Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/52740e-5cb0-4814-a21a-a0967a435a6a/1/XbeSdWWd2WHHQr8h2NyhhKRDDYU.mft
File:                     XbeSdWWd2WHHQr8h2NyhhKRDDYU.mft (raw, json)
Hash identifier:          8w7T1J86pTxTF/n3uN7jBI4vhsuGfU/R1VCrQC3DK9o=
Subject key identifier:   08:83:DD:4B:94:BD:7E:D4:00:C7:D9:3E:0C:85:60:8A:76:5B:5E:D1
Authority key identifier: 5D:B7:92:75:65:9D:D9:61:C7:42:BF:21:D8:DC:A1:84:A4:43:0D:85
Certificate issuer:       /CN=5db79275659dd961c742bf21d8dca184a4430d85
Certificate serial:       0197B6A15DD5D58E92A14599BC95802A9FCA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XbeSdWWd2WHHQr8h2NyhhKRDDYU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/52740e-5cb0-4814-a21a-a0967a435a6a/1/XbeSdWWd2WHHQr8h2NyhhKRDDYU.mft
Manifest number:          0C31
Signing time:             Sat 28 Jun 2025 13:01:57 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:57 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:57 +0000
Files and hashes:         1: XbeSdWWd2WHHQr8h2NyhhKRDDYU.crl (hash: IHunTnGg8d2X8/Oie/bJfuJkVyW6eP6esVN5Zrjahw8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/52740e-5cb0-4814-a21a-a0967a435a6a/1/XbeSdWWd2WHHQr8h2NyhhKRDDYU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/52740e-5cb0-4814-a21a-a0967a435a6a/1/XbeSdWWd2WHHQr8h2NyhhKRDDYU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XbeSdWWd2WHHQr8h2NyhhKRDDYU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:5d:d5:d5:8e:92:a1:45:99:bc:95:80:2a:9f:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5db79275659dd961c742bf21d8dca184a4430d85
        Validity
            Not Before: Jun 28 13:01:57 2025 GMT
            Not After : Jun 29 13:01:57 2025 GMT
        Subject: CN=0883dd4b94bd7ed400c7d93e0c85608a765b5ed1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:2c:4c:fc:c2:ab:40:02:69:e9:b4:f4:c5:54:
                    46:54:a7:c8:72:b7:9d:0a:d1:7a:4f:99:38:7e:a1:
                    b0:94:db:6e:aa:a5:af:a9:6c:91:71:0f:00:ae:b5:
                    e7:d2:2b:75:00:72:5f:99:54:0c:7f:ac:1e:2d:f1:
                    fb:98:ac:d4:89:c5:b4:9e:e7:8b:a0:9c:a5:2b:eb:
                    13:0a:87:2c:22:53:82:f0:6f:7b:5e:30:ff:c8:d8:
                    45:b2:ac:1d:93:29:52:85:c5:17:0f:99:a6:e7:fb:
                    c2:96:c9:31:86:db:06:c4:3b:ee:d5:cd:9a:f7:bc:
                    ae:93:0c:4f:e3:34:a8:70:ce:24:ab:51:61:5e:5d:
                    f7:68:b3:fd:ad:99:84:3d:61:d7:cd:91:bb:98:8f:
                    9f:6a:d3:cd:8e:ea:32:32:3d:3d:20:33:cf:d7:2e:
                    97:a8:2d:b6:91:17:a5:3f:97:20:4b:fd:d8:a4:6d:
                    1a:00:e4:40:b8:66:9b:c0:a6:38:9d:55:e3:aa:44:
                    16:1d:5a:77:81:eb:34:be:d0:da:68:2b:1f:3f:e7:
                    34:ba:52:90:b6:81:17:f4:ed:0c:a3:86:ea:82:1b:
                    91:92:f1:39:bd:94:22:63:c4:d9:2c:0f:67:72:84:
                    db:d8:e1:03:8c:b5:f0:a9:6e:c1:9c:ff:33:f7:5d:
                    78:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:83:DD:4B:94:BD:7E:D4:00:C7:D9:3E:0C:85:60:8A:76:5B:5E:D1
