Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
File:                     XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft (raw, json)
Hash identifier:          1qPfrB7Ck5ye29HD7oSOZxmZA9D6OayXtPZFmcuwSB4=
Subject key identifier:   6D:18:2C:77:D5:99:86:60:4A:EB:5E:D6:7D:AC:63:71:BA:AC:22:DA
Authority key identifier: 5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B
Certificate issuer:       /CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
Certificate serial:       019A52D1DF91EC292D4BCF77E4CEB6DD8760
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
Manifest number:          170D
Signing time:             Wed 05 Nov 2025 07:01:17 +0000
Manifest this update:     Wed 05 Nov 2025 07:01:17 +0000
Manifest next update:     Thu 06 Nov 2025 07:01:17 +0000
Files and hashes:         1: XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl (hash: hZhoxnsKmD6fNYrMQn9QKVkdrw15rWmpNp9IZyzqlvY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:d1:df:91:ec:29:2d:4b:cf:77:e4:ce:b6:dd:87:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
        Validity
            Not Before: Nov  5 07:01:17 2025 GMT
            Not After : Nov  6 07:01:17 2025 GMT
        Subject: CN=6d182c77d59986604aeb5ed67dac6371baac22da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:da:db:d7:b2:ed:8e:f0:27:08:d7:72:19:7e:
                    ad:5b:eb:fc:93:65:f1:56:e2:78:fc:96:e8:94:96:
                    c9:3d:74:43:e2:7c:ba:5c:ea:7c:19:e0:a7:00:2b:
                    f3:1e:24:38:91:2c:6e:6d:45:31:12:e9:c7:b4:62:
                    17:44:47:ec:f3:d8:36:dc:a7:7f:36:30:b2:eb:b6:
                    3f:77:a0:93:2a:54:08:c0:87:fd:18:fb:ec:07:91:
                    92:29:97:4b:22:a7:87:ca:c1:91:cd:3c:f0:cc:3e:
                    c6:24:73:1b:15:b7:b6:57:cc:c0:36:5e:0f:bd:15:
                    5d:41:4a:f9:44:e1:17:7d:15:bd:01:79:0b:be:8f:
                    8c:90:f0:f3:31:73:46:2c:c4:da:3c:81:45:ea:d3:
                    93:3d:3d:9f:84:8a:02:f3:19:7d:53:8b:04:60:d1:
                    40:98:a8:5c:20:7f:13:20:d0:c1:b7:9e:34:05:c9:
                    10:37:8c:a5:5d:d9:4f:0e:d3:9c:f0:cc:1e:94:8c:
                    b0:f0:bf:e5:55:f6:93:58:9e:0b:f6:50:5c:9e:2a:
                    20:f7:18:d6:22:2d:32:94:95:0e:e8:20:b7:4a:3b:
                    cd:c9:dd:87:06:34:cb:fb:c5:2d:00:4f:0e:b3:17:
                    32:56:37:9f:57:f8:76:dc:12:e5:ad:63:0b:07:4c:
                    dd:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:18:2C:77:D5:99:86:60:4A:EB:5E:D6:7D:AC:63:71:BA:AC:22:DA
            X509v3 Authority Key Identifier:
                keyid:5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:ee:48:b4:18:4d:7d:5d:af:1e:ee:6d:71:ee:b4:2d:20:72:
         0f:75:b0:21:ac:40:64:b2:d6:0e:ff:fe:f1:53:c0:93:be:e9:
         79:20:fb:98:24:63:32:0c:e4:d7:83:d1:c1:43:ec:57:c6:55:
         b2:7f:80:4c:7b:cd:7c:10:1f:01:20:10:ba:92:db:ed:b8:74:
         8b:39:37:f0:0c:91:31:ba:0e:dc:ff:87:b9:5e:e8:39:73:f3:
         2b:87:4f:f8:77:4e:a3:c0:e1:3c:4d:b9:bf:5e:5f:df:a9:62:
         10:29:ef:15:46:60:6a:55:9d:e3:a6:ff:00:3a:bf:07:9b:07:
         1a:ee:35:ff:22:c2:8a:36:64:81:dd:5e:ec:6c:c3:ac:96:d9:
         23:aa:fd:ce:bf:58:74:67:61:38:98:9d:36:c3:86:fc:a5:c1:
         8a:77:1f:c1:d1:38:bd:44:86:cc:95:77:c6:42:93:fe:30:0c:
         57:d4:3f:0c:da:61:fc:9f:6e:44:dd:7c:98:ca:76:7c:e3:aa:
         81:0e:89:f8:a3:5a:70:8d:22:d0:2a:7c:57:e2:bd:c3:d5:96:
         2b:a0:3f:d6:f9:5a:cd:00:46:fa:b8:89:43:cb:6e:db:25:cc:
         82:d8:7e:0b:0e:b7:25:38:24:98:62:a1:fd:8f:40:29:f5:da:
         1f:00:5c:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0d+R7CktS8935M623YdgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMzQ0YTFhYzBjYmZjNDBjNzVhMGNmYzdiZWM5NmM3YzM1
YmQyN2IwHhcNMjUxMTA1MDcwMTE3WhcNMjUxMTA2MDcwMTE3WjAzMTEwLwYDVQQD
Eyg2ZDE4MmM3N2Q1OTk4NjYwNGFlYjVlZDY3ZGFjNjM3MWJhYWMyMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9rb17LtjvAnCNdyGX6tW+v8k2Xx
VuJ4/JbolJbJPXRD4ny6XOp8GeCnACvzHiQ4kSxubUUxEunHtGIXREfs89g23Kd/
NjCy67Y/d6CTKlQIwIf9GPvsB5GSKZdLIqeHysGRzTzwzD7GJHMbFbe2V8zANl4P
vRVdQUr5ROEXfRW9AXkLvo+MkPDzMXNGLMTaPIFF6tOTPT2fhIoC8xl9U4sEYNFA
mKhcIH8TINDBt540BckQN4ylXdlPDtOc8MwelIyw8L/lVfaTWJ4L9lBcniog9xjW
Ii0ylJUO6CC3SjvNyd2HBjTL+8UtAE8OsxcyVjefV/h23BLlrWMLB0zdMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG0YLHfVmYZgSute1n2sY3G6rCLaMB8GA1UdIwQY
MBaAFFw0ShrAy/xAx1oM/HvslsfDW9J7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5Yzgt
Y2QxODUxMGVkY2RmLzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5YzgtY2QxODUxMGVkY2Rm
LzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA+5ItBhN
fV2vHu5tce60LSByD3WwIaxAZLLWDv/+8VPAk77peSD7mCRjMgzk14PRwUPsV8ZV
sn+ATHvNfBAfASAQupLb7bh0izk38AyRMboO3P+HuV7oOXPzK4dP+HdOo8DhPE25
v15f36liECnvFUZgalWd46b/ADq/B5sHGu41/yLCijZkgd1e7GzDrJbZI6r9zr9Y
dGdhOJidNsOG/KXBincfwdE4vUSGzJV3xkKT/jAMV9Q/DNph/J9uRN18mMp2fOOq
gQ6J+KNacI0i0Cp8V+K9w9WWK6A/1vlazQBG+riJQ8tu2yXMgth+Cw63JTgkmGKh
/Y9AKfXaHwBcNw==
-----END CERTIFICATE-----