Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
File:                     XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft (raw, json)
Hash identifier:          gx6T3jTHIt7fStCqg1wDMVcGjTS8WPp3v04RpDwxDIQ=
Subject key identifier:   D0:33:A0:CA:8E:0B:9C:E8:A1:2D:94:60:A6:6D:21:B9:05:BE:D6:A1
Authority key identifier: 5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76
Certificate issuer:       /CN=5ed6772b90212e577249f7356c218ed1068b6776
Certificate serial:       01988EED17C22BAD569A048AC50084CBB195
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
Manifest number:          1623
Signing time:             Sat 09 Aug 2025 13:02:39 +0000
Manifest this update:     Sat 09 Aug 2025 13:02:39 +0000
Manifest next update:     Sun 10 Aug 2025 13:02:39 +0000
Files and hashes:         1: XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl (hash: XQhmk33WGwXNmwBwzR2j+kh4KYKBCrOt8gCwrOSLF88=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 13:02:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8e:ed:17:c2:2b:ad:56:9a:04:8a:c5:00:84:cb:b1:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed6772b90212e577249f7356c218ed1068b6776
        Validity
            Not Before: Aug  9 13:02:39 2025 GMT
            Not After : Aug 10 13:02:39 2025 GMT
        Subject: CN=d033a0ca8e0b9ce8a12d9460a66d21b905bed6a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:fa:d0:42:c1:88:1f:2c:2b:34:d3:fe:21:5d:
                    96:d6:7d:29:d2:c2:b3:98:3b:5a:55:3f:04:5f:b7:
                    bf:17:e0:7f:0a:ec:e3:a3:68:4d:2b:5a:c2:42:56:
                    3c:95:22:32:bc:48:92:df:ce:15:55:a4:03:ac:e9:
                    56:e4:d3:34:fb:94:5c:d8:97:44:45:ad:a7:ad:24:
                    ac:bb:81:d3:e8:22:69:35:61:c0:7c:7e:7d:00:ad:
                    17:ae:06:eb:fa:ec:64:40:77:d2:68:5e:f1:03:87:
                    2b:86:60:df:35:f3:22:2d:84:05:25:ff:18:7a:e6:
                    72:0d:b6:53:49:eb:a6:33:b5:3b:f7:2c:91:f3:8f:
                    a7:c0:e7:65:bf:59:93:18:aa:2f:0e:c3:7d:8a:97:
                    79:6e:f6:b1:43:72:76:3a:7b:15:72:12:09:d4:3e:
                    24:57:1b:7f:28:10:58:9b:09:4f:b1:0a:d5:07:21:
                    cd:06:e3:2d:c3:d8:38:e5:43:4b:a8:f3:9a:2a:e0:
                    84:ff:fa:a8:36:7e:34:fc:59:87:0d:37:91:18:63:
                    6b:10:61:14:54:49:18:71:28:70:c3:ea:d4:f9:e1:
                    0e:ab:be:0c:bb:98:1a:b7:20:67:9d:2e:49:75:fd:
                    e8:7d:d0:80:34:b0:c0:74:19:16:0b:b7:51:af:45:
                    00:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:33:A0:CA:8E:0B:9C:E8:A1:2D:94:60:A6:6D:21:B9:05:BE:D6:A1
            X509v3 Authority Key Identifier:
                keyid:5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:f6:84:e4:39:c8:b6:a3:3c:35:4e:86:39:4f:50:2e:58:43:
         7c:f1:13:25:ed:64:15:9b:5e:c9:18:c4:c6:fb:a3:a0:7e:33:
         6e:45:08:24:a0:3a:5c:cb:30:a4:72:53:2b:b4:bf:fc:87:84:
         67:e8:f2:44:f2:1b:7b:27:8d:06:b0:84:eb:f0:f6:fe:07:48:
         dc:41:dd:4e:bc:1b:33:ee:d2:99:a6:b9:97:bb:bb:4c:3b:3f:
         cf:5f:6f:09:d3:0d:51:2e:80:1d:ae:ae:34:15:03:97:ca:5c:
         34:8e:a5:9f:40:18:7a:f9:cd:33:d2:a0:9d:cd:95:fd:ab:26:
         f5:84:fe:1c:c0:d9:60:9d:5f:46:51:55:51:ea:32:ca:2d:50:
         be:8f:99:34:42:58:d0:99:0f:44:99:a2:82:9e:51:e5:99:dd:
         e9:f0:e9:e7:29:60:98:57:26:67:2b:f3:f9:da:15:b4:dd:47:
         3d:74:c0:97:30:74:58:a5:8c:c9:9e:bb:2b:8c:db:61:cc:80:
         f4:6d:be:9a:40:a3:6f:46:9a:12:87:52:9a:5b:e8:ec:70:10:
         f9:82:e3:98:70:63:4b:11:77:4b:8b:8e:66:14:d5:64:1f:22:
         3d:79:8e:1c:3c:62:90:ec:c6:a6:1b:69:45:3e:bb:61:72:f8:
         1c:71:a3:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiO7RfCK61WmgSKxQCEy7GVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDY3NzJiOTAyMTJlNTc3MjQ5ZjczNTZjMjE4ZWQxMDY4
YjY3NzYwHhcNMjUwODA5MTMwMjM5WhcNMjUwODEwMTMwMjM5WjAzMTEwLwYDVQQD
EyhkMDMzYTBjYThlMGI5Y2U4YTEyZDk0NjBhNjZkMjFiOTA1YmVkNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvrQQsGIHywrNNP+IV2W1n0p0sKz
mDtaVT8EX7e/F+B/Cuzjo2hNK1rCQlY8lSIyvEiS384VVaQDrOlW5NM0+5Rc2JdE
Ra2nrSSsu4HT6CJpNWHAfH59AK0Xrgbr+uxkQHfSaF7xA4crhmDfNfMiLYQFJf8Y
euZyDbZTSeumM7U79yyR84+nwOdlv1mTGKovDsN9ipd5bvaxQ3J2OnsVchIJ1D4k
Vxt/KBBYmwlPsQrVByHNBuMtw9g45UNLqPOaKuCE//qoNn40/FmHDTeRGGNrEGEU
VEkYcShww+rU+eEOq74Mu5gatyBnnS5Jdf3ofdCANLDAdBkWC7dRr0UA8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNAzoMqOC5zooS2UYKZtIbkFvtahMB8GA1UdIwQY
MBaAFF7WdyuQIS5Xckn3NWwhjtEGi2d2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMt
ODYyMTA2ODUzODYwLzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMtODYyMTA2ODUzODYw
LzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdvaE5DnI
tqM8NU6GOU9QLlhDfPETJe1kFZteyRjExvujoH4zbkUIJKA6XMswpHJTK7S//IeE
Z+jyRPIbeyeNBrCE6/D2/gdI3EHdTrwbM+7Smaa5l7u7TDs/z19vCdMNUS6AHa6u
NBUDl8pcNI6ln0AYevnNM9Kgnc2V/asm9YT+HMDZYJ1fRlFVUeoyyi1Qvo+ZNEJY
0JkPRJmigp5R5Znd6fDp5ylgmFcmZyvz+doVtN1HPXTAlzB0WKWMyZ67K4zbYcyA
9G2+mkCjb0aaEodSmlvo7HAQ+YLjmHBjSxF3S4uOZhTVZB8iPXmOHDxikOzGphtp
RT67YXL4HHGjbg==
-----END CERTIFICATE-----