Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
File:                     xndznw-VRrTwJXcsXCsXl4WSOFI.mft (raw, json)
Hash identifier:          zOkuq4phBcYgCT4JPqzBQckc3Og/3iqKS0Ablpao/Cs=
Subject key identifier:   A5:3C:CD:04:14:3F:CA:31:71:F0:9E:A2:C5:42:40:1F:47:31:4F:31
Authority key identifier: C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52
Certificate issuer:       /CN=c677739f0f9546b4f025772c5c2b179785923852
Certificate serial:       019A4DAAE01FDCC676545647ADD397F0110F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
Manifest number:          151E
Signing time:             Tue 04 Nov 2025 07:00:35 +0000
Manifest this update:     Tue 04 Nov 2025 07:00:35 +0000
Manifest next update:     Wed 05 Nov 2025 07:00:35 +0000
Files and hashes:         1: xndznw-VRrTwJXcsXCsXl4WSOFI.crl (hash: 0+dN/6Iz2a1jgKS2qvXaEJWd0m9M5hzmIQu0ujqE8H8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 07:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:aa:e0:1f:dc:c6:76:54:56:47:ad:d3:97:f0:11:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c677739f0f9546b4f025772c5c2b179785923852
        Validity
            Not Before: Nov  4 07:00:35 2025 GMT
            Not After : Nov  5 07:00:35 2025 GMT
        Subject: CN=a53ccd04143fca3171f09ea2c542401f47314f31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:6c:3f:f9:24:bf:7b:a7:2e:a9:b3:16:92:47:
                    39:67:5e:99:b3:1f:ac:43:c9:57:84:49:bb:c5:b6:
                    de:a7:cc:a9:c3:a9:58:37:29:4c:05:b0:74:58:88:
                    da:5a:bf:f0:c5:b9:92:55:f4:bf:d6:52:be:d2:3d:
                    70:1f:c8:46:76:d3:d3:a8:a6:80:21:09:2d:bd:5a:
                    4c:56:59:bd:aa:b6:1b:b4:4f:ff:f3:93:5b:37:8f:
                    66:6f:ea:5d:64:5d:59:a1:81:12:1a:e5:39:95:69:
                    d1:38:76:24:21:95:6e:2f:f4:d3:3f:c6:7e:c4:26:
                    77:df:ad:8f:6a:e7:60:f0:07:c3:8d:fd:0e:02:a9:
                    d0:35:5a:5e:4b:95:33:06:c7:b6:9b:72:0c:bb:6d:
                    6d:61:e5:b6:1a:97:ab:f6:73:c1:90:bd:15:c2:fd:
                    f0:c4:9f:6d:40:2f:a9:e5:4f:21:2b:50:cc:d9:9f:
                    1f:6d:6f:9e:3d:e7:b9:f3:79:8b:af:c9:43:72:57:
                    41:dc:2d:9d:d5:17:0c:95:37:3a:eb:09:f4:88:28:
                    71:27:03:47:91:a3:58:00:3e:0d:5a:85:76:38:9b:
                    3b:fd:4e:51:ea:9a:eb:6a:b9:ae:f3:d8:cd:ab:b0:
                    91:4b:09:25:e6:75:30:7d:71:c0:ca:ac:63:51:d0:
                    db:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:3C:CD:04:14:3F:CA:31:71:F0:9E:A2:C5:42:40:1F:47:31:4F:31
            X509v3 Authority Key Identifier:
                keyid:C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:66:ce:4b:69:3a:d6:9d:47:40:2e:81:f5:5a:a1:55:b0:ac:
         1b:ea:18:26:91:bb:07:9f:f6:6a:50:f8:cf:27:ee:a8:75:2d:
         8d:cc:79:78:51:c6:8e:5e:f7:5a:4c:99:28:2f:71:ce:eb:b3:
         1f:67:63:c5:1a:1e:69:14:19:d2:54:a8:e1:76:61:fc:cf:89:
         00:2d:2a:a4:a2:ad:e0:f0:40:7b:ca:6a:0c:c1:02:13:59:ea:
         6a:32:f2:ac:c0:2c:db:b4:fb:d5:98:8f:bf:37:96:f8:20:03:
         08:33:19:30:cc:b1:91:92:b0:cf:0c:18:ae:4f:da:6d:12:05:
         1e:c0:9b:bb:b2:67:1c:96:25:cf:5d:6d:b5:49:a1:38:43:9b:
         cc:52:62:e6:64:22:01:ec:42:b9:79:ad:f5:90:40:d9:5d:a9:
         1d:6b:7f:c9:55:6c:db:8b:46:25:c3:66:6c:3d:0e:b1:b5:3f:
         0c:b3:52:ee:a0:70:11:4e:8c:cd:df:f0:3b:fb:70:39:95:2d:
         b2:ca:f4:a8:8c:c5:15:bf:da:f0:a9:2b:1e:af:de:5d:c0:9a:
         35:b9:76:82:b5:90:6b:95:25:9e:8d:02:39:07:47:38:52:10:
         3d:5a:bd:d5:b3:ee:79:d7:71:8e:e2:10:58:4f:d4:3c:88:6e:
         e8:6a:99:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNquAf3MZ2VFZHrdOX8BEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2Nzc3MzlmMGY5NTQ2YjRmMDI1NzcyYzVjMmIxNzk3ODU5
MjM4NTIwHhcNMjUxMTA0MDcwMDM1WhcNMjUxMTA1MDcwMDM1WjAzMTEwLwYDVQQD
EyhhNTNjY2QwNDE0M2ZjYTMxNzFmMDllYTJjNTQyNDAxZjQ3MzE0ZjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmw/+SS/e6cuqbMWkkc5Z16Zsx+s
Q8lXhEm7xbbep8ypw6lYNylMBbB0WIjaWr/wxbmSVfS/1lK+0j1wH8hGdtPTqKaA
IQktvVpMVlm9qrYbtE//85NbN49mb+pdZF1ZoYESGuU5lWnROHYkIZVuL/TTP8Z+
xCZ3362Paudg8AfDjf0OAqnQNVpeS5UzBse2m3IMu21tYeW2Gper9nPBkL0Vwv3w
xJ9tQC+p5U8hK1DM2Z8fbW+ePee583mLr8lDcldB3C2d1RcMlTc66wn0iChxJwNH
kaNYAD4NWoV2OJs7/U5R6prrarmu89jNq7CRSwkl5nUwfXHAyqxjUdDbcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKU8zQQUP8oxcfCeosVCQB9HMU8xMB8GA1UdIwQY
MBaAFMZ3c58PlUa08CV3LFwrF5eFkjhSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQt
YzY4NWZhOTE2YjA3LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQtYzY4NWZhOTE2YjA3
LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg2bOS2k6
1p1HQC6B9VqhVbCsG+oYJpG7B5/2alD4zyfuqHUtjcx5eFHGjl73WkyZKC9xzuuz
H2djxRoeaRQZ0lSo4XZh/M+JAC0qpKKt4PBAe8pqDMECE1nqajLyrMAs27T71ZiP
vzeW+CADCDMZMMyxkZKwzwwYrk/abRIFHsCbu7JnHJYlz11ttUmhOEObzFJi5mQi
AexCuXmt9ZBA2V2pHWt/yVVs24tGJcNmbD0OsbU/DLNS7qBwEU6Mzd/wO/twOZUt
ssr0qIzFFb/a8KkrHq/eXcCaNbl2grWQa5Ulno0COQdHOFIQPVq91bPueddxjuIQ
WE/UPIhu6GqZ9Q==
-----END CERTIFICATE-----