Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
File:                     XYxMrtvxY99oiGrDtz8OTLQX4V4.mft (raw, json)
Hash identifier:          rpwGExlyOjzY/fCnw+iloSlFR2sgxr5mUvVNvK408A4=
Subject key identifier:   D1:25:2B:2E:DA:B8:26:86:17:12:FF:B1:2D:AE:34:09:9D:C5:F3:22
Authority key identifier: 5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E
Certificate issuer:       /CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
Certificate serial:       0199FBEBEB21C5BEA5FBCE5087CE9C1465F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
Manifest number:          0D1F
Signing time:             Sun 19 Oct 2025 10:02:46 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:46 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:46 +0000
Files and hashes:         1: XYxMrtvxY99oiGrDtz8OTLQX4V4.crl (hash: qrCTdMdk80PGdbbwUgPHzAVPtIETiCJGO1YUkNqF+sI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:eb:21:c5:be:a5:fb:ce:50:87:ce:9c:14:65:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
        Validity
            Not Before: Oct 19 10:02:46 2025 GMT
            Not After : Oct 20 10:02:46 2025 GMT
        Subject: CN=d1252b2edab826861712ffb12dae34099dc5f322
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:46:a2:7f:14:fb:32:de:89:fe:cf:70:70:a0:
                    0a:e6:6f:31:e0:28:17:d7:42:51:12:ec:0f:52:67:
                    95:a8:6e:4f:a2:4b:b6:39:17:5f:07:56:06:6d:67:
                    c0:1f:86:a6:b5:29:e5:87:3c:44:b9:bc:08:98:ce:
                    f2:13:b2:55:b3:ee:37:27:43:78:1e:57:69:0a:25:
                    5b:e0:da:63:1d:61:86:37:e5:f5:28:c2:4b:d0:d0:
                    4f:03:a5:3a:14:17:9d:40:c7:68:46:93:09:0b:d8:
                    2e:c5:e6:52:e5:e8:c6:d3:2d:38:8b:6a:9d:53:6d:
                    9f:6f:03:d3:14:08:f6:28:8b:d8:da:8c:84:85:16:
                    a4:3d:c9:76:05:6d:d1:3d:d9:3b:42:e3:55:df:14:
                    24:83:f0:d0:27:3a:2c:ea:10:a0:fb:92:92:be:13:
                    0b:dd:41:28:62:f3:bb:b6:68:ac:5f:f0:72:38:eb:
                    46:10:dd:82:fe:d5:d3:37:ee:f7:2e:8f:dd:af:1c:
                    f8:10:03:cf:af:01:eb:2d:35:14:0b:91:a0:7d:dd:
                    a3:48:01:45:35:19:c8:02:b6:b7:46:77:7a:c2:97:
                    45:3a:4b:00:d1:1a:fc:a2:56:8a:56:69:86:8d:76:
                    3d:9c:b3:4d:75:3d:cd:66:91:0e:0f:76:29:67:68:
                    b0:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:25:2B:2E:DA:B8:26:86:17:12:FF:B1:2D:AE:34:09:9D:C5:F3:22
            X509v3 Authority Key Identifier:
                keyid:5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:a8:f0:41:63:8f:20:1c:45:70:a7:99:5d:1b:75:3f:af:ce:
         05:84:37:dc:d7:77:54:a2:1c:58:1c:d2:31:02:bf:1b:de:f3:
         7c:c8:b7:d9:c4:f2:18:ed:cd:e9:55:07:e5:49:a4:38:1f:c6:
         a2:e6:3f:43:c6:4e:bf:85:da:9f:25:29:f5:a1:de:3c:ab:43:
         c1:38:b8:5a:a3:51:01:b4:8f:c6:ed:5c:a5:e6:49:f7:15:8b:
         d0:66:c6:5c:f4:5a:e3:ad:f9:c6:a2:b4:33:d1:7b:b6:5a:73:
         95:b4:49:ac:73:32:a1:fa:27:96:40:cb:72:eb:79:5a:a8:86:
         57:3c:72:aa:44:cc:46:46:3d:48:a3:fe:90:d1:46:a8:3b:19:
         fe:c2:8a:17:02:a2:f2:bc:0c:91:5d:b8:27:51:0d:bc:31:3b:
         2a:bb:ce:be:0d:25:e9:65:24:33:e7:3c:cc:5a:65:5f:8d:62:
         c5:54:a7:2d:78:dd:89:3c:6f:b9:c6:6b:59:3a:45:06:93:59:
         89:47:97:0e:af:aa:b4:7a:3b:4f:b6:fb:e7:52:0b:48:68:0f:
         8c:85:64:cc:af:fb:08:85:18:fd:5a:f7:09:66:34:ac:8c:b4:
         86:7d:fb:7e:b1:41:06:17:c6:17:fa:cb:2b:5e:a1:d0:21:ad:
         ac:b7:c8:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76+shxb6l+85Qh86cFGX5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGM0Y2FlZGJmMTYzZGY2ODg4NmFjM2I3M2YwZTRjYjQx
N2UxNWUwHhcNMjUxMDE5MTAwMjQ2WhcNMjUxMDIwMTAwMjQ2WjAzMTEwLwYDVQQD
EyhkMTI1MmIyZWRhYjgyNjg2MTcxMmZmYjEyZGFlMzQwOTlkYzVmMzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0aifxT7Mt6J/s9wcKAK5m8x4CgX
10JREuwPUmeVqG5Poku2ORdfB1YGbWfAH4amtSnlhzxEubwImM7yE7JVs+43J0N4
HldpCiVb4NpjHWGGN+X1KMJL0NBPA6U6FBedQMdoRpMJC9guxeZS5ejG0y04i2qd
U22fbwPTFAj2KIvY2oyEhRakPcl2BW3RPdk7QuNV3xQkg/DQJzos6hCg+5KSvhML
3UEoYvO7tmisX/ByOOtGEN2C/tXTN+73Lo/drxz4EAPPrwHrLTUUC5Ggfd2jSAFF
NRnIAra3Rnd6wpdFOksA0Rr8olaKVmmGjXY9nLNNdT3NZpEOD3YpZ2iwyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNElKy7auCaGFxL/sS2uNAmdxfMiMB8GA1UdIwQY
MBaAFF2MTK7b8WPfaIhqw7c/Dky0F+FeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAt
ZmQ2YzQ3MDI5NWQ0LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAtZmQ2YzQ3MDI5NWQ0
LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ6jwQWOP
IBxFcKeZXRt1P6/OBYQ33Nd3VKIcWBzSMQK/G97zfMi32cTyGO3N6VUH5UmkOB/G
ouY/Q8ZOv4XanyUp9aHePKtDwTi4WqNRAbSPxu1cpeZJ9xWL0GbGXPRa4635xqK0
M9F7tlpzlbRJrHMyofonlkDLcut5WqiGVzxyqkTMRkY9SKP+kNFGqDsZ/sKKFwKi
8rwMkV24J1ENvDE7KrvOvg0l6WUkM+c8zFplX41ixVSnLXjdiTxvucZrWTpFBpNZ
iUeXDq+qtHo7T7b751ILSGgPjIVkzK/7CIUY/Vr3CWY0rIy0hn37frFBBhfGF/rL
K16h0CGtrLfI5w==
-----END CERTIFICATE-----