Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft
File:                     XAAsRHm7TJbiI0OZznH1YDRSmdA.mft (raw, json)
Hash identifier:          yFEoarKXrU7iC72+x7TJerkO1LywRDM2RjxVmejynlM=
Subject key identifier:   53:25:48:06:72:AF:B0:7E:23:72:27:60:6B:F9:99:BE:B2:BE:8C:95
Authority key identifier: 5C:00:2C:44:79:BB:4C:96:E2:23:43:99:CE:71:F5:60:34:52:99:D0
Certificate issuer:       /CN=5c002c4479bb4c96e2234399ce71f560345299d0
Certificate serial:       0197B6A19F172CBECB22D268DEAFB5D5C8F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XAAsRHm7TJbiI0OZznH1YDRSmdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft
Manifest number:          0849
Signing time:             Sat 28 Jun 2025 13:02:14 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:14 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:14 +0000
Files and hashes:         1: XAAsRHm7TJbiI0OZznH1YDRSmdA.crl (hash: 0fr8MV7yVoHhLttCV/zv1YT39YEYGYU8fg0L6j/cSW4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XAAsRHm7TJbiI0OZznH1YDRSmdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:9f:17:2c:be:cb:22:d2:68:de:af:b5:d5:c8:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c002c4479bb4c96e2234399ce71f560345299d0
        Validity
            Not Before: Jun 28 13:02:14 2025 GMT
            Not After : Jun 29 13:02:14 2025 GMT
        Subject: CN=5325480672afb07e237227606bf999beb2be8c95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:b4:6a:d1:87:70:b4:3e:43:1a:fe:50:03:1f:
                    1a:d8:c3:33:02:3e:b4:2e:57:47:c6:5e:8d:e6:4f:
                    de:cd:ff:1f:a8:1a:01:0d:d1:2c:3b:85:c6:42:ff:
                    50:66:27:84:e8:c8:3c:fb:ab:27:76:dc:06:5e:58:
                    26:7c:0e:a4:f2:19:38:6b:7f:65:93:11:c6:18:06:
                    62:27:d9:2d:07:5c:4c:ca:7e:c4:9d:ed:bb:a5:31:
                    80:e1:2a:7f:28:ba:8b:e0:65:7c:1e:8f:54:f0:f7:
                    3b:95:b6:f0:34:cf:86:92:27:1a:21:21:d0:9f:6c:
                    cf:a2:89:d3:37:60:ac:93:34:3f:06:7d:a0:6a:27:
                    fd:70:26:a2:27:72:78:5b:3e:56:14:ce:f9:fe:45:
                    25:ad:52:2b:be:24:11:30:84:4e:d2:e8:d2:0e:02:
                    f1:42:00:76:c4:cc:00:fd:d6:cc:2c:29:cd:cf:dc:
                    7f:b5:a6:ed:81:f8:23:5b:76:32:fb:33:4f:4e:93:
                    19:00:92:23:2e:8e:b6:94:c4:b9:3c:3d:39:f8:1d:
                    ae:c6:2a:2d:31:57:9c:0d:ec:53:26:31:a8:aa:46:
                    06:fd:bc:f0:be:5a:76:54:1e:d3:08:ae:64:f8:21:
                    a2:ab:b3:f8:7d:32:03:db:35:aa:bd:6e:98:f9:22:
                    01:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:25:48:06:72:AF:B0:7E:23:72:27:60:6B:F9:99:BE:B2:BE:8C:95
            X509v3 Authority Key Identifier:
