Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
File:                     XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft (raw, json)
Hash identifier:          w2m652wYhHnwsmfBP7HBpZ/K4T96QNgMW2hwhc1h08g=
Subject key identifier:   D7:56:B3:65:AD:4D:E0:D2:CF:BD:BB:0D:2F:65:3C:61:57:E7:07:C9
Authority key identifier: 5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95
Certificate issuer:       /CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495
Certificate serial:       0197B74544167E8A871E6792152B2E56BDC6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
Manifest number:          05C7
Signing time:             Sat 28 Jun 2025 16:00:59 +0000
Manifest this update:     Sat 28 Jun 2025 16:00:59 +0000
Manifest next update:     Sun 29 Jun 2025 16:00:59 +0000
Files and hashes:         1: XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl (hash: K7+NFFtBeBoaYIufquVUjKb7MHgE0AehgSXxpBUmvL4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:44:16:7e:8a:87:1e:67:92:15:2b:2e:56:bd:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495
        Validity
            Not Before: Jun 28 16:00:59 2025 GMT
            Not After : Jun 29 16:00:59 2025 GMT
        Subject: CN=d756b365ad4de0d2cfbdbb0d2f653c6157e707c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:de:ad:60:93:25:ca:9d:f2:9f:3b:d2:fa:f4:
                    be:33:bb:e6:e5:90:6f:93:82:ea:ba:89:b1:f3:35:
                    ae:1d:30:a2:9a:ef:8b:58:7e:97:08:0d:00:37:51:
                    93:d1:2e:c6:7c:8d:c3:7e:15:53:f9:ee:2e:dd:36:
                    1b:20:dc:66:cc:b4:8a:2c:23:7d:ef:5c:bd:37:4f:
                    1c:bb:fd:85:95:91:6a:33:fc:85:66:65:2c:84:60:
                    0e:cb:b9:3b:7f:5b:06:35:c8:9b:56:77:b2:c9:d4:
                    32:fc:81:5c:cd:60:f3:10:a3:db:b7:31:60:d7:a6:
                    9c:e4:c6:8b:c7:8d:1f:67:cc:e7:21:14:10:58:52:
                    5c:b5:9a:11:e3:a7:2d:35:26:99:70:d0:ac:d1:cb:
                    ca:cf:c1:aa:29:d6:32:73:7e:85:74:a6:10:6c:40:
                    a1:c4:53:dc:6e:42:51:37:e1:36:34:bc:e6:e3:f2:
                    77:2e:e8:5b:08:1a:b6:0f:29:21:35:52:3e:1b:4b:
                    55:a7:7c:bf:1f:90:9f:32:7c:ea:47:a7:70:07:ad:
                    db:3d:c4:b9:7e:04:7a:75:7c:46:6a:8b:8d:fd:7c:
                    49:f3:c9:d1:54:e0:89:73:c5:99:96:4e:b3:4a:a1:
                    f2:cd:90:45:c4:31:cc:5e:8c:f0:c3:22:05:9c:c2:
                    b5:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:56:B3:65:AD:4D:E0:D2:CF:BD:BB:0D:2F:65:3C:61:57:E7:07:C9
            X509v3 Authority Key Identifier:
                keyid:5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:ce:9b:87:55:2f:46:52:32:f8:9c:ad:bf:39:12:cb:42:4e:
         58:28:c9:88:a3:09:b5:c2:c5:25:69:ae:3e:d1:9d:4a:9f:85:
         b1:9a:fc:32:b1:29:b2:88:ea:c7:77:a3:e5:a3:10:bd:6f:d5:
         12:2b:c2:7c:7a:50:80:a2:fa:08:4a:ce:ad:d9:a7:25:e2:13:
         c9:19:76:d2:d3:9c:73:aa:22:f0:b1:b9:cd:ff:a5:4d:8f:3d:
         ca:2a:e9:02:54:5d:6d:81:74:bb:31:8f:e8:ad:b3:e9:2f:dd:
         e4:0d:21:b6:38:34:41:b2:79:45:81:e9:ce:25:4f:d5:c4:5b:
         06:7c:db:c4:16:ec:57:bc:a2:dc:3b:44:2d:e4:9c:16:9b:7b:
         ab:f2:8b:6c:5b:76:87:2d:f9:7c:e2:1f:2a:b5:5a:e2:4b:65:
         d3:9f:e5:70:a0:40:69:12:e3:ca:0c:c4:e6:d1:03:a3:72:fd:
         ac:2e:37:09:47:3e:05:b5:31:ce:18:99:64:28:d0:cc:8a:6b:
         5f:49:6e:5f:03:bc:b2:57:d7:ec:69:13:8b:41:ca:ac:0a:84:
         8c:59:5d:1a:42:d1:1b:c3:18:f2:44:b5:49:ca:28:eb:54:e0:
         22:c1:c1:a8:25:4a:a0:b3:63:b4:77:ed:c2:f2:16:e9:cb:7d:
         cc:17:1d:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RUQWfoqHHmeSFSsuVr3GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMjE5NjhlOTFjMmY0N2YxYjA3YzFmMzVmZTdkMjYzYzU2
ZDA0OTUwHhcNMjUwNjI4MTYwMDU5WhcNMjUwNjI5MTYwMDU5WjAzMTEwLwYDVQQD
EyhkNzU2YjM2NWFkNGRlMGQyY2ZiZGJiMGQyZjY1M2M2MTU3ZTcwN2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyN6tYJMlyp3ynzvS+vS+M7vm5ZBv
k4Lquomx8zWuHTCimu+LWH6XCA0AN1GT0S7GfI3DfhVT+e4u3TYbINxmzLSKLCN9
71y9N08cu/2FlZFqM/yFZmUshGAOy7k7f1sGNcibVneyydQy/IFczWDzEKPbtzFg
16ac5MaLx40fZ8znIRQQWFJctZoR46ctNSaZcNCs0cvKz8GqKdYyc36FdKYQbECh
xFPcbkJRN+E2NLzm4/J3LuhbCBq2DykhNVI+G0tVp3y/H5CfMnzqR6dwB63bPcS5
fgR6dXxGaouN/XxJ88nRVOCJc8WZlk6zSqHyzZBFxDHMXozwwyIFnMK1twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNdWs2WtTeDSz727DS9lPGFX5wfJMB8GA1UdIwQY
MBaAFF0hlo6RwvR/GwfB81/n0mPFbQSVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUt
MWVjMzc0NjVkM2FmLzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUtMWVjMzc0NjVkM2Fm
LzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfs6bh1Uv
RlIy+JytvzkSy0JOWCjJiKMJtcLFJWmuPtGdSp+FsZr8MrEpsojqx3ej5aMQvW/V
EivCfHpQgKL6CErOrdmnJeITyRl20tOcc6oi8LG5zf+lTY89yirpAlRdbYF0uzGP
6K2z6S/d5A0htjg0QbJ5RYHpziVP1cRbBnzbxBbsV7yi3DtELeScFpt7q/KLbFt2
hy35fOIfKrVa4ktl05/lcKBAaRLjygzE5tEDo3L9rC43CUc+BbUxzhiZZCjQzIpr
X0luXwO8slfX7GkTi0HKrAqEjFldGkLRG8MY8kS1Scoo61TgIsHBqCVKoLNjtHft
wvIW6ct9zBcdHw==
-----END CERTIFICATE-----