Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
File:                     Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft (raw, json)
Hash identifier:          tlJ3MqLAPIWqN3vxkyHFD3vTDW4PANt74X1BaRL/rbo=
Subject key identifier:   EB:DC:56:F6:5D:AF:97:7D:DB:CC:5B:EE:E6:E7:54:93:0D:C5:E1:50
Authority key identifier: 5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D
Certificate issuer:       /CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
Certificate serial:       0198A0F20233FCCB344ACF13707F743C319E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
Manifest number:          143D
Signing time:             Wed 13 Aug 2025 01:01:11 +0000
Manifest this update:     Wed 13 Aug 2025 01:01:11 +0000
Manifest next update:     Thu 14 Aug 2025 01:01:11 +0000
Files and hashes:         1: Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl (hash: uRyUf7LQXFJ1wOYs0jMufO/MyBFdT7auhjXKC+yBJVM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:f2:02:33:fc:cb:34:4a:cf:13:70:7f:74:3c:31:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
        Validity
            Not Before: Aug 13 01:01:11 2025 GMT
            Not After : Aug 14 01:01:11 2025 GMT
        Subject: CN=ebdc56f65daf977ddbcc5beee6e754930dc5e150
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:23:c7:51:77:fa:01:0f:1a:fd:43:9e:e6:de:
                    13:12:ce:a6:9c:3c:3a:62:87:86:53:b1:6e:c6:47:
                    00:14:18:a1:27:c9:46:5d:3a:03:5c:16:77:24:27:
                    33:cb:b4:ab:59:9b:ca:55:4c:35:ac:7c:59:bc:e2:
                    7a:7a:a8:a1:69:1f:35:ba:5c:5e:95:68:af:3e:2c:
                    28:ae:6a:b8:1f:60:dc:5c:92:99:a5:11:4b:0a:2b:
                    c7:b8:cc:df:37:3f:d9:df:54:0e:66:43:a2:59:f4:
                    b2:e0:c2:29:07:91:68:22:fb:cf:ec:7e:52:71:3b:
                    4e:56:da:19:14:82:22:e8:d8:c8:63:56:05:38:ce:
                    a3:72:cc:bf:83:f3:08:31:cc:88:91:f3:5d:94:f9:
                    f2:7f:2d:0d:2d:bd:a4:b2:99:be:c6:8a:17:67:3a:
                    45:cb:2b:bd:5e:d9:a5:9c:ac:d4:3d:87:58:58:ed:
                    31:b4:07:7e:9d:e2:61:ea:71:e2:29:dd:ab:37:2e:
                    c8:d3:c4:01:0d:04:4c:eb:05:79:ce:0b:d6:68:55:
                    34:2f:6e:e1:9e:e7:05:2b:7c:51:24:ea:14:50:4d:
                    99:e8:e7:30:2b:28:19:ed:4a:8c:51:da:95:c1:08:
                    34:76:8b:25:93:2e:f6:ef:7b:05:ec:40:54:5d:7f:
                    46:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:DC:56:F6:5D:AF:97:7D:DB:CC:5B:EE:E6:E7:54:93:0D:C5:E1:50
            X509v3 Authority Key Identifier:
                keyid:5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:a1:b5:6a:67:1f:c4:c1:07:97:c4:30:e3:30:97:13:69:5f:
         b0:7a:cc:3a:e4:62:cf:07:85:4d:42:88:2b:62:fb:e2:8a:61:
         00:b2:80:a2:a5:1f:68:a7:35:39:c1:db:2e:6a:73:97:34:a8:
         92:6e:b2:4a:2d:1f:48:e5:17:08:be:5a:ab:82:04:bd:8c:62:
         e2:7a:f8:f0:26:5b:9b:86:b6:4a:63:c6:23:d1:7c:07:37:bc:
         ca:1c:84:a1:c9:a3:7c:44:41:01:84:32:20:67:08:ca:85:a9:
         4c:0e:53:27:0c:d0:2f:be:38:01:f0:2d:17:d3:e6:f3:ff:01:
         dd:59:81:26:09:4e:67:98:2b:4b:83:64:ef:1e:b9:d1:e5:43:
         34:c4:81:04:47:a4:73:11:b5:12:bb:32:33:78:db:c5:b4:33:
         54:5b:fb:7d:35:38:84:54:fc:bb:97:58:e2:f9:1b:28:4a:5a:
         b8:6b:b9:af:c0:c5:83:bd:cd:18:e3:a2:90:da:7f:45:f0:a5:
         9c:37:c0:7f:db:42:ac:14:cb:45:ec:e7:db:a0:fb:53:b8:75:
         d1:dd:67:10:fd:ef:52:9d:ec:d1:39:2c:8e:41:82:d4:6d:cd:
         b2:c3:39:d3:af:c5:69:62:5c:83:62:e6:69:25:08:9f:23:89:
         84:36:5a:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZig8gIz/Ms0Ss8TcH90PDGeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTg3OTBhMDhjOGUwZDg0NTg4ZDk0ZDFhNTFiY2E5YWJl
NzU4MWQwHhcNMjUwODEzMDEwMTExWhcNMjUwODE0MDEwMTExWjAzMTEwLwYDVQQD
EyhlYmRjNTZmNjVkYWY5NzdkZGJjYzViZWVlNmU3NTQ5MzBkYzVlMTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyPHUXf6AQ8a/UOe5t4TEs6mnDw6
YoeGU7FuxkcAFBihJ8lGXToDXBZ3JCczy7SrWZvKVUw1rHxZvOJ6eqihaR81ulxe
lWivPiwormq4H2DcXJKZpRFLCivHuMzfNz/Z31QOZkOiWfSy4MIpB5FoIvvP7H5S
cTtOVtoZFIIi6NjIY1YFOM6jcsy/g/MIMcyIkfNdlPnyfy0NLb2kspm+xooXZzpF
yyu9XtmlnKzUPYdYWO0xtAd+neJh6nHiKd2rNy7I08QBDQRM6wV5zgvWaFU0L27h
nucFK3xRJOoUUE2Z6OcwKygZ7UqMUdqVwQg0doslky7273sF7EBUXX9GVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOvcVvZdr5d928xb7ubnVJMNxeFQMB8GA1UdIwQY
MBaAFF6oeQoIyODYRYjZTRpRvKmr51gdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgt
MzBjMGExMTFjZDU1LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgtMzBjMGExMTFjZDU1
LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHqG1amcf
xMEHl8Qw4zCXE2lfsHrMOuRizweFTUKIK2L74ophALKAoqUfaKc1OcHbLmpzlzSo
km6ySi0fSOUXCL5aq4IEvYxi4nr48CZbm4a2SmPGI9F8Bze8yhyEocmjfERBAYQy
IGcIyoWpTA5TJwzQL744AfAtF9Pm8/8B3VmBJglOZ5grS4Nk7x650eVDNMSBBEek
cxG1ErsyM3jbxbQzVFv7fTU4hFT8u5dY4vkbKEpauGu5r8DFg73NGOOikNp/RfCl
nDfAf9tCrBTLRezn26D7U7h10d1nEP3vUp3s0TksjkGC1G3NssM506/FaWJcg2Lm
aSUInyOJhDZaKQ==
-----END CERTIFICATE-----