Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/28343c-a4e4-4db0-92be-b58617e1888b/1/Xt--3qwGsBxaP3hM6gRuWiyVyl4.mft
File:                     Xt--3qwGsBxaP3hM6gRuWiyVyl4.mft (raw, json)
Hash identifier:          z8ch3B/lfSFfjG53vVifxGch5ChT8OGkkHXzi6r3nu0=
Subject key identifier:   B8:3C:AF:A5:02:EA:D9:86:03:23:AD:B2:50:ED:31:24:53:2E:87:C1
Authority key identifier: 5E:DF:BE:DE:AC:06:B0:1C:5A:3F:78:4C:EA:04:6E:5A:2C:95:CA:5E
Certificate issuer:       /CN=5edfbedeac06b01c5a3f784cea046e5a2c95ca5e
Certificate serial:       0197B70F3235BAA344238DFFE5EC527C2213
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xt--3qwGsBxaP3hM6gRuWiyVyl4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/28343c-a4e4-4db0-92be-b58617e1888b/1/Xt--3qwGsBxaP3hM6gRuWiyVyl4.mft
Manifest number:          0914
Signing time:             Sat 28 Jun 2025 15:01:55 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:55 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:55 +0000
Files and hashes:         1: Xt--3qwGsBxaP3hM6gRuWiyVyl4.crl (hash: kgOF/WWiBNEz4snTQ/bSOgwUDYNedQv9a+5aCxxr4j4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/28343c-a4e4-4db0-92be-b58617e1888b/1/Xt--3qwGsBxaP3hM6gRuWiyVyl4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/28343c-a4e4-4db0-92be-b58617e1888b/1/Xt--3qwGsBxaP3hM6gRuWiyVyl4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xt--3qwGsBxaP3hM6gRuWiyVyl4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0f:32:35:ba:a3:44:23:8d:ff:e5:ec:52:7c:22:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5edfbedeac06b01c5a3f784cea046e5a2c95ca5e
        Validity
            Not Before: Jun 28 15:01:55 2025 GMT
            Not After : Jun 29 15:01:55 2025 GMT
        Subject: CN=b83cafa502ead9860323adb250ed3124532e87c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:42:ff:e9:27:b6:dd:0c:4b:6d:25:99:17:7a:
                    e0:3d:85:b2:ef:a0:99:b9:6d:24:19:1c:81:5e:12:
                    2a:04:ad:35:c5:bd:5c:1f:2e:a5:c0:45:a1:59:76:
                    e5:e6:b8:d1:be:fe:eb:e7:8d:30:db:4f:4f:09:7e:
                    c0:6f:ba:37:31:df:2a:75:ed:74:e2:bd:0c:be:2e:
                    be:f8:58:48:de:65:9c:3a:22:2f:f2:f0:90:ae:3f:
                    6a:ac:d3:fe:8a:6b:e6:20:1c:ac:fe:f1:5f:a5:1e:
                    cb:a2:a9:e9:71:77:7a:19:6f:11:98:64:5f:7d:a2:
                    a7:ff:3e:d7:99:af:42:41:cf:fe:ab:8f:ef:4d:75:
                    ef:42:50:fd:e9:72:de:9a:62:64:c9:18:a2:a0:7e:
                    dd:18:f6:cc:c3:57:94:6f:87:ce:8f:a1:2d:02:69:
                    d8:75:f3:60:25:a2:a2:ca:36:1a:8a:04:2f:62:cd:
                    ec:22:38:3f:8e:75:a2:7c:82:55:b0:01:1e:ae:74:
                    9f:aa:39:aa:f1:a1:07:5c:32:7a:8e:b7:1a:33:de:
                    c9:b7:82:d9:64:48:89:f0:fc:a7:25:d7:33:66:21:
                    7d:21:83:94:6c:29:d0:63:eb:5a:a1:be:8d:2e:72:
                    d3:1f:1b:42:f0:0c:c0:55:94:de:68:07:87:c5:40:
                    d2:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:3C:AF:A5:02:EA:D9:86:03:23:AD:B2:50:ED:31:24:53:2E:87:C1
