Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
File:                     xndznw-VRrTwJXcsXCsXl4WSOFI.mft (raw, json)
Hash identifier:          Z2DWnb4RHfTltRy0pAQfF1/J94KrbBIogqp6fz0ab4Q=
Subject key identifier:   F8:E9:6A:51:05:56:F8:62:6B:EA:1F:2F:3C:E4:4B:89:1C:E3:43:81
Authority key identifier: C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52
Certificate issuer:       /CN=c677739f0f9546b4f025772c5c2b179785923852
Certificate serial:       0198D5163BCE455F36A6AD38277EBA7081B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
Manifest number:          145B
Signing time:             Sat 23 Aug 2025 04:01:00 +0000
Manifest this update:     Sat 23 Aug 2025 04:01:00 +0000
Manifest next update:     Sun 24 Aug 2025 04:01:00 +0000
Files and hashes:         1: xndznw-VRrTwJXcsXCsXl4WSOFI.crl (hash: k95NTwKEp0IVymOnaeAsHMbGqUPABVM1yEzPA6mfNio=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:16:3b:ce:45:5f:36:a6:ad:38:27:7e:ba:70:81:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c677739f0f9546b4f025772c5c2b179785923852
        Validity
            Not Before: Aug 23 04:01:00 2025 GMT
            Not After : Aug 24 04:01:00 2025 GMT
        Subject: CN=f8e96a510556f8626bea1f2f3ce44b891ce34381
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:ea:3e:85:0b:ce:5c:f2:ca:4d:8a:8b:ff:28:
                    dc:4b:96:ef:56:a4:a0:f6:69:83:d0:f2:3b:57:ea:
                    df:9b:07:6f:ae:26:97:20:08:cb:15:14:4b:f8:c9:
                    ef:7e:6e:31:14:a7:1b:9c:7a:91:c0:c7:da:67:c7:
                    b3:3a:3c:67:54:14:11:38:e3:39:a5:b8:22:b5:e3:
                    77:f0:20:b8:bf:15:b1:fb:cc:7f:a0:5c:60:ba:79:
                    a0:ae:51:dc:f4:58:b0:bf:06:b3:c8:4c:f6:73:53:
                    15:f6:ec:22:03:52:05:71:0d:d5:0c:e0:5f:8a:d0:
                    25:05:9d:31:19:6c:0b:21:bb:bc:f1:a4:b1:8a:5e:
                    bc:14:36:cb:3e:e3:52:fa:a3:c9:23:33:a7:18:81:
                    bd:7a:6e:e7:35:18:ca:da:68:36:a5:aa:7a:17:79:
                    99:c8:a9:74:11:a2:b9:19:6b:fd:2a:cf:c2:00:99:
                    cd:8e:5d:1b:65:61:f1:1d:c6:22:4f:fd:ea:15:43:
                    8f:d6:88:ac:6e:45:36:88:2f:39:66:ff:02:9b:35:
                    f2:b7:d6:51:fc:ed:91:cf:63:b3:83:9d:24:4d:6d:
                    50:94:c6:ff:a9:0c:30:95:96:5f:6b:73:16:12:48:
                    dc:e5:95:8a:3b:e4:69:79:c1:61:b6:93:b2:3e:dd:
                    2f:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:E9:6A:51:05:56:F8:62:6B:EA:1F:2F:3C:E4:4B:89:1C:E3:43:81
            X509v3 Authority Key Identifier:
                keyid:C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:da:f9:24:74:ae:ef:02:76:e8:45:e0:7c:55:a8:0e:bd:b2:
         71:0e:0a:dc:91:74:01:b3:e3:cd:0a:f4:c2:bf:d3:1b:c4:86:
         7a:d7:09:d7:d4:e3:53:61:f0:55:f5:df:49:b6:73:d5:ce:ce:
         82:3e:37:02:93:2a:f5:6a:14:be:63:27:a6:ca:97:e4:ed:ff:
         d9:0a:e6:91:b9:54:b5:a5:df:45:d8:96:58:76:d3:12:bd:4d:
         59:80:90:7c:11:54:6b:56:87:3d:eb:65:7f:29:08:0e:4c:00:
         65:70:72:17:68:33:f2:df:a7:b1:aa:43:de:33:e0:5d:db:9f:
         25:af:fb:1e:2a:b7:d9:11:42:e7:49:ec:d9:2c:5e:d6:0c:0f:
         db:ff:4a:ef:5f:d2:e3:ec:31:55:39:8b:40:eb:97:09:ec:23:
         5b:03:2b:b1:13:e9:58:d2:2d:3d:cb:93:e7:cb:cd:e7:43:5d:
         9f:35:38:ce:07:01:47:f0:96:0f:8f:4e:80:18:08:af:f0:77:
         3e:13:9d:34:ab:c4:b9:ce:d0:0f:bd:66:d3:c5:f2:f8:c5:46:
         0d:ed:ca:34:95:bf:3e:02:b1:93:f3:79:54:f2:50:d2:cb:3b:
         3f:51:df:83:f4:d7:96:af:ad:20:7a:7d:7d:35:02:58:c6:df:
         01:90:13:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFjvORV82pq04J366cIGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2Nzc3MzlmMGY5NTQ2YjRmMDI1NzcyYzVjMmIxNzk3ODU5
MjM4NTIwHhcNMjUwODIzMDQwMTAwWhcNMjUwODI0MDQwMTAwWjAzMTEwLwYDVQQD
EyhmOGU5NmE1MTA1NTZmODYyNmJlYTFmMmYzY2U0NGI4OTFjZTM0MzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuo+hQvOXPLKTYqL/yjcS5bvVqSg
9mmD0PI7V+rfmwdvriaXIAjLFRRL+Mnvfm4xFKcbnHqRwMfaZ8ezOjxnVBQROOM5
pbgiteN38CC4vxWx+8x/oFxgunmgrlHc9FiwvwazyEz2c1MV9uwiA1IFcQ3VDOBf
itAlBZ0xGWwLIbu88aSxil68FDbLPuNS+qPJIzOnGIG9em7nNRjK2mg2pap6F3mZ
yKl0EaK5GWv9Ks/CAJnNjl0bZWHxHcYiT/3qFUOP1oisbkU2iC85Zv8CmzXyt9ZR
/O2Rz2Ozg50kTW1QlMb/qQwwlZZfa3MWEkjc5ZWKO+RpecFhtpOyPt0vSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPjpalEFVvhia+ofLzzkS4kc40OBMB8GA1UdIwQY
MBaAFMZ3c58PlUa08CV3LFwrF5eFkjhSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQt
YzY4NWZhOTE2YjA3LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQtYzY4NWZhOTE2YjA3
LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg9r5JHSu
7wJ26EXgfFWoDr2ycQ4K3JF0AbPjzQr0wr/TG8SGetcJ19TjU2HwVfXfSbZz1c7O
gj43ApMq9WoUvmMnpsqX5O3/2QrmkblUtaXfRdiWWHbTEr1NWYCQfBFUa1aHPetl
fykIDkwAZXByF2gz8t+nsapD3jPgXdufJa/7Hiq32RFC50ns2Sxe1gwP2/9K71/S
4+wxVTmLQOuXCewjWwMrsRPpWNItPcuT58vN50NdnzU4zgcBR/CWD49OgBgIr/B3
PhOdNKvEuc7QD71m08Xy+MVGDe3KNJW/PgKxk/N5VPJQ0ss7P1Hfg/TXlq+tIHp9
fTUCWMbfAZATOQ==
-----END CERTIFICATE-----