Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft
File:                     XbdXv1dG8moHySCHAbDVS2m8M2Q.mft (raw, json)
Hash identifier:          E29v5EDM47Hj3Af7lYZDk547y9niaPNS2WCOgH/1D6I=
Subject key identifier:   13:57:A2:1F:19:8E:FB:A1:79:EB:2A:48:D9:A3:8D:02:08:4F:32:8B
Authority key identifier: 5D:B7:57:BF:57:46:F2:6A:07:C9:20:87:01:B0:D5:4B:69:BC:33:64
Certificate issuer:       /CN=5db757bf5746f26a07c9208701b0d54b69bc3364
Certificate serial:       0197B70EDF3EB35E7DD499252B4EB1E6CE1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XbdXv1dG8moHySCHAbDVS2m8M2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft
Manifest number:          0481
Signing time:             Sat 28 Jun 2025 15:01:34 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:34 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:34 +0000
Files and hashes:         1: XbdXv1dG8moHySCHAbDVS2m8M2Q.crl (hash: cpVxw2llMOOvHJAV1KLjyZDYB7+Mca3oAZa27j1KoQ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XbdXv1dG8moHySCHAbDVS2m8M2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:df:3e:b3:5e:7d:d4:99:25:2b:4e:b1:e6:ce:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5db757bf5746f26a07c9208701b0d54b69bc3364
        Validity
            Not Before: Jun 28 15:01:34 2025 GMT
            Not After : Jun 29 15:01:34 2025 GMT
        Subject: CN=1357a21f198efba179eb2a48d9a38d02084f328b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:71:76:71:21:44:0a:b5:e2:4d:fb:63:1c:e2:
                    17:06:6a:7b:ca:f5:82:c7:bb:85:e7:77:9b:57:39:
                    f3:0c:4b:96:6e:dd:b8:66:5b:66:69:5d:83:d4:32:
                    ff:a9:ea:21:ba:f7:6b:e1:5e:0b:07:74:28:8a:b1:
                    6f:7f:f5:e7:8f:f2:b0:c1:54:5e:dd:81:8f:2c:19:
                    5d:b2:e5:c8:48:da:f3:05:9d:e3:a2:ca:26:d8:20:
                    41:fa:8c:da:07:4f:4d:87:33:50:e1:d7:3a:b6:7a:
                    8d:0c:62:b2:0f:97:b2:e1:90:dd:03:68:65:a3:5d:
                    be:70:d1:8c:46:0c:26:87:03:f8:ce:4c:e2:4e:c0:
                    c7:94:31:f7:80:93:9a:aa:2c:fd:09:2b:bb:a2:c5:
                    c6:68:f3:fd:14:91:d8:53:f6:20:38:0c:21:29:f5:
                    5d:99:be:30:ec:ff:72:bf:d2:44:f7:0f:76:46:ef:
                    cf:80:06:90:2f:41:17:94:26:8b:e2:77:27:84:56:
                    ba:b6:dc:59:0b:43:31:96:2c:69:06:c9:30:e5:48:
                    5a:25:2c:48:f7:f0:9f:33:d2:53:52:42:32:82:fc:
                    07:fb:a2:f0:0d:b9:ff:1a:7d:50:30:ee:4f:f9:b2:
                    56:71:6b:61:be:42:5d:52:6e:91:98:30:3f:d8:fd:
                    f1:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:57:A2:1F:19:8E:FB:A1:79:EB:2A:48:D9:A3:8D:02:08:4F:32:8B
            X509v3 Authority Key Identifier:
