Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
File:                     XzoD6voEyDkjvYaTJGGFDfX3gUY.mft (raw, json)
Hash identifier:          pQFP/G7KyRgmVBwkJvne5YmqRfvnt2FFBTprof4apZ0=
Subject key identifier:   AF:31:03:8A:D0:1A:7E:89:AE:A3:FF:C0:8F:A0:D7:8F:20:ED:99:7A
Authority key identifier: 5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46
Certificate issuer:       /CN=5f3a03eafa04c83923bd86932461850df5f78146
Certificate serial:       0198D5BBD25CED27C3EC7D31ACE9ACB10804
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
Manifest number:          12A4
Signing time:             Sat 23 Aug 2025 07:01:52 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:52 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:52 +0000
Files and hashes:         1: XzoD6voEyDkjvYaTJGGFDfX3gUY.crl (hash: vgIDgOECHGYB2dchXFjsupCjLR3QKuh8Aj/mmnKPWns=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:d2:5c:ed:27:c3:ec:7d:31:ac:e9:ac:b1:08:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f3a03eafa04c83923bd86932461850df5f78146
        Validity
            Not Before: Aug 23 07:01:52 2025 GMT
            Not After : Aug 24 07:01:52 2025 GMT
        Subject: CN=af31038ad01a7e89aea3ffc08fa0d78f20ed997a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:72:03:a8:20:8b:e5:83:3a:cd:ab:49:23:3c:
                    5a:9d:20:ad:77:d9:5b:19:64:86:47:ad:45:85:57:
                    bb:bd:ec:78:5f:bc:60:77:b1:d9:e8:b1:ed:6e:96:
                    9e:c9:c1:29:6a:44:f9:9d:71:4d:7e:a4:0a:43:23:
                    12:60:60:c6:4d:46:e5:bc:ed:47:ab:65:7c:2b:e0:
                    98:1c:43:e1:ca:99:56:80:8b:73:7c:6d:71:ae:17:
                    7d:9c:44:1f:3f:c8:89:33:69:ba:3d:e2:11:be:50:
                    e6:56:45:f1:ef:6e:92:ae:c3:0f:4f:51:28:3d:ba:
                    fa:f3:02:42:17:f8:26:63:31:59:e0:4d:9e:8a:db:
                    c2:bb:4b:a4:57:e0:b3:e4:82:b5:6c:f1:e6:14:38:
                    0a:6d:f1:a4:d8:35:53:6c:82:94:99:6b:7c:2b:20:
                    7c:7e:9a:77:e6:66:93:72:1d:6b:71:c4:76:eb:d0:
                    77:cb:e7:b1:44:2d:63:f7:ce:6b:9e:b9:2f:47:93:
                    e3:06:a9:80:5c:ab:71:29:fe:13:4b:39:0a:77:36:
                    8d:3c:20:2b:ae:d7:e5:6f:21:92:5d:99:5a:22:a7:
                    3b:d9:60:76:33:d7:a1:4f:de:02:89:23:86:70:a3:
                    32:db:49:99:56:6a:f8:80:73:3a:22:c5:c8:fe:19:
                    36:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:31:03:8A:D0:1A:7E:89:AE:A3:FF:C0:8F:A0:D7:8F:20:ED:99:7A
            X509v3 Authority Key Identifier:
                keyid:5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:4c:00:b8:2a:bb:5e:ad:6c:ea:81:58:3a:a7:bc:d1:fe:6d:
         f4:03:8c:78:c9:56:c4:48:4e:f1:c8:6e:a6:e0:79:24:9b:9f:
         e4:53:8c:60:9e:e5:ed:50:73:37:7c:28:59:87:b2:27:f6:a1:
         d1:3a:68:e7:a0:a5:25:17:9b:07:8d:90:d8:aa:42:a7:77:7c:
         60:33:7c:75:67:be:31:94:24:21:95:ac:3a:49:ef:b7:d9:73:
         6c:b6:f7:a7:f9:16:2c:a2:2b:54:e8:ef:5e:8a:66:f8:c6:c2:
         be:2f:fb:ea:20:9e:44:7f:b7:54:31:c5:e3:be:a4:e1:30:b9:
         ab:b4:37:9c:e8:af:03:5e:b6:1b:99:2e:29:29:85:22:98:23:
         ef:ed:ea:fd:44:40:3e:d7:5b:7b:91:6c:98:3c:84:27:06:b3:
         73:f8:86:9d:94:3a:82:47:c8:5c:7d:61:14:03:75:7d:9f:a5:
         16:b3:d1:3b:0e:32:ae:34:55:db:20:17:70:46:6f:9b:a7:93:
         d1:79:5d:f4:de:d9:8b:40:a0:f9:06:29:03:61:bb:6d:04:76:
         bf:90:40:dc:06:2f:b1:f1:44:c1:63:7d:3d:91:c5:c5:9d:95:
         a3:25:c4:e7:02:82:9a:7a:4c:f7:22:97:49:0f:63:c4:99:25:
         c5:d3:49:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu9Jc7SfD7H0xrOmssQgEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmM2EwM2VhZmEwNGM4MzkyM2JkODY5MzI0NjE4NTBkZjVm
NzgxNDYwHhcNMjUwODIzMDcwMTUyWhcNMjUwODI0MDcwMTUyWjAzMTEwLwYDVQQD
EyhhZjMxMDM4YWQwMWE3ZTg5YWVhM2ZmYzA4ZmEwZDc4ZjIwZWQ5OTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HIDqCCL5YM6zatJIzxanSCtd9lb
GWSGR61FhVe7vex4X7xgd7HZ6LHtbpaeycEpakT5nXFNfqQKQyMSYGDGTUblvO1H
q2V8K+CYHEPhyplWgItzfG1xrhd9nEQfP8iJM2m6PeIRvlDmVkXx726SrsMPT1Eo
Pbr68wJCF/gmYzFZ4E2eitvCu0ukV+Cz5IK1bPHmFDgKbfGk2DVTbIKUmWt8KyB8
fpp35maTch1rccR269B3y+exRC1j985rnrkvR5PjBqmAXKtxKf4TSzkKdzaNPCAr
rtflbyGSXZlaIqc72WB2M9ehT94CiSOGcKMy20mZVmr4gHM6IsXI/hk2wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8xA4rQGn6JrqP/wI+g148g7Zl6MB8GA1UdIwQY
MBaAFF86A+r6BMg5I72GkyRhhQ3194FGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTIt
ZDU0MGU4YjEzZjdkLzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTItZDU0MGU4YjEzZjdk
LzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoUwAuCq7
Xq1s6oFYOqe80f5t9AOMeMlWxEhO8chupuB5JJuf5FOMYJ7l7VBzN3woWYeyJ/ah
0Tpo56ClJRebB42Q2KpCp3d8YDN8dWe+MZQkIZWsOknvt9lzbLb3p/kWLKIrVOjv
Xopm+MbCvi/76iCeRH+3VDHF476k4TC5q7Q3nOivA162G5kuKSmFIpgj7+3q/URA
Ptdbe5FsmDyEJwazc/iGnZQ6gkfIXH1hFAN1fZ+lFrPROw4yrjRV2yAXcEZvm6eT
0Xld9N7Zi0Cg+QYpA2G7bQR2v5BA3AYvsfFEwWN9PZHFxZ2VoyXE5wKCmnpM9yKX
SQ9jxJklxdNJJg==
-----END CERTIFICATE-----