            X509v3 Authority Key Identifier:
                keyid:5D:B7:92:75:65:9D:D9:61:C7:42:BF:21:D8:DC:A1:84:A4:43:0D:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XbeSdWWd2WHHQr8h2NyhhKRDDYU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/52740e-5cb0-4814-a21a-a0967a435a6a/1/XbeSdWWd2WHHQr8h2NyhhKRDDYU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/52740e-5cb0-4814-a21a-a0967a435a6a/1/XbeSdWWd2WHHQr8h2NyhhKRDDYU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:fe:e2:14:70:b5:1d:f7:e7:4b:d9:2a:23:3c:d5:84:f3:bb:
         11:0c:be:a2:d7:c1:9d:7f:0f:ee:a4:86:85:53:bb:c4:84:f4:
         a4:83:b4:bc:56:c6:c7:d3:48:b0:03:6b:1d:c8:fb:4c:b6:31:
         c4:60:e8:29:2d:e3:e5:35:34:40:a6:ea:75:a0:c2:29:ca:70:
         9d:39:20:4a:50:24:d4:fa:16:bc:3a:82:fd:3e:6e:9a:6a:2c:
         ac:53:75:c4:a6:39:26:a1:99:6a:28:c1:a1:9c:7d:26:f5:b5:
         8c:9c:62:65:a4:6e:60:01:82:fc:7d:b6:e8:85:e9:7d:cc:42:
         2f:14:45:d2:00:d3:ad:63:8f:fe:1f:d6:aa:eb:65:24:07:1a:
         64:3d:dd:ca:5e:54:fb:fa:4a:3c:e9:a4:b1:fa:12:26:cd:48:
         e6:4e:0d:4a:c5:9d:b1:1f:18:09:c4:31:6d:be:81:0a:f8:f0:
         53:e0:f7:c4:a3:86:64:49:f2:4a:5b:5f:d3:2d:a3:7f:51:01:
         9a:e6:3f:47:aa:e9:5d:cf:e7:26:7a:e6:9f:6f:93:cd:d8:b0:
         58:47:14:70:21:66:3d:a9:55:52:d1:2a:47:2d:c7:ae:b7:b1:
         5e:f8:97:35:9f:65:26:bc:a1:93:78:b0:ba:c1:a5:61:60:63:
         8c:c4:9f:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oV3V1Y6SoUWZvJWAKp/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYjc5Mjc1NjU5ZGQ5NjFjNzQyYmYyMWQ4ZGNhMTg0YTQ0
MzBkODUwHhcNMjUwNjI4MTMwMTU3WhcNMjUwNjI5MTMwMTU3WjAzMTEwLwYDVQQD
EygwODgzZGQ0Yjk0YmQ3ZWQ0MDBjN2Q5M2UwYzg1NjA4YTc2NWI1ZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCxM/MKrQAJp6bT0xVRGVKfIcred
CtF6T5k4fqGwlNtuqqWvqWyRcQ8ArrXn0it1AHJfmVQMf6weLfH7mKzUicW0nueL
oJylK+sTCocsIlOC8G97XjD/yNhFsqwdkylShcUXD5mm5/vClskxhtsGxDvu1c2a
97yukwxP4zSocM4kq1FhXl33aLP9rZmEPWHXzZG7mI+fatPNjuoyMj09IDPP1y6X
qC22kRelP5cgS/3YpG0aAORAuGabwKY4nVXjqkQWHVp3ges0vtDaaCsfP+c0ulKQ
toEX9O0Mo4bqghuRkvE5vZQiY8TZLA9ncoTb2OEDjLXwqW7BnP8z9114nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAiD3UuUvX7UAMfZPgyFYIp2W17RMB8GA1UdIwQY
MBaAFF23knVlndlhx0K/IdjcoYSkQw2FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGJlU2RXV2QyV0hIUXI4aDJOeWhoS1JERFlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS81Mjc0MGUtNWNiMC00ODE0LWEyMWEt
YTA5NjdhNDM1YTZhLzEvWGJlU2RXV2QyV0hIUXI4aDJOeWhoS1JERFlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS81Mjc0MGUtNWNiMC00ODE0LWEyMWEtYTA5NjdhNDM1YTZh
LzEvWGJlU2RXV2QyV0hIUXI4aDJOeWhoS1JERFlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhf7iFHC1
HffnS9kqIzzVhPO7EQy+otfBnX8P7qSGhVO7xIT0pIO0vFbGx9NIsANrHcj7TLYx
xGDoKS3j5TU0QKbqdaDCKcpwnTkgSlAk1PoWvDqC/T5ummosrFN1xKY5JqGZaijB
oZx9JvW1jJxiZaRuYAGC/H226IXpfcxCLxRF0gDTrWOP/h/WqutlJAcaZD3dyl5U
+/pKPOmksfoSJs1I5k4NSsWdsR8YCcQxbb6BCvjwU+D3xKOGZEnySltf0y2jf1EB
muY/R6rpXc/nJnrmn2+TzdiwWEcUcCFmPalVUtEqRy3HrrexXviXNZ9lJryhk3iw
usGlYWBjjMSf4g==
-----END CERTIFICATE-----