Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
File:                     XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft (raw, json)
Hash identifier:          vY++/fdtx2tL5Mmaqz1p3V0zsCu9tByi8n+hdtiKozE=
Subject key identifier:   96:3F:E9:BA:15:E3:4C:35:21:BF:93:DD:1B:FA:87:0B:04:57:D3:CE
Authority key identifier: 5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A
Certificate issuer:       /CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
Certificate serial:       0198D54DE2B3CF5791F35F3C44A8F71D356B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
Manifest number:          0C1E
Signing time:             Sat 23 Aug 2025 05:01:47 +0000
Manifest this update:     Sat 23 Aug 2025 05:01:47 +0000
Manifest next update:     Sun 24 Aug 2025 05:01:47 +0000
Files and hashes:         1: XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl (hash: CR8B4HC0j5gEAXjnl+hcWfeFdoqAapXIrryx0usnBIA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4d:e2:b3:cf:57:91:f3:5f:3c:44:a8:f7:1d:35:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
        Validity
            Not Before: Aug 23 05:01:47 2025 GMT
            Not After : Aug 24 05:01:47 2025 GMT
        Subject: CN=963fe9ba15e34c3521bf93dd1bfa870b0457d3ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:cb:ef:5f:7c:f8:72:6c:c2:91:9b:e3:c4:ff:
                    e7:bb:6e:ba:95:e7:9f:1d:19:1b:53:97:de:af:c2:
                    0e:35:73:71:e2:4e:d3:7e:b4:f3:93:b2:62:0b:8a:
                    85:f0:63:e5:81:3c:78:f4:78:f8:80:40:f7:66:63:
                    ba:8f:87:c4:a4:25:6b:85:09:e8:6d:35:80:31:ef:
                    0f:bf:17:46:13:d6:a0:8f:01:08:f7:fc:a3:3c:1f:
                    8e:c3:ae:75:25:00:78:2e:ba:c7:53:4d:d4:1f:e3:
                    fe:fb:7c:90:20:22:86:7d:a1:33:78:49:5b:f5:bf:
                    e4:93:cb:93:d2:f8:17:2d:5c:34:d3:2f:90:de:5e:
                    aa:f4:e6:72:29:e2:a9:ca:aa:9a:cd:b3:5a:a7:1c:
                    a0:8b:d9:f6:3a:20:77:38:65:b1:b7:30:89:04:95:
                    4c:3c:82:ce:b7:18:55:b5:df:d0:44:da:30:9b:aa:
                    c0:29:5a:dd:5f:92:eb:0a:76:2c:22:4e:1d:c5:f5:
                    1a:0d:5e:cf:11:ba:65:ae:f9:d5:2d:ac:b1:2c:86:
                    ca:04:cb:35:18:3b:5b:64:24:b1:15:f8:42:40:24:
                    7d:3c:09:9b:d4:1f:1a:0a:a0:52:15:51:d3:e7:3b:
                    2c:48:e3:3c:61:6a:cb:cf:cc:2a:4e:fa:66:47:c4:
                    76:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:3F:E9:BA:15:E3:4C:35:21:BF:93:DD:1B:FA:87:0B:04:57:D3:CE
            X509v3 Authority Key Identifier:
                keyid:5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:4c:f6:d1:29:db:2f:8d:aa:72:66:8b:37:9b:a6:e2:cb:af:
         e8:5b:57:43:d4:7f:9f:21:8f:5a:78:6d:83:d8:21:41:d0:88:
         6a:a5:db:ea:e2:dc:64:ab:5c:5c:8b:85:c5:6c:2b:0b:da:73:
         47:50:f3:11:20:18:25:17:e6:38:18:e6:37:fa:8d:d9:10:0b:
         6a:f7:8e:ec:5c:e1:1b:02:cb:b5:97:d6:cc:35:bf:90:fd:68:
         2a:86:14:52:4f:c7:2b:2d:69:f7:76:17:8f:c6:73:f2:cb:c4:
         ad:3f:67:2e:44:83:1e:6e:e0:ba:dc:ca:f6:41:a5:57:9a:4d:
         73:b5:81:d7:c8:98:88:43:b5:00:f6:92:ed:5f:74:65:6e:ba:
         48:da:49:43:ed:34:74:93:1f:0e:10:a2:22:40:51:9d:2a:52:
         a2:7b:c7:47:45:8e:9e:76:bb:f0:ea:01:c2:bc:00:d7:09:7e:
         67:e8:6c:eb:e9:ac:6e:b3:55:d7:e3:7d:08:d2:1a:6b:90:28:
         f1:f5:06:16:1b:9b:86:9b:97:fa:6d:6f:bb:a1:04:71:1d:a3:
         0c:64:b7:68:6e:bd:15:34:a8:ca:73:fc:8f:65:a2:8a:8c:3a:
         89:3e:aa:8c:96:8a:f2:ba:bf:94:7c:99:42:e1:2b:de:d0:82:
         f1:84:f0:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTeKzz1eR8188RKj3HTVrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzhlYjI5NTk1NjA3ZWQ0ZDhmNGQ5YmYwNmNiYTQyOTky
Njg2NGEwHhcNMjUwODIzMDUwMTQ3WhcNMjUwODI0MDUwMTQ3WjAzMTEwLwYDVQQD
Eyg5NjNmZTliYTE1ZTM0YzM1MjFiZjkzZGQxYmZhODcwYjA0NTdkM2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8vvX3z4cmzCkZvjxP/nu266leef
HRkbU5fer8IONXNx4k7TfrTzk7JiC4qF8GPlgTx49Hj4gED3ZmO6j4fEpCVrhQno
bTWAMe8PvxdGE9agjwEI9/yjPB+Ow651JQB4LrrHU03UH+P++3yQICKGfaEzeElb
9b/kk8uT0vgXLVw00y+Q3l6q9OZyKeKpyqqazbNapxygi9n2OiB3OGWxtzCJBJVM
PILOtxhVtd/QRNowm6rAKVrdX5LrCnYsIk4dxfUaDV7PEbplrvnVLayxLIbKBMs1
GDtbZCSxFfhCQCR9PAmb1B8aCqBSFVHT5zssSOM8YWrLz8wqTvpmR8R2GwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJY/6boV40w1Ib+T3Rv6hwsEV9POMB8GA1UdIwQY
MBaAFF046ylZVgftTY9Nm/BsukKZJoZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMt
ZDI0YjRhNWIxY2RjLzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMtZDI0YjRhNWIxY2Rj
LzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGUz20Snb
L42qcmaLN5um4suv6FtXQ9R/nyGPWnhtg9ghQdCIaqXb6uLcZKtcXIuFxWwrC9pz
R1DzESAYJRfmOBjmN/qN2RALaveO7FzhGwLLtZfWzDW/kP1oKoYUUk/HKy1p93YX
j8Zz8svErT9nLkSDHm7gutzK9kGlV5pNc7WB18iYiEO1APaS7V90ZW66SNpJQ+00
dJMfDhCiIkBRnSpSonvHR0WOnna78OoBwrwA1wl+Z+hs6+msbrNV1+N9CNIaa5Ao
8fUGFhubhpuX+m1vu6EEcR2jDGS3aG69FTSoynP8j2Wiiow6iT6qjJaK8rq/lHyZ
QuEr3tCC8YTwrA==
-----END CERTIFICATE-----