Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
File:                     XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft (raw, json)
Hash identifier:          5ehvW6OU4HoasnuuH9vJJXn/OOwk6ZaBclrogMj0Uvc=
Subject key identifier:   D0:CE:25:62:26:1E:A6:13:65:BF:54:CA:32:7A:97:4B:53:78:D8:4A
Authority key identifier: 5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A
Certificate issuer:       /CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
Certificate serial:       0199FD33FE84F98D451DF90BF643943E82B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
Manifest number:          03DC
Signing time:             Sun 19 Oct 2025 16:01:06 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:06 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:06 +0000
Files and hashes:         1: XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl (hash: jRJ4BXN2xIojwtZZoe+O6vrSiSrjeGAbuiORYCtj2ws=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:33:fe:84:f9:8d:45:1d:f9:0b:f6:43:94:3e:82:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
        Validity
            Not Before: Oct 19 16:01:06 2025 GMT
            Not After : Oct 20 16:01:06 2025 GMT
        Subject: CN=d0ce2562261ea61365bf54ca327a974b5378d84a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:da:5e:e1:18:f2:9e:bf:86:67:10:60:f8:66:
                    33:4e:92:a9:bf:cc:39:5c:09:c6:46:c1:50:a5:d7:
                    99:c6:45:cf:af:b2:01:bc:c6:61:6a:ae:19:5f:c5:
                    fa:a2:27:98:18:f5:38:82:9e:fe:94:61:26:5b:0a:
                    e8:ed:8e:7d:cd:39:36:38:30:eb:8f:df:09:56:52:
                    61:73:2b:2a:d3:d9:73:02:5d:ea:04:f3:88:cf:f9:
                    93:68:50:a2:9d:6b:45:6e:d9:7c:69:4a:0a:fc:72:
                    d3:88:db:82:32:4b:90:e5:d8:2c:8d:79:1a:1f:62:
                    a4:ce:92:ea:3f:d5:e8:27:62:49:26:c7:a8:a8:8f:
                    44:d9:73:aa:20:57:a2:70:f2:dd:14:9c:49:3b:77:
                    8f:89:b1:af:21:c2:81:e3:07:3c:7d:d1:9a:5e:d3:
                    df:50:31:ad:c6:8f:a7:2b:3f:02:e3:8b:2a:34:35:
                    a2:18:a9:60:21:5a:71:9f:d7:94:d7:90:b9:17:77:
                    1d:1b:fa:81:72:f8:f6:6f:85:d2:a7:30:cd:16:16:
                    82:5b:d3:48:64:88:e3:dd:e9:ac:ae:11:b2:ad:2a:
                    a0:19:1b:f2:10:e8:6a:02:83:68:c5:29:a3:fb:0a:
                    b0:ea:1f:75:07:9b:0f:ca:06:f0:06:ed:23:06:06:
                    15:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:CE:25:62:26:1E:A6:13:65:BF:54:CA:32:7A:97:4B:53:78:D8:4A
            X509v3 Authority Key Identifier:
                keyid:5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:22:1b:96:ed:34:3f:7c:b2:7e:4a:08:cc:6f:ed:71:4a:b6:
         eb:1c:64:b3:53:a6:ae:97:85:40:e6:58:f6:77:cd:f4:d3:74:
         89:3c:61:92:dc:3b:c5:7d:5c:d1:9e:57:13:d2:59:e4:ab:15:
         06:03:d6:e8:19:a4:d9:18:78:49:ef:95:d2:04:72:4d:1b:e7:
         25:21:c2:dd:47:aa:ce:2e:53:de:8d:44:bb:e9:1a:4a:2c:86:
         56:94:71:d2:8c:9b:bb:3c:7c:24:fe:1e:42:7a:c6:8f:47:98:
         d1:2a:80:ec:37:75:19:b4:45:f1:ef:27:ce:ee:9a:a8:7a:56:
         95:b8:87:a4:c0:d0:b3:28:c3:d2:0a:72:09:b5:f8:fe:8e:e9:
         65:b4:d1:58:d2:7a:60:59:12:17:90:b3:40:0a:0c:9f:b8:fe:
         b5:1d:d8:84:c1:7b:94:83:4a:35:55:d0:3f:fd:9d:97:87:c9:
         86:99:97:0b:c2:1b:32:6f:70:94:61:1a:d0:ff:1f:b9:4e:e1:
         b3:2a:53:e8:1a:16:9b:8e:f1:17:bd:9f:41:32:f7:4a:ef:76:
         60:97:c9:e6:6b:32:b6:1f:44:44:fa:f5:c6:f0:37:e0:aa:5a:
         be:1c:d0:9f:b7:4d:7e:aa:a2:b7:78:78:f0:09:51:fe:f6:8d:
         0a:fa:a2:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9M/6E+Y1FHfkL9kOUPoKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZjMTM4NGI0YTRjYTUwMWRkMzNjNWYwZDg1ODBkNDQx
NmViM2EwHhcNMjUxMDE5MTYwMTA2WhcNMjUxMDIwMTYwMTA2WjAzMTEwLwYDVQQD
EyhkMGNlMjU2MjI2MWVhNjEzNjViZjU0Y2EzMjdhOTc0YjUzNzhkODRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdpe4Rjynr+GZxBg+GYzTpKpv8w5
XAnGRsFQpdeZxkXPr7IBvMZhaq4ZX8X6oieYGPU4gp7+lGEmWwro7Y59zTk2ODDr
j98JVlJhcysq09lzAl3qBPOIz/mTaFCinWtFbtl8aUoK/HLTiNuCMkuQ5dgsjXka
H2KkzpLqP9XoJ2JJJseoqI9E2XOqIFeicPLdFJxJO3ePibGvIcKB4wc8fdGaXtPf
UDGtxo+nKz8C44sqNDWiGKlgIVpxn9eU15C5F3cdG/qBcvj2b4XSpzDNFhaCW9NI
ZIjj3emsrhGyrSqgGRvyEOhqAoNoxSmj+wqw6h91B5sPygbwBu0jBgYVpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNDOJWImHqYTZb9UyjJ6l0tTeNhKMB8GA1UdIwQY
MBaAFF3WwThLSkylAd0zxfDYWA1EFus6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQt
ZDgyZDA2YTg3YmZlLzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQtZDgyZDA2YTg3YmZl
LzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsSIblu00
P3yyfkoIzG/tcUq26xxks1OmrpeFQOZY9nfN9NN0iTxhktw7xX1c0Z5XE9JZ5KsV
BgPW6Bmk2Rh4Se+V0gRyTRvnJSHC3Ueqzi5T3o1Eu+kaSiyGVpRx0oybuzx8JP4e
QnrGj0eY0SqA7Dd1GbRF8e8nzu6aqHpWlbiHpMDQsyjD0gpyCbX4/o7pZbTRWNJ6
YFkSF5CzQAoMn7j+tR3YhMF7lINKNVXQP/2dl4fJhpmXC8IbMm9wlGEa0P8fuU7h
sypT6BoWm47xF72fQTL3Su92YJfJ5msyth9ERPr1xvA34KpavhzQn7dNfqqit3h4
8AlR/vaNCvqiww==
-----END CERTIFICATE-----