Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
File:                     XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft (raw, json)
Hash identifier:          bBkIqz/8eSKp8lmL56iaHMGoHm6niUqpgJ72iesS1bc=
Subject key identifier:   91:91:CE:2F:ED:9A:DC:A8:B5:39:10:D6:DB:46:99:CB:2B:DC:5B:0F
Authority key identifier: 5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D
Certificate issuer:       /CN=5cdf301ac01526d08cdec242cc5a140141fb153d
Certificate serial:       0197B820C26E0CCA3FC6A3AFA9255D2859A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
Manifest number:          01DA
Signing time:             Sat 28 Jun 2025 20:00:44 +0000
Manifest this update:     Sat 28 Jun 2025 20:00:44 +0000
Manifest next update:     Sun 29 Jun 2025 20:00:44 +0000
Files and hashes:         1: XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl (hash: Y3NtA4oqNb8/J0VcXvL9QGXkIJ147eNreoOpex3guJc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:20:c2:6e:0c:ca:3f:c6:a3:af:a9:25:5d:28:59:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cdf301ac01526d08cdec242cc5a140141fb153d
        Validity
            Not Before: Jun 28 20:00:44 2025 GMT
            Not After : Jun 29 20:00:44 2025 GMT
        Subject: CN=9191ce2fed9adca8b53910d6db4699cb2bdc5b0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:53:99:c0:c2:f5:87:fd:6b:2f:15:26:8e:09:
                    64:08:ee:85:5b:c0:0a:b8:d0:01:80:a5:ee:cc:59:
                    15:c0:4b:bc:62:99:39:ed:28:ca:c3:b9:73:73:16:
                    d8:bd:96:c4:20:8f:24:1d:e0:85:19:ed:a2:b3:47:
                    cd:88:76:3a:f2:c6:33:8f:34:fd:98:fb:0b:e5:e7:
                    63:76:83:7d:bf:34:4f:d3:d9:83:f1:19:ec:75:7d:
                    29:d5:c3:c3:18:bf:e4:d9:88:23:6f:b1:33:1e:12:
                    84:53:6c:46:bd:86:9d:ad:4b:19:10:04:42:f8:fe:
                    7c:31:ef:df:70:3a:42:76:db:a5:2b:17:f3:69:a8:
                    5d:c0:89:cd:84:8e:03:c4:28:12:fe:5f:2a:28:73:
                    90:71:1a:41:a7:38:20:68:37:5e:9f:f2:58:12:12:
                    b8:23:23:76:90:83:28:9c:fa:5c:b3:78:94:09:eb:
                    ae:1d:bf:16:e0:e0:6d:48:47:58:0d:6f:da:3e:99:
                    88:1f:15:97:ba:3e:63:f5:c9:57:d2:25:6b:8e:25:
                    a4:c2:00:66:53:fe:1f:61:d0:96:7b:db:7f:9e:9f:
                    7e:56:00:fc:34:91:32:70:b3:6a:c1:93:d3:58:1f:
                    e5:80:43:23:ed:74:18:a8:8a:a8:72:e3:c3:f8:07:
                    d7:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:91:CE:2F:ED:9A:DC:A8:B5:39:10:D6:DB:46:99:CB:2B:DC:5B:0F
            X509v3 Authority Key Identifier:
                keyid:5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:56:22:bf:34:40:c4:23:7b:fa:e2:b6:d6:19:5e:8e:4a:f2:
         84:3b:cb:48:5d:d5:b2:61:ec:f6:b3:b2:91:b0:cc:41:f0:7e:
         ca:8b:54:b3:9f:1b:c0:fc:3b:99:40:41:ab:a2:7b:ce:f8:73:
         da:4e:75:10:6a:59:c9:d9:cd:51:3b:31:d0:d4:82:dc:ba:8d:
         7a:fc:3e:cf:3d:7f:90:c6:b2:bd:8b:44:d6:a6:ff:3c:b7:80:
         e0:df:fe:59:ed:8a:bc:9b:e1:76:7a:df:aa:f3:3a:21:5c:e9:
         41:ce:7f:0c:3d:bf:d5:71:ad:b7:28:5f:e3:de:0f:dd:5b:8c:
         d2:e3:5c:e6:3f:77:a0:0e:a4:cc:b2:03:21:51:c7:4a:60:dd:
         ce:c1:38:c6:04:e8:2c:f0:6b:6f:94:c4:f7:30:e2:62:03:3c:
         2b:2d:39:c5:30:09:ea:b7:49:a3:4b:15:0b:df:cf:2a:e7:78:
         18:dd:25:8d:c7:1a:89:5c:63:21:a4:d0:fc:d3:f6:d4:0a:6c:
         78:29:2c:e7:f6:19:13:cf:ca:77:30:da:0c:b3:e1:b6:ac:ed:
         f1:7b:63:b3:49:5f:be:9a:4e:7f:19:39:1e:de:76:1c:91:42:
         46:88:f7:99:05:71:81:3b:aa:8a:1b:eb:91:7c:23:98:c2:80:
         3d:db:91:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4IMJuDMo/xqOvqSVdKFmpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZGYzMDFhYzAxNTI2ZDA4Y2RlYzI0MmNjNWExNDAxNDFm
YjE1M2QwHhcNMjUwNjI4MjAwMDQ0WhcNMjUwNjI5MjAwMDQ0WjAzMTEwLwYDVQQD
Eyg5MTkxY2UyZmVkOWFkY2E4YjUzOTEwZDZkYjQ2OTljYjJiZGM1YjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFOZwML1h/1rLxUmjglkCO6FW8AK
uNABgKXuzFkVwEu8Ypk57SjKw7lzcxbYvZbEII8kHeCFGe2is0fNiHY68sYzjzT9
mPsL5edjdoN9vzRP09mD8RnsdX0p1cPDGL/k2Ygjb7EzHhKEU2xGvYadrUsZEARC
+P58Me/fcDpCdtulKxfzaahdwInNhI4DxCgS/l8qKHOQcRpBpzggaDden/JYEhK4
IyN2kIMonPpcs3iUCeuuHb8W4OBtSEdYDW/aPpmIHxWXuj5j9clX0iVrjiWkwgBm
U/4fYdCWe9t/np9+VgD8NJEycLNqwZPTWB/lgEMj7XQYqIqocuPD+AfXpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJGRzi/tmtyotTkQ1ttGmcsr3FsPMB8GA1UdIwQY
MBaAFFzfMBrAFSbQjN7CQsxaFAFB+xU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMt
Yzk2NDIyMGJhZTgwLzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMtYzk2NDIyMGJhZTgw
LzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWFYivzRA
xCN7+uK21hlejkryhDvLSF3VsmHs9rOykbDMQfB+yotUs58bwPw7mUBBq6J7zvhz
2k51EGpZydnNUTsx0NSC3LqNevw+zz1/kMayvYtE1qb/PLeA4N/+We2KvJvhdnrf
qvM6IVzpQc5/DD2/1XGttyhf494P3VuM0uNc5j93oA6kzLIDIVHHSmDdzsE4xgTo
LPBrb5TE9zDiYgM8Ky05xTAJ6rdJo0sVC9/PKud4GN0ljccaiVxjIaTQ/NP21Aps
eCks5/YZE8/KdzDaDLPhtqzt8Xtjs0lfvppOfxk5Ht52HJFCRoj3mQVxgTuqihvr
kXwjmMKAPduRVA==
-----END CERTIFICATE-----