Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.mft
File:                     XKiGCq68SoHT0ibUI4c-M8OICqo.mft (raw, json)
Hash identifier:          rljcIu7knDmFPi1RqNEvcczZOgSmcLtDRgcX5vPQR9M=
Subject key identifier:   48:0E:09:4C:0E:40:C9:6F:2C:8D:9F:3B:29:F9:C4:E2:60:3A:29:E6
Authority key identifier: 5C:A8:86:0A:AE:BC:4A:81:D3:D2:26:D4:23:87:3E:33:C3:88:0A:AA
Certificate issuer:       /CN=5ca8860aaebc4a81d3d226d423873e33c3880aaa
Certificate serial:       0197B6A0BBE113A13468A42B42591F26E257
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XKiGCq68SoHT0ibUI4c-M8OICqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.mft
Manifest number:          0A2D
Signing time:             Sat 28 Jun 2025 13:01:16 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:16 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:16 +0000
Files and hashes:         1: XKiGCq68SoHT0ibUI4c-M8OICqo.crl (hash: 8lXwq+ZTeJrUVlnFlUC5QgSC+jjFeS/wYz/ko+Ax2FM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XKiGCq68SoHT0ibUI4c-M8OICqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:bb:e1:13:a1:34:68:a4:2b:42:59:1f:26:e2:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ca8860aaebc4a81d3d226d423873e33c3880aaa
        Validity
            Not Before: Jun 28 13:01:16 2025 GMT
            Not After : Jun 29 13:01:16 2025 GMT
        Subject: CN=480e094c0e40c96f2c8d9f3b29f9c4e2603a29e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:04:03:4d:ff:ef:ac:04:96:aa:26:99:c6:27:
                    71:dd:8d:3b:d6:b5:db:62:c6:81:df:40:74:3c:35:
                    ee:ae:fd:71:71:72:36:b3:88:ce:c3:40:55:02:0a:
                    f5:7b:b3:57:11:0a:65:24:35:03:f1:ea:e9:7f:dc:
                    94:f8:79:4b:d7:49:80:0b:de:93:29:d0:17:88:a0:
                    3b:fe:3b:42:12:72:ae:c0:f2:81:f0:cb:7a:79:24:
                    ad:95:82:fa:c1:f6:0e:3a:0c:df:4b:ab:b9:67:58:
                    45:b7:5d:3d:0b:b8:52:47:4d:d5:92:6b:ef:1e:87:
                    0b:e7:8d:1a:9b:44:2b:29:d8:2c:87:bd:c3:a8:1c:
                    ef:b6:2c:c8:de:3f:46:22:4f:54:42:94:c2:f0:5d:
                    bf:ed:e0:aa:19:cb:1c:3e:1d:64:93:1f:04:d3:54:
                    62:11:8b:2b:da:7f:27:24:c5:e5:85:a9:bb:72:7d:
                    8b:cc:45:e8:6a:ed:1d:d1:ad:86:fd:e7:fa:14:3f:
                    42:76:4d:6f:34:45:f0:3b:80:1e:99:f5:77:91:5b:
                    47:e2:d2:68:84:e0:6a:69:26:b0:5f:b7:1b:03:0c:
                    a0:64:f7:03:c3:b5:2b:65:ed:3d:6d:f7:0b:11:61:
                    ac:68:9e:bc:73:11:46:55:25:d5:2a:cb:a9:7b:02:
                    3a:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:0E:09:4C:0E:40:C9:6F:2C:8D:9F:3B:29:F9:C4:E2:60:3A:29:E6
            X509v3 Authority Key Identifier:
