Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft
File:                     XAAsRHm7TJbiI0OZznH1YDRSmdA.mft (raw, json)
Hash identifier:          UaSV6oZMe2gRWQZkB56rFM2UCOMo4XyCPdriaSyD49A=
Subject key identifier:   47:4A:83:B4:61:03:BD:53:1D:06:55:23:CA:A4:ED:FE:47:6A:76:8F
Authority key identifier: 5C:00:2C:44:79:BB:4C:96:E2:23:43:99:CE:71:F5:60:34:52:99:D0
Certificate issuer:       /CN=5c002c4479bb4c96e2234399ce71f560345299d0
Certificate serial:       0199FBEAB80E8B239C40810328CFB3B42123
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XAAsRHm7TJbiI0OZznH1YDRSmdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft
Manifest number:          0976
Signing time:             Sun 19 Oct 2025 10:01:27 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:27 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:27 +0000
Files and hashes:         1: XAAsRHm7TJbiI0OZznH1YDRSmdA.crl (hash: SlkYE+4EpC55Jt11zg3JIY9sbV2fz902fulhmKJqgQs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XAAsRHm7TJbiI0OZznH1YDRSmdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:b8:0e:8b:23:9c:40:81:03:28:cf:b3:b4:21:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c002c4479bb4c96e2234399ce71f560345299d0
        Validity
            Not Before: Oct 19 10:01:27 2025 GMT
            Not After : Oct 20 10:01:27 2025 GMT
        Subject: CN=474a83b46103bd531d065523caa4edfe476a768f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:26:e3:dc:ea:ae:2f:7d:43:48:2c:97:b2:1a:
                    17:3a:27:6e:7a:ee:ff:1d:3b:59:ca:58:cc:68:d2:
                    29:0d:21:f8:9e:d8:76:26:75:1a:b9:cb:d1:5e:e9:
                    f9:dc:73:ca:df:bc:a9:18:32:6b:84:b6:f5:5c:42:
                    ca:62:68:4c:66:a6:c2:5d:e4:81:1f:b2:c8:e3:7a:
                    a4:cc:db:57:0c:7b:8a:2a:11:7c:d1:98:86:73:aa:
                    4f:02:2e:f1:ed:d4:2f:66:db:26:75:9f:d2:33:25:
                    93:92:f1:a3:fd:bd:81:b2:e1:c2:91:1d:92:22:ce:
                    f1:ae:a4:c0:6f:6f:b2:62:a5:44:39:6e:c6:11:96:
                    24:dd:c7:93:86:6a:81:a9:36:25:17:01:8e:e5:eb:
                    fa:77:d6:f6:f6:bd:d0:b0:40:95:05:29:a0:7f:e0:
                    20:cb:7b:2e:9b:99:f3:64:15:65:76:90:0f:8e:d6:
                    8d:c3:fe:27:31:f8:29:85:67:b4:11:7e:0c:cd:72:
                    80:e0:36:28:04:d9:e4:7b:8d:0a:0e:51:13:33:ee:
                    d2:b2:e0:b6:14:c5:f7:bb:74:73:56:ac:c7:92:2f:
                    50:2e:22:25:30:1b:49:4f:a6:4a:7a:14:14:82:d6:
                    6f:f4:0e:cc:79:ca:84:c2:a4:cb:10:f3:10:c6:a5:
                    a9:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:4A:83:B4:61:03:BD:53:1D:06:55:23:CA:A4:ED:FE:47:6A:76:8F
            X509v3 Authority Key Identifier:
