Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft
File:                     XTsXLoFhyBzo6VSv01pzsvrQuzo.mft (raw, json)
Hash identifier:          czZX2L1Xo2rsOUDqi8TOGirypMyZYB+dNpnDxgsme0M=
Subject key identifier:   86:C9:1E:FA:95:89:D8:E0:90:D6:4F:F2:30:45:0E:08:7B:AB:FB:7F
Authority key identifier: 5D:3B:17:2E:81:61:C8:1C:E8:E9:54:AF:D3:5A:73:B2:FA:D0:BB:3A
Certificate issuer:       /CN=5d3b172e8161c81ce8e954afd35a73b2fad0bb3a
Certificate serial:       0198D66023CA31A38FBFB8F95E7C3B8E5723
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XTsXLoFhyBzo6VSv01pzsvrQuzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft
Manifest number:          08D8
Signing time:             Sat 23 Aug 2025 10:01:21 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:21 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:21 +0000
Files and hashes:         1: XTsXLoFhyBzo6VSv01pzsvrQuzo.crl (hash: vbFWdcCP6eJJft5pKbONSSf7k2xzOIvTTUXqmuwQkOM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XTsXLoFhyBzo6VSv01pzsvrQuzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:23:ca:31:a3:8f:bf:b8:f9:5e:7c:3b:8e:57:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d3b172e8161c81ce8e954afd35a73b2fad0bb3a
        Validity
            Not Before: Aug 23 10:01:21 2025 GMT
            Not After : Aug 24 10:01:21 2025 GMT
        Subject: CN=86c91efa9589d8e090d64ff230450e087babfb7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:2f:ce:3c:71:dc:09:6d:e1:f4:c6:96:d9:bb:
                    ee:39:a4:0c:94:b7:01:4a:d3:e1:66:81:87:46:aa:
                    ff:05:c1:b1:56:97:ab:8c:dc:62:54:c8:10:2e:ee:
                    00:c2:da:b6:b7:7a:97:96:1e:51:bc:a4:6d:83:c9:
                    71:06:32:07:c8:22:bd:e0:fb:85:9b:c1:05:7a:85:
                    6b:47:58:fe:9e:74:cc:5b:1a:62:26:76:8c:d8:aa:
                    54:2b:75:84:45:39:00:77:d1:d6:20:a4:a1:2d:80:
                    d9:d4:58:86:ce:d0:29:38:02:ee:6d:14:c6:5e:6d:
                    42:59:05:d7:d8:ec:e0:8c:22:3b:cc:67:10:4c:34:
                    3a:60:57:7c:f2:37:3e:5e:16:8f:9b:dc:0d:b8:c1:
                    83:0f:cb:fa:04:31:6f:48:65:3d:82:6d:d4:54:82:
                    ed:d0:3c:27:45:e5:93:89:db:b0:e6:80:5d:d0:32:
                    51:8a:72:93:fc:51:0a:8f:f4:79:33:1e:51:23:0f:
                    86:2d:a3:d0:05:6f:e7:70:54:f4:82:a6:d9:d4:38:
                    21:36:31:f1:43:71:55:0e:ca:ca:7b:9d:a5:80:b6:
                    d6:33:84:8d:9b:8b:46:f3:6f:a5:8e:e2:98:77:76:
                    19:07:43:27:0a:33:41:2d:da:f8:1d:99:74:17:98:
                    88:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:C9:1E:FA:95:89:D8:E0:90:D6:4F:F2:30:45:0E:08:7B:AB:FB:7F
            X509v3 Authority Key Identifier:
