Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
File:                     XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft (raw, json)
Hash identifier:          hDot2wmTUeaNQC2iTGvbnEwqtygItvw4Wy0k91Z0sGU=
Subject key identifier:   97:8B:E9:AF:4F:9F:55:41:A2:3E:2F:8B:30:5C:A4:B3:25:7E:37:1C
Authority key identifier: 5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A
Certificate issuer:       /CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
Certificate serial:       01976E8703EB31B2FC2DDEB79E828670D861
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
Manifest number:          0289
Signing time:             Sat 14 Jun 2025 13:00:31 +0000
Manifest this update:     Sat 14 Jun 2025 13:00:31 +0000
Manifest next update:     Sun 15 Jun 2025 13:00:31 +0000
Files and hashes:         1: XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl (hash: 5GRpuUPAbpN7ezf6TykGn/poQ+mqx+zhcrbadZv6O58=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:87:03:eb:31:b2:fc:2d:de:b7:9e:82:86:70:d8:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
        Validity
            Not Before: Jun 14 13:00:31 2025 GMT
            Not After : Jun 15 13:00:31 2025 GMT
        Subject: CN=978be9af4f9f5541a23e2f8b305ca4b3257e371c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:e5:33:47:7f:8e:7e:38:4e:cc:d5:78:35:e3:
                    1f:e2:79:c0:fa:3c:74:85:d6:cf:7e:40:4c:27:f6:
                    9c:91:22:61:d9:52:ba:28:34:bb:fe:2a:30:33:e2:
                    7e:62:da:64:c4:e2:5d:40:96:d3:67:59:a4:89:4a:
                    16:10:d9:a4:2b:ac:0e:46:94:ca:b7:c0:f5:d7:1d:
                    66:ae:18:24:df:fd:34:dd:f5:ba:3c:e1:5e:13:5c:
                    22:04:ce:e0:2e:11:9f:a9:52:2d:c8:35:14:ed:6d:
                    12:63:62:c4:a5:e9:b1:ce:51:22:99:5e:8b:3a:be:
                    c7:bc:51:cc:89:9f:99:fd:54:a7:4e:c8:20:cb:6f:
                    e3:8b:26:78:05:0b:38:72:da:a6:32:2c:1e:c2:05:
                    43:fe:db:5a:78:16:45:ff:32:96:76:f0:29:99:69:
                    7c:7b:c0:47:86:3a:b0:cc:57:0f:0b:88:74:a6:0f:
                    94:b4:ef:a6:82:c2:5d:d8:5b:a2:a2:3b:15:b5:92:
                    e1:66:23:9e:d1:d8:ab:e2:bf:0a:33:cc:27:5e:cd:
                    f4:c5:6f:89:71:4f:29:50:26:07:21:9f:80:86:68:
                    f8:b9:b6:bd:8f:2e:ca:3f:90:46:41:67:dc:71:71:
                    8a:08:de:01:a5:90:82:98:35:61:ba:87:7f:f2:96:
                    dd:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:8B:E9:AF:4F:9F:55:41:A2:3E:2F:8B:30:5C:A4:B3:25:7E:37:1C
            X509v3 Authority Key Identifier:
                keyid:5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:ef:e8:0d:81:04:a9:77:7f:30:2c:1e:cf:3f:6f:5e:41:75:
         47:45:23:e5:3c:2f:19:25:84:de:7a:93:0a:fc:58:6e:a9:33:
         27:6c:59:1e:50:23:fb:4a:ac:32:51:ce:30:44:97:02:97:3f:
         ff:a3:0e:b2:71:6d:0e:4b:8c:60:a7:6a:59:62:b5:a4:ba:cf:
         ea:be:02:2c:9e:49:8b:96:48:7f:c2:f1:ad:db:ad:f0:45:9f:
         6d:5e:47:16:0e:97:fc:df:b8:73:b4:05:b5:5e:e8:e7:f8:8b:
         3c:64:da:34:09:a6:34:4b:62:77:69:87:e2:d2:2e:94:cf:6e:
         9a:12:ad:a3:e7:16:77:fe:b1:2e:57:93:a3:29:9c:15:2e:c9:
         6b:38:80:f4:99:9b:88:47:15:eb:83:3c:6f:32:a2:a4:58:27:
         93:0e:1f:2b:e4:3d:f9:69:3c:d2:ce:32:8e:d1:c8:5b:14:b8:
         58:a2:09:b9:2f:3b:f4:be:74:e7:c3:75:93:e0:23:29:ae:b9:
         83:51:cc:ba:22:57:42:e8:9d:df:2c:cf:41:06:29:4e:7c:9b:
         c5:67:2a:a6:92:61:9e:2f:04:d4:2a:38:42:24:64:52:15:51:
         04:5e:2b:85:1f:32:d8:e6:d9:01:04:53:e5:12:d0:34:03:f7:
         4a:ff:94:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduhwPrMbL8Ld63noKGcNhhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZjMTM4NGI0YTRjYTUwMWRkMzNjNWYwZDg1ODBkNDQx
NmViM2EwHhcNMjUwNjE0MTMwMDMxWhcNMjUwNjE1MTMwMDMxWjAzMTEwLwYDVQQD
Eyg5NzhiZTlhZjRmOWY1NTQxYTIzZTJmOGIzMDVjYTRiMzI1N2UzNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOUzR3+OfjhOzNV4NeMf4nnA+jx0
hdbPfkBMJ/ackSJh2VK6KDS7/iowM+J+YtpkxOJdQJbTZ1mkiUoWENmkK6wORpTK
t8D11x1mrhgk3/003fW6POFeE1wiBM7gLhGfqVItyDUU7W0SY2LEpemxzlEimV6L
Or7HvFHMiZ+Z/VSnTsggy2/jiyZ4BQs4ctqmMiwewgVD/ttaeBZF/zKWdvApmWl8
e8BHhjqwzFcPC4h0pg+UtO+mgsJd2FuiojsVtZLhZiOe0dir4r8KM8wnXs30xW+J
cU8pUCYHIZ+Ahmj4uba9jy7KP5BGQWfccXGKCN4BpZCCmDVhuod/8pbdtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJeL6a9Pn1VBoj4vizBcpLMlfjccMB8GA1UdIwQY
MBaAFF3WwThLSkylAd0zxfDYWA1EFus6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQt
ZDgyZDA2YTg3YmZlLzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQtZDgyZDA2YTg3YmZl
LzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAme/oDYEE
qXd/MCwezz9vXkF1R0Uj5TwvGSWE3nqTCvxYbqkzJ2xZHlAj+0qsMlHOMESXApc/
/6MOsnFtDkuMYKdqWWK1pLrP6r4CLJ5Ji5ZIf8Lxrdut8EWfbV5HFg6X/N+4c7QF
tV7o5/iLPGTaNAmmNEtid2mH4tIulM9umhKto+cWd/6xLleToymcFS7JaziA9Jmb
iEcV64M8bzKipFgnkw4fK+Q9+Wk80s4yjtHIWxS4WKIJuS879L5058N1k+AjKa65
g1HMuiJXQuid3yzPQQYpTnybxWcqppJhni8E1Co4QiRkUhVRBF4rhR8y2ObZAQRT
5RLQNAP3Sv+UgA==
-----END CERTIFICATE-----