Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
File:                     xDGln2B5ajI2rhAIwtXGxHC8sEU.mft (raw, json)
Hash identifier:          +/WRQvwh+ytGZjITS1BXMmSGeUgfvpAO7bS8Y0ngJw0=
Subject key identifier:   AC:5F:99:8B:FC:ED:34:29:A8:A1:4A:C5:9D:C1:9E:C5:5A:E9:90:88
Authority key identifier: C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45
Certificate issuer:       /CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
Certificate serial:       019872CF1A169B33B04C417372458F4E4755
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
Manifest number:          06B1
Signing time:             Mon 04 Aug 2025 02:00:31 +0000
Manifest this update:     Mon 04 Aug 2025 02:00:31 +0000
Manifest next update:     Tue 05 Aug 2025 02:00:31 +0000
Files and hashes:         1: xDGln2B5ajI2rhAIwtXGxHC8sEU.crl (hash: VGQ9Uuinjl/foLwr08Q0KSHnAgGiRFwtU0qe0B3Xeas=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 02:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:72:cf:1a:16:9b:33:b0:4c:41:73:72:45:8f:4e:47:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
        Validity
            Not Before: Aug  4 02:00:31 2025 GMT
            Not After : Aug  5 02:00:31 2025 GMT
        Subject: CN=ac5f998bfced3429a8a14ac59dc19ec55ae99088
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:89:97:c3:2e:65:04:93:0c:de:be:4b:c3:8f:
                    5a:a1:26:a5:93:29:8d:3e:6a:1f:04:2f:14:33:1c:
                    68:e6:07:b3:93:e9:95:38:04:2c:23:4c:0b:c5:34:
                    a4:e4:b7:04:b8:07:1a:9b:f3:77:17:55:2d:7c:e7:
                    d8:36:af:5e:2c:95:f1:82:73:7d:36:aa:4c:3f:2e:
                    de:d5:ef:8f:47:5b:71:ad:5d:02:e6:a0:c4:25:e0:
                    83:99:fa:c9:bf:49:77:99:09:3d:ca:89:50:3b:b4:
                    34:2d:08:72:43:77:da:57:91:30:f4:e6:a2:17:21:
                    d3:b2:51:9b:08:7a:36:3d:f3:0a:f8:d6:8f:3a:68:
                    8f:b3:b7:a4:c5:cc:0c:9a:d0:38:03:14:bc:de:91:
                    50:3e:7e:be:e8:e7:2c:ff:e1:ba:80:a1:39:87:1e:
                    59:c9:79:52:0a:4c:99:21:82:8e:ae:6f:ad:94:ce:
                    a9:f1:fd:c3:a6:af:bb:e9:24:7e:12:ea:54:b3:74:
                    68:80:9c:ed:a2:33:30:59:d4:8d:e3:df:d3:fe:ed:
                    1e:60:da:29:0c:49:eb:48:48:45:f9:a6:d0:fd:d4:
                    37:cf:66:19:39:96:2e:be:64:bc:53:9b:b3:bd:15:
                    8a:b5:fa:3e:5a:e9:32:80:65:0f:fc:cb:e9:3e:85:
                    4f:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:5F:99:8B:FC:ED:34:29:A8:A1:4A:C5:9D:C1:9E:C5:5A:E9:90:88
            X509v3 Authority Key Identifier:
                keyid:C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:3f:05:5c:5f:04:e9:e0:cd:85:f9:f5:83:5d:a2:4e:56:92:
         63:61:e3:e2:f8:6b:92:d5:67:9c:4f:62:a4:78:4a:7c:90:76:
         93:4f:ac:37:35:9b:f1:05:6a:3f:a2:6e:48:c4:cf:69:41:9a:
         f6:2c:d5:fb:4d:9a:8a:8a:b8:4e:38:60:f5:ae:15:68:36:6e:
         28:01:16:57:95:ed:3f:02:4e:ea:96:01:23:b1:ec:e1:03:24:
         5a:45:5f:fc:a1:2e:fd:41:87:92:33:7e:37:6c:98:a3:e3:f0:
         26:ad:c6:ff:a2:82:51:7e:ac:0f:27:00:bc:24:9d:7f:9c:ce:
         7a:c1:d2:55:e0:ac:20:ad:6a:5c:d5:99:20:f4:c9:75:46:97:
         df:a8:ce:a8:e8:db:01:74:f9:eb:b6:a3:bf:b6:35:31:ac:37:
         fd:d0:0d:3c:f5:7e:cc:ce:d4:76:3a:9b:2f:a9:81:91:15:50:
         0c:a1:d5:06:9c:6a:cf:51:dd:59:79:81:2b:4d:16:eb:79:d6:
         59:74:49:14:50:58:72:cb:12:ce:c6:00:e6:19:51:17:e6:5e:
         ba:11:8d:90:d1:a2:74:fa:c7:3d:06:5d:d6:5e:2b:2d:4b:ad:
         c3:fe:27:75:f2:23:88:ac:5a:a5:e3:02:3c:5b:5b:29:3a:14:
         0f:e3:1e:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhyzxoWmzOwTEFzckWPTkdVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MzFhNTlmNjA3OTZhMzIzNmFlMTAwOGMyZDVjNmM0NzBi
Y2IwNDUwHhcNMjUwODA0MDIwMDMxWhcNMjUwODA1MDIwMDMxWjAzMTEwLwYDVQQD
EyhhYzVmOTk4YmZjZWQzNDI5YThhMTRhYzU5ZGMxOWVjNTVhZTk5MDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwomXwy5lBJMM3r5Lw49aoSalkymN
PmofBC8UMxxo5gezk+mVOAQsI0wLxTSk5LcEuAcam/N3F1UtfOfYNq9eLJXxgnN9
NqpMPy7e1e+PR1txrV0C5qDEJeCDmfrJv0l3mQk9yolQO7Q0LQhyQ3faV5Ew9Oai
FyHTslGbCHo2PfMK+NaPOmiPs7ekxcwMmtA4AxS83pFQPn6+6Ocs/+G6gKE5hx5Z
yXlSCkyZIYKOrm+tlM6p8f3Dpq+76SR+EupUs3RogJztojMwWdSN49/T/u0eYNop
DEnrSEhF+abQ/dQ3z2YZOZYuvmS8U5uzvRWKtfo+WukygGUP/MvpPoVPnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKxfmYv87TQpqKFKxZ3BnsVa6ZCIMB8GA1UdIwQY
MBaAFMQxpZ9geWoyNq4QCMLVxsRwvLBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTct
OTY0ZTVmMWJhZmVmLzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTctOTY0ZTVmMWJhZmVm
LzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArz8FXF8E
6eDNhfn1g12iTlaSY2Hj4vhrktVnnE9ipHhKfJB2k0+sNzWb8QVqP6JuSMTPaUGa
9izV+02aioq4Tjhg9a4VaDZuKAEWV5XtPwJO6pYBI7Hs4QMkWkVf/KEu/UGHkjN+
N2yYo+PwJq3G/6KCUX6sDycAvCSdf5zOesHSVeCsIK1qXNWZIPTJdUaX36jOqOjb
AXT567ajv7Y1Maw3/dANPPV+zM7UdjqbL6mBkRVQDKHVBpxqz1HdWXmBK00W63nW
WXRJFFBYcssSzsYA5hlRF+ZeuhGNkNGidPrHPQZd1l4rLUutw/4ndfIjiKxapeMC
PFtbKToUD+Me9Q==
-----END CERTIFICATE-----