Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
File:                     XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft (raw, json)
Hash identifier:          eeSNsUJAHGSAU58Xi7nOvyehiCDoJeFoDo6BjiGSYkQ=
Subject key identifier:   F2:01:AD:A6:E6:A2:01:EF:31:C5:F0:0D:98:4C:0A:FA:47:BC:CB:76
Authority key identifier: 5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D
Certificate issuer:       /CN=5cdf301ac01526d08cdec242cc5a140141fb153d
Certificate serial:       019A0147D2F6ACA0C6B543394A9E9D646229
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
Manifest number:          0309
Signing time:             Mon 20 Oct 2025 11:01:15 +0000
Manifest this update:     Mon 20 Oct 2025 11:01:15 +0000
Manifest next update:     Tue 21 Oct 2025 11:01:15 +0000
Files and hashes:         1: XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl (hash: GK5HqpowquqphSpW3t+p9pi/4tbidNvy8euGr+y6G3U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 09:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:47:d2:f6:ac:a0:c6:b5:43:39:4a:9e:9d:64:62:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cdf301ac01526d08cdec242cc5a140141fb153d
        Validity
            Not Before: Oct 20 11:01:15 2025 GMT
            Not After : Oct 21 11:01:15 2025 GMT
        Subject: CN=f201ada6e6a201ef31c5f00d984c0afa47bccb76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:68:87:c3:dd:40:c0:3d:0f:d5:7a:ca:dd:2c:
                    71:51:e0:70:bb:f5:52:5e:01:c9:bf:78:44:d5:55:
                    9a:32:ef:b4:0e:00:de:ef:3b:2f:9d:8b:f2:01:ea:
                    7a:10:b3:3e:e3:94:61:27:6d:ce:f5:79:4a:e1:4b:
                    90:80:6c:50:fa:b9:6a:a1:1b:23:62:3e:e8:26:44:
                    9d:97:89:39:96:2e:9e:b5:4d:24:da:e0:cf:6c:6f:
                    8f:29:4d:e7:30:c6:55:7c:63:6a:cc:15:3b:61:17:
                    ca:01:65:bb:a9:e5:22:ab:d2:70:55:d0:58:92:45:
                    33:f1:90:df:6e:da:fa:e5:be:5b:ae:7c:ee:6b:3c:
                    de:82:22:53:1e:c8:d7:7d:d9:bc:d2:da:84:5e:9c:
                    e6:75:79:54:2e:1e:93:24:a0:6b:9a:85:06:1c:55:
                    35:02:51:14:43:cd:0d:f2:0f:2b:b9:08:48:9a:3f:
                    be:f7:10:c2:cf:c8:20:81:35:ab:b8:86:38:29:94:
                    2c:6b:5f:d8:02:ed:dd:79:b6:d0:e2:a1:4d:51:48:
                    45:6c:6b:11:dc:36:89:3c:cb:47:60:12:ca:98:8e:
                    99:37:86:bc:48:fa:5e:70:34:27:6c:94:1b:d6:df:
                    ec:30:c2:b2:7f:4c:ea:5a:5a:36:a0:fa:22:97:5c:
                    2b:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:01:AD:A6:E6:A2:01:EF:31:C5:F0:0D:98:4C:0A:FA:47:BC:CB:76
            X509v3 Authority Key Identifier:
                keyid:5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:a5:eb:7c:c5:62:93:56:3b:ba:8e:70:46:26:ff:b9:18:79:
         8f:f4:36:df:72:0d:1a:51:da:43:56:1b:e5:b2:b0:d2:d9:d6:
         e1:e2:6c:ac:23:ae:23:e7:9a:0a:73:24:bd:70:51:1b:93:8a:
         35:ce:d7:0c:70:1b:b1:48:1d:0f:9d:43:e3:09:67:30:bd:32:
         c0:d9:a9:4b:fe:e2:c3:f9:6d:5b:b8:66:89:b6:06:12:47:a9:
         83:19:31:1f:4d:35:d5:01:f1:e3:46:18:1e:bf:19:19:04:cc:
         d0:41:12:66:ee:4d:68:d6:ea:a4:4c:ac:76:b9:6f:1d:72:09:
         d9:bd:ae:5a:7c:17:cd:af:c0:32:77:8d:be:a0:bd:7f:22:34:
         9e:f3:70:a1:c0:fc:33:ea:c6:7c:f6:b0:85:af:47:2f:11:20:
         86:b6:b9:96:e0:7f:1d:a5:e4:7d:8a:ac:5c:57:d5:c0:36:e3:
         66:b7:83:26:f1:db:78:cc:38:18:48:c9:c3:ab:62:86:16:68:
         20:f1:74:bc:cb:58:e9:24:64:54:b9:58:3b:fd:a0:e2:21:49:
         e7:85:7d:0c:1d:a1:7b:00:65:21:2e:45:18:11:3c:65:8f:70:
         7e:c5:2a:33:b7:21:50:80:f1:5d:da:db:fb:e3:92:b7:8b:a8:
         48:94:7e:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBR9L2rKDGtUM5Sp6dZGIpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZGYzMDFhYzAxNTI2ZDA4Y2RlYzI0MmNjNWExNDAxNDFm
YjE1M2QwHhcNMjUxMDIwMTEwMTE1WhcNMjUxMDIxMTEwMTE1WjAzMTEwLwYDVQQD
EyhmMjAxYWRhNmU2YTIwMWVmMzFjNWYwMGQ5ODRjMGFmYTQ3YmNjYjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2iHw91AwD0P1XrK3SxxUeBwu/VS
XgHJv3hE1VWaMu+0DgDe7zsvnYvyAep6ELM+45RhJ23O9XlK4UuQgGxQ+rlqoRsj
Yj7oJkSdl4k5li6etU0k2uDPbG+PKU3nMMZVfGNqzBU7YRfKAWW7qeUiq9JwVdBY
kkUz8ZDfbtr65b5brnzuazzegiJTHsjXfdm80tqEXpzmdXlULh6TJKBrmoUGHFU1
AlEUQ80N8g8ruQhImj++9xDCz8gggTWruIY4KZQsa1/YAu3debbQ4qFNUUhFbGsR
3DaJPMtHYBLKmI6ZN4a8SPpecDQnbJQb1t/sMMKyf0zqWlo2oPoil1wr1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPIBrabmogHvMcXwDZhMCvpHvMt2MB8GA1UdIwQY
MBaAFFzfMBrAFSbQjN7CQsxaFAFB+xU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMt
Yzk2NDIyMGJhZTgwLzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMtYzk2NDIyMGJhZTgw
LzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALKXrfMVi
k1Y7uo5wRib/uRh5j/Q233INGlHaQ1Yb5bKw0tnW4eJsrCOuI+eaCnMkvXBRG5OK
Nc7XDHAbsUgdD51D4wlnML0ywNmpS/7iw/ltW7hmibYGEkepgxkxH0011QHx40YY
Hr8ZGQTM0EESZu5NaNbqpEysdrlvHXIJ2b2uWnwXza/AMneNvqC9fyI0nvNwocD8
M+rGfPawha9HLxEghra5luB/HaXkfYqsXFfVwDbjZreDJvHbeMw4GEjJw6tihhZo
IPF0vMtY6SRkVLlYO/2g4iFJ54V9DB2hewBlIS5FGBE8ZY9wfsUqM7chUIDxXdrb
++OSt4uoSJR+qA==
-----END CERTIFICATE-----