Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
File:                     XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft (raw, json)
Hash identifier:          NQ1Q9SGuueCNK6+KDcCaJsx7JGFg+Q1hUq1kgf+y0ig=
Subject key identifier:   C1:25:84:93:38:B2:A5:EA:2C:A6:8D:D4:5F:71:82:41:71:5A:12:6C
Authority key identifier: 5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A
Certificate issuer:       /CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
Certificate serial:       0197B77C60250A8133C916E4892121D1CA30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
Manifest number:          0B8A
Signing time:             Sat 28 Jun 2025 17:01:10 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:10 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:10 +0000
Files and hashes:         1: XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl (hash: WwyRyfH5YQUyVK0a7KvriKCBBA9RdCN/DbqaFflRX9k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:60:25:0a:81:33:c9:16:e4:89:21:21:d1:ca:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
        Validity
            Not Before: Jun 28 17:01:10 2025 GMT
            Not After : Jun 29 17:01:10 2025 GMT
        Subject: CN=c125849338b2a5ea2ca68dd45f718241715a126c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:86:b6:9d:82:e9:0d:c3:47:26:29:01:43:d2:
                    36:51:75:c8:86:3c:99:b9:3e:0d:fd:54:b8:15:c9:
                    e4:01:4c:67:c2:3c:40:b0:ba:03:d1:ad:16:2f:f0:
                    19:dd:64:74:ed:f4:c5:f0:10:31:f5:41:3e:1a:a2:
                    82:b7:c0:a5:16:b7:1c:94:8e:4e:07:66:1a:1c:3c:
                    a5:2c:28:de:2e:fb:3d:3b:6b:50:d9:09:39:77:bd:
                    72:de:b3:2f:82:6b:61:d0:de:36:bb:cf:14:fe:e9:
                    fb:aa:fa:68:fa:43:40:59:76:85:2c:e6:c8:a3:53:
                    4c:fe:cb:30:4f:dd:f6:4e:88:82:fb:4e:1b:74:0e:
                    24:fa:82:08:e3:62:97:bc:fc:34:60:fb:75:c3:97:
                    86:60:b7:6b:fb:30:6c:7d:3e:07:86:44:8c:90:13:
                    eb:59:e9:60:c4:c3:fe:c7:db:73:e1:5d:89:73:53:
                    7c:f6:6a:29:f7:3c:7e:fc:3c:92:24:9e:f7:b2:a4:
                    33:24:e5:df:80:53:c4:cc:63:28:20:d6:6d:ff:87:
                    b4:a7:6e:bc:75:ed:5a:51:16:39:af:bb:fa:5a:41:
                    e7:6f:61:03:51:8e:d2:f7:44:ef:4f:b0:cf:13:03:
                    51:14:e9:17:30:08:5b:b8:3e:51:79:1e:a0:e0:75:
                    cd:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:25:84:93:38:B2:A5:EA:2C:A6:8D:D4:5F:71:82:41:71:5A:12:6C
            X509v3 Authority Key Identifier:
                keyid:5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:96:86:0e:ce:66:47:b2:b2:a8:6a:cb:2f:2e:af:7b:c4:18:
         5b:c0:19:7a:8c:64:42:6f:7b:0d:ec:3d:5d:b6:1c:15:ce:0d:
         64:71:36:96:c6:25:9a:4f:91:68:ac:cc:3c:34:94:88:06:13:
         0d:1d:f0:f1:86:50:e4:36:c0:ba:c0:25:9e:11:9a:ac:79:df:
         34:22:45:d9:90:bd:48:be:5a:bf:01:ab:c9:37:26:59:bb:fc:
         5b:9c:a3:00:75:c1:03:55:9f:c0:b2:95:2b:3f:fd:d2:b9:2b:
         a2:d2:67:92:64:d9:8e:1c:a3:fe:51:3d:89:1c:cd:de:21:4c:
         65:70:8b:43:d0:f6:fe:80:70:92:ae:0f:f0:5a:1f:e4:1f:37:
         b2:0b:8a:a0:06:ec:8e:04:26:e7:70:18:f7:24:cb:f8:84:49:
         56:5b:02:1f:0e:94:f5:88:9c:bf:1b:8d:8f:d6:d8:37:75:d4:
         19:fb:02:4f:79:78:86:a6:a2:54:e4:fd:97:4e:fb:d2:ee:63:
         58:dc:02:c9:56:6f:f7:f5:f2:b2:ec:34:f5:22:75:0e:55:15:
         07:8f:2e:6e:c8:53:37:9f:0c:5a:1b:6b:77:a1:90:88:32:b2:
         ed:ab:e6:4e:00:e6:22:0c:7c:f1:30:0b:4a:b8:c3:b6:76:61:
         c7:e7:b8:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fGAlCoEzyRbkiSEh0cowMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzhlYjI5NTk1NjA3ZWQ0ZDhmNGQ5YmYwNmNiYTQyOTky
Njg2NGEwHhcNMjUwNjI4MTcwMTEwWhcNMjUwNjI5MTcwMTEwWjAzMTEwLwYDVQQD
EyhjMTI1ODQ5MzM4YjJhNWVhMmNhNjhkZDQ1ZjcxODI0MTcxNWExMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIa2nYLpDcNHJikBQ9I2UXXIhjyZ
uT4N/VS4FcnkAUxnwjxAsLoD0a0WL/AZ3WR07fTF8BAx9UE+GqKCt8ClFrcclI5O
B2YaHDylLCjeLvs9O2tQ2Qk5d71y3rMvgmth0N42u88U/un7qvpo+kNAWXaFLObI
o1NM/sswT932ToiC+04bdA4k+oII42KXvPw0YPt1w5eGYLdr+zBsfT4HhkSMkBPr
WelgxMP+x9tz4V2Jc1N89mop9zx+/DySJJ73sqQzJOXfgFPEzGMoINZt/4e0p268
de1aURY5r7v6WkHnb2EDUY7S90TvT7DPEwNRFOkXMAhbuD5ReR6g4HXNlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMElhJM4sqXqLKaN1F9xgkFxWhJsMB8GA1UdIwQY
MBaAFF046ylZVgftTY9Nm/BsukKZJoZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMt
ZDI0YjRhNWIxY2RjLzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMtZDI0YjRhNWIxY2Rj
LzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ5aGDs5m
R7KyqGrLLy6ve8QYW8AZeoxkQm97Dew9XbYcFc4NZHE2lsYlmk+RaKzMPDSUiAYT
DR3w8YZQ5DbAusAlnhGarHnfNCJF2ZC9SL5avwGryTcmWbv8W5yjAHXBA1WfwLKV
Kz/90rkrotJnkmTZjhyj/lE9iRzN3iFMZXCLQ9D2/oBwkq4P8Fof5B83sguKoAbs
jgQm53AY9yTL+IRJVlsCHw6U9YicvxuNj9bYN3XUGfsCT3l4hqaiVOT9l0770u5j
WNwCyVZv9/Xysuw09SJ1DlUVB48ubshTN58MWhtrd6GQiDKy7avmTgDmIgx88TAL
SrjDtnZhx+e4KQ==
-----END CERTIFICATE-----