Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
File:                     XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft (raw, json)
Hash identifier:          x+VpaYYIVbahAIGDNon1Dr8MGlA3PFYPfqfjzZwr66M=
Subject key identifier:   3C:9D:E7:38:AD:11:FF:56:80:92:25:23:03:A4:5E:82:31:8D:4D:6B
Authority key identifier: 5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A
Certificate issuer:       /CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
Certificate serial:       0198D5BBC053B362C7A1A15238C5D73EA580
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
Manifest number:          0343
Signing time:             Sat 23 Aug 2025 07:01:47 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:47 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:47 +0000
Files and hashes:         1: XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl (hash: yg2bm2cNeGZNwpjGb54MfuiVbC2H8WJr0bOx23I+et8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:c0:53:b3:62:c7:a1:a1:52:38:c5:d7:3e:a5:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
        Validity
            Not Before: Aug 23 07:01:47 2025 GMT
            Not After : Aug 24 07:01:47 2025 GMT
        Subject: CN=3c9de738ad11ff568092252303a45e82318d4d6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:4e:97:39:09:b4:86:eb:89:0d:35:48:f0:03:
                    0f:f9:0e:f5:39:ca:59:8b:b8:38:5d:ca:e8:90:61:
                    92:34:7d:b6:b4:31:c5:ef:fb:ad:80:e5:d6:e0:e3:
                    4f:e1:8f:ad:e0:d3:e6:ad:70:fb:db:e8:f9:22:60:
                    1f:3e:e3:3d:18:b1:9e:7f:6b:24:45:fa:3e:15:16:
                    6a:68:fa:83:b4:11:cb:fa:3c:52:13:46:f6:b9:42:
                    1d:b7:76:97:12:28:25:e0:0b:a1:7b:63:15:b9:e1:
                    a2:ff:aa:11:a2:47:54:db:9b:3a:3f:1c:df:b0:0f:
                    1b:a6:b4:1f:32:27:fb:8d:43:b2:a8:2f:aa:5c:f6:
                    67:6c:7d:c7:b0:a7:1b:4a:9f:8e:5d:46:a0:e2:1f:
                    da:25:73:20:ad:95:22:8b:aa:89:46:09:6a:5c:ea:
                    06:0a:58:36:d6:e6:b6:a8:a4:00:bb:3a:50:fb:8d:
                    92:cb:e8:80:7f:e0:8b:a0:de:68:f2:43:5c:42:1f:
                    4e:16:eb:f1:92:52:2d:a4:65:79:8d:b8:39:77:1e:
                    cb:69:74:a3:88:ff:32:a2:ec:64:62:30:f4:3f:a6:
                    93:3c:0d:f8:0a:83:fd:78:14:2f:16:99:35:f5:57:
                    13:27:2e:a3:40:ab:bc:b7:7f:4e:28:f6:63:6f:b9:
                    ee:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:9D:E7:38:AD:11:FF:56:80:92:25:23:03:A4:5E:82:31:8D:4D:6B
            X509v3 Authority Key Identifier:
                keyid:5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:7e:68:13:d7:00:8d:23:3f:be:85:80:49:2f:6a:2e:5c:f5:
         a4:56:c9:fa:fb:67:58:da:11:e3:be:cd:25:d4:ea:4c:13:51:
         4a:f8:c9:a4:bd:44:d6:9b:03:0a:45:af:52:42:9b:7b:d1:18:
         5d:d9:d4:bb:0c:97:b9:ff:0e:88:0b:77:1a:38:cd:3c:4e:19:
         53:0a:d4:f7:1c:48:44:e9:f5:ab:71:cf:59:ca:a3:bc:90:bd:
         2a:b4:b0:d5:83:48:1f:b2:dd:2c:9f:68:7c:dd:73:2c:42:82:
         81:6a:10:17:ae:26:c0:0c:8a:2c:89:fe:6b:80:de:ae:ad:7c:
         26:eb:b3:6d:32:89:3e:69:a6:bf:32:2c:88:28:9f:31:51:09:
         8d:c1:68:30:24:97:a8:d5:b5:d4:4e:30:c2:3a:bc:e4:46:08:
         42:08:0a:fb:d2:1c:e3:68:7c:af:51:56:de:8b:43:9c:6e:f4:
         2a:ed:5a:f0:00:6e:8e:1e:25:da:41:df:12:29:67:77:08:6a:
         11:4f:26:3b:dc:a9:ac:f2:fb:6c:52:27:12:5d:a8:f9:db:70:
         e0:79:4e:99:43:e3:02:1f:20:2c:7f:dc:89:d8:58:03:ee:6f:
         2a:8e:6d:1d:e0:ae:17:df:29:f7:20:93:6b:57:56:fa:bc:35:
         44:25:52:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu8BTs2LHoaFSOMXXPqWAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZjMTM4NGI0YTRjYTUwMWRkMzNjNWYwZDg1ODBkNDQx
NmViM2EwHhcNMjUwODIzMDcwMTQ3WhcNMjUwODI0MDcwMTQ3WjAzMTEwLwYDVQQD
EygzYzlkZTczOGFkMTFmZjU2ODA5MjI1MjMwM2E0NWU4MjMxOGQ0ZDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0E6XOQm0huuJDTVI8AMP+Q71OcpZ
i7g4XcrokGGSNH22tDHF7/utgOXW4ONP4Y+t4NPmrXD72+j5ImAfPuM9GLGef2sk
Rfo+FRZqaPqDtBHL+jxSE0b2uUIdt3aXEigl4Auhe2MVueGi/6oRokdU25s6Pxzf
sA8bprQfMif7jUOyqC+qXPZnbH3HsKcbSp+OXUag4h/aJXMgrZUii6qJRglqXOoG
Clg21ua2qKQAuzpQ+42Sy+iAf+CLoN5o8kNcQh9OFuvxklItpGV5jbg5dx7LaXSj
iP8youxkYjD0P6aTPA34CoP9eBQvFpk19VcTJy6jQKu8t39OKPZjb7nupQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDyd5zitEf9WgJIlIwOkXoIxjU1rMB8GA1UdIwQY
MBaAFF3WwThLSkylAd0zxfDYWA1EFus6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQt
ZDgyZDA2YTg3YmZlLzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQtZDgyZDA2YTg3YmZl
LzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS35oE9cA
jSM/voWASS9qLlz1pFbJ+vtnWNoR477NJdTqTBNRSvjJpL1E1psDCkWvUkKbe9EY
XdnUuwyXuf8OiAt3GjjNPE4ZUwrU9xxIROn1q3HPWcqjvJC9KrSw1YNIH7LdLJ9o
fN1zLEKCgWoQF64mwAyKLIn+a4Derq18JuuzbTKJPmmmvzIsiCifMVEJjcFoMCSX
qNW11E4wwjq85EYIQggK+9Ic42h8r1FW3otDnG70Ku1a8ABujh4l2kHfEilndwhq
EU8mO9yprPL7bFInEl2o+dtw4HlOmUPjAh8gLH/cidhYA+5vKo5tHeCuF98p9yCT
a1dW+rw1RCVSzA==
-----END CERTIFICATE-----