Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
File:                     XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft (raw, json)
Hash identifier:          HK2W4w6vyIYQi74h7gjecxPoXpSV7YNj3Pl+ouL+Vrg=
Subject key identifier:   34:98:19:BE:E0:9A:AA:7D:E6:29:56:59:2C:A6:7C:30:7D:79:8C:FE
Authority key identifier: 5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A
Certificate issuer:       /CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
Certificate serial:       019880C282D2EF8A74D90E5AC449AF959895
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
Manifest number:          0317
Signing time:             Wed 06 Aug 2025 19:01:27 +0000
Manifest this update:     Wed 06 Aug 2025 19:01:27 +0000
Manifest next update:     Thu 07 Aug 2025 19:01:27 +0000
Files and hashes:         1: XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl (hash: OHjsBJ7V9psVAcCIdHIQtviA3RwaTPK417ZimmvNxcY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 19:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:80:c2:82:d2:ef:8a:74:d9:0e:5a:c4:49:af:95:98:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
        Validity
            Not Before: Aug  6 19:01:27 2025 GMT
            Not After : Aug  7 19:01:27 2025 GMT
        Subject: CN=349819bee09aaa7de62956592ca67c307d798cfe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:10:54:4d:5f:ab:14:a1:9e:85:9f:14:83:7c:
                    5e:cd:6e:a7:e8:c7:48:e3:c2:c8:63:92:e5:f7:57:
                    ea:37:d4:d8:84:bf:28:18:f4:dc:db:3d:6f:0a:95:
                    57:a4:e7:06:5a:b4:d6:41:80:ff:e3:05:40:5e:2b:
                    fc:2c:0a:26:1d:77:30:63:39:90:8f:c5:e2:dd:98:
                    e2:dc:ac:7d:ba:22:93:5b:59:ca:ad:b1:41:4a:13:
                    67:35:25:0c:0a:da:f7:ee:da:86:d1:cd:43:8e:0f:
                    39:fc:66:44:0a:86:08:35:40:59:43:b0:e2:29:9d:
                    ef:70:a7:63:45:9f:7a:c7:74:fb:f7:46:3d:0e:bb:
                    4c:ea:1f:24:8d:00:0b:07:a1:2b:f1:7e:30:e1:e3:
                    dd:20:87:61:e4:b6:6f:a8:08:68:da:55:5e:6a:34:
                    e8:40:d6:ca:d3:f8:d3:54:50:d2:86:05:d9:17:70:
                    94:3d:1d:71:42:54:ad:03:ac:ce:57:9b:de:39:1d:
                    da:f3:1b:31:2f:0a:51:57:ed:8a:c9:f7:a6:8f:03:
                    ac:e2:5c:14:60:31:ad:0a:6e:a5:c2:e7:3b:10:58:
                    5c:e0:73:47:43:cc:87:c0:39:a0:61:56:13:d1:f6:
                    00:da:94:9e:46:14:60:2d:b9:a4:32:82:d4:47:50:
                    03:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:98:19:BE:E0:9A:AA:7D:E6:29:56:59:2C:A6:7C:30:7D:79:8C:FE
            X509v3 Authority Key Identifier:
                keyid:5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:47:a9:d1:18:4f:ad:0c:d3:59:9c:0d:e2:a3:e1:2d:fe:94:
         2e:e5:95:fd:50:df:d1:d4:e4:94:e1:27:94:da:93:1a:20:61:
         66:71:8f:ce:3a:4a:43:8d:2a:13:c2:7a:2e:e7:d7:20:22:f1:
         26:c2:41:51:be:6d:94:90:2e:14:14:81:97:30:c7:5b:a1:fe:
         10:df:56:2a:2c:3e:f0:a9:1a:e7:61:d1:60:af:49:00:81:0e:
         58:fd:20:56:ec:d4:9a:50:90:01:76:ea:8f:cc:84:78:48:a6:
         78:6d:78:5a:67:19:9a:fa:08:af:0d:5c:d8:66:cb:e8:f1:f3:
         9c:a7:2f:4c:dc:ef:8b:07:bd:0a:29:c9:2d:28:b3:79:9c:17:
         d8:62:3e:0d:50:fb:e7:52:55:2f:83:f9:ff:c2:a6:7d:fc:6c:
         ea:74:15:42:63:1f:93:78:b3:ca:97:e6:ab:2f:d5:23:0e:5d:
         ca:c3:54:3e:aa:fb:e2:6d:10:65:85:b6:bb:4a:19:e6:cb:0d:
         54:66:52:cf:44:c9:66:f6:30:71:6a:fe:11:52:1a:1c:4a:9e:
         23:08:c6:e3:cd:ea:1b:e3:36:dd:08:83:09:77:5a:57:bb:a3:
         ef:71:69:4c:4b:69:89:30:61:16:58:21:d5:f1:2c:48:cd:45:
         aa:0f:8f:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiAwoLS74p02Q5axEmvlZiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZjMTM4NGI0YTRjYTUwMWRkMzNjNWYwZDg1ODBkNDQx
NmViM2EwHhcNMjUwODA2MTkwMTI3WhcNMjUwODA3MTkwMTI3WjAzMTEwLwYDVQQD
EygzNDk4MTliZWUwOWFhYTdkZTYyOTU2NTkyY2E2N2MzMDdkNzk4Y2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBBUTV+rFKGehZ8Ug3xezW6n6MdI
48LIY5Ll91fqN9TYhL8oGPTc2z1vCpVXpOcGWrTWQYD/4wVAXiv8LAomHXcwYzmQ
j8Xi3Zji3Kx9uiKTW1nKrbFBShNnNSUMCtr37tqG0c1Djg85/GZECoYINUBZQ7Di
KZ3vcKdjRZ96x3T790Y9DrtM6h8kjQALB6Er8X4w4ePdIIdh5LZvqAho2lVeajTo
QNbK0/jTVFDShgXZF3CUPR1xQlStA6zOV5veOR3a8xsxLwpRV+2KyfemjwOs4lwU
YDGtCm6lwuc7EFhc4HNHQ8yHwDmgYVYT0fYA2pSeRhRgLbmkMoLUR1ADowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDSYGb7gmqp95ilWWSymfDB9eYz+MB8GA1UdIwQY
MBaAFF3WwThLSkylAd0zxfDYWA1EFus6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQt
ZDgyZDA2YTg3YmZlLzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQtZDgyZDA2YTg3YmZl
LzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh0ep0RhP
rQzTWZwN4qPhLf6ULuWV/VDf0dTklOEnlNqTGiBhZnGPzjpKQ40qE8J6LufXICLx
JsJBUb5tlJAuFBSBlzDHW6H+EN9WKiw+8Kka52HRYK9JAIEOWP0gVuzUmlCQAXbq
j8yEeEimeG14WmcZmvoIrw1c2GbL6PHznKcvTNzviwe9CinJLSizeZwX2GI+DVD7
51JVL4P5/8Kmffxs6nQVQmMfk3izypfmqy/VIw5dysNUPqr74m0QZYW2u0oZ5ssN
VGZSz0TJZvYwcWr+EVIaHEqeIwjG483qG+M23QiDCXdaV7uj73FpTEtpiTBhFlgh
1fEsSM1Fqg+P6w==
-----END CERTIFICATE-----