Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
File:                     xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft (raw, json)
Hash identifier:          o5iBveeVPpmDP8ejQbuzQVZ76fpw2geIrqFJ64i0Lk4=
Subject key identifier:   A1:A9:13:B3:9D:71:F0:D1:9D:BF:5D:21:78:FB:DC:31:E3:55:30:36
Authority key identifier: C5:D1:8E:1A:1D:C6:55:8C:4D:BA:73:1E:FA:32:76:9C:45:F5:4B:A0
Certificate issuer:       /CN=c5d18e1a1dc6558c4dba731efa32769c45f54ba0
Certificate serial:       019892C8A68C8D32A5B31004ACD218D9432D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
Manifest number:          1624
Signing time:             Sun 10 Aug 2025 07:01:19 +0000
Manifest this update:     Sun 10 Aug 2025 07:01:19 +0000
Manifest next update:     Mon 11 Aug 2025 07:01:19 +0000
Files and hashes:         1: xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl (hash: fSCz4c0fWs1TImiexMNqbmDFDUEtOu5P1DqdukoOSOs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 07:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:92:c8:a6:8c:8d:32:a5:b3:10:04:ac:d2:18:d9:43:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5d18e1a1dc6558c4dba731efa32769c45f54ba0
        Validity
            Not Before: Aug 10 07:01:19 2025 GMT
            Not After : Aug 11 07:01:19 2025 GMT
        Subject: CN=a1a913b39d71f0d19dbf5d2178fbdc31e3553036
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:3d:fb:bb:fa:9b:96:09:e2:fb:f8:b4:06:35:
                    ed:c4:b2:3a:dd:7c:9c:e8:d0:3f:fc:7e:a5:a0:84:
                    57:fa:bb:6b:4e:3b:0e:a7:18:83:1d:d3:89:19:2f:
                    f9:14:07:91:3b:e4:ff:b8:aa:e6:bd:0e:78:46:9c:
                    f0:16:c4:fa:03:b9:b7:85:67:a7:05:59:03:15:b0:
                    8e:5e:06:94:94:4c:83:92:dd:65:96:bf:27:40:ed:
                    6a:03:21:3d:84:44:d4:cb:a0:d0:0c:b1:4c:48:60:
                    40:1f:9e:79:7a:7f:df:be:93:3d:0d:5d:a9:ed:70:
                    52:d9:30:5d:02:5d:0b:7b:63:60:42:7e:cc:78:50:
                    e0:94:ad:6a:2a:1e:c8:23:13:3f:fc:01:cb:71:4f:
                    a7:d6:4f:f4:26:3d:d3:f8:04:91:0b:74:c0:e5:24:
                    43:77:47:73:fc:cc:05:65:49:27:4f:9d:dd:c1:17:
                    3a:23:89:77:d3:95:ec:2f:83:2d:f5:da:b5:e4:b0:
                    03:8f:ee:0c:58:1e:7d:da:69:4e:84:26:69:17:9e:
                    38:8a:d0:e9:61:3a:98:9c:10:5b:04:97:6a:f5:72:
                    41:f6:6f:66:2c:da:3b:7d:d4:99:85:22:a5:68:b1:
                    78:46:d6:7c:b1:1f:26:08:61:7b:4d:cf:01:02:dc:
                    ad:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:A9:13:B3:9D:71:F0:D1:9D:BF:5D:21:78:FB:DC:31:E3:55:30:36
