Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
File:                     xcidUmDLNP27s7wlv0rbr0zcaKA.mft (raw, json)
Hash identifier:          bTeyIoxX1+UwuKHC5EhCbV15Nx/ETvLDi3UUVjlE/GM=
Subject key identifier:   F0:83:87:63:64:AB:37:18:92:FC:89:15:4C:33:8E:57:A0:3A:1F:36
Authority key identifier: C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0
Certificate issuer:       /CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
Certificate serial:       0199FFC7ACC5401ED225E68F35514C7AD14F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
Manifest number:          06A0
Signing time:             Mon 20 Oct 2025 04:01:39 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:39 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:39 +0000
Files and hashes:         1: xcidUmDLNP27s7wlv0rbr0zcaKA.crl (hash: 8WhexRJFHgIa4ikpjnTlfq+bqGEsqed4oQa258P/xD0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:ac:c5:40:1e:d2:25:e6:8f:35:51:4c:7a:d1:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
        Validity
            Not Before: Oct 20 04:01:39 2025 GMT
            Not After : Oct 21 04:01:39 2025 GMT
        Subject: CN=f083876364ab371892fc89154c338e57a03a1f36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:86:23:fc:42:06:60:f7:12:83:33:32:44:39:
                    58:40:f3:54:77:f9:c5:9a:c7:a5:d3:cb:42:7c:39:
                    32:57:93:dd:c4:ed:e9:af:0a:80:48:35:9b:90:c6:
                    08:f2:79:ae:b8:00:36:a4:ab:f0:76:6d:a5:62:e5:
                    09:d1:66:d4:3d:b8:03:c6:3a:8d:8c:f3:a5:cd:5c:
                    91:86:dc:d5:32:bb:94:0b:af:bd:08:6b:73:38:9b:
                    db:d2:40:98:20:15:17:40:51:51:d3:33:24:f4:9d:
                    0b:cf:bc:80:b1:b2:63:66:46:1d:09:5a:4e:d3:93:
                    81:c5:24:c0:00:5d:84:b4:7f:ef:b3:1b:1f:c4:24:
                    99:8a:8c:8e:44:b6:04:ad:28:a6:39:93:2f:34:99:
                    30:e6:ec:c5:04:3f:35:ea:20:3b:e3:a7:d6:6c:b5:
                    26:11:61:60:5d:c4:23:e8:4d:dd:43:6f:73:65:c7:
                    48:c3:fe:16:8d:7f:c2:f7:ac:8f:91:2c:c5:ca:fb:
                    1f:72:bc:b7:85:85:5a:28:81:cc:73:bf:a2:c2:98:
                    ab:fa:e0:ba:cc:f7:9d:6b:27:2e:59:23:40:ec:35:
                    b4:65:f2:c7:1f:ca:b7:20:04:be:b0:c4:76:df:cf:
                    75:c2:71:56:c2:79:43:47:9e:ea:f8:b2:74:a5:8c:
                    3f:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:83:87:63:64:AB:37:18:92:FC:89:15:4C:33:8E:57:A0:3A:1F:36
            X509v3 Authority Key Identifier:
                keyid:C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:73:59:73:b5:8f:d5:f0:d3:2f:07:68:e3:85:6c:d7:d9:d1:
         9e:23:b6:29:aa:cc:eb:0c:9d:1d:92:f4:33:dd:17:9d:bc:b0:
         dd:ca:ec:60:22:26:f3:2a:83:d3:88:af:ad:8f:4e:8d:65:71:
         e8:bb:29:31:0a:ab:9c:d1:ff:f2:30:1c:19:b0:8e:b4:10:d8:
         7c:95:5c:e0:ba:7b:a9:6f:af:ca:e2:8b:da:65:66:33:f1:31:
         30:4e:3e:59:66:5c:37:a9:86:ee:f7:78:75:5e:d3:b2:fe:a7:
         e2:11:12:55:6f:50:e0:8a:5c:52:82:71:79:5b:ed:a1:c2:ca:
         c2:bf:f2:5c:45:56:43:ee:00:54:1c:b4:40:32:e0:ed:b2:22:
         af:31:8c:76:14:01:96:c6:e5:c3:ca:8f:5d:93:cb:f0:6f:de:
         26:97:a5:d9:de:06:53:9e:1a:a1:84:01:5a:19:3d:d4:8d:c7:
         af:01:45:d8:74:81:19:5b:98:f3:21:ec:23:24:98:d3:b8:0f:
         49:1d:bc:f4:fb:97:5d:e6:41:fe:ce:07:eb:87:d2:3f:50:49:
         ad:90:4d:f0:3e:38:a2:e9:21:3c:75:b5:c7:a9:da:de:b3:50:
         4c:de:85:d8:38:1b:80:df:47:01:ac:52:61:e2:08:4f:1c:20:
         8d:1c:75:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x6zFQB7SJeaPNVFMetFPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1Yzg5ZDUyNjBjYjM0ZmRiYmIzYmMyNWJmNGFkYmFmNGNk
YzY4YTAwHhcNMjUxMDIwMDQwMTM5WhcNMjUxMDIxMDQwMTM5WjAzMTEwLwYDVQQD
EyhmMDgzODc2MzY0YWIzNzE4OTJmYzg5MTU0YzMzOGU1N2EwM2ExZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IYj/EIGYPcSgzMyRDlYQPNUd/nF
msel08tCfDkyV5PdxO3prwqASDWbkMYI8nmuuAA2pKvwdm2lYuUJ0WbUPbgDxjqN
jPOlzVyRhtzVMruUC6+9CGtzOJvb0kCYIBUXQFFR0zMk9J0Lz7yAsbJjZkYdCVpO
05OBxSTAAF2EtH/vsxsfxCSZioyORLYErSimOZMvNJkw5uzFBD816iA746fWbLUm
EWFgXcQj6E3dQ29zZcdIw/4WjX/C96yPkSzFyvsfcry3hYVaKIHMc7+iwpir+uC6
zPedaycuWSNA7DW0ZfLHH8q3IAS+sMR23891wnFWwnlDR57q+LJ0pYw/wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPCDh2NkqzcYkvyJFUwzjlegOh82MB8GA1UdIwQY
MBaAFMXInVJgyzT9u7O8Jb9K269M3GigMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUt
OGViY2QwOWIyYmNhLzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUtOGViY2QwOWIyYmNh
LzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd3NZc7WP
1fDTLwdo44Vs19nRniO2KarM6wydHZL0M90Xnbyw3crsYCIm8yqD04ivrY9OjWVx
6LspMQqrnNH/8jAcGbCOtBDYfJVc4Lp7qW+vyuKL2mVmM/ExME4+WWZcN6mG7vd4
dV7Tsv6n4hESVW9Q4IpcUoJxeVvtocLKwr/yXEVWQ+4AVBy0QDLg7bIirzGMdhQB
lsblw8qPXZPL8G/eJpel2d4GU54aoYQBWhk91I3HrwFF2HSBGVuY8yHsIySY07gP
SR289PuXXeZB/s4H64fSP1BJrZBN8D44oukhPHW1x6na3rNQTN6F2DgbgN9HAaxS
YeIITxwgjRx1BA==
-----END CERTIFICATE-----