Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.mft
File:                     XKn3Xcos07OTU-AwCzC6W2KXais.mft (raw, json)
Hash identifier:          6m1on8YO5bEnYOFKsxp+6rsxndAonsO6Gy0JnTyjfEM=
Subject key identifier:   02:A4:B5:5E:B7:58:E6:16:A8:D3:4D:0F:C3:50:96:89:25:C2:C8:4E
Authority key identifier: 5C:A9:F7:5D:CA:2C:D3:B3:93:53:E0:30:0B:30:BA:5B:62:97:6A:2B
Certificate issuer:       /CN=5ca9f75dca2cd3b39353e0300b30ba5b62976a2b
Certificate serial:       0198D58388A445A89DD6EC305ECAFE2BCB42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XKn3Xcos07OTU-AwCzC6W2KXais.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.mft
Manifest number:          09D3
Signing time:             Sat 23 Aug 2025 06:00:23 +0000
Manifest this update:     Sat 23 Aug 2025 06:00:23 +0000
Manifest next update:     Sun 24 Aug 2025 06:00:23 +0000
Files and hashes:         1: XKn3Xcos07OTU-AwCzC6W2KXais.crl (hash: xUdW9C6y6U2J+FRaNlakW5cm1mZYRJdku+zDXE7hxeE=)
                          2: b9Hu80_829heeLvFjfJdJz5nCTc.roa (hash: j+SJeADqUhFu2qLu6938DWITw4JSWTcM1pVfvfeWeP8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XKn3Xcos07OTU-AwCzC6W2KXais.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:83:88:a4:45:a8:9d:d6:ec:30:5e:ca:fe:2b:cb:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ca9f75dca2cd3b39353e0300b30ba5b62976a2b
        Validity
            Not Before: Aug 23 06:00:23 2025 GMT
            Not After : Aug 24 06:00:23 2025 GMT
        Subject: CN=02a4b55eb758e616a8d34d0fc350968925c2c84e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:b8:b3:65:6a:1e:3a:23:e7:a9:38:3a:b7:b4:
                    e5:56:e3:ef:34:e4:80:2e:30:17:06:a0:94:ad:25:
                    28:51:c0:c5:8c:85:a3:62:9b:ac:3d:53:f6:b0:5a:
                    71:40:ec:e7:4c:e1:e7:c9:c6:0d:f1:cd:8b:c7:36:
                    36:f5:73:6d:fc:ad:2c:9b:36:55:a6:14:1c:a7:1e:
                    63:ae:23:11:53:c4:f9:ff:c4:20:7a:bb:b6:b5:ff:
                    8c:13:c9:c9:d2:ea:7e:54:74:7d:32:6f:49:44:0e:
                    8b:c1:d9:2a:dd:98:05:89:f9:75:a0:eb:c7:c0:d3:
                    a2:d8:55:a8:19:a8:89:22:97:0a:8b:b0:fa:68:37:
                    f2:57:12:9f:b1:8d:0f:e2:0a:c1:88:6e:15:a1:14:
                    81:f1:1d:c1:21:d6:08:ac:75:0c:de:df:fe:ff:46:
                    01:11:58:fe:3f:89:b6:fd:c7:20:e5:ea:9a:da:ec:
                    44:a3:20:0d:ff:fe:50:94:0d:c6:49:19:4e:7e:e9:
                    d6:55:c0:2e:d9:bf:f2:33:6c:4f:6e:10:c3:c2:f0:
                    19:5e:bf:9a:b1:a2:05:d8:04:42:12:5d:af:5e:62:
                    ea:73:9c:78:9a:8b:5c:16:2a:9e:66:5b:40:6d:d3:
                    b8:aa:4a:c4:9b:bf:8c:54:fd:e1:14:f1:0a:83:11:
                    4f:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:A4:B5:5E:B7:58:E6:16:A8:D3:4D:0F:C3:50:96:89:25:C2:C8:4E
