Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft
File:                     XOackdRTOWv6Fm8FG_jwbAOghcs.mft (raw, json)
Hash identifier:          lQzfpA1RExgLEQdw46A717yB/UYD9TWeTPVjMcZPJV4=
Subject key identifier:   10:03:20:09:2D:4C:A0:61:B2:04:41:7B:16:1F:4D:E7:E4:26:36:49
Authority key identifier: 5C:E6:9C:91:D4:53:39:6B:FA:16:6F:05:1B:F8:F0:6C:03:A0:85:CB
Certificate issuer:       /CN=5ce69c91d453396bfa166f051bf8f06c03a085cb
Certificate serial:       019A4EF421B1DBA5FEB011D554B609D37A4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft
Manifest number:          0C19
Signing time:             Tue 04 Nov 2025 13:00:13 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:13 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:13 +0000
Files and hashes:         1: XOackdRTOWv6Fm8FG_jwbAOghcs.crl (hash: wHH+gqYNdQtREkoXiprvtqgc/TE0k6ps+V6qhfu6v6g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:00:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:21:b1:db:a5:fe:b0:11:d5:54:b6:09:d3:7a:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ce69c91d453396bfa166f051bf8f06c03a085cb
        Validity
            Not Before: Nov  4 13:00:13 2025 GMT
            Not After : Nov  5 13:00:13 2025 GMT
        Subject: CN=100320092d4ca061b204417b161f4de7e4263649
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:42:26:5b:5f:1a:25:23:a8:6b:e4:8c:f7:5c:
                    85:a7:39:8c:bb:1c:ef:37:8e:13:01:3c:29:74:b3:
                    00:01:d2:e0:57:a3:77:ec:6d:bb:18:4c:81:46:8f:
                    0a:39:79:19:71:10:d5:57:7a:3c:f3:65:1b:6c:51:
                    54:8d:63:7f:16:d0:bb:2c:77:1a:9a:ac:a5:23:b8:
                    ac:01:0d:28:90:f2:e2:50:ba:3e:29:91:6a:6e:94:
                    4f:a6:06:d4:be:25:f6:fe:4e:c5:43:3d:c0:de:73:
                    51:dc:72:ef:a6:2e:92:1f:8f:fa:fb:28:78:26:9a:
                    5b:4e:e5:88:95:3b:31:c3:65:e9:15:f0:aa:de:70:
                    47:4a:a3:32:a1:09:4b:43:8f:ad:83:1a:da:23:81:
                    24:fa:67:f0:f6:00:c0:f7:4f:32:ff:a6:8f:86:7e:
                    4b:d0:b8:2a:5e:8a:ce:34:43:f6:df:cd:20:3e:66:
                    ab:54:97:9b:d4:1f:66:4a:17:be:ea:06:53:52:c9:
                    27:ff:d0:75:dd:92:54:b4:38:1f:6a:1d:a7:47:a8:
                    99:39:10:c0:61:3d:9d:1d:11:4b:49:4b:e1:59:e1:
                    17:8b:28:f6:90:55:41:38:67:91:e9:21:11:ec:60:
                    b1:64:3b:76:ee:56:71:7c:94:1e:1e:0d:bd:9c:81:
                    34:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:03:20:09:2D:4C:A0:61:B2:04:41:7B:16:1F:4D:E7:E4:26:36:49
