Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
File:                     XHOCiOHdRuIcmgORGXJEtHjQqyY.mft (raw, json)
Hash identifier:          FdAnr5m6jFU+WfcfLlaSvo48h6Z2g2y//ERvrLCAMyk=
Subject key identifier:   8D:2C:68:9E:74:B4:B6:E2:41:42:E4:28:D4:C7:E6:31:58:8E:6C:69
Authority key identifier: 5C:73:82:88:E1:DD:46:E2:1C:9A:03:91:19:72:44:B4:78:D0:AB:26
Certificate issuer:       /CN=5c738288e1dd46e21c9a0391197244b478d0ab26
Certificate serial:       01988EED08DCDCCF3DBF9459278DEF93F114
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
Manifest number:          1621
Signing time:             Sat 09 Aug 2025 13:02:35 +0000
Manifest this update:     Sat 09 Aug 2025 13:02:35 +0000
Manifest next update:     Sun 10 Aug 2025 13:02:35 +0000
Files and hashes:         1: XHOCiOHdRuIcmgORGXJEtHjQqyY.crl (hash: CrGhaVWYgQ2JRJy8mIZWARlsH/reZ9n5RlOR7F+jn3A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 05:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8e:ed:08:dc:dc:cf:3d:bf:94:59:27:8d:ef:93:f1:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c738288e1dd46e21c9a0391197244b478d0ab26
        Validity
            Not Before: Aug  9 13:02:35 2025 GMT
            Not After : Aug 10 13:02:35 2025 GMT
        Subject: CN=8d2c689e74b4b6e24142e428d4c7e631588e6c69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:25:fe:35:fd:6f:45:0a:39:b3:95:7e:89:dd:
                    18:50:a2:b5:9c:d1:6f:fd:e2:98:17:28:6b:8e:92:
                    bf:da:96:ad:47:80:54:d0:90:e4:ca:70:f6:fb:b8:
                    1e:3e:7b:02:4f:6d:bb:ad:13:3a:e9:f5:59:0e:65:
                    79:a2:77:94:9e:42:4d:31:e3:24:38:f8:50:ae:73:
                    78:88:7a:d5:cd:ef:fd:a8:47:0a:3f:60:30:ad:31:
                    cd:15:71:0d:98:2c:5f:74:97:f1:62:d8:34:30:f1:
                    ef:a2:e6:e6:42:1a:55:7d:68:b0:d4:a0:d2:73:0e:
                    8e:85:ef:c1:81:26:c7:ce:47:ca:17:fb:9a:1c:24:
                    f3:29:ad:f8:3b:6d:32:a6:2a:7a:64:e3:54:f2:54:
                    ed:72:35:e5:41:c7:45:d5:5f:4b:77:00:1a:27:c1:
                    ee:6b:9d:15:c9:7a:56:c2:59:8a:15:1e:db:c9:ff:
                    3c:0b:2a:e1:93:91:48:25:6c:27:40:fd:86:7e:6e:
                    d4:d0:24:ea:76:de:a2:f8:bc:8c:b8:cf:03:6f:64:
                    a2:12:76:eb:1d:47:50:ac:39:b4:26:df:90:02:f3:
                    db:9d:5a:0e:52:82:40:3a:58:57:c1:cb:43:94:94:
                    47:06:78:9d:e4:7c:93:cd:2c:3d:78:b6:22:10:d2:
                    33:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:2C:68:9E:74:B4:B6:E2:41:42:E4:28:D4:C7:E6:31:58:8E:6C:69
