Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
File:                     XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft (raw, json)
Hash identifier:          f5i6xmTOFpSEVJ6NhtRKrwoaApHnHETwEqCL8pFdE1o=
Subject key identifier:   24:B7:2F:ED:99:A6:54:9E:82:3A:02:AF:6B:28:AF:A7:EB:FD:52:82
Authority key identifier: 5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76
Certificate issuer:       /CN=5ed6772b90212e577249f7356c218ed1068b6776
Certificate serial:       019A4EF4C49B00AF860FEABA5F342599DED2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
Manifest number:          170B
Signing time:             Tue 04 Nov 2025 13:00:55 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:55 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:55 +0000
Files and hashes:         1: XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl (hash: NP/oXADi82mXKXXdKBXyGhjt+PT+uNxYhzwXECGncNk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:c4:9b:00:af:86:0f:ea:ba:5f:34:25:99:de:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed6772b90212e577249f7356c218ed1068b6776
        Validity
            Not Before: Nov  4 13:00:55 2025 GMT
            Not After : Nov  5 13:00:55 2025 GMT
        Subject: CN=24b72fed99a6549e823a02af6b28afa7ebfd5282
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:39:24:ed:94:b4:2f:72:1d:88:18:64:0e:64:
                    cf:84:a0:d0:7d:61:96:0a:74:10:e4:54:f9:5a:96:
                    ee:5d:dd:6b:97:ae:ef:bf:39:86:4f:0e:6a:87:b3:
                    f9:5c:86:b2:a0:57:d6:0c:be:c5:52:ab:29:c1:f4:
                    7f:a9:6a:49:f9:0a:71:10:a2:c4:21:01:d9:2e:b2:
                    f8:ac:8c:06:00:b0:a1:01:b0:7c:d8:ba:79:b1:53:
                    14:b0:5d:4c:92:29:d2:98:48:91:b3:ab:33:62:61:
                    1f:1a:18:0d:e5:19:98:72:14:61:85:63:c6:cb:d4:
                    b1:a3:7e:c7:2c:11:99:5e:1e:c9:98:c9:86:a8:e9:
                    f8:83:79:d1:6a:94:6c:da:c6:7c:2d:5d:30:2d:df:
                    c6:48:d1:27:73:32:1a:1e:63:18:b1:29:d1:fb:c6:
                    42:9c:59:95:5d:fb:8d:86:45:28:d7:1a:97:f7:53:
                    33:dd:94:d5:ca:5b:30:56:02:8a:f9:a7:98:6a:05:
                    22:c0:31:48:70:f8:d4:2e:11:41:c9:e8:4a:43:00:
                    35:39:b2:28:86:12:1d:4e:df:81:08:3b:a5:24:d3:
                    a2:bf:94:96:0d:ff:59:14:cd:47:e3:24:10:3f:d5:
                    93:c1:a4:32:b0:7b:7f:39:b6:6c:40:2d:47:37:a9:
                    72:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:B7:2F:ED:99:A6:54:9E:82:3A:02:AF:6B:28:AF:A7:EB:FD:52:82
            X509v3 Authority Key Identifier:
                keyid:5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:04:da:ec:9a:74:37:e4:d6:38:df:90:33:f7:4b:fa:87:28:
         ba:0f:8b:72:5e:e8:ca:98:f0:da:5d:f4:1e:de:f1:7c:20:1d:
         87:5d:59:e3:d4:90:a2:bc:a9:4e:0a:2e:c3:0a:b2:9c:5e:8a:
         b6:b2:9e:21:6f:99:32:e0:ba:b0:d4:0d:9d:5a:81:79:90:e4:
         82:9b:2a:d1:b8:63:fb:10:93:b3:30:71:b7:32:7d:ff:d1:c5:
         71:6d:0d:cb:c1:af:69:06:f5:4a:f1:55:d8:ff:67:19:e3:79:
         36:13:f0:a5:84:ee:89:75:52:64:df:12:7c:81:f7:60:86:c3:
         11:a6:79:ae:1e:ac:96:24:cb:05:01:9c:4e:41:13:d1:dd:29:
         74:7f:9f:fd:fd:62:a2:c2:17:57:28:1e:66:09:4b:80:26:33:
         44:23:43:ce:35:34:a5:bd:8e:3c:0d:4e:ef:92:da:5f:c3:06:
         16:71:15:1f:5b:85:ad:51:34:24:79:b1:cc:c1:75:38:95:2f:
         e0:e6:ab:84:10:73:08:00:b8:02:88:c7:61:94:49:4e:8f:a9:
         fc:35:6a:52:7a:ba:18:40:ad:70:a1:84:a7:38:8e:2e:0b:d2:
         c4:a7:74:f0:30:bf:81:10:2c:f1:18:19:95:3b:60:1c:07:47:
         e8:53:d3:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9MSbAK+GD+q6XzQlmd7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDY3NzJiOTAyMTJlNTc3MjQ5ZjczNTZjMjE4ZWQxMDY4
YjY3NzYwHhcNMjUxMTA0MTMwMDU1WhcNMjUxMTA1MTMwMDU1WjAzMTEwLwYDVQQD
EygyNGI3MmZlZDk5YTY1NDllODIzYTAyYWY2YjI4YWZhN2ViZmQ1MjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTkk7ZS0L3IdiBhkDmTPhKDQfWGW
CnQQ5FT5WpbuXd1rl67vvzmGTw5qh7P5XIayoFfWDL7FUqspwfR/qWpJ+QpxEKLE
IQHZLrL4rIwGALChAbB82Lp5sVMUsF1MkinSmEiRs6szYmEfGhgN5RmYchRhhWPG
y9Sxo37HLBGZXh7JmMmGqOn4g3nRapRs2sZ8LV0wLd/GSNEnczIaHmMYsSnR+8ZC
nFmVXfuNhkUo1xqX91Mz3ZTVylswVgKK+aeYagUiwDFIcPjULhFByehKQwA1ObIo
hhIdTt+BCDulJNOiv5SWDf9ZFM1H4yQQP9WTwaQysHt/ObZsQC1HN6lymQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCS3L+2ZplSegjoCr2sor6fr/VKCMB8GA1UdIwQY
MBaAFF7WdyuQIS5Xckn3NWwhjtEGi2d2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMt
ODYyMTA2ODUzODYwLzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMtODYyMTA2ODUzODYw
LzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUwTa7Jp0
N+TWON+QM/dL+ocoug+Lcl7oypjw2l30Ht7xfCAdh11Z49SQorypTgouwwqynF6K
trKeIW+ZMuC6sNQNnVqBeZDkgpsq0bhj+xCTszBxtzJ9/9HFcW0Ny8GvaQb1SvFV
2P9nGeN5NhPwpYTuiXVSZN8SfIH3YIbDEaZ5rh6sliTLBQGcTkET0d0pdH+f/f1i
osIXVygeZglLgCYzRCNDzjU0pb2OPA1O75LaX8MGFnEVH1uFrVE0JHmxzMF1OJUv
4OarhBBzCAC4AojHYZRJTo+p/DVqUnq6GECtcKGEpziOLgvSxKd08DC/gRAs8RgZ
lTtgHAdH6FPTqA==
-----END CERTIFICATE-----