                keyid:5D:B7:57:BF:57:46:F2:6A:07:C9:20:87:01:B0:D5:4B:69:BC:33:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XbdXv1dG8moHySCHAbDVS2m8M2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:e7:1e:85:3c:df:30:86:a0:8e:ec:31:63:7e:78:91:e2:f5:
         7f:3a:87:9c:89:23:5d:93:7e:47:86:05:cd:d6:7a:00:de:9a:
         1b:9a:4a:ca:e5:c5:d0:ae:c2:33:1b:a5:48:d6:56:05:c9:ce:
         59:a9:dc:98:ef:be:06:b0:d2:b0:b5:0e:98:d5:c3:8f:c5:82:
         b5:64:2d:9c:6a:fd:dd:4f:e2:d4:23:80:af:fb:9f:44:62:7a:
         94:0d:2d:33:8e:c3:3b:89:81:42:18:0c:59:02:89:53:f5:08:
         46:bf:3e:c0:d3:7f:7f:2f:23:08:a1:7d:ea:00:c8:c5:5b:2d:
         e1:e6:35:f3:1c:5c:26:d8:85:4f:97:0f:77:ba:53:cd:ec:86:
         dd:08:e6:1c:93:58:0d:19:ac:db:c0:bf:f1:09:d8:6d:f7:46:
         40:38:44:c7:73:60:f8:21:1d:d9:da:0e:de:f5:e9:6c:72:74:
         1e:da:54:4c:c4:77:e0:62:6a:8d:83:ce:8b:4e:5e:ac:e5:76:
         63:32:b8:cb:fe:db:a2:89:61:38:8f:d1:61:39:9d:17:7c:ab:
         ee:18:7f:b8:f2:bf:fd:73:91:a2:64:5e:81:32:7e:07:70:44:
         3e:61:b0:ab:7e:6e:c0:de:5b:04:c8:de:ed:46:4a:13:03:74:
         77:93:69:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Dt8+s1591JklK06x5s4eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYjc1N2JmNTc0NmYyNmEwN2M5MjA4NzAxYjBkNTRiNjli
YzMzNjQwHhcNMjUwNjI4MTUwMTM0WhcNMjUwNjI5MTUwMTM0WjAzMTEwLwYDVQQD
EygxMzU3YTIxZjE5OGVmYmExNzllYjJhNDhkOWEzOGQwMjA4NGYzMjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3F2cSFECrXiTftjHOIXBmp7yvWC
x7uF53ebVznzDEuWbt24ZltmaV2D1DL/qeohuvdr4V4LB3QoirFvf/Xnj/KwwVRe
3YGPLBldsuXISNrzBZ3josom2CBB+ozaB09NhzNQ4dc6tnqNDGKyD5ey4ZDdA2hl
o12+cNGMRgwmhwP4zkziTsDHlDH3gJOaqiz9CSu7osXGaPP9FJHYU/YgOAwhKfVd
mb4w7P9yv9JE9w92Ru/PgAaQL0EXlCaL4ncnhFa6ttxZC0MxlixpBskw5UhaJSxI
9/CfM9JTUkIygvwH+6LwDbn/Gn1QMO5P+bJWcWthvkJdUm6RmDA/2P3x8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBNXoh8ZjvuheesqSNmjjQIITzKLMB8GA1UdIwQY
MBaAFF23V79XRvJqB8kghwGw1UtpvDNkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGJkWHYxZEc4bW9IeVNDSEFiRFZTMm04TTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8yYjMzODctM2IzNC00NTdlLWFiMWMt
M2FiNTJiM2JjYzNiLzEvWGJkWHYxZEc4bW9IeVNDSEFiRFZTMm04TTJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8yYjMzODctM2IzNC00NTdlLWFiMWMtM2FiNTJiM2JjYzNi
LzEvWGJkWHYxZEc4bW9IeVNDSEFiRFZTMm04TTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUecehTzf
MIagjuwxY354keL1fzqHnIkjXZN+R4YFzdZ6AN6aG5pKyuXF0K7CMxulSNZWBcnO
WancmO++BrDSsLUOmNXDj8WCtWQtnGr93U/i1COAr/ufRGJ6lA0tM47DO4mBQhgM
WQKJU/UIRr8+wNN/fy8jCKF96gDIxVst4eY18xxcJtiFT5cPd7pTzeyG3QjmHJNY
DRms28C/8QnYbfdGQDhEx3Ng+CEd2doO3vXpbHJ0HtpUTMR34GJqjYPOi05erOV2
YzK4y/7boolhOI/RYTmdF3yr7hh/uPK//XORomRegTJ+B3BEPmGwq35uwN5bBMje
7UZKEwN0d5NpbQ==
-----END CERTIFICATE-----