                keyid:5C:A8:86:0A:AE:BC:4A:81:D3:D2:26:D4:23:87:3E:33:C3:88:0A:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XKiGCq68SoHT0ibUI4c-M8OICqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:83:30:2d:55:03:51:5f:0f:63:7b:22:44:fa:ac:d5:1a:3b:
         d9:49:77:ec:3d:27:bd:bc:6b:fb:c7:00:a5:3a:36:6b:25:1d:
         2a:f6:f0:83:2c:2c:3e:fb:40:17:64:88:e6:bf:34:78:d6:83:
         1d:36:31:81:1a:8d:fa:e2:b6:d3:33:0c:de:83:92:95:61:26:
         57:65:66:c6:49:ec:a7:40:9c:29:02:26:7e:e3:c5:7d:50:28:
         fc:33:33:80:85:29:4b:79:c2:58:12:ef:5d:44:fd:c3:3c:0b:
         67:bb:fe:87:67:43:6b:fb:03:d7:28:ee:56:13:d1:2d:88:f8:
         05:94:69:98:a6:9f:e2:36:2c:52:d8:6d:5b:27:8e:db:3d:32:
         0b:6e:0d:cf:9b:35:c8:31:4a:17:6d:34:91:95:64:39:14:8e:
         9d:fc:9a:2d:67:e9:b2:db:8f:1f:b7:62:08:9b:aa:97:ef:0c:
         dd:02:d4:ec:f5:6a:23:01:cf:14:fa:cb:1f:a6:a3:42:3a:f9:
         57:80:bf:b5:1b:50:09:c3:3c:28:01:bc:32:10:cd:44:a5:c5:
         33:51:e5:e9:b2:fd:f3:c0:e7:9d:94:60:62:35:e6:bb:6f:10:
         11:38:c9:46:89:78:7d:b1:2b:82:22:f2:b4:66:9a:f7:ff:43:
         f0:a2:fd:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oLvhE6E0aKQrQlkfJuJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYTg4NjBhYWViYzRhODFkM2QyMjZkNDIzODczZTMzYzM4
ODBhYWEwHhcNMjUwNjI4MTMwMTE2WhcNMjUwNjI5MTMwMTE2WjAzMTEwLwYDVQQD
Eyg0ODBlMDk0YzBlNDBjOTZmMmM4ZDlmM2IyOWY5YzRlMjYwM2EyOWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAQDTf/vrASWqiaZxidx3Y071rXb
YsaB30B0PDXurv1xcXI2s4jOw0BVAgr1e7NXEQplJDUD8erpf9yU+HlL10mAC96T
KdAXiKA7/jtCEnKuwPKB8Mt6eSStlYL6wfYOOgzfS6u5Z1hFt109C7hSR03Vkmvv
HocL540am0QrKdgsh73DqBzvtizI3j9GIk9UQpTC8F2/7eCqGcscPh1kkx8E01Ri
EYsr2n8nJMXlham7cn2LzEXoau0d0a2G/ef6FD9Cdk1vNEXwO4AemfV3kVtH4tJo
hOBqaSawX7cbAwygZPcDw7UrZe09bfcLEWGsaJ68cxFGVSXVKsupewI6cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEgOCUwOQMlvLI2fOyn5xOJgOinmMB8GA1UdIwQY
MBaAFFyohgquvEqB09Im1COHPjPDiAqqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEtpR0NxNjhTb0hUMGliVUk0Yy1NOE9JQ3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC83OTgwYjQtY2Q0NC00NTk3LTg1N2Qt
NjJkMTNiMDMxNDE5LzEvWEtpR0NxNjhTb0hUMGliVUk0Yy1NOE9JQ3FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC83OTgwYjQtY2Q0NC00NTk3LTg1N2QtNjJkMTNiMDMxNDE5
LzEvWEtpR0NxNjhTb0hUMGliVUk0Yy1NOE9JQ3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXIMwLVUD
UV8PY3siRPqs1Ro72Ul37D0nvbxr+8cApTo2ayUdKvbwgywsPvtAF2SI5r80eNaD
HTYxgRqN+uK20zMM3oOSlWEmV2Vmxknsp0CcKQImfuPFfVAo/DMzgIUpS3nCWBLv
XUT9wzwLZ7v+h2dDa/sD1yjuVhPRLYj4BZRpmKaf4jYsUthtWyeO2z0yC24Nz5s1
yDFKF200kZVkORSOnfyaLWfpstuPH7diCJuql+8M3QLU7PVqIwHPFPrLH6ajQjr5
V4C/tRtQCcM8KAG8MhDNRKXFM1Hl6bL988DnnZRgYjXmu28QETjJRol4fbErgiLy
tGaa9/9D8KL9XA==
-----END CERTIFICATE-----