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d3b172e8161c81ce8e954afd35a73b2fad0bb3a
        Validity
            Not Before: Oct 20 04:02:49 2025 GMT
            Not After : Oct 21 04:02:49 2025 GMT
        Subject: CN=1f3722b93ef8402a1c1a83987933d0f8a976b63f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:54:a7:90:80:63:7a:23:ba:e6:9f:2b:58:e3:
                    25:35:62:ca:c4:fe:ab:cd:86:e9:28:e4:d2:a2:e2:
                    2a:47:41:96:15:54:19:d9:cb:87:40:25:23:86:e2:
                    98:2e:6c:6c:6a:57:01:13:11:7c:56:cd:35:19:7d:
                    25:96:6e:79:32:e7:e7:da:d8:7e:9e:9c:1b:67:94:
                    c3:e3:86:c3:59:01:82:78:e0:37:38:1c:98:a5:10:
                    c6:d5:ac:46:b9:87:d5:27:0b:f3:31:e2:34:9c:38:
                    d3:7d:6f:f3:2f:b9:58:6c:ab:e4:b6:bc:73:f5:fb:
                    ca:67:44:db:21:f9:f5:e9:4e:4f:32:0e:ef:7b:52:
                    ca:14:0a:13:0c:c7:03:2e:6d:d1:04:a4:4c:c9:7e:
                    a9:11:81:21:8e:c4:ea:fa:cd:51:6a:70:84:49:4b:
                    cc:52:a2:47:30:a9:af:c9:e0:7f:70:84:64:e2:d5:
                    62:6d:0e:b2:cc:6e:74:46:1a:8c:c0:a8:0d:ef:2e:
                    48:e0:e3:a6:34:52:a1:74:9c:94:08:67:e5:57:ba:
                    a8:69:51:84:7a:5b:f2:42:b2:74:8c:53:eb:6d:4b:
                    16:4a:72:c3:37:52:6e:ae:ca:ae:c2:dc:30:31:69:
                    52:6c:3f:70:3a:5c:49:02:9b:06:20:65:62:76:be:
                    d9:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:37:22:B9:3E:F8:40:2A:1C:1A:83:98:79:33:D0:F8:A9:76:B6:3F
            X509v3 Authority Key Identifier:
                keyid:5D:3B:17:2E:81:61:C8:1C:E8:E9:54:AF:D3:5A:73:B2:FA:D0:BB:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTsXLoFhyBzo6VSv01pzsvrQuzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:73:3e:6b:18:e8:fc:cd:09:18:69:87:e7:89:e2:74:ac:50:
         30:37:d8:60:9e:38:7c:52:a3:07:90:fb:fd:a5:0d:54:17:e6:
         48:03:e4:63:73:59:48:3c:59:9d:3f:6b:99:27:3c:58:52:07:
         ca:ee:a1:8e:19:31:fa:78:c6:bf:23:35:43:11:96:a5:54:bd:
         eb:64:1d:c2:47:d5:84:53:33:45:90:88:4f:a7:2e:19:0d:68:
         2d:ef:08:9c:6c:b2:b8:dc:29:ad:50:10:e0:79:1e:21:b9:6e:
         60:1f:19:95:d8:d7:77:d5:3f:47:39:75:5f:23:57:a1:d5:af:
         9b:6d:e6:b1:be:43:e1:aa:50:74:bb:3c:bd:a7:82:73:81:56:
         f1:64:93:e5:78:e4:a4:4f:20:b8:c8:78:e6:3e:ce:70:2d:e5:
         23:ba:e4:e8:b8:ae:10:b3:74:59:0a:89:8d:51:c4:97:76:51:
         4f:e4:83:11:42:9c:c1:3a:9a:71:bb:fb:d7:a9:97:b4:d7:8b:
         22:a5:b9:ed:85:4c:96:6c:1c:a3:82:3c:8f:c0:bc:73:bd:83:
         6a:1e:f7:2b:91:7f:9e:40:26:8e:e5:d3:f7:fd:e7:b5:68:56:
         48:8a:ba:61:bd:55:e4:09:cd:c7:0f:6f:69:8a:1a:7d:19:70:
         23:4e:2d:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yLyKmkd+1KhrE4tyq95eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkM2IxNzJlODE2MWM4MWNlOGU5NTRhZmQzNWE3M2IyZmFk
MGJiM2EwHhcNMjUxMDIwMDQwMjQ5WhcNMjUxMDIxMDQwMjQ5WjAzMTEwLwYDVQQD
EygxZjM3MjJiOTNlZjg0MDJhMWMxYTgzOTg3OTMzZDBmOGE5NzZiNjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVSnkIBjeiO65p8rWOMlNWLKxP6r
zYbpKOTSouIqR0GWFVQZ2cuHQCUjhuKYLmxsalcBExF8Vs01GX0llm55Mufn2th+
npwbZ5TD44bDWQGCeOA3OByYpRDG1axGuYfVJwvzMeI0nDjTfW/zL7lYbKvktrxz
9fvKZ0TbIfn16U5PMg7ve1LKFAoTDMcDLm3RBKRMyX6pEYEhjsTq+s1RanCESUvM
UqJHMKmvyeB/cIRk4tVibQ6yzG50RhqMwKgN7y5I4OOmNFKhdJyUCGflV7qoaVGE
elvyQrJ0jFPrbUsWSnLDN1JursquwtwwMWlSbD9wOlxJApsGIGVidr7ZMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB83Irk++EAqHBqDmHkz0PipdrY/MB8GA1UdIwQY
MBaAFF07Fy6BYcgc6OlUr9Nac7L60Ls6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRzWExvRmh5QnpvNlZTdjAxcHpzdnJRdXpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS83YTQzOTYtZDljMy00ZmM4LTg4YjEt
MzJjNjEzZjczNjYxLzEvWFRzWExvRmh5QnpvNlZTdjAxcHpzdnJRdXpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS83YTQzOTYtZDljMy00ZmM4LTg4YjEtMzJjNjEzZjczNjYx
LzEvWFRzWExvRmh5QnpvNlZTdjAxcHpzdnJRdXpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaXM+axjo
/M0JGGmH54nidKxQMDfYYJ44fFKjB5D7/aUNVBfmSAPkY3NZSDxZnT9rmSc8WFIH
yu6hjhkx+njGvyM1QxGWpVS962QdwkfVhFMzRZCIT6cuGQ1oLe8InGyyuNwprVAQ
4HkeIbluYB8ZldjXd9U/Rzl1XyNXodWvm23msb5D4apQdLs8vaeCc4FW8WST5Xjk
pE8guMh45j7OcC3lI7rk6LiuELN0WQqJjVHEl3ZRT+SDEUKcwTqacbv716mXtNeL
IqW57YVMlmwco4I8j8C8c72Dah73K5F/nkAmjuXT9/3ntWhWSIq6Yb1V5AnNxw9v
aYoafRlwI04tkg==
-----END CERTIFICATE-----