Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.mft
File:                     XKiGCq68SoHT0ibUI4c-M8OICqo.mft (raw, json)
Hash identifier:          3ph60hz7fp7poWp4hTRt39fXQfS8m8zMR9L45j+Mv38=
Subject key identifier:   08:09:57:80:19:DA:80:42:17:38:3A:3E:3A:AF:50:F3:56:4B:D8:1C
Authority key identifier: 5C:A8:86:0A:AE:BC:4A:81:D3:D2:26:D4:23:87:3E:33:C3:88:0A:AA
Certificate issuer:       /CN=5ca8860aaebc4a81d3d226d423873e33c3880aaa
Certificate serial:       0198D65F4D61051309232C64F2D35307C384
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XKiGCq68SoHT0ibUI4c-M8OICqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.mft
Manifest number:          0AC2
Signing time:             Sat 23 Aug 2025 10:00:26 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:26 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:26 +0000
Files and hashes:         1: XKiGCq68SoHT0ibUI4c-M8OICqo.crl (hash: 9uLCUvIyHFGELhFcx7vARk2lMeBcxDBmUb1YkJoKRfw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XKiGCq68SoHT0ibUI4c-M8OICqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:4d:61:05:13:09:23:2c:64:f2:d3:53:07:c3:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ca8860aaebc4a81d3d226d423873e33c3880aaa
        Validity
            Not Before: Aug 23 10:00:26 2025 GMT
            Not After : Aug 24 10:00:26 2025 GMT
        Subject: CN=0809578019da804217383a3e3aaf50f3564bd81c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:c3:18:51:fb:1b:09:6a:18:6f:40:59:8f:6f:
                    ab:24:47:3a:f4:4a:9f:1e:af:b3:0c:f9:28:73:ae:
                    4b:c1:0d:13:90:84:95:95:18:64:05:31:14:33:f6:
                    f9:78:64:ca:76:0a:1f:eb:22:4a:19:ba:21:7a:1c:
                    22:0e:c4:41:f0:fb:40:89:2a:65:98:82:3c:e0:7a:
                    a8:e9:75:76:ee:b5:f2:62:8e:10:fa:75:73:64:ee:
                    a2:cf:a8:18:34:cc:8c:9c:59:9d:8b:61:44:2a:b7:
                    ba:62:50:81:f7:f1:33:f7:67:1a:76:8a:7b:c8:21:
                    17:6e:9f:9c:3e:2d:90:ab:77:c7:3d:ef:c0:03:6d:
                    1c:5b:4c:e6:99:29:89:d0:31:88:71:c0:ea:db:de:
                    0d:5c:22:be:3e:3f:d6:09:03:ea:a8:0d:ff:86:b1:
                    3d:3e:3f:32:f5:ad:15:c3:72:27:f3:e9:6d:b7:1c:
                    56:53:ff:71:55:a3:bb:73:af:c2:92:d2:ef:31:1e:
                    51:74:16:94:c2:45:97:70:db:ff:3c:d7:0c:7a:7f:
                    0b:5c:0f:a3:67:52:1a:13:e9:5d:32:13:29:5a:e2:
                    d2:59:6a:70:2f:19:6b:8d:0d:65:12:64:0d:89:18:
                    56:34:66:82:0a:7a:63:51:34:5c:98:64:b8:a9:cc:
                    62:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:09:57:80:19:DA:80:42:17:38:3A:3E:3A:AF:50:F3:56:4B:D8:1C
            X509v3 Authority Key Identifier:
