Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
File:                     xLxp1Co7FePOy5HHcrpkM8URvpk.mft (raw, json)
Hash identifier:          n2oHBVDF0ZRyLM++9dgVMdAptLvdqNwcsUSvtfxkgdE=
Subject key identifier:   8A:9A:90:64:D9:1F:CB:1B:D0:3C:BD:F7:33:79:DD:C2:63:42:F5:A4
Authority key identifier: C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99
Certificate issuer:       /CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
Certificate serial:       019893DACB31FB6263F286E45303A38F052A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
Manifest number:          1623
Signing time:             Sun 10 Aug 2025 12:00:46 +0000
Manifest this update:     Sun 10 Aug 2025 12:00:46 +0000
Manifest next update:     Mon 11 Aug 2025 12:00:46 +0000
Files and hashes:         1: xLxp1Co7FePOy5HHcrpkM8URvpk.crl (hash: 1xXHUFWumcbjbWLfMy/png6JqkrpVqJICGQR5QHlNbE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 12:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:93:da:cb:31:fb:62:63:f2:86:e4:53:03:a3:8f:05:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
        Validity
            Not Before: Aug 10 12:00:46 2025 GMT
            Not After : Aug 11 12:00:46 2025 GMT
        Subject: CN=8a9a9064d91fcb1bd03cbdf73379ddc26342f5a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:73:7b:57:d0:a7:62:6a:a7:d1:f3:48:c6:c0:
                    a2:4e:b7:6c:70:c0:62:da:51:26:52:e5:90:f6:57:
                    f5:18:88:2a:61:f7:9a:12:67:72:40:c8:e4:cc:8a:
                    3e:72:1b:17:93:66:2b:2e:d3:00:55:75:94:7d:e5:
                    1b:fe:1e:cc:35:f7:e0:95:29:48:b8:c6:a3:ee:43:
                    88:6d:aa:af:45:0c:19:94:cc:cf:a5:41:fd:76:34:
                    02:fb:26:c4:8b:b5:6b:9a:f6:f5:7b:90:b5:0a:4f:
                    79:92:d8:f4:24:f0:ee:5e:fd:88:9b:59:f2:fd:38:
                    90:61:4b:00:6f:b6:eb:49:84:96:7f:28:a6:5d:bd:
                    12:d9:d6:24:da:17:d8:a2:1a:3a:7c:cc:4c:f5:dc:
                    0a:ec:57:6f:8d:cc:2d:d5:a8:02:15:c3:67:e5:e7:
                    3d:9e:b7:46:c6:92:1e:f2:56:e5:ff:dd:66:ec:45:
                    81:a1:c5:ed:f8:09:5e:64:82:c1:38:87:a3:fc:24:
                    b3:f6:22:7f:71:f5:93:50:ef:9a:ff:8d:1a:9a:85:
                    78:06:71:03:57:d4:0a:d1:bc:ce:fa:a0:28:c5:40:
                    de:25:1d:e1:f7:79:fe:a5:56:f1:d1:63:74:69:81:
                    3f:cc:8f:2a:dc:f8:1c:eb:f7:ab:24:f3:3e:aa:78:
                    cf:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:9A:90:64:D9:1F:CB:1B:D0:3C:BD:F7:33:79:DD:C2:63:42:F5:A4
            X509v3 Authority Key Identifier:
                keyid:C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:3a:2d:25:a8:2a:00:0f:d2:25:8b:b3:25:5f:1b:9e:25:fd:
         c4:15:3d:e4:4f:fb:1d:ac:af:d1:6f:44:1d:de:70:f8:9a:c7:
         93:3b:aa:4d:13:65:40:43:62:44:b9:02:b0:dd:09:cb:c8:bf:
         e7:c8:48:82:e7:fc:0b:2c:35:24:29:a8:5f:ed:5c:18:b9:bd:
         b4:9f:e1:c4:9f:78:bc:5c:bf:45:00:ef:f9:62:90:7f:ed:f3:
         9c:c5:60:ac:7b:89:63:bb:7d:f4:d8:bf:fe:bd:2c:a0:f0:e2:
         8e:b0:1c:1c:a8:b2:37:24:42:06:fd:0c:6f:e9:8e:64:5d:cc:
         51:87:85:e7:68:60:48:f0:1d:5b:c6:fa:05:1c:18:aa:85:cd:
         01:4b:3f:3d:52:88:ee:d6:12:fe:c8:2c:84:bb:c6:d0:15:39:
         cc:51:75:af:d4:09:28:4f:8d:6b:45:cf:f2:37:f2:b9:17:13:
         d0:49:e2:f9:6e:af:f5:3b:a7:1a:25:06:9e:57:a6:c5:6f:a1:
         20:00:d2:86:cf:80:24:d2:ac:d2:20:6e:fb:21:ee:f3:ff:40:
         2a:22:f8:29:6b:0d:ca:63:56:ff:44:09:ca:09:fe:cc:b9:c1:
         2b:f1:6d:c9:a3:4b:d5:e5:37:96:8d:86:9f:04:f1:c9:fd:0d:
         34:88:c7:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiT2ssx+2Jj8obkUwOjjwUqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YmM2OWQ0MmEzYjE1ZTNjZWNiOTFjNzcyYmE2NDMzYzUx
MWJlOTkwHhcNMjUwODEwMTIwMDQ2WhcNMjUwODExMTIwMDQ2WjAzMTEwLwYDVQQD
Eyg4YTlhOTA2NGQ5MWZjYjFiZDAzY2JkZjczMzc5ZGRjMjYzNDJmNWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnN7V9CnYmqn0fNIxsCiTrdscMBi
2lEmUuWQ9lf1GIgqYfeaEmdyQMjkzIo+chsXk2YrLtMAVXWUfeUb/h7MNffglSlI
uMaj7kOIbaqvRQwZlMzPpUH9djQC+ybEi7Vrmvb1e5C1Ck95ktj0JPDuXv2Im1ny
/TiQYUsAb7brSYSWfyimXb0S2dYk2hfYoho6fMxM9dwK7Fdvjcwt1agCFcNn5ec9
nrdGxpIe8lbl/91m7EWBocXt+AleZILBOIej/CSz9iJ/cfWTUO+a/40amoV4BnED
V9QK0bzO+qAoxUDeJR3h93n+pVbx0WN0aYE/zI8q3Pgc6/erJPM+qnjPpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIqakGTZH8sb0Dy99zN53cJjQvWkMB8GA1UdIwQY
MBaAFMS8adQqOxXjzsuRx3K6ZDPFEb6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUt
ZDE3Zjk4MTE0MDcwLzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUtZDE3Zjk4MTE0MDcw
LzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhjotJagq
AA/SJYuzJV8bniX9xBU95E/7Hayv0W9EHd5w+JrHkzuqTRNlQENiRLkCsN0Jy8i/
58hIguf8Cyw1JCmoX+1cGLm9tJ/hxJ94vFy/RQDv+WKQf+3znMVgrHuJY7t99Ni/
/r0soPDijrAcHKiyNyRCBv0Mb+mOZF3MUYeF52hgSPAdW8b6BRwYqoXNAUs/PVKI
7tYS/sgshLvG0BU5zFF1r9QJKE+Na0XP8jfyuRcT0Eni+W6v9TunGiUGnlemxW+h
IADShs+AJNKs0iBu+yHu8/9AKiL4KWsNymNW/0QJygn+zLnBK/FtyaNL1eU3lo2G
nwTxyf0NNIjHGg==
-----END CERTIFICATE-----