Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft
File:                     XlTVGjJHsX9vlqDM4lMBktyfdCI.mft (raw, json)
Hash identifier:          ycs801WVN2amUr3FtunrSSKNU4cAWc8K+t1d22XDQOg=
Subject key identifier:   EA:52:9E:EA:F9:F3:4B:B0:31:40:0E:14:A6:0E:DE:9F:B6:67:96:71
Authority key identifier: 5E:54:D5:1A:32:47:B1:7F:6F:96:A0:CC:E2:53:01:92:DC:9F:74:22
Certificate issuer:       /CN=5e54d51a3247b17f6f96a0cce2530192dc9f7422
Certificate serial:       019A0035ADA603EF8776492C15502BCE4D02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XlTVGjJHsX9vlqDM4lMBktyfdCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft
Manifest number:          06B5
Signing time:             Mon 20 Oct 2025 06:01:49 +0000
Manifest this update:     Mon 20 Oct 2025 06:01:49 +0000
Manifest next update:     Tue 21 Oct 2025 06:01:49 +0000
Files and hashes:         1: XlTVGjJHsX9vlqDM4lMBktyfdCI.crl (hash: oTPuqsUsOBfmYaR/wlBgJ/LUkeVeKvUoRVSro7d1xKI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XlTVGjJHsX9vlqDM4lMBktyfdCI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 06:01:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:35:ad:a6:03:ef:87:76:49:2c:15:50:2b:ce:4d:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e54d51a3247b17f6f96a0cce2530192dc9f7422
        Validity
            Not Before: Oct 20 06:01:49 2025 GMT
            Not After : Oct 21 06:01:49 2025 GMT
        Subject: CN=ea529eeaf9f34bb031400e14a60ede9fb6679671
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:53:97:03:96:cd:52:5d:3e:7d:b7:1e:0f:09:
                    63:6d:ed:73:ab:c6:80:28:c3:f7:8a:f2:da:42:c3:
                    3c:e2:0b:52:d7:d0:a9:84:96:40:da:31:5a:8f:75:
                    d5:66:7e:46:9b:f2:dd:a3:8f:43:a9:1c:59:fc:2f:
                    e4:aa:b3:bf:73:33:ee:7d:17:56:e0:87:a9:02:7e:
                    c9:4c:6c:1b:0a:a7:aa:a9:64:55:e3:73:70:e1:0a:
                    76:88:52:5e:4f:46:af:0f:03:67:4b:91:b0:48:95:
                    e0:74:5e:0e:dc:60:3c:a8:18:34:20:28:36:60:da:
                    f1:3f:78:ff:0d:2d:b9:d7:2b:e4:b3:84:2e:7c:15:
                    9d:0a:93:72:ed:a1:a9:1f:10:06:48:44:3d:fd:d3:
                    51:a8:bb:37:20:67:19:cc:57:fa:e3:17:0e:bd:e3:
                    05:de:18:86:ef:12:be:c3:ac:66:52:9f:96:27:e3:
                    bb:e8:2c:6d:e4:05:5a:76:6b:15:53:98:da:92:27:
                    97:5c:32:23:10:7a:a2:70:d2:e1:b8:82:c7:b8:b5:
                    be:c7:54:32:be:20:fd:7f:6f:0f:0b:54:29:64:1a:
                    d9:09:2d:30:60:16:dc:8d:91:e1:9e:1d:06:ae:74:
                    0a:4f:fd:a3:0f:08:c3:31:71:fa:29:13:b8:b6:71:
                    20:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:52:9E:EA:F9:F3:4B:B0:31:40:0E:14:A6:0E:DE:9F:B6:67:96:71
