Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
File:                     XHOCiOHdRuIcmgORGXJEtHjQqyY.mft (raw, json)
Hash identifier:          I04kFfcodn885atDoooMy8v2eEjgQ7/gXkR7+2Xv0DE=
Subject key identifier:   97:40:DE:6D:EC:FF:04:07:3B:D1:64:91:00:6F:BC:79:D1:E8:BF:80
Authority key identifier: 5C:73:82:88:E1:DD:46:E2:1C:9A:03:91:19:72:44:B4:78:D0:AB:26
Certificate issuer:       /CN=5c738288e1dd46e21c9a0391197244b478d0ab26
Certificate serial:       019A4EF42B83EB3ED92E68D54A24EE00730E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 13:00:15 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:15 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:15 +0000
Files and hashes:         1: XHOCiOHdRuIcmgORGXJEtHjQqyY.crl (hash: NYoGQgAHQLa9WZkB/jXt5MaKpMjlkqzWYu4usqU7+U4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:2b:83:eb:3e:d9:2e:68:d5:4a:24:ee:00:73:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c738288e1dd46e21c9a0391197244b478d0ab26
        Validity
            Not Before: Nov  4 13:00:15 2025 GMT
            Not After : Nov  5 13:00:15 2025 GMT
        Subject: CN=9740de6decff04073bd16491006fbc79d1e8bf80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:bb:4f:83:81:78:2a:f8:19:b3:39:bc:7f:64:
                    80:84:f3:d6:b3:e6:58:75:50:e1:04:75:47:c7:27:
                    87:49:96:79:ab:0f:a5:ec:4f:f6:6b:c3:2c:a7:75:
                    dc:da:16:45:5c:8f:2d:39:8b:bf:5e:20:b8:20:8d:
                    b0:dd:1f:02:95:60:82:97:bf:19:53:14:37:c6:89:
                    e2:5e:d0:0e:c7:64:59:9b:bd:c6:88:c7:79:79:f3:
                    d1:9f:82:93:79:2b:0a:c6:2e:4c:d9:25:ec:ea:9b:
                    6a:b2:86:15:98:13:eb:25:3e:9f:83:d0:4c:8a:8d:
                    5e:34:48:0a:e9:01:a0:7c:ee:36:39:a0:d3:e7:fa:
                    f0:3f:a1:f5:5e:6e:b0:17:3c:b4:8b:b3:b4:ca:e9:
                    6f:8d:35:9b:15:8a:cd:46:d3:97:eb:6f:67:4b:38:
                    af:05:fc:6b:51:f6:4e:f6:4f:db:6f:51:87:fa:17:
                    ff:c8:95:43:08:1f:af:fb:96:f8:58:dc:57:98:e2:
                    a7:01:c2:62:79:12:94:dd:02:72:c2:84:13:8c:b9:
                    b7:b1:c2:35:a9:c4:45:b8:52:60:39:4a:4e:4e:18:
                    28:f7:25:80:39:1d:c6:66:4c:61:15:81:92:d3:6f:
                    28:69:53:74:78:86:7c:e2:26:2d:26:2f:f4:78:70:
                    8b:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:40:DE:6D:EC:FF:04:07:3B:D1:64:91:00:6F:BC:79:D1:E8:BF:80
            X509v3 Authority Key Identifier:
