Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
File:                     XYxMrtvxY99oiGrDtz8OTLQX4V4.mft (raw, json)
Hash identifier:          9nvXVZ1IBuSfe5jVZztBrCljlqU0d1iRMFUCVlNORL0=
Subject key identifier:   18:44:BE:E3:D5:E4:F0:E6:EC:24:8C:4F:D7:99:A3:71:52:7C:63:D2
Authority key identifier: 5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E
Certificate issuer:       /CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
Certificate serial:       0198D47404306927BEE22026F4041E20BC83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
Manifest number:          0C86
Signing time:             Sat 23 Aug 2025 01:03:49 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:49 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:49 +0000
Files and hashes:         1: XYxMrtvxY99oiGrDtz8OTLQX4V4.crl (hash: J4utEoVidIAFWyzoxzEKBIgn8UckVIxEc2oPwmvu2rY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:74:04:30:69:27:be:e2:20:26:f4:04:1e:20:bc:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
        Validity
            Not Before: Aug 23 01:03:49 2025 GMT
            Not After : Aug 24 01:03:49 2025 GMT
        Subject: CN=1844bee3d5e4f0e6ec248c4fd799a371527c63d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:7c:ed:62:24:b5:d9:ee:39:e4:08:63:52:b7:
                    11:de:86:d0:35:fd:6b:99:e8:10:24:61:78:5d:ab:
                    3c:1a:31:1d:4c:d3:06:b7:d7:3a:73:4b:9c:78:e6:
                    d2:c2:2c:4f:5f:6c:fc:db:6a:6a:ee:aa:dd:7f:9a:
                    ac:99:f7:09:ec:35:de:fb:8c:31:b3:57:1f:25:88:
                    e7:27:a2:55:03:c3:6e:77:13:2e:a2:a1:12:d1:c5:
                    80:c6:26:ae:1e:8d:3f:c2:f0:a0:aa:ab:12:6d:67:
                    82:25:cc:10:31:9a:85:a9:38:73:13:38:49:91:39:
                    e0:fd:62:48:6f:dc:40:86:ac:fa:26:26:70:c0:4a:
                    69:ea:eb:83:e5:cf:db:c7:33:d2:f3:3e:94:5c:0d:
                    19:a4:22:6c:de:48:45:22:0c:60:25:b2:44:96:30:
                    de:41:80:1a:06:18:f4:e1:55:f3:11:57:f1:27:af:
                    96:97:2e:57:db:1c:06:aa:b4:95:e7:37:ab:bc:99:
                    5c:07:bd:dd:44:4c:57:fd:9a:c8:d1:a2:ff:db:1e:
                    ee:21:c7:2a:cf:07:aa:0e:da:5f:a9:ca:46:24:1b:
                    c4:86:87:3b:cc:f4:de:e5:a2:5d:5e:62:18:65:9e:
                    6c:24:9a:5b:3a:c0:50:16:10:62:63:e7:a3:7a:9a:
                    e8:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:44:BE:E3:D5:E4:F0:E6:EC:24:8C:4F:D7:99:A3:71:52:7C:63:D2
            X509v3 Authority Key Identifier:
                keyid:5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:59:48:24:07:2c:a9:60:98:52:71:63:46:20:3b:ff:6c:31:
         93:d0:81:9b:b8:40:d6:32:0b:ee:cf:ae:31:3c:b4:b0:3e:30:
         91:fc:12:36:42:c1:43:33:45:70:cf:32:86:20:00:01:08:2b:
         2b:56:b0:c5:23:95:00:96:74:86:00:35:fa:5d:04:7f:60:86:
         6e:4d:db:02:5b:5d:3f:b5:d4:25:3b:31:88:29:9e:66:14:e8:
         88:22:ba:bf:54:8e:73:26:ff:73:a3:70:bb:c4:6d:19:39:82:
         cc:fa:fc:dc:24:82:1e:13:38:4b:92:90:2e:c3:91:ee:6f:e2:
         2e:4a:40:ee:b6:81:07:ba:17:7e:d3:5f:b1:fc:b1:b7:b4:88:
         71:1e:2b:4f:b8:c7:2e:df:e8:b5:78:31:ab:1a:23:96:3d:a3:
         ff:7d:c2:b5:76:df:0f:74:c3:76:ad:50:8e:17:e9:7a:16:02:
         35:73:b4:c2:59:af:ef:0e:8b:72:b2:d4:0e:f1:8f:bc:00:44:
         d0:b1:3e:66:a2:63:79:9e:8e:86:25:70:93:78:fd:87:a3:34:
         b6:65:e7:d4:a3:56:30:d5:18:75:fa:03:d9:4b:08:d7:d4:74:
         4c:7b:ee:7b:a6:5d:d5:e9:0c:b6:87:eb:fa:f9:a6:df:a9:ba:
         bd:8d:9d:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdAQwaSe+4iAm9AQeILyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGM0Y2FlZGJmMTYzZGY2ODg4NmFjM2I3M2YwZTRjYjQx
N2UxNWUwHhcNMjUwODIzMDEwMzQ5WhcNMjUwODI0MDEwMzQ5WjAzMTEwLwYDVQQD
EygxODQ0YmVlM2Q1ZTRmMGU2ZWMyNDhjNGZkNzk5YTM3MTUyN2M2M2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXztYiS12e455AhjUrcR3obQNf1r
megQJGF4Xas8GjEdTNMGt9c6c0uceObSwixPX2z822pq7qrdf5qsmfcJ7DXe+4wx
s1cfJYjnJ6JVA8NudxMuoqES0cWAxiauHo0/wvCgqqsSbWeCJcwQMZqFqThzEzhJ
kTng/WJIb9xAhqz6JiZwwEpp6uuD5c/bxzPS8z6UXA0ZpCJs3khFIgxgJbJEljDe
QYAaBhj04VXzEVfxJ6+Wly5X2xwGqrSV5zervJlcB73dRExX/ZrI0aL/2x7uIccq
zweqDtpfqcpGJBvEhoc7zPTe5aJdXmIYZZ5sJJpbOsBQFhBiY+ejeproPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBhEvuPV5PDm7CSMT9eZo3FSfGPSMB8GA1UdIwQY
MBaAFF2MTK7b8WPfaIhqw7c/Dky0F+FeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAt
ZmQ2YzQ3MDI5NWQ0LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAtZmQ2YzQ3MDI5NWQ0
LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASllIJAcs
qWCYUnFjRiA7/2wxk9CBm7hA1jIL7s+uMTy0sD4wkfwSNkLBQzNFcM8yhiAAAQgr
K1awxSOVAJZ0hgA1+l0Ef2CGbk3bAltdP7XUJTsxiCmeZhToiCK6v1SOcyb/c6Nw
u8RtGTmCzPr83CSCHhM4S5KQLsOR7m/iLkpA7raBB7oXftNfsfyxt7SIcR4rT7jH
Lt/otXgxqxojlj2j/33CtXbfD3TDdq1QjhfpehYCNXO0wlmv7w6LcrLUDvGPvABE
0LE+ZqJjeZ6OhiVwk3j9h6M0tmXn1KNWMNUYdfoD2UsI19R0THvue6Zd1ekMtofr
+vmm36m6vY2dHA==
-----END CERTIFICATE-----