            X509v3 Authority Key Identifier:
                keyid:5E:DF:BE:DE:AC:06:B0:1C:5A:3F:78:4C:EA:04:6E:5A:2C:95:CA:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xt--3qwGsBxaP3hM6gRuWiyVyl4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/28343c-a4e4-4db0-92be-b58617e1888b/1/Xt--3qwGsBxaP3hM6gRuWiyVyl4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/28343c-a4e4-4db0-92be-b58617e1888b/1/Xt--3qwGsBxaP3hM6gRuWiyVyl4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:6d:12:e7:66:29:40:37:ec:1d:8d:9b:17:2e:5c:48:57:15:
         34:d8:13:09:88:9d:86:2e:ce:8b:8f:8d:6d:1c:0d:ea:69:c8:
         21:8c:c1:d3:59:12:d3:85:c6:b0:07:ea:77:1c:0a:17:02:6d:
         73:b9:22:b4:41:a9:3e:93:75:3a:09:b8:7e:fa:84:b6:3f:07:
         4d:51:fe:62:f9:c2:be:39:0b:2d:47:d1:0a:02:c9:ca:c6:95:
         ce:3d:a6:e5:27:24:9d:0a:46:09:43:af:d2:b0:0b:62:6f:86:
         1d:d9:9f:16:d0:96:26:da:25:e2:86:11:fb:1f:2f:a3:54:3f:
         a9:51:9d:3b:d2:65:0b:22:63:b1:42:72:33:68:0e:f8:df:e6:
         5e:98:af:7d:1b:33:c3:1a:70:d6:97:3d:36:7a:a4:1a:b3:59:
         1d:dc:20:eb:40:c2:a7:33:98:31:50:79:f2:f2:05:ea:6e:77:
         39:80:23:ca:67:e1:d6:93:de:85:d1:fb:2e:1d:80:0f:32:6b:
         dc:e1:be:6d:6f:a9:c6:a2:6c:51:e0:d6:61:11:72:dd:69:a4:
         df:2a:2d:e6:a3:90:c4:eb:9c:c2:35:c8:d6:10:8c:5a:8c:f6:
         55:dd:91:70:a2:1e:c9:4b:f2:82:10:78:fb:de:12:df:4d:03:
         de:d1:af:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DzI1uqNEI43/5exSfCITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZGZiZWRlYWMwNmIwMWM1YTNmNzg0Y2VhMDQ2ZTVhMmM5
NWNhNWUwHhcNMjUwNjI4MTUwMTU1WhcNMjUwNjI5MTUwMTU1WjAzMTEwLwYDVQQD
EyhiODNjYWZhNTAyZWFkOTg2MDMyM2FkYjI1MGVkMzEyNDUzMmU4N2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkL/6Se23QxLbSWZF3rgPYWy76CZ
uW0kGRyBXhIqBK01xb1cHy6lwEWhWXbl5rjRvv7r540w209PCX7Ab7o3Md8qde10
4r0Mvi6++FhI3mWcOiIv8vCQrj9qrNP+imvmIBys/vFfpR7LoqnpcXd6GW8RmGRf
faKn/z7Xma9CQc/+q4/vTXXvQlD96XLemmJkyRiioH7dGPbMw1eUb4fOj6EtAmnY
dfNgJaKiyjYaigQvYs3sIjg/jnWifIJVsAEernSfqjmq8aEHXDJ6jrcaM97Jt4LZ
ZEiJ8PynJdczZiF9IYOUbCnQY+taob6NLnLTHxtC8AzAVZTeaAeHxUDSxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLg8r6UC6tmGAyOtslDtMSRTLofBMB8GA1UdIwQY
MBaAFF7fvt6sBrAcWj94TOoEbloslcpeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHQtLTNxd0dzQnhhUDNoTTZnUnVXaXlWeWw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8yODM0M2MtYTRlNC00ZGIwLTkyYmUt
YjU4NjE3ZTE4ODhiLzEvWHQtLTNxd0dzQnhhUDNoTTZnUnVXaXlWeWw0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8yODM0M2MtYTRlNC00ZGIwLTkyYmUtYjU4NjE3ZTE4ODhi
LzEvWHQtLTNxd0dzQnhhUDNoTTZnUnVXaXlWeWw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXG0S52Yp
QDfsHY2bFy5cSFcVNNgTCYidhi7Oi4+NbRwN6mnIIYzB01kS04XGsAfqdxwKFwJt
c7kitEGpPpN1Ogm4fvqEtj8HTVH+YvnCvjkLLUfRCgLJysaVzj2m5ScknQpGCUOv
0rALYm+GHdmfFtCWJtol4oYR+x8vo1Q/qVGdO9JlCyJjsUJyM2gO+N/mXpivfRsz
wxpw1pc9NnqkGrNZHdwg60DCpzOYMVB58vIF6m53OYAjymfh1pPehdH7Lh2ADzJr
3OG+bW+pxqJsUeDWYRFy3Wmk3yot5qOQxOucwjXI1hCMWoz2Vd2RcKIeyUvyghB4
+94S300D3tGv7g==
-----END CERTIFICATE-----