                keyid:5C:73:82:88:E1:DD:46:E2:1C:9A:03:91:19:72:44:B4:78:D0:AB:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:53:40:72:56:d9:2a:85:cf:8f:bd:49:4f:bd:a5:62:a5:b6:
         17:3a:86:ae:a6:19:33:e5:6a:3e:08:dd:28:bf:b7:8f:f2:8c:
         d8:11:58:86:04:2c:dd:97:a9:82:a2:c1:d7:53:8c:fc:53:bc:
         cc:b2:ef:8c:03:2d:1a:46:56:a0:c0:01:8e:f2:05:24:78:6b:
         f5:48:8c:fa:7c:f1:20:85:51:8a:3e:f9:0f:fb:c0:3e:32:69:
         84:83:0f:fd:c1:0b:51:43:fc:92:88:0d:02:00:de:ca:c5:be:
         80:3d:58:6d:2f:7d:6e:49:68:b0:bd:47:50:6a:e5:60:f3:4c:
         c3:3e:1d:27:f5:3e:26:2f:00:8b:6c:9f:dc:9f:36:1f:bd:e1:
         23:18:17:32:7f:6f:de:3a:ae:33:d9:5b:c7:00:aa:93:45:b7:
         dd:f1:7f:8f:76:24:d0:39:87:50:98:06:53:a2:2f:d1:19:8b:
         85:5a:ed:ff:f3:20:d9:f2:76:aa:29:fd:b8:ef:b7:40:d1:c3:
         07:ef:06:9f:1e:b5:c3:54:a9:9d:4a:08:b4:73:21:50:2b:ce:
         47:0d:42:dc:a6:d6:4a:22:05:27:08:a0:06:24:21:04:7f:fe:
         46:5f:10:07:dd:d0:3c:37:6c:7e:70:13:0e:9e:14:ca:48:24:
         09:d0:80:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9CuD6z7ZLmjVSiTuAHMOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzM4Mjg4ZTFkZDQ2ZTIxYzlhMDM5MTE5NzI0NGI0Nzhk
MGFiMjYwHhcNMjUxMTA0MTMwMDE1WhcNMjUxMTA1MTMwMDE1WjAzMTEwLwYDVQQD
Eyg5NzQwZGU2ZGVjZmYwNDA3M2JkMTY0OTEwMDZmYmM3OWQxZThiZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7tPg4F4KvgZszm8f2SAhPPWs+ZY
dVDhBHVHxyeHSZZ5qw+l7E/2a8Msp3Xc2hZFXI8tOYu/XiC4II2w3R8ClWCCl78Z
UxQ3xoniXtAOx2RZm73GiMd5efPRn4KTeSsKxi5M2SXs6ptqsoYVmBPrJT6fg9BM
io1eNEgK6QGgfO42OaDT5/rwP6H1Xm6wFzy0i7O0yulvjTWbFYrNRtOX629nSziv
BfxrUfZO9k/bb1GH+hf/yJVDCB+v+5b4WNxXmOKnAcJieRKU3QJywoQTjLm3scI1
qcRFuFJgOUpOThgo9yWAOR3GZkxhFYGS028oaVN0eIZ84iYtJi/0eHCL/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdA3m3s/wQHO9FkkQBvvHnR6L+AMB8GA1UdIwQY
MBaAFFxzgojh3UbiHJoDkRlyRLR40KsmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9lMzUxMjEtOWQxNi00YTI2LWE3Yjct
NTAxNDBjNjgxYWNhLzEvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9lMzUxMjEtOWQxNi00YTI2LWE3YjctNTAxNDBjNjgxYWNh
LzEvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgFNAclbZ
KoXPj71JT72lYqW2FzqGrqYZM+VqPgjdKL+3j/KM2BFYhgQs3ZepgqLB11OM/FO8
zLLvjAMtGkZWoMABjvIFJHhr9UiM+nzxIIVRij75D/vAPjJphIMP/cELUUP8kogN
AgDeysW+gD1YbS99bklosL1HUGrlYPNMwz4dJ/U+Ji8Ai2yf3J82H73hIxgXMn9v
3jquM9lbxwCqk0W33fF/j3Yk0DmHUJgGU6Iv0RmLhVrt//Mg2fJ2qin9uO+3QNHD
B+8Gnx61w1SpnUoItHMhUCvORw1C3KbWSiIFJwigBiQhBH/+Rl8QB93QPDdsfnAT
Dp4UykgkCdCAfg==
-----END CERTIFICATE-----