            X509v3 Authority Key Identifier:
                keyid:5C:73:82:88:E1:DD:46:E2:1C:9A:03:91:19:72:44:B4:78:D0:AB:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:ee:71:52:27:45:89:d3:be:4f:c0:39:b5:4f:ca:a8:2f:99:
         03:fa:7e:2d:2b:46:e2:2a:09:63:95:c8:62:c2:a6:99:b1:2a:
         68:13:ff:ca:d9:92:ca:a2:b3:0f:1b:42:af:92:7d:a5:6d:5d:
         75:8a:be:18:d7:84:76:d2:83:03:ab:13:d2:3c:5f:32:02:f0:
         07:e6:26:c8:3a:84:b1:2b:76:be:2a:13:2b:66:80:1a:80:50:
         79:a9:c0:0e:74:2f:f4:56:c4:cb:db:9e:5f:dc:61:3a:e4:b6:
         21:72:04:12:69:88:50:32:df:87:fd:0d:f9:db:93:59:c3:a2:
         19:d8:dc:cc:dc:23:36:49:a2:4d:b2:a8:97:dd:aa:be:35:c9:
         f3:33:3d:33:2a:7e:d2:27:ed:83:03:aa:c1:66:b5:46:4d:a7:
         24:73:67:d7:3c:e2:6c:b1:6b:73:8b:ca:17:dd:b6:d2:ce:42:
         25:b3:76:3a:7f:f4:41:69:cd:cb:ae:d7:c2:c6:71:90:67:4d:
         3d:48:18:75:63:99:72:7b:8e:a0:a5:d2:3a:a0:d8:3b:60:f5:
         1e:3c:8b:fd:94:68:24:47:9b:5a:54:f1:1e:f7:8a:a9:10:8c:
         c1:1c:28:77:a0:fd:20:32:27:a6:4b:fe:02:c9:f6:ac:4f:b8:
         32:b6:6c:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiO7Qjc3M89v5RZJ43vk/EUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzM4Mjg4ZTFkZDQ2ZTIxYzlhMDM5MTE5NzI0NGI0Nzhk
MGFiMjYwHhcNMjUwODA5MTMwMjM1WhcNMjUwODEwMTMwMjM1WjAzMTEwLwYDVQQD
Eyg4ZDJjNjg5ZTc0YjRiNmUyNDE0MmU0MjhkNGM3ZTYzMTU4OGU2YzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiX+Nf1vRQo5s5V+id0YUKK1nNFv
/eKYFyhrjpK/2patR4BU0JDkynD2+7gePnsCT227rRM66fVZDmV5oneUnkJNMeMk
OPhQrnN4iHrVze/9qEcKP2AwrTHNFXENmCxfdJfxYtg0MPHvoubmQhpVfWiw1KDS
cw6Ohe/BgSbHzkfKF/uaHCTzKa34O20ypip6ZONU8lTtcjXlQcdF1V9LdwAaJ8Hu
a50VyXpWwlmKFR7byf88Cyrhk5FIJWwnQP2Gfm7U0CTqdt6i+LyMuM8Db2SiEnbr
HUdQrDm0Jt+QAvPbnVoOUoJAOlhXwctDlJRHBnid5HyTzSw9eLYiENIzFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI0saJ50tLbiQULkKNTH5jFYjmxpMB8GA1UdIwQY
MBaAFFxzgojh3UbiHJoDkRlyRLR40KsmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9lMzUxMjEtOWQxNi00YTI2LWE3Yjct
NTAxNDBjNjgxYWNhLzEvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9lMzUxMjEtOWQxNi00YTI2LWE3YjctNTAxNDBjNjgxYWNh
LzEvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADO5xUidF
idO+T8A5tU/KqC+ZA/p+LStG4ioJY5XIYsKmmbEqaBP/ytmSyqKzDxtCr5J9pW1d
dYq+GNeEdtKDA6sT0jxfMgLwB+YmyDqEsSt2vioTK2aAGoBQeanADnQv9FbEy9ue
X9xhOuS2IXIEEmmIUDLfh/0N+duTWcOiGdjczNwjNkmiTbKol92qvjXJ8zM9Myp+
0iftgwOqwWa1Rk2nJHNn1zzibLFrc4vKF9220s5CJbN2On/0QWnNy67XwsZxkGdN
PUgYdWOZcnuOoKXSOqDYO2D1HjyL/ZRoJEebWlTxHveKqRCMwRwod6D9IDInpkv+
Asn2rE+4MrZsww==
-----END CERTIFICATE-----