Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
File:                     XtGkql_QUBs-ptafQzwvFkIRYIk.mft (raw, json)
Hash identifier:          munapveGT1YZ1rg6SLZDqVs3iMNl1YKKiSeml/W1nZo=
Subject key identifier:   B8:CB:DE:6D:4D:08:79:52:62:2E:53:D1:D4:3B:9C:3C:20:C4:D6:A1
Authority key identifier: 5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89
Certificate issuer:       /CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
Certificate serial:       0198D4DFF83A9AC0B92733B6A97FBBE2D455
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
Manifest number:          1644
Signing time:             Sat 23 Aug 2025 03:01:44 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:44 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:44 +0000
Files and hashes:         1: XtGkql_QUBs-ptafQzwvFkIRYIk.crl (hash: 4FBh7DGro1mpxx19/aqq5WD8XV45r2YzMZ4nfaQB8a0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:01:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:df:f8:3a:9a:c0:b9:27:33:b6:a9:7f:bb:e2:d4:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
        Validity
            Not Before: Aug 23 03:01:44 2025 GMT
            Not After : Aug 24 03:01:44 2025 GMT
        Subject: CN=b8cbde6d4d087952622e53d1d43b9c3c20c4d6a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:cc:e3:97:b4:06:b6:69:fc:ca:5e:dd:cb:dc:
                    01:2a:1e:0c:3f:a6:0e:06:87:65:02:a5:93:2f:7f:
                    0f:f4:a0:23:be:60:5d:27:9c:37:35:37:bd:0a:1d:
                    45:c7:84:e7:b4:ff:9d:02:a6:a3:a3:e9:a1:ec:13:
                    89:2f:39:eb:e9:cd:84:d0:76:39:17:de:8d:20:6e:
                    c8:5e:03:e5:fe:0b:d5:6b:95:27:00:52:54:4b:2e:
                    7a:2e:c7:00:88:c7:77:c3:25:49:a2:d2:bc:e3:93:
                    f3:86:6e:94:7c:5b:2b:29:25:5a:c1:3b:1e:96:7b:
                    f9:a3:7f:67:32:aa:37:92:16:58:dc:c9:73:ce:75:
                    8b:0d:5f:f8:7b:9e:21:f5:b9:27:d8:29:70:f8:cc:
                    7c:f3:b7:2c:51:30:89:5e:fb:46:3a:59:53:99:66:
                    56:8a:b5:bb:bd:83:0b:be:78:97:a9:be:7e:84:b6:
                    c2:b1:29:c7:a0:91:f3:6a:21:0c:58:ff:a8:6a:b0:
                    52:1b:d1:96:35:39:fb:1e:6c:fd:8c:54:4b:22:85:
                    4b:0d:03:15:0c:c1:2a:ed:2b:fe:3c:a5:76:dd:5b:
                    fe:d0:11:ed:ae:ef:af:d7:3f:8b:be:42:00:93:79:
                    b4:48:5a:e7:e9:ba:15:b6:1e:76:48:2b:89:29:60:
                    3d:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:CB:DE:6D:4D:08:79:52:62:2E:53:D1:D4:3B:9C:3C:20:C4:D6:A1
            X509v3 Authority Key Identifier:
                keyid:5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:69:28:c1:e3:ea:8e:4f:a3:8b:1e:09:86:28:40:0d:ac:1b:
         11:28:02:3a:dc:26:f1:4d:e8:e7:98:74:9b:d7:b5:6b:12:fc:
         2f:d2:83:f1:1a:07:da:67:d4:b8:ec:b3:90:c2:ec:bb:41:4a:
         d6:5e:1d:5d:f0:f2:88:e8:7a:25:26:c8:2b:12:bb:40:22:ae:
         cd:41:5c:23:46:d2:ca:aa:6a:a0:54:59:a1:7b:30:ec:b6:34:
         b4:f3:d4:a5:a3:0d:05:a4:09:34:d0:fb:8a:bd:99:0d:68:68:
         44:1f:45:e4:2e:58:58:5c:74:1e:5b:02:44:96:fa:33:d4:40:
         c0:ec:43:14:fe:16:09:07:d9:d0:02:bc:0a:c3:3c:a3:a6:20:
         f7:44:52:94:8c:63:d3:f9:71:fe:14:c9:58:e6:b0:24:1f:c9:
         da:46:ab:70:12:c3:49:35:14:d5:2d:f4:3f:2d:bb:1a:d4:16:
         64:eb:e8:9d:7a:a7:47:4c:6d:fa:06:ee:b6:fc:44:87:e4:04:
         d8:d4:d5:87:6b:a7:82:47:0b:ea:ea:1c:6b:75:84:5d:12:d1:
         cd:35:b7:a6:73:7a:04:96:d7:3c:01:8b:d2:3b:71:4b:1f:82:
         bf:79:4f:40:07:6e:25:aa:64:a7:ff:3e:bb:45:98:11:49:b2:
         51:9e:3e:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU3/g6msC5JzO2qX+74tRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDFhNGFhNWZkMDUwMWIzZWE2ZDY5ZjQzM2MyZjE2NDIx
MTYwODkwHhcNMjUwODIzMDMwMTQ0WhcNMjUwODI0MDMwMTQ0WjAzMTEwLwYDVQQD
EyhiOGNiZGU2ZDRkMDg3OTUyNjIyZTUzZDFkNDNiOWMzYzIwYzRkNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8zjl7QGtmn8yl7dy9wBKh4MP6YO
BodlAqWTL38P9KAjvmBdJ5w3NTe9Ch1Fx4TntP+dAqajo+mh7BOJLznr6c2E0HY5
F96NIG7IXgPl/gvVa5UnAFJUSy56LscAiMd3wyVJotK845Pzhm6UfFsrKSVawTse
lnv5o39nMqo3khZY3MlzznWLDV/4e54h9bkn2Clw+Mx887csUTCJXvtGOllTmWZW
irW7vYMLvniXqb5+hLbCsSnHoJHzaiEMWP+oarBSG9GWNTn7Hmz9jFRLIoVLDQMV
DMEq7Sv+PKV23Vv+0BHtru+v1z+LvkIAk3m0SFrn6boVth52SCuJKWA9PwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLjL3m1NCHlSYi5T0dQ7nDwgxNahMB8GA1UdIwQY
MBaAFF7RpKpf0FAbPqbWn0M8LxZCEWCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTkt
YjlhODZhYzNlOGJlLzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTktYjlhODZhYzNlOGJl
LzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeGkowePq
jk+jix4JhihADawbESgCOtwm8U3o55h0m9e1axL8L9KD8RoH2mfUuOyzkMLsu0FK
1l4dXfDyiOh6JSbIKxK7QCKuzUFcI0bSyqpqoFRZoXsw7LY0tPPUpaMNBaQJNND7
ir2ZDWhoRB9F5C5YWFx0HlsCRJb6M9RAwOxDFP4WCQfZ0AK8CsM8o6Yg90RSlIxj
0/lx/hTJWOawJB/J2karcBLDSTUU1S30Py27GtQWZOvonXqnR0xt+gbutvxEh+QE
2NTVh2ungkcL6uoca3WEXRLRzTW3pnN6BJbXPAGL0jtxSx+Cv3lPQAduJapkp/8+
u0WYEUmyUZ4+6A==
-----END CERTIFICATE-----