                keyid:5C:00:2C:44:79:BB:4C:96:E2:23:43:99:CE:71:F5:60:34:52:99:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XAAsRHm7TJbiI0OZznH1YDRSmdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:dd:f9:5d:5e:d7:b3:e9:87:c5:0d:41:0a:c4:a6:dc:4a:82:
         b6:99:f2:96:ea:86:04:5a:d1:65:4b:a9:f7:ac:08:4b:72:28:
         85:6b:45:8a:3b:8c:5d:9c:16:e2:88:00:3e:84:d6:f7:f1:c9:
         1a:0d:3e:7c:36:69:1d:c1:ff:52:1c:98:61:2e:27:23:97:b9:
         eb:07:00:fb:4e:ba:c4:fd:67:dc:95:08:1d:7e:52:4a:e8:29:
         3e:00:6c:14:92:66:e4:a0:56:7b:00:04:ec:95:be:76:30:8f:
         c9:82:d2:53:76:ff:1e:f3:d4:f5:1d:e1:06:0b:6d:0c:5d:e0:
         58:55:23:a3:ab:70:5d:f2:ee:d3:be:7f:0a:ce:b8:40:26:81:
         92:da:6e:8f:7b:12:17:0f:33:7b:00:28:4a:47:f4:5d:54:73:
         1d:2b:8f:5d:49:3e:65:aa:23:43:f2:21:68:43:31:c6:76:c9:
         39:96:e4:86:c0:fd:72:b2:40:8d:61:0d:4d:7d:c1:48:b3:b7:
         02:b4:b1:5c:9a:62:9e:61:cf:8e:5b:f2:57:a3:82:b3:b9:c2:
         a0:12:11:a9:a8:21:76:fd:2e:2b:6e:84:38:6f:8a:e4:bd:3e:
         5b:64:9b:ae:c8:f1:e4:24:e0:b7:fe:7f:c0:3f:47:4e:03:4f:
         33:f2:74:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oZ8XLL7LItJo3q+11cj4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMDAyYzQ0NzliYjRjOTZlMjIzNDM5OWNlNzFmNTYwMzQ1
Mjk5ZDAwHhcNMjUwNjI4MTMwMjE0WhcNMjUwNjI5MTMwMjE0WjAzMTEwLwYDVQQD
Eyg1MzI1NDgwNjcyYWZiMDdlMjM3MjI3NjA2YmY5OTliZWIyYmU4Yzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLRq0YdwtD5DGv5QAx8a2MMzAj60
LldHxl6N5k/ezf8fqBoBDdEsO4XGQv9QZieE6Mg8+6sndtwGXlgmfA6k8hk4a39l
kxHGGAZiJ9ktB1xMyn7Ene27pTGA4Sp/KLqL4GV8Ho9U8Pc7lbbwNM+GkicaISHQ
n2zPoonTN2CskzQ/Bn2gaif9cCaiJ3J4Wz5WFM75/kUlrVIrviQRMIRO0ujSDgLx
QgB2xMwA/dbMLCnNz9x/tabtgfgjW3Yy+zNPTpMZAJIjLo62lMS5PD05+B2uxiot
MVecDexTJjGoqkYG/bzwvlp2VB7TCK5k+CGiq7P4fTID2zWqvW6Y+SIBNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFMlSAZyr7B+I3InYGv5mb6yvoyVMB8GA1UdIwQY
MBaAFFwALER5u0yW4iNDmc5x9WA0UpnQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEFBc1JIbTdUSmJpSTBPWnpuSDFZRFJTbWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jNTAzZDYtYjZlNC00M2UyLTkxZTYt
NzFjNTcwZGNiMGE0LzEvWEFBc1JIbTdUSmJpSTBPWnpuSDFZRFJTbWRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jNTAzZDYtYjZlNC00M2UyLTkxZTYtNzFjNTcwZGNiMGE0
LzEvWEFBc1JIbTdUSmJpSTBPWnpuSDFZRFJTbWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr935XV7X
s+mHxQ1BCsSm3EqCtpnyluqGBFrRZUup96wIS3IohWtFijuMXZwW4ogAPoTW9/HJ
Gg0+fDZpHcH/UhyYYS4nI5e56wcA+066xP1n3JUIHX5SSugpPgBsFJJm5KBWewAE
7JW+djCPyYLSU3b/HvPU9R3hBgttDF3gWFUjo6twXfLu075/Cs64QCaBktpuj3sS
Fw8zewAoSkf0XVRzHSuPXUk+ZaojQ/IhaEMxxnbJOZbkhsD9crJAjWENTX3BSLO3
ArSxXJpinmHPjlvyV6OCs7nCoBIRqaghdv0uK26EOG+K5L0+W2Sbrsjx5CTgt/5/
wD9HTgNPM/J09A==
-----END CERTIFICATE-----