Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
File:                     XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft (raw, json)
Hash identifier:          JM/1YAiU/HNnnUPkn0QFy8NEZbhq57bhEiDUD72Fz0o=
Subject key identifier:   99:1F:A5:AA:9D:DB:F4:0A:3D:0F:FF:3A:09:D8:C8:B6:8F:1C:81:E2
Authority key identifier: 5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A
Certificate issuer:       /CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
Certificate serial:       0199FCC639617AAFFE947245DAD769015F34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
Manifest number:          0CB7
Signing time:             Sun 19 Oct 2025 14:01:13 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:13 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:13 +0000
Files and hashes:         1: XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl (hash: uWJtlSsP6gUfKPOtpXeEz6Eu26yaU1o6vAQS+kL4y1E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:39:61:7a:af:fe:94:72:45:da:d7:69:01:5f:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
        Validity
            Not Before: Oct 19 14:01:13 2025 GMT
            Not After : Oct 20 14:01:13 2025 GMT
        Subject: CN=991fa5aa9ddbf40a3d0fff3a09d8c8b68f1c81e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:f7:42:7c:30:45:8f:4e:eb:ef:19:5e:13:f0:
                    eb:00:76:f2:c5:18:ed:57:3b:64:71:15:7c:c3:28:
                    c0:ce:bc:98:56:09:28:7f:7b:c3:37:4b:e6:df:48:
                    58:30:37:65:e4:bf:8f:9f:3f:de:e4:c4:0b:46:fa:
                    6e:08:8a:34:0f:d5:ad:f3:c3:03:c0:6b:e1:0e:36:
                    04:90:88:74:c6:a7:a1:0a:04:ed:68:1f:59:bb:5b:
                    9d:5b:0e:0f:01:b1:62:ab:38:26:85:f5:09:55:eb:
                    e5:b3:da:6b:ea:19:40:9e:3b:7a:b1:14:a2:cc:fb:
                    79:59:64:36:e2:4a:bf:c2:b8:03:35:8e:12:10:fb:
                    4c:1f:20:5a:8c:97:ee:c9:69:6d:cb:ed:b8:a5:a4:
                    26:d8:4d:f2:e5:fc:5e:8d:91:f3:63:1d:de:51:fc:
                    58:8b:a8:7c:dd:1d:30:d8:00:20:b6:d3:00:4e:a3:
                    16:9a:f9:cc:7a:ed:cb:62:1b:0e:7e:e3:8e:27:e2:
                    e0:0f:c1:39:c1:73:b7:18:b4:c5:ff:8c:f7:cb:26:
                    91:9c:ef:30:5e:36:97:79:4a:c2:ae:02:d9:52:19:
                    0c:c0:2e:95:38:84:c6:2c:42:d5:03:8a:f1:e7:14:
                    c0:c4:01:0b:01:30:fd:a3:0d:83:16:34:79:3a:5e:
                    6e:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:1F:A5:AA:9D:DB:F4:0A:3D:0F:FF:3A:09:D8:C8:B6:8F:1C:81:E2
            X509v3 Authority Key Identifier:
                keyid:5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:a7:52:83:eb:ee:50:2a:49:89:a1:bf:a3:5f:74:b0:17:bd:
         ce:aa:1b:ed:00:9d:b2:b6:dc:7a:ef:1b:6f:dd:47:66:6d:00:
         3c:cc:60:2f:8a:7c:2f:09:48:00:44:8d:9e:60:19:4f:31:27:
         e8:86:06:7a:c7:f9:90:8d:02:40:9f:8d:8a:fc:93:3e:a9:7f:
         09:85:75:ee:ae:ec:42:f6:63:42:a5:bc:17:3b:e5:4b:17:5c:
         7c:36:27:45:7b:b7:19:d3:a3:d5:9b:03:56:a7:fa:55:d1:f3:
         6e:48:35:1c:75:c0:ac:3b:43:47:4e:5f:a9:6c:50:77:d8:a7:
         03:95:25:5d:ac:0e:5d:6b:bd:41:55:bf:b4:44:5b:0a:8c:c2:
         20:ec:86:78:14:15:c7:9b:bd:04:21:aa:40:75:5a:39:cb:58:
         2d:e0:fc:da:3f:98:1a:77:ef:82:ab:1c:79:67:f4:5e:6c:fd:
         97:dd:2b:5b:60:90:92:8d:53:fb:eb:3d:42:8c:58:7a:32:b8:
         13:c0:fe:da:38:78:76:a6:79:40:e8:41:a8:3f:8e:e8:0d:62:
         fb:d4:90:b7:23:9f:fd:c3:53:ed:37:40:6d:69:ff:78:b8:ab:
         fb:ad:da:c0:0c:dc:88:89:c4:1c:6d:8e:e6:4d:dd:7f:90:bb:
         e0:92:d8:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xjlheq/+lHJF2tdpAV80MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzhlYjI5NTk1NjA3ZWQ0ZDhmNGQ5YmYwNmNiYTQyOTky
Njg2NGEwHhcNMjUxMDE5MTQwMTEzWhcNMjUxMDIwMTQwMTEzWjAzMTEwLwYDVQQD
Eyg5OTFmYTVhYTlkZGJmNDBhM2QwZmZmM2EwOWQ4YzhiNjhmMWM4MWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPdCfDBFj07r7xleE/DrAHbyxRjt
VztkcRV8wyjAzryYVgkof3vDN0vm30hYMDdl5L+Pnz/e5MQLRvpuCIo0D9Wt88MD
wGvhDjYEkIh0xqehCgTtaB9Zu1udWw4PAbFiqzgmhfUJVevls9pr6hlAnjt6sRSi
zPt5WWQ24kq/wrgDNY4SEPtMHyBajJfuyWlty+24paQm2E3y5fxejZHzYx3eUfxY
i6h83R0w2AAgttMATqMWmvnMeu3LYhsOfuOOJ+LgD8E5wXO3GLTF/4z3yyaRnO8w
XjaXeUrCrgLZUhkMwC6VOITGLELVA4rx5xTAxAELATD9ow2DFjR5Ol5u6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJkfpaqd2/QKPQ//OgnYyLaPHIHiMB8GA1UdIwQY
MBaAFF046ylZVgftTY9Nm/BsukKZJoZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMt
ZDI0YjRhNWIxY2RjLzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMtZDI0YjRhNWIxY2Rj
LzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGadSg+vu
UCpJiaG/o190sBe9zqob7QCdsrbceu8bb91HZm0APMxgL4p8LwlIAESNnmAZTzEn
6IYGesf5kI0CQJ+NivyTPql/CYV17q7sQvZjQqW8FzvlSxdcfDYnRXu3GdOj1ZsD
Vqf6VdHzbkg1HHXArDtDR05fqWxQd9inA5UlXawOXWu9QVW/tERbCozCIOyGeBQV
x5u9BCGqQHVaOctYLeD82j+YGnfvgqsceWf0Xmz9l90rW2CQko1T++s9QoxYejK4
E8D+2jh4dqZ5QOhBqD+O6A1i+9SQtyOf/cNT7TdAbWn/eLir+63awAzciInEHG2O
5k3df5C74JLY1Q==
-----END CERTIFICATE-----