                keyid:5C:00:2C:44:79:BB:4C:96:E2:23:43:99:CE:71:F5:60:34:52:99:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XAAsRHm7TJbiI0OZznH1YDRSmdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:ae:cd:88:7b:41:6e:d0:f7:00:61:77:15:de:e8:a9:16:8a:
         b4:5f:60:6f:d2:3d:35:98:c1:b3:31:4a:23:57:83:ec:01:e6:
         82:56:4c:96:9a:83:82:e1:bc:2e:87:7f:cb:f7:e0:79:3e:fd:
         74:19:fe:f5:f8:de:19:68:52:b8:29:df:88:64:b7:64:52:84:
         66:50:2a:d5:fe:82:63:6f:b6:eb:cf:56:2d:f7:d1:42:df:2b:
         4e:29:d5:21:14:ae:e2:ea:cb:48:08:f9:0e:ed:ad:d3:29:ee:
         94:9b:dd:3b:c6:c5:f0:d7:85:1b:75:52:0a:3c:b0:25:84:ef:
         0e:5d:ac:d5:f9:f4:b7:38:14:24:5a:11:4f:23:15:f6:64:b4:
         e3:38:3a:5c:ce:80:8c:ff:c6:3d:53:2e:5a:52:d5:c1:37:8b:
         97:5e:54:68:cd:85:2b:4c:46:77:d8:17:f5:07:eb:bd:9c:eb:
         cf:71:5b:d9:47:4b:d5:58:20:38:62:de:15:5c:d8:9a:5a:05:
         c0:37:a9:40:ff:57:c7:58:be:b2:9f:a0:15:da:7c:b7:2d:dc:
         d1:a1:27:9d:bd:26:90:57:ad:f8:aa:45:aa:20:e6:1b:e0:32:
         77:c5:17:7b:d0:d3:91:ed:db:92:e0:b2:ec:30:00:d8:3c:28:
         49:2c:9a:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76rgOiyOcQIEDKM+ztCEjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMDAyYzQ0NzliYjRjOTZlMjIzNDM5OWNlNzFmNTYwMzQ1
Mjk5ZDAwHhcNMjUxMDE5MTAwMTI3WhcNMjUxMDIwMTAwMTI3WjAzMTEwLwYDVQQD
Eyg0NzRhODNiNDYxMDNiZDUzMWQwNjU1MjNjYWE0ZWRmZTQ3NmE3NjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApibj3OquL31DSCyXshoXOidueu7/
HTtZyljMaNIpDSH4nth2JnUaucvRXun53HPK37ypGDJrhLb1XELKYmhMZqbCXeSB
H7LI43qkzNtXDHuKKhF80ZiGc6pPAi7x7dQvZtsmdZ/SMyWTkvGj/b2BsuHCkR2S
Is7xrqTAb2+yYqVEOW7GEZYk3ceThmqBqTYlFwGO5ev6d9b29r3QsECVBSmgf+Ag
y3sum5nzZBVldpAPjtaNw/4nMfgphWe0EX4MzXKA4DYoBNnke40KDlETM+7SsuC2
FMX3u3RzVqzHki9QLiIlMBtJT6ZKehQUgtZv9A7MecqEwqTLEPMQxqWpfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEdKg7RhA71THQZVI8qk7f5HanaPMB8GA1UdIwQY
MBaAFFwALER5u0yW4iNDmc5x9WA0UpnQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEFBc1JIbTdUSmJpSTBPWnpuSDFZRFJTbWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jNTAzZDYtYjZlNC00M2UyLTkxZTYt
NzFjNTcwZGNiMGE0LzEvWEFBc1JIbTdUSmJpSTBPWnpuSDFZRFJTbWRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jNTAzZDYtYjZlNC00M2UyLTkxZTYtNzFjNTcwZGNiMGE0
LzEvWEFBc1JIbTdUSmJpSTBPWnpuSDFZRFJTbWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAla7NiHtB
btD3AGF3Fd7oqRaKtF9gb9I9NZjBszFKI1eD7AHmglZMlpqDguG8Lod/y/fgeT79
dBn+9fjeGWhSuCnfiGS3ZFKEZlAq1f6CY2+2689WLffRQt8rTinVIRSu4urLSAj5
Du2t0ynulJvdO8bF8NeFG3VSCjywJYTvDl2s1fn0tzgUJFoRTyMV9mS04zg6XM6A
jP/GPVMuWlLVwTeLl15UaM2FK0xGd9gX9QfrvZzrz3Fb2UdL1VggOGLeFVzYmloF
wDepQP9Xx1i+sp+gFdp8ty3c0aEnnb0mkFet+KpFqiDmG+Ayd8UXe9DTke3bkuCy
7DAA2DwoSSyaxQ==
-----END CERTIFICATE-----