                keyid:5D:3B:17:2E:81:61:C8:1C:E8:E9:54:AF:D3:5A:73:B2:FA:D0:BB:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTsXLoFhyBzo6VSv01pzsvrQuzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:c6:6a:f8:fe:5b:4c:9c:91:0c:84:ca:4b:2c:f9:6e:bf:ad:
         f4:6c:a8:c6:b5:6c:4b:4c:13:9c:82:e9:38:eb:63:bf:fe:c7:
         f2:8b:1b:62:1c:3f:81:5e:56:2d:32:70:14:97:d5:9c:84:3b:
         2b:2c:39:71:b1:15:35:7a:3d:01:2f:8c:e1:e2:9e:79:c4:59:
         c7:eb:7d:67:8a:d3:b3:38:b1:d6:aa:16:ad:1e:6e:87:4a:d5:
         1a:4f:d3:b9:03:c4:eb:32:62:c9:d5:1b:e7:71:f6:00:ed:37:
         32:64:d3:23:a7:1f:6a:29:42:55:64:6a:22:91:94:b8:16:0a:
         e4:85:62:bd:98:b4:9a:a9:5b:7b:1b:49:e6:b1:f9:dd:c4:f9:
         db:ef:88:b9:02:79:89:68:45:c5:b2:7f:66:bf:42:73:63:3c:
         93:94:ad:ad:66:9b:d5:a4:aa:16:4a:c6:89:f7:fb:a8:db:77:
         4b:f5:7f:7b:7a:7a:ed:df:d3:91:aa:9c:e2:13:99:92:90:4e:
         cf:5d:29:19:fd:7b:8e:61:8f:c3:0b:42:c7:9c:2f:c0:06:97:
         4b:da:bf:e7:94:c9:e3:3e:3d:9d:9b:a7:9a:44:c7:27:f0:7a:
         e4:10:51:f6:03:53:ca:2a:0f:85:d2:73:ce:38:25:6c:a6:fe:
         db:dc:f7:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYCPKMaOPv7j5Xnw7jlcjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkM2IxNzJlODE2MWM4MWNlOGU5NTRhZmQzNWE3M2IyZmFk
MGJiM2EwHhcNMjUwODIzMTAwMTIxWhcNMjUwODI0MTAwMTIxWjAzMTEwLwYDVQQD
Eyg4NmM5MWVmYTk1ODlkOGUwOTBkNjRmZjIzMDQ1MGUwODdiYWJmYjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxS/OPHHcCW3h9MaW2bvuOaQMlLcB
StPhZoGHRqr/BcGxVperjNxiVMgQLu4Awtq2t3qXlh5RvKRtg8lxBjIHyCK94PuF
m8EFeoVrR1j+nnTMWxpiJnaM2KpUK3WERTkAd9HWIKShLYDZ1FiGztApOALubRTG
Xm1CWQXX2OzgjCI7zGcQTDQ6YFd88jc+XhaPm9wNuMGDD8v6BDFvSGU9gm3UVILt
0DwnReWTiduw5oBd0DJRinKT/FEKj/R5Mx5RIw+GLaPQBW/ncFT0gqbZ1DghNjHx
Q3FVDsrKe52lgLbWM4SNm4tG82+ljuKYd3YZB0MnCjNBLdr4HZl0F5iI9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIbJHvqVidjgkNZP8jBFDgh7q/t/MB8GA1UdIwQY
MBaAFF07Fy6BYcgc6OlUr9Nac7L60Ls6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRzWExvRmh5QnpvNlZTdjAxcHpzdnJRdXpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS83YTQzOTYtZDljMy00ZmM4LTg4YjEt
MzJjNjEzZjczNjYxLzEvWFRzWExvRmh5QnpvNlZTdjAxcHpzdnJRdXpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS83YTQzOTYtZDljMy00ZmM4LTg4YjEtMzJjNjEzZjczNjYx
LzEvWFRzWExvRmh5QnpvNlZTdjAxcHpzdnJRdXpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUMZq+P5b
TJyRDITKSyz5br+t9GyoxrVsS0wTnILpOOtjv/7H8osbYhw/gV5WLTJwFJfVnIQ7
Kyw5cbEVNXo9AS+M4eKeecRZx+t9Z4rTszix1qoWrR5uh0rVGk/TuQPE6zJiydUb
53H2AO03MmTTI6cfailCVWRqIpGUuBYK5IVivZi0mqlbextJ5rH53cT52++IuQJ5
iWhFxbJ/Zr9Cc2M8k5StrWab1aSqFkrGiff7qNt3S/V/e3p67d/Tkaqc4hOZkpBO
z10pGf17jmGPwwtCx5wvwAaXS9q/55TJ4z49nZunmkTHJ/B65BBR9gNTyioPhdJz
zjglbKb+29z3LQ==
-----END CERTIFICATE-----