            X509v3 Authority Key Identifier:
                keyid:C5:D1:8E:1A:1D:C6:55:8C:4D:BA:73:1E:FA:32:76:9C:45:F5:4B:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:e5:57:a2:47:f4:14:b4:8a:af:99:b8:81:95:c3:fa:ca:3a:
         ef:ce:44:f1:8c:7a:59:67:a3:0a:51:b4:b9:0e:4d:88:d0:c3:
         3a:dc:b2:6d:a8:44:47:bf:b4:b9:87:f9:9b:ec:b8:55:66:79:
         4e:f8:2b:51:ea:b7:c6:d8:6f:74:c3:67:96:42:f5:98:bc:63:
         cf:9c:17:a0:6d:aa:67:88:7f:4b:c6:1f:f6:88:59:78:76:0b:
         5f:50:dd:13:f6:b5:e1:d2:bd:cd:15:e9:bb:5c:89:c3:87:2e:
         d6:2e:37:8d:5a:c4:4e:0a:fe:c9:41:37:9d:83:dd:db:f6:9f:
         9a:3f:43:0e:d2:7d:a1:f9:dc:30:4d:b4:96:7a:ad:0e:9c:17:
         c6:4e:74:a8:3b:a0:12:7b:ee:cd:46:72:21:0e:e0:17:a2:73:
         32:67:74:48:64:8d:a1:57:d2:ce:90:75:ef:fd:28:79:b7:21:
         e2:32:53:32:6f:24:1e:85:02:c1:1e:ba:f8:84:9d:83:89:73:
         54:76:b8:1c:26:79:5a:93:d0:7d:29:3d:0c:5e:41:a0:ae:31:
         3a:2f:cd:bd:60:84:ea:7b:84:6b:33:67:27:22:6a:98:8c:d4:
         7c:2b:b2:28:24:c6:ce:63:dd:0e:b6:95:0c:93:46:58:05:b9:
         40:63:94:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiSyKaMjTKlsxAErNIY2UMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZDE4ZTFhMWRjNjU1OGM0ZGJhNzMxZWZhMzI3NjljNDVm
NTRiYTAwHhcNMjUwODEwMDcwMTE5WhcNMjUwODExMDcwMTE5WjAzMTEwLwYDVQQD
EyhhMWE5MTNiMzlkNzFmMGQxOWRiZjVkMjE3OGZiZGMzMWUzNTUzMDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzj37u/qblgni+/i0BjXtxLI63Xyc
6NA//H6loIRX+rtrTjsOpxiDHdOJGS/5FAeRO+T/uKrmvQ54RpzwFsT6A7m3hWen
BVkDFbCOXgaUlEyDkt1llr8nQO1qAyE9hETUy6DQDLFMSGBAH555en/fvpM9DV2p
7XBS2TBdAl0Le2NgQn7MeFDglK1qKh7IIxM//AHLcU+n1k/0Jj3T+ASRC3TA5SRD
d0dz/MwFZUknT53dwRc6I4l305XsL4Mt9dq15LADj+4MWB592mlOhCZpF544itDp
YTqYnBBbBJdq9XJB9m9mLNo7fdSZhSKlaLF4RtZ8sR8mCGF7Tc8BAtytDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKGpE7OdcfDRnb9dIXj73DHjVTA2MB8GA1UdIwQY
MBaAFMXRjhodxlWMTbpzHvoydpxF9UugMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC82ZjZiMDctMmU0NS00MTBmLTkzMTgt
MWNiZTY2MWE2M2ZmLzEveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC82ZjZiMDctMmU0NS00MTBmLTkzMTgtMWNiZTY2MWE2M2Zm
LzEveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjOVXokf0
FLSKr5m4gZXD+so6785E8Yx6WWejClG0uQ5NiNDDOtyybahER7+0uYf5m+y4VWZ5
TvgrUeq3xthvdMNnlkL1mLxjz5wXoG2qZ4h/S8Yf9ohZeHYLX1DdE/a14dK9zRXp
u1yJw4cu1i43jVrETgr+yUE3nYPd2/afmj9DDtJ9ofncME20lnqtDpwXxk50qDug
EnvuzUZyIQ7gF6JzMmd0SGSNoVfSzpB17/0oebch4jJTMm8kHoUCwR66+ISdg4lz
VHa4HCZ5WpPQfSk9DF5BoK4xOi/NvWCE6nuEazNnJyJqmIzUfCuyKCTGzmPdDraV
DJNGWAW5QGOU0A==
-----END CERTIFICATE-----