            X509v3 Authority Key Identifier:
                keyid:5C:A9:F7:5D:CA:2C:D3:B3:93:53:E0:30:0B:30:BA:5B:62:97:6A:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XKn3Xcos07OTU-AwCzC6W2KXais.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:0d:ce:c8:86:66:cf:c7:8c:bc:d1:1d:b9:b7:20:5c:43:65:
         a0:66:1c:d8:2b:9c:84:49:30:d3:26:29:33:11:01:ff:92:f6:
         c6:28:14:82:f4:ea:ea:fa:2a:4b:c0:0c:54:08:bf:7f:17:2a:
         2b:bd:8c:35:c2:55:ab:a0:22:c1:85:63:1d:f8:80:8e:c9:73:
         7c:64:e5:5f:88:70:07:cb:49:60:2b:cb:d9:45:b5:0f:86:90:
         69:ce:93:20:f5:ed:85:4a:f7:96:eb:c7:f1:9f:4f:42:87:8b:
         de:fa:44:fe:a1:77:b9:f1:ab:9d:3d:3d:89:a7:9a:4f:9b:0e:
         3d:46:48:c8:4f:fd:60:e1:fc:2c:24:3c:04:f0:57:8d:49:42:
         bd:b8:ef:37:71:75:3f:b4:4c:65:5f:0a:ba:50:a4:89:0f:f8:
         7e:82:51:83:5d:87:04:73:db:66:b2:16:5c:02:2b:4b:6a:a2:
         fd:d8:a9:b0:55:95:19:c0:6b:d5:a8:2e:4a:e9:7e:be:08:0d:
         1f:12:9e:f2:72:69:4b:2b:d0:81:07:d6:58:a9:f6:b7:f5:1c:
         0c:17:ce:d8:17:d4:7d:91:9d:be:0f:84:4e:fe:d6:88:47:31:
         97:4d:93:41:a9:8c:4b:c1:ba:63:2e:87:39:8c:50:ae:03:8d:
         53:3c:f7:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg4ikRaid1uwwXsr+K8tCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYTlmNzVkY2EyY2QzYjM5MzUzZTAzMDBiMzBiYTViNjI5
NzZhMmIwHhcNMjUwODIzMDYwMDIzWhcNMjUwODI0MDYwMDIzWjAzMTEwLwYDVQQD
EygwMmE0YjU1ZWI3NThlNjE2YThkMzRkMGZjMzUwOTY4OTI1YzJjODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bizZWoeOiPnqTg6t7TlVuPvNOSA
LjAXBqCUrSUoUcDFjIWjYpusPVP2sFpxQOznTOHnycYN8c2LxzY29XNt/K0smzZV
phQcpx5jriMRU8T5/8Qgeru2tf+ME8nJ0up+VHR9Mm9JRA6Lwdkq3ZgFifl1oOvH
wNOi2FWoGaiJIpcKi7D6aDfyVxKfsY0P4grBiG4VoRSB8R3BIdYIrHUM3t/+/0YB
EVj+P4m2/ccg5eqa2uxEoyAN//5QlA3GSRlOfunWVcAu2b/yM2xPbhDDwvAZXr+a
saIF2ARCEl2vXmLqc5x4motcFiqeZltAbdO4qkrEm7+MVP3hFPEKgxFP1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAKktV63WOYWqNNND8NQloklwshOMB8GA1UdIwQY
MBaAFFyp913KLNOzk1PgMAswultil2orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEtuM1hjb3MwN09UVS1Bd0N6QzZXMktYYWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xMDU0MzMtODNkOS00MTJjLTlmYzQt
MWQ1MWM0NjhkNTU2LzEvWEtuM1hjb3MwN09UVS1Bd0N6QzZXMktYYWlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xMDU0MzMtODNkOS00MTJjLTlmYzQtMWQ1MWM0NjhkNTU2
LzEvWEtuM1hjb3MwN09UVS1Bd0N6QzZXMktYYWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYg3OyIZm
z8eMvNEdubcgXENloGYc2CuchEkw0yYpMxEB/5L2xigUgvTq6voqS8AMVAi/fxcq
K72MNcJVq6AiwYVjHfiAjslzfGTlX4hwB8tJYCvL2UW1D4aQac6TIPXthUr3luvH
8Z9PQoeL3vpE/qF3ufGrnT09iaeaT5sOPUZIyE/9YOH8LCQ8BPBXjUlCvbjvN3F1
P7RMZV8KulCkiQ/4foJRg12HBHPbZrIWXAIrS2qi/dipsFWVGcBr1aguSul+vggN
HxKe8nJpSyvQgQfWWKn2t/UcDBfO2BfUfZGdvg+ETv7WiEcxl02TQamMS8G6Yy6H
OYxQrgONUzz3Lw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:03:06 2025 by rpki-client