Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft
File:                     XAAsRHm7TJbiI0OZznH1YDRSmdA.mft (raw, json)
Hash identifier:          VEovSQt/WsKvrjxlOCtM7TXrJiqDV9uQDbMn2LcMvKs=
Subject key identifier:   CC:4A:31:E0:E0:37:B1:DA:8D:D7:D0:B1:93:C9:27:32:DA:16:CC:AC
Authority key identifier: 5C:00:2C:44:79:BB:4C:96:E2:23:43:99:CE:71:F5:60:34:52:99:D0
Certificate issuer:       /CN=5c002c4479bb4c96e2234399ce71f560345299d0
Certificate serial:       0198D473D7024CA998196A085991417F5C83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XAAsRHm7TJbiI0OZznH1YDRSmdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft
Manifest number:          08DD
Signing time:             Sat 23 Aug 2025 01:03:38 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:38 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:38 +0000
Files and hashes:         1: XAAsRHm7TJbiI0OZznH1YDRSmdA.crl (hash: R1RP+mOZIPQHPIuuA/GfPgvyozHFNn5lt+hhDSUoHi8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XAAsRHm7TJbiI0OZznH1YDRSmdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:d7:02:4c:a9:98:19:6a:08:59:91:41:7f:5c:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c002c4479bb4c96e2234399ce71f560345299d0
        Validity
            Not Before: Aug 23 01:03:38 2025 GMT
            Not After : Aug 24 01:03:38 2025 GMT
        Subject: CN=cc4a31e0e037b1da8dd7d0b193c92732da16ccac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:75:8b:46:0e:2e:77:49:a3:7d:06:55:6e:2f:
                    e0:37:b9:e8:67:06:4d:b3:01:9e:06:70:be:1b:6b:
                    bc:fb:47:cd:f3:21:31:6d:f3:73:13:a0:77:74:6b:
                    77:46:d5:ef:89:22:8d:fc:43:7b:ca:12:65:99:fa:
                    8c:ff:ef:aa:10:2e:94:53:89:9d:bd:9e:ed:7e:5d:
                    22:5b:f8:df:8b:3a:d0:97:85:6c:00:50:df:e4:85:
                    65:ac:2a:cc:75:96:c4:b9:2d:2d:6b:53:23:de:ce:
                    f7:28:45:86:f8:2f:5c:12:54:41:ed:33:ff:f0:36:
                    4a:0a:c2:a4:9d:87:9d:7b:01:d2:c3:fb:f9:c5:73:
                    95:97:fa:27:c4:a1:1b:21:5f:88:41:d9:80:c6:fa:
                    1b:0e:5d:39:d5:dd:52:4a:0b:ec:12:b7:65:6e:0b:
                    45:0d:e9:ba:59:3d:d6:aa:44:3a:cb:be:43:01:8e:
                    49:c0:7d:21:f4:03:96:05:8c:a2:a5:14:d3:38:d4:
                    99:14:b3:f3:9e:61:93:e6:38:78:ac:c3:8b:32:7c:
                    ff:02:2e:c2:f1:88:ca:43:ad:c0:53:07:fb:68:86:
                    ed:59:25:a5:56:33:e8:6d:38:76:b1:a7:57:71:dd:
                    52:bc:61:fb:93:a0:85:e0:73:06:e4:7f:f5:6c:07:
                    06:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:4A:31:E0:E0:37:B1:DA:8D:D7:D0:B1:93:C9:27:32:DA:16:CC:AC
            X509v3 Authority Key Identifier:
                keyid:5C:00:2C:44:79:BB:4C:96:E2:23:43:99:CE:71:F5:60:34:52:99:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XAAsRHm7TJbiI0OZznH1YDRSmdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:88:b7:cb:2e:d5:a5:b3:d7:34:dd:23:17:80:e3:56:8f:54:
         c2:80:e1:97:11:b5:55:e9:7c:65:5f:7b:6b:27:27:e3:d7:f1:
         34:74:32:2a:d9:09:a7:97:7b:0b:8c:e0:b8:e6:62:ff:7e:a5:
         5d:07:ec:ae:06:37:3c:db:15:cb:57:b5:6e:ab:9f:35:7d:a1:
         ba:de:e6:bf:64:a8:8a:c3:4a:f1:59:64:3d:87:12:88:a2:56:
         36:33:52:d7:c8:35:a9:40:3f:d7:cc:35:ec:56:e0:0c:81:cf:
         c8:c4:d0:22:7d:d4:d0:d4:ab:d2:c0:97:b0:22:5e:e0:6b:4b:
         67:c0:ef:57:c7:41:6e:06:23:fc:5a:e6:57:aa:94:b2:d0:9f:
         e2:7c:ca:fb:c6:81:99:34:65:29:98:64:df:cc:cd:91:c9:49:
         f7:2d:dc:e7:97:65:f6:c4:0f:29:25:04:9d:30:93:f5:79:61:
         f2:4e:f0:f1:34:fb:46:55:91:ff:88:96:68:e1:76:d1:6d:28:
         8c:bb:4d:eb:54:5c:96:58:58:68:82:83:c5:85:08:ed:59:2d:
         cb:d7:9b:34:5d:51:24:33:f8:5f:ad:3c:81:ca:de:f5:ac:33:
         42:d9:a5:48:79:54:8b:d5:f1:15:29:b8:57:31:8d:f2:5f:31:
         99:de:df:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc9cCTKmYGWoIWZFBf1yDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMDAyYzQ0NzliYjRjOTZlMjIzNDM5OWNlNzFmNTYwMzQ1
Mjk5ZDAwHhcNMjUwODIzMDEwMzM4WhcNMjUwODI0MDEwMzM4WjAzMTEwLwYDVQQD
EyhjYzRhMzFlMGUwMzdiMWRhOGRkN2QwYjE5M2M5MjczMmRhMTZjY2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13WLRg4ud0mjfQZVbi/gN7noZwZN
swGeBnC+G2u8+0fN8yExbfNzE6B3dGt3RtXviSKN/EN7yhJlmfqM/++qEC6UU4md
vZ7tfl0iW/jfizrQl4VsAFDf5IVlrCrMdZbEuS0ta1Mj3s73KEWG+C9cElRB7TP/
8DZKCsKknYedewHSw/v5xXOVl/onxKEbIV+IQdmAxvobDl051d1SSgvsErdlbgtF
Dem6WT3WqkQ6y75DAY5JwH0h9AOWBYyipRTTONSZFLPznmGT5jh4rMOLMnz/Ai7C
8YjKQ63AUwf7aIbtWSWlVjPobTh2sadXcd1SvGH7k6CF4HMG5H/1bAcGHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMxKMeDgN7HajdfQsZPJJzLaFsysMB8GA1UdIwQY
MBaAFFwALER5u0yW4iNDmc5x9WA0UpnQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEFBc1JIbTdUSmJpSTBPWnpuSDFZRFJTbWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jNTAzZDYtYjZlNC00M2UyLTkxZTYt
NzFjNTcwZGNiMGE0LzEvWEFBc1JIbTdUSmJpSTBPWnpuSDFZRFJTbWRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jNTAzZDYtYjZlNC00M2UyLTkxZTYtNzFjNTcwZGNiMGE0
LzEvWEFBc1JIbTdUSmJpSTBPWnpuSDFZRFJTbWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWYi3yy7V
pbPXNN0jF4DjVo9UwoDhlxG1Vel8ZV97aycn49fxNHQyKtkJp5d7C4zguOZi/36l
XQfsrgY3PNsVy1e1bqufNX2hut7mv2SoisNK8VlkPYcSiKJWNjNS18g1qUA/18w1
7FbgDIHPyMTQIn3U0NSr0sCXsCJe4GtLZ8DvV8dBbgYj/FrmV6qUstCf4nzK+8aB
mTRlKZhk38zNkclJ9y3c55dl9sQPKSUEnTCT9Xlh8k7w8TT7RlWR/4iWaOF20W0o
jLtN61RcllhYaIKDxYUI7Vkty9ebNF1RJDP4X608gcre9awzQtmlSHlUi9XxFSm4
VzGN8l8xmd7fWg==
-----END CERTIFICATE-----