            X509v3 Authority Key Identifier:
                keyid:5C:E6:9C:91:D4:53:39:6B:FA:16:6F:05:1B:F8:F0:6C:03:A0:85:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:3a:93:31:41:97:bd:95:b3:ef:5a:b1:09:7b:5a:b7:d9:c2:
         6f:b3:4b:cf:f4:4a:17:77:07:c1:52:d1:03:76:34:fa:17:6d:
         d0:43:45:8b:9f:3c:6b:d3:7d:7a:a0:bd:b9:a4:44:45:f3:d8:
         e4:0a:76:8b:89:d9:e3:dd:83:8d:62:c7:7a:21:6d:38:38:9e:
         36:12:b6:4b:b3:4d:b6:c0:fa:8f:f2:64:48:c4:20:28:04:43:
         a8:97:15:85:48:d6:ad:62:97:46:69:78:1c:78:c7:83:7a:de:
         6a:71:bd:5c:70:a9:bd:60:14:c7:c6:e3:83:a8:0a:a0:97:d3:
         aa:b7:e8:fb:3a:3b:e4:e8:e9:c4:f5:56:74:26:c2:fc:07:c8:
         39:7c:dc:eb:5e:8f:e4:4c:53:f7:09:c7:26:1e:1c:91:50:bd:
         4d:23:04:2f:a2:5e:e8:8b:e2:2c:5a:36:c8:9b:80:a5:72:d4:
         ce:0e:1b:7c:2e:ce:29:41:90:96:18:63:68:77:6d:56:38:fe:
         4c:21:f7:07:c6:a1:07:c8:10:74:af:1e:16:4e:2e:80:fe:18:
         3e:a2:43:7a:c2:ce:37:28:a8:f3:20:34:09:0c:06:37:24:14:
         2b:a8:11:f1:f1:31:c0:0f:4a:5e:ac:06:58:d1:21:d8:6d:9e:
         29:44:e2:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9CGx26X+sBHVVLYJ03pNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZTY5YzkxZDQ1MzM5NmJmYTE2NmYwNTFiZjhmMDZjMDNh
MDg1Y2IwHhcNMjUxMTA0MTMwMDEzWhcNMjUxMTA1MTMwMDEzWjAzMTEwLwYDVQQD
EygxMDAzMjAwOTJkNGNhMDYxYjIwNDQxN2IxNjFmNGRlN2U0MjYzNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0ImW18aJSOoa+SM91yFpzmMuxzv
N44TATwpdLMAAdLgV6N37G27GEyBRo8KOXkZcRDVV3o882UbbFFUjWN/FtC7LHca
mqylI7isAQ0okPLiULo+KZFqbpRPpgbUviX2/k7FQz3A3nNR3HLvpi6SH4/6+yh4
JppbTuWIlTsxw2XpFfCq3nBHSqMyoQlLQ4+tgxraI4Ek+mfw9gDA908y/6aPhn5L
0LgqXorONEP2380gPmarVJeb1B9mShe+6gZTUskn/9B13ZJUtDgfah2nR6iZORDA
YT2dHRFLSUvhWeEXiyj2kFVBOGeR6SER7GCxZDt27lZxfJQeHg29nIE0SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBADIAktTKBhsgRBexYfTefkJjZJMB8GA1UdIwQY
MBaAFFzmnJHUUzlr+hZvBRv48GwDoIXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82ZTZkZDgtMWJjYS00NjMwLTk1NzQt
YTU5N2VlNjM3ZGI0LzEvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82ZTZkZDgtMWJjYS00NjMwLTk1NzQtYTU5N2VlNjM3ZGI0
LzEvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArjqTMUGX
vZWz71qxCXtat9nCb7NLz/RKF3cHwVLRA3Y0+hdt0ENFi588a9N9eqC9uaRERfPY
5Ap2i4nZ492DjWLHeiFtODieNhK2S7NNtsD6j/JkSMQgKARDqJcVhUjWrWKXRml4
HHjHg3reanG9XHCpvWAUx8bjg6gKoJfTqrfo+zo75OjpxPVWdCbC/AfIOXzc616P
5ExT9wnHJh4ckVC9TSMEL6Je6IviLFo2yJuApXLUzg4bfC7OKUGQlhhjaHdtVjj+
TCH3B8ahB8gQdK8eFk4ugP4YPqJDesLONyio8yA0CQwGNyQUK6gR8fExwA9KXqwG
WNEh2G2eKUTiOw==
-----END CERTIFICATE-----