            X509v3 Authority Key Identifier:
                keyid:5E:54:D5:1A:32:47:B1:7F:6F:96:A0:CC:E2:53:01:92:DC:9F:74:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlTVGjJHsX9vlqDM4lMBktyfdCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:50:5c:28:c3:ca:bc:a6:4f:8e:af:a1:63:2a:5f:eb:8b:b1:
         ef:68:1e:2b:24:26:41:82:4e:25:15:a2:8a:01:b9:f5:c9:f6:
         c2:4b:e8:23:67:22:40:73:8d:a1:83:3e:75:b7:09:a2:31:51:
         04:c7:71:32:e5:ed:08:e7:df:5b:37:c1:9c:c5:99:e9:09:9a:
         56:47:15:04:2c:cd:fc:a4:69:5f:0e:d5:86:10:95:3f:dc:75:
         e8:49:5b:72:bc:b1:e5:ca:83:01:9d:be:67:25:4b:d0:8d:65:
         90:2a:3d:6f:92:cb:3b:2f:95:02:59:7e:0b:91:8d:ed:40:7f:
         f1:19:f1:ba:a1:a1:04:2d:7d:fd:5d:bd:5d:15:06:10:66:ef:
         a1:77:55:af:e5:92:16:78:eb:b9:fd:ca:8c:92:64:75:5a:a2:
         99:83:e1:b9:61:e8:f2:3d:b1:70:cb:b8:51:a1:3f:53:ad:5d:
         71:fd:2c:4f:b3:14:fd:f1:99:95:00:91:71:5f:36:f7:44:11:
         36:21:cb:f0:78:14:d4:c8:31:83:35:df:4e:bd:55:d5:95:cf:
         09:00:04:02:1f:e2:75:d3:bb:16:22:91:b4:20:d3:5b:11:17:
         40:b0:69:03:e9:ee:aa:1a:65:54:cd:5c:b6:62:37:fd:6e:e1:
         69:9f:e1:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANa2mA++HdkksFVArzk0CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNTRkNTFhMzI0N2IxN2Y2Zjk2YTBjY2UyNTMwMTkyZGM5
Zjc0MjIwHhcNMjUxMDIwMDYwMTQ5WhcNMjUxMDIxMDYwMTQ5WjAzMTEwLwYDVQQD
EyhlYTUyOWVlYWY5ZjM0YmIwMzE0MDBlMTRhNjBlZGU5ZmI2Njc5NjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFOXA5bNUl0+fbceDwljbe1zq8aA
KMP3ivLaQsM84gtS19CphJZA2jFaj3XVZn5Gm/Ldo49DqRxZ/C/kqrO/czPufRdW
4IepAn7JTGwbCqeqqWRV43Nw4Qp2iFJeT0avDwNnS5GwSJXgdF4O3GA8qBg0ICg2
YNrxP3j/DS251yvks4QufBWdCpNy7aGpHxAGSEQ9/dNRqLs3IGcZzFf64xcOveMF
3hiG7xK+w6xmUp+WJ+O76Cxt5AVadmsVU5jakieXXDIjEHqicNLhuILHuLW+x1Qy
viD9f28PC1QpZBrZCS0wYBbcjZHhnh0GrnQKT/2jDwjDMXH6KRO4tnEgcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOpSnur580uwMUAOFKYO3p+2Z5ZxMB8GA1UdIwQY
MBaAFF5U1RoyR7F/b5agzOJTAZLcn3QiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGxUVkdqSkhzWDl2bHFETTRsTUJrdHlmZENJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy82NTI0ZjYtNTMyMC00Njg2LWE1YzMt
NzJlMWZjNGEzMDZlLzEvWGxUVkdqSkhzWDl2bHFETTRsTUJrdHlmZENJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy82NTI0ZjYtNTMyMC00Njg2LWE1YzMtNzJlMWZjNGEzMDZl
LzEvWGxUVkdqSkhzWDl2bHFETTRsTUJrdHlmZENJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR1BcKMPK
vKZPjq+hYypf64ux72geKyQmQYJOJRWiigG59cn2wkvoI2ciQHONoYM+dbcJojFR
BMdxMuXtCOffWzfBnMWZ6QmaVkcVBCzN/KRpXw7VhhCVP9x16Elbcryx5cqDAZ2+
ZyVL0I1lkCo9b5LLOy+VAll+C5GN7UB/8RnxuqGhBC19/V29XRUGEGbvoXdVr+WS
Fnjruf3KjJJkdVqimYPhuWHo8j2xcMu4UaE/U61dcf0sT7MU/fGZlQCRcV8290QR
NiHL8HgU1MgxgzXfTr1V1ZXPCQAEAh/iddO7FiKRtCDTWxEXQLBpA+nuqhplVM1c
tmI3/W7haZ/h2Q==
-----END CERTIFICATE-----