Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
File:                     XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft (raw, json)
Hash identifier:          PQNBMHHPR3ZEXnQt65CeW0aRt/9A8C6b2MXfqapL5J4=
Subject key identifier:   52:85:2C:A6:FF:F2:70:24:E0:B6:F5:21:74:A7:E1:20:75:62:94:1B
Authority key identifier: 5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B
Certificate issuer:       /CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
Certificate serial:       019873E3568C0855A693D2A207F18166E7E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
Manifest number:          1615
Signing time:             Mon 04 Aug 2025 07:02:15 +0000
Manifest this update:     Mon 04 Aug 2025 07:02:15 +0000
Manifest next update:     Tue 05 Aug 2025 07:02:15 +0000
Files and hashes:         1: XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl (hash: pZLWewo/EjGzwoLXUUYXD6y/9wQBaD7GSwDEHGZmuyc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:56:8c:08:55:a6:93:d2:a2:07:f1:81:66:e7:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
        Validity
            Not Before: Aug  4 07:02:15 2025 GMT
            Not After : Aug  5 07:02:15 2025 GMT
        Subject: CN=52852ca6fff27024e0b6f52174a7e1207562941b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ba:fb:e3:ba:13:c2:0c:4b:ea:10:dc:15:fe:
                    5e:b5:1c:7d:bb:92:8e:09:53:ec:b0:33:a5:cc:75:
                    50:cf:1d:9a:4d:f9:1e:77:33:55:5f:b9:5a:43:0b:
                    87:db:f5:4e:39:5e:d4:50:83:ac:c3:73:0d:0e:24:
                    31:1d:7d:df:3f:00:48:17:17:ee:f6:95:a6:01:3a:
                    10:b3:f7:0c:6e:f4:4e:9e:93:5b:b9:81:3d:0a:38:
                    4e:5f:d1:01:d0:c7:ab:1d:8c:42:ed:69:7d:7a:10:
                    d8:cb:40:6d:e7:0f:60:83:53:2e:4c:f7:7e:8e:53:
                    b2:0a:5f:a1:70:e1:40:58:74:66:ea:af:c6:dc:7f:
                    d4:eb:0d:cb:e8:a6:cc:ac:8c:7e:08:49:58:ab:1a:
                    91:54:9f:ba:88:1e:54:c2:a5:16:65:99:29:71:76:
                    ad:a9:42:e2:32:63:a5:36:21:92:c3:9d:b8:14:0d:
                    c2:38:51:a0:f7:d1:f1:5f:4a:fe:f9:c5:74:3f:5e:
                    42:4e:cb:56:dc:79:52:2a:72:95:9d:16:a3:fb:52:
                    12:6d:7a:a7:6d:4b:2f:e4:ab:0d:6a:54:93:72:2a:
                    15:2f:7f:9b:31:5e:8d:40:6a:87:4a:7f:47:bd:87:
                    e1:ab:9f:86:5d:d6:d4:56:ee:3a:6a:e0:01:41:0e:
                    ad:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:85:2C:A6:FF:F2:70:24:E0:B6:F5:21:74:A7:E1:20:75:62:94:1B
            X509v3 Authority Key Identifier:
                keyid:5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e4:bd:0c:05:09:06:f6:4d:6d:77:15:9a:f6:63:7f:3d:95:97:
         be:d7:b3:50:41:d0:bc:a4:36:20:fe:68:03:9e:e5:e6:cb:04:
         24:1a:b3:6f:af:fa:35:4b:ce:86:89:1e:36:1a:ac:81:aa:cc:
         e7:a7:9f:dd:14:d8:ee:51:c8:9d:0f:fd:93:2c:01:bf:52:3f:
         bb:c4:eb:da:45:34:b0:3e:53:0c:0c:8a:b2:04:20:fc:db:c0:
         e2:01:9c:75:1d:e1:da:02:24:fe:74:23:ed:3f:43:1f:8d:46:
         e0:a3:d4:c1:b8:51:b5:45:02:61:c5:3f:7f:7f:21:59:7a:66:
         31:5c:8e:f2:c7:05:7f:89:1f:76:b0:de:c1:46:1a:85:81:3e:
         bb:45:df:cc:7b:0d:7f:2a:5e:2e:e7:3d:a3:07:9a:db:df:7d:
         0f:95:71:72:23:88:37:79:6a:4b:5e:6a:92:af:ae:02:c7:96:
         ad:dd:88:dc:a5:d2:9a:a6:64:32:cb:8b:61:81:61:ac:90:0a:
         e2:14:0d:6a:83:f7:f9:f8:01:69:80:4b:a4:f7:29:c2:57:1e:
         b7:a9:bd:38:30:c7:5c:ff:21:2c:ee:c7:6f:6e:6e:04:94:34:
         5e:1d:7c:79:46:66:98:90:56:21:fa:be:de:ac:77:c2:6f:db:
         43:bc:36:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz41aMCFWmk9KiB/