Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
File:                     XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft (raw, json)
Hash identifier:          xJfOUCYDSp1uNdUydVPmbnyTjiaDVuzCK35JtVxJCtc=
Subject key identifier:   A6:B7:3D:50:AE:8B:22:5B:AC:2B:C1:A8:50:D5:A6:B6:51:9D:79:74
Authority key identifier: 5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A
Certificate issuer:       /CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
Certificate serial:       0197B5FBE9D8DAD321B1EB77181F5523DD9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
Manifest number:          02AE
Signing time:             Sat 28 Jun 2025 10:01:14 +0000
Manifest this update:     Sat 28 Jun 2025 10:01:14 +0000
Manifest next update:     Sun 29 Jun 2025 10:01:14 +0000
Files and hashes:         1: XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl (hash: Fa0Vg7l1jN77AbKZSC5P3NifzQ05ioWufKlXTHBE83M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:fb:e9:d8:da:d3:21:b1:eb:77:18:1f:55:23:dd:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
        Validity
            Not Before: Jun 28 10:01:14 2025 GMT
            Not After : Jun 29 10:01:14 2025 GMT
        Subject: CN=a6b73d50ae8b225bac2bc1a850d5a6b6519d7974
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:c3:22:77:15:d1:05:0a:b6:05:69:bb:55:af:
                    79:cf:d8:f7:57:11:31:aa:9a:07:52:1f:b8:36:f5:
                    b0:17:7b:31:e9:2c:76:b0:74:53:e0:69:3f:4e:ed:
                    dc:e6:38:79:30:32:22:fe:c5:ce:35:c7:a4:df:78:
                    5b:ae:f4:c3:72:58:eb:22:bd:78:14:c5:14:e2:4c:
                    22:71:0b:e1:3c:1f:72:fe:60:c2:7e:a5:95:2a:6d:
                    e7:32:a8:13:9e:2f:5b:f5:bf:30:ba:ae:dc:61:3f:
                    a3:49:11:91:1c:4e:c4:bf:db:7c:c1:3b:a3:50:ad:
                    27:e6:bf:37:c5:4d:90:a0:28:88:ab:61:9b:36:46:
                    44:07:0a:c1:2d:90:b4:5a:1e:29:26:47:6d:d2:30:
                    b6:e1:b4:48:e0:45:a1:c1:d6:d4:0c:7f:15:60:4a:
                    53:c5:26:fa:d1:79:af:ef:1d:01:82:0c:62:d2:e5:
                    a4:fe:80:64:63:50:d9:3d:55:0f:e4:42:bd:1b:10:
                    02:60:6e:35:dc:e0:dc:9e:cb:ff:6a:8a:77:e1:85:
                    17:a5:19:42:66:bc:d6:4b:06:04:a4:dd:ed:61:25:
                    83:1b:86:e6:fa:0a:87:48:04:68:df:16:67:eb:36:
                    34:6e:5f:63:70:6a:71:93:d5:5c:bd:26:e9:85:e4:
                    12:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:B7:3D:50:AE:8B:22:5B:AC:2B:C1:A8:50:D5:A6:B6:51:9D:79:74
            X509v3 Authority Key Identifier:
                keyid:5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:b0:01:00:5b:ed:5d:d7:ea:60:d7:49:e7:44:5b:e7:e2:75:
         54:82:e8:6d:e2:f4:28:1f:63:af:b1:e9:ca:b5:16:ee:cc:15:
         f3:00:21:01:68:52:2e:d6:42:0c:fa:71:62:8c:76:e2:a7:b3:
         d8:a9:bf:93:35:d0:a2:b7:fc:be:ad:e6:f3:9b:b4:23:f5:61:
         35:e4:11:44:a9:01:9a:9f:74:7b:14:41:09:9f:8a:f9:e9:2b:
         4e:d1:cd:58:65:18:fc:45:6a:04:d0:b7:4b:79:f6:d2:5d:35:
         c7:8c:00:5c:02:10:ec:99:5f:e0:7d:86:94:a5:12:73:80:ff:
         35:51:9c:ef:a7:6b:6e:01:81:f3:8a:08:12:88:55:e5:73:7f:
         d4:52:b5:26:a1:c6:9b:2c:08:f0:ab:14:9b:24:74:ca:ad:7b:
         9c:a6:0d:cf:4e:db:b0:84:43:8a:78:4d:ad:37:a7:2a:51:3c:
         a6:e8:cd:1f:45:8c:aa:a2:61:30:66:0a:df:5e:92:8f:d8:33:
         cd:64:86:21:44:20:59:71:6e:34:d0:e8:03:27:6d:d4:47:63:
         4c:65:aa:0e:1d:0e:d1:2b:23:df:ff:81:f2:b7:26:13:22:33:
         8b:69:e4:be:23:bf:6a:36:d5:6c:a9:ce:f5:e0:82:20:99:92:
         64:b0:fd:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1++nY2tMhset3GB9VI92cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZjMTM4NGI0YTRjYTUwMWRkMzNjNWYwZDg1ODBkNDQx
NmViM2EwHhcNMjUwNjI4MTAwMTE0WhcNMjUwNjI5MTAwMTE0WjAzMTEwLwYDVQQD
EyhhNmI3M2Q1MGFlOGIyMjViYWMyYmMxYTg1MGQ1YTZiNjUxOWQ3OTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMMidxXRBQq2BWm7Va95z9j3VxEx
qpoHUh+4NvWwF3sx6Sx2sHRT4Gk/Tu3c5jh5MDIi/sXONcek33hbrvTDcljrIr14
FMUU4kwicQvhPB9y/mDCfqWVKm3nMqgTni9b9b8wuq7cYT+jSRGRHE7Ev9t8wTuj
UK0n5r83xU2QoCiIq2GbNkZEBwrBLZC0Wh4pJkdt0jC24bRI4EWhwdbUDH8VYEpT
xSb60Xmv7x0Bggxi0uWk/oBkY1DZPVUP5EK9GxACYG413ODcnsv/aop34YUXpRlC
ZrzWSwYEpN3tYSWDG4bm+gqHSARo3xZn6zY0bl9jcGpxk9VcvSbpheQSIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKa3PVCuiyJbrCvBqFDVprZRnXl0MB8GA1UdIwQY
MBaAFF3WwThLSkylAd0zxfDYWA1EFus6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQt
ZDgyZDA2YTg3YmZlLzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQtZDgyZDA2YTg3YmZl
LzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAw7ABAFvt
XdfqYNdJ50Rb5+J1VILobeL0KB9jr7HpyrUW7swV8wAhAWhSLtZCDPpxYox24qez
2Km/kzXQorf8vq3m85u0I/VhNeQRRKkBmp90exRBCZ+K+ekrTtHNWGUY/EVqBNC3
S3n20l01x4wAXAIQ7Jlf4H2GlKUSc4D/NVGc76drbgGB84oIEohV5XN/1FK1JqHG
mywI8KsUmyR0yq17nKYNz07bsIRDinhNrTenKlE8pujNH0WMqqJhMGYK316Sj9gz
zWSGIUQgWXFuNNDoAydt1EdjTGWqDh0O0Ssj3/+B8rcmEyIzi2nkviO/ajbVbKnO
9eCCIJmSZLD9nA==
-----END CERTIFICATE-----