Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
File:                     XeHEMjIqoQWMPm_lf2N0qSlgacE.mft (raw, json)
Hash identifier:          zZmWMpGG6IQuxJaq0MR+DLOLoRGAMuLClx9sc3FlXU4=
Subject key identifier:   FB:7D:5F:EC:FA:89:5B:3E:09:00:14:AE:7D:1C:1C:EB:2A:43:54:26
Authority key identifier: 5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1
Certificate issuer:       /CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
Certificate serial:       0198752C34FA4C969B5CDAF2772F2DB0DE17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
Manifest number:          0AFA
Signing time:             Mon 04 Aug 2025 13:01:27 +0000
Manifest this update:     Mon 04 Aug 2025 13:01:27 +0000
Manifest next update:     Tue 05 Aug 2025 13:01:27 +0000
Files and hashes:         1: XeHEMjIqoQWMPm_lf2N0qSlgacE.crl (hash: 2z9TeKs8TSPDvVvSt9cLykqTzcqC/u9nwXFA1TkqnUQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:75:2c:34:fa:4c:96:9b:5c:da:f2:77:2f:2d:b0:de:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
        Validity
            Not Before: Aug  4 13:01:27 2025 GMT
            Not After : Aug  5 13:01:27 2025 GMT
        Subject: CN=fb7d5fecfa895b3e090014ae7d1c1ceb2a435426
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:73:f4:9f:d3:52:6e:05:17:8e:d2:27:91:38:
                    f7:fb:f7:66:03:dd:e5:84:2d:0c:bf:ad:7e:b0:f4:
                    13:ae:4d:21:b4:6e:56:f3:cf:0f:7a:29:e3:7a:43:
                    be:ab:0d:e0:50:94:cf:de:52:d9:93:9b:69:31:98:
                    ac:3f:a3:f8:0f:dd:0c:10:e5:56:d5:0e:00:70:03:
                    39:69:e8:a3:c7:61:ff:75:87:f7:1c:e0:56:b7:05:
                    d6:dd:84:fb:77:48:c0:f4:1f:df:7d:7d:0a:79:3c:
                    60:c8:37:46:2e:9e:d5:d8:e8:a0:c4:73:44:83:8e:
                    c4:ef:b3:64:9d:f6:7b:1a:00:fe:1a:ac:4a:c5:c2:
                    1a:6d:01:05:05:75:ba:7d:84:c9:e6:33:a4:76:b1:
                    fd:32:ea:ef:a6:b6:0a:4b:80:97:c7:0b:99:60:e5:
                    f7:d5:bf:35:b9:94:d3:8a:b0:0d:57:33:a5:4b:ba:
                    34:68:6b:ec:fc:a4:21:83:12:29:c8:0f:b4:be:68:
                    98:d2:71:96:e8:e4:5c:eb:51:c1:11:93:b2:16:71:
                    75:f4:d9:d3:9d:08:e1:10:95:fa:76:9c:12:2f:82:
                    83:5e:b5:d5:00:50:57:4a:d8:2f:b9:b1:ed:68:56:
                    05:3b:54:e1:89:38:78:f6:8a:f8:9b:23:06:9b:a8:
                    51:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:7D:5F:EC:FA:89:5B:3E:09:00:14:AE:7D:1C:1C:EB:2A:43:54:26
            X509v3 Authority Key Identifier:
                keyid:5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:e1:c5:f5:ff:0a:af:4c:54:91:ca:8b:c9:07:17:cc:ea:01:
         10:d2:7c:eb:76:aa:13:32:58:a6:62:94:bd:e9:fe:8e:4b:37:
         b3:8a:70:57:26:e3:8e:f2:52:43:8d:b5:d7:96:d6:5a:11:fd:
         d0:15:e5:e2:4b:c8:35:44:c3:82:4c:23:a3:2c:d5:26:a9:16:
         26:b1:f7:e9:19:75:49:c6:86:49:db:87:93:1f:74:f3:8e:80:
         81:5d:f1:37:0a:11:20:b1:12:7e:3b:ae:47:d1:f6:89:dd:31:
         7f:e2:ea:e0:12:70:73:d6:e9:5f:0a:a5:f5:0a:8e:92:a6:a5:
         61:9d:ab:6e:1e:ab:c2:10:97:85:cd:92:89:3e:ea:7e:5f:54:
         2d:fe:12:69:52:32:2d:3a:c2:87:c0:44:92:56:98:07:f1:4a:
         4a:6b:2d:a9:ab:6c:64:6f:d8:d1:44:a5:8a:d1:90:5e:63:e6:
         f2:c9:91:6d:f0:5d:e0:a5:0b:3d:45:d3:8c:1f:79:8d:e4:45:
         dc:f7:ab:6a:8c:83:dc:b4:4b:6b:d9:f9:d5:18:7b:41:b9:45:
         49:b3:4d:51:39:4b:0b:f7:59:c6:38:51:81:8d:c8:26:bb:c2:
         5a:1e:c3:9d:29:85:89:ba:1e:ea:36:74:00:2a:60:62:44:42:
         bd:46:c0:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh1LDT6TJabXNrydy8tsN4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTFjNDMyMzIyYWExMDU4YzNlNmZlNTdmNjM3NGE5Mjk2
MDY5YzEwHhcNMjUwODA0MTMwMTI3WhcNMjUwODA1MTMwMTI3WjAzMTEwLwYDVQQD
EyhmYjdkNWZlY2ZhODk1YjNlMDkwMDE0YWU3ZDFjMWNlYjJhNDM1NDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnP0n9NSbgUXjtInkTj3+/dmA93l
hC0Mv61+sPQTrk0htG5W888PeinjekO+qw3gUJTP3lLZk5tpMZisP6P4D90MEOVW
1Q4AcAM5aeijx2H/dYf3HOBWtwXW3YT7d0jA9B/ffX0KeTxgyDdGLp7V2OigxHNE
g47E77NknfZ7GgD+GqxKxcIabQEFBXW6fYTJ5jOkdrH9MurvprYKS4CXxwuZYOX3
1b81uZTTirANVzOlS7o0aGvs/KQhgxIpyA+0vmiY0nGW6ORc61HBEZOyFnF19NnT
nQjhEJX6dpwSL4KDXrXVAFBXStgvubHtaFYFO1ThiTh49or4myMGm6hRNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPt9X+z6iVs+CQAUrn0cHOsqQ1QmMB8GA1UdIwQY
MBaAFF3hxDIyKqEFjD5v5X9jdKkpYGnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1Njkt
ZDc4YmI2ZjViOGY1LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1NjktZDc4YmI2ZjViOGY1
LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdOHF9f8K
r0xUkcqLyQcXzOoBENJ863aqEzJYpmKUven+jks3s4pwVybjjvJSQ42115bWWhH9
0BXl4kvINUTDgkwjoyzVJqkWJrH36Rl1ScaGSduHkx90846AgV3xNwoRILESfjuu
R9H2id0xf+Lq4BJwc9bpXwql9QqOkqalYZ2rbh6rwhCXhc2SiT7qfl9ULf4SaVIy
LTrCh8BEklaYB/FKSmstqatsZG/Y0USlitGQXmPm8smRbfBd4KULPUXTjB95jeRF
3PeraoyD3LRLa9n51Rh7QblFSbNNUTlLC/dZxjhRgY3IJrvCWh7DnSmFiboe6jZ0
ACpgYkRCvUbAmw==
-----END CERTIFICATE-----