                keyid:5C:A8:86:0A:AE:BC:4A:81:D3:D2:26:D4:23:87:3E:33:C3:88:0A:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XKiGCq68SoHT0ibUI4c-M8OICqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:1c:fa:63:26:f7:c4:5c:80:fa:95:15:a1:d5:80:6b:db:62:
         e1:5e:eb:eb:37:84:9b:b7:bd:32:e0:ad:81:4d:42:e2:be:1f:
         60:25:54:9c:a8:1b:da:50:20:be:6d:42:a8:d5:3c:87:c9:87:
         32:65:d7:0e:91:c8:d3:91:21:e3:ad:b6:4a:41:f0:78:f8:ae:
         10:e8:7f:a5:af:96:eb:40:5f:f2:d8:2a:eb:39:cd:50:74:b4:
         88:54:9b:66:3c:4f:f6:64:5c:9e:d8:f4:de:18:35:41:0d:11:
         04:4f:72:91:f2:56:6f:99:8b:0b:d8:01:d4:2b:6a:f9:6a:28:
         23:23:88:7e:25:ed:0e:81:33:bf:cc:8c:e7:e1:f8:90:eb:aa:
         df:88:a5:eb:27:16:2e:5b:97:ec:f2:2d:8d:d6:ce:68:b3:c8:
         0d:41:18:c9:32:85:f9:98:9f:07:92:dd:78:16:19:96:7e:81:
         95:a8:61:e0:e5:d1:82:4e:56:be:ef:8f:62:2b:a6:c7:62:4b:
         d7:78:a4:0d:84:e4:85:56:e0:48:23:9c:f9:24:20:9e:7e:6f:
         59:aa:33:6e:70:b2:aa:23:2c:cd:2f:31:0a:94:be:cc:45:d4:
         0f:e5:00:11:9c:73:8a:e7:00:4c:4a:2a:ec:b8:ec:47:9c:b4:
         4d:fa:1d:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX01hBRMJIyxk8tNTB8OEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYTg4NjBhYWViYzRhODFkM2QyMjZkNDIzODczZTMzYzM4
ODBhYWEwHhcNMjUwODIzMTAwMDI2WhcNMjUwODI0MTAwMDI2WjAzMTEwLwYDVQQD
EygwODA5NTc4MDE5ZGE4MDQyMTczODNhM2UzYWFmNTBmMzU2NGJkODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsMYUfsbCWoYb0BZj2+rJEc69Eqf
Hq+zDPkoc65LwQ0TkISVlRhkBTEUM/b5eGTKdgof6yJKGbohehwiDsRB8PtAiSpl
mII84Hqo6XV27rXyYo4Q+nVzZO6iz6gYNMyMnFmdi2FEKre6YlCB9/Ez92cadop7
yCEXbp+cPi2Qq3fHPe/AA20cW0zmmSmJ0DGIccDq294NXCK+Pj/WCQPqqA3/hrE9
Pj8y9a0Vw3In8+lttxxWU/9xVaO7c6/CktLvMR5RdBaUwkWXcNv/PNcMen8LXA+j
Z1IaE+ldMhMpWuLSWWpwLxlrjQ1lEmQNiRhWNGaCCnpjUTRcmGS4qcxiGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAgJV4AZ2oBCFzg6PjqvUPNWS9gcMB8GA1UdIwQY
MBaAFFyohgquvEqB09Im1COHPjPDiAqqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEtpR0NxNjhTb0hUMGliVUk0Yy1NOE9JQ3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC83OTgwYjQtY2Q0NC00NTk3LTg1N2Qt
NjJkMTNiMDMxNDE5LzEvWEtpR0NxNjhTb0hUMGliVUk0Yy1NOE9JQ3FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC83OTgwYjQtY2Q0NC00NTk3LTg1N2QtNjJkMTNiMDMxNDE5
LzEvWEtpR0NxNjhTb0hUMGliVUk0Yy1NOE9JQ3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFRz6Yyb3
xFyA+pUVodWAa9ti4V7r6zeEm7e9MuCtgU1C4r4fYCVUnKgb2lAgvm1CqNU8h8mH
MmXXDpHI05Eh4622SkHwePiuEOh/pa+W60Bf8tgq6znNUHS0iFSbZjxP9mRcntj0
3hg1QQ0RBE9ykfJWb5mLC9gB1Ctq+WooIyOIfiXtDoEzv8yM5+H4kOuq34il6ycW
LluX7PItjdbOaLPIDUEYyTKF+ZifB5LdeBYZln6Blahh4OXRgk5Wvu+PYiumx2JL
13ikDYTkhVbgSCOc+SQgnn5vWaozbnCyqiMszS8xCpS+zEXUD+UAEZxziucATEoq
7LjsR5y0Tfod7g==
-----END CERTIFICATE-----