Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
File:                     XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft (raw, json)
Hash identifier:          QUCduBOm+acXPZFF9on24TkFrg5PF7W9vocS/i986x0=
Subject key identifier:   86:12:0C:D9:4D:00:9A:96:05:D6:EC:47:E6:88:5A:F5:48:0D:D4:A1
Authority key identifier: 5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A
Certificate issuer:       /CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
Certificate serial:       019770079F238BB692F77B281A27417659EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
Manifest number:          0B65
Signing time:             Sat 14 Jun 2025 20:00:37 +0000
Manifest this update:     Sat 14 Jun 2025 20:00:37 +0000
Manifest next update:     Sun 15 Jun 2025 20:00:37 +0000
Files and hashes:         1: XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl (hash: UbRKtqIaIhMxiifUsCRyDilzTtQSZfASH8HXl+JKxu0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:07:9f:23:8b:b6:92:f7:7b:28:1a:27:41:76:59:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
        Validity
            Not Before: Jun 14 20:00:37 2025 GMT
            Not After : Jun 15 20:00:37 2025 GMT
        Subject: CN=86120cd94d009a9605d6ec47e6885af5480dd4a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:5a:b2:bf:10:30:23:c0:0b:4f:bf:b0:ac:ca:
                    42:6d:46:b1:1f:74:d8:71:17:1d:4d:e1:ae:12:0f:
                    1a:d0:33:e7:29:d5:60:a2:73:f3:84:a0:e7:11:75:
                    ab:34:a9:ef:25:fe:02:12:20:aa:61:cc:96:3a:f8:
                    40:7e:ae:79:81:73:fa:ab:ee:a8:5d:07:d2:aa:4e:
                    b9:8c:06:98:b0:b6:15:1d:23:fe:71:a2:a5:b2:20:
                    fb:e3:55:97:4f:d9:a9:5e:7e:1b:fc:63:75:1f:d3:
                    67:75:25:69:bf:d5:00:6e:39:34:02:f7:e6:34:96:
                    6e:e2:d1:65:6d:ab:a0:63:a1:fb:d5:58:2e:09:b9:
                    a9:03:29:ac:45:96:78:b8:0b:89:61:fa:01:a3:90:
                    9f:4d:c5:ce:87:d9:f6:0f:6d:2a:a0:47:e9:7e:3e:
                    ce:e2:24:5c:67:42:f5:7b:ed:77:8f:01:14:62:c9:
                    ba:9c:ab:ff:88:d7:4a:f5:a9:d7:0b:b6:1d:c1:48:
                    22:a0:51:68:0a:f4:6d:18:5c:89:36:2f:50:25:97:
                    3f:9f:5b:b9:c7:3c:00:f3:42:72:61:a0:00:c8:fb:
                    55:54:4d:51:0d:37:44:91:a4:af:9a:16:5a:09:56:
                    ed:dd:ac:8c:eb:e0:fb:0a:b1:56:5c:ea:14:f0:7a:
                    63:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:12:0C:D9:4D:00:9A:96:05:D6:EC:47:E6:88:5A:F5:48:0D:D4:A1
            X509v3 Authority Key Identifier:
                keyid:5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         dd:82:08:91:23:ae:d8:9e:93:c0:53:da:8b:0b:82:72:70:7a:
         10:69:0b:86:3d:6e:8d:0d:ff:46:9e:43:c7:f8:42:54:b6:76:
         d5:6b:51:f4:63:dc:c7:0c:1d:af:cb:07:43:5c:4a:7d:32:50:
         e3:eb:e1:8c:95:5b:36:0b:49:0d:90:19:e5:76:da:11:22:15:
         39:e6:d0:a5:dc:7f:42:b1:95:7a:02:54:cc:9f:c3:54:1d:10:
         6c:60:00:18:6f:b9:4d:bd:d4:79:b9:f5:f4:58:86:2d:b3:07:
         24:15:37:06:eb:4e:8c:87:5d:4b:cf:1e:55:fb:c5:9c:ea:1f:
         ec:02:9e:3d:17:60:68:09:80:d2:0f:eb:f0:c8:ea:cb:24:21:
         81:1c:87:b3:89:c1:1a:76:5a:f2:06:86:5b:0b:0f:1a:ad:e2:
         d9:63:5b:96:43:55:c1:3a:da:cc:4c:47:5b:25:24:1d:b0:8c:
         53:c4:7f:ec:60:5e:d5:81:fa:5d:70:c7:d2:b4:fa:2b:86:ca:
         03:65:a1:42:c6:78:b3:19:2b:28:f8:98:93:86:98:84:c6:ed:
         3e:15:83:bc:b7:fb:28:5f:85:76:b5:34:af:3f:29:67:d5:c6:
         29:9a:1b:5c:d5:ee:18:11:f6:b1:1a:74:0f:09:69:d5:94:d4:
         e0:c4:f4:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwB58ji7aS93soGidBdlnsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzhlYjI5NTk1NjA3ZWQ0ZDhmNGQ5YmYwNmNiYTQyOTky
Njg2NGEwHhcNMjUwNjE0MjAwMDM3WhcNMjUwNjE1MjAwMDM3WjAzMTEwLwYDVQQD
Eyg4NjEyMGNkOTRkMDA5YTk2MDVkNmVjNDdlNjg4NWFmNTQ4MGRkNGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1qyvxAwI8ALT7+wrMpCbUaxH3TY
cRcdTeGuEg8a0DPnKdVgonPzhKDnEXWrNKnvJf4CEiCqYcyWOvhAfq55gXP6q+6o
XQfSqk65jAaYsLYVHSP+caKlsiD741WXT9mpXn4b/GN1H9NndSVpv9UAbjk0Avfm
NJZu4tFlbaugY6H71VguCbmpAymsRZZ4uAuJYfoBo5CfTcXOh9n2D20qoEfpfj7O
4iRcZ0L1e+13jwEUYsm6nKv/iNdK9anXC7YdwUgioFFoCvRtGFyJNi9QJZc/n1u5
xzwA80JyYaAAyPtVVE1RDTdEkaSvmhZaCVbt3ayM6+D7CrFWXOoU8HpjMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIYSDNlNAJqWBdbsR+aIWvVIDdShMB8GA1UdIwQY
MBaAFF046ylZVgftTY9Nm/BsukKZJoZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMt
ZDI0YjRhNWIxY2RjLzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMtZDI0YjRhNWIxY2Rj
LzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3YIIkSOu
2J6TwFPaiwuCcnB6EGkLhj1ujQ3/Rp5Dx/hCVLZ21WtR9GPcxwwdr8sHQ1xKfTJQ
4+vhjJVbNgtJDZAZ5XbaESIVOebQpdx/QrGVegJUzJ/DVB0QbGAAGG+5Tb3Uebn1
9FiGLbMHJBU3ButOjIddS88eVfvFnOof7AKePRdgaAmA0g/r8MjqyyQhgRyHs4nB
GnZa8gaGWwsPGq3i2WNblkNVwTrazExHWyUkHbCMU8R/7GBe1YH6XXDH0rT6K4bK
A2WhQsZ4sxkrKPiYk4aYhMbtPhWDvLf7KF+FdrU0rz8pZ9XGKZobXNXuGBH2sRp0
Dwlp1ZTU4MT0FA==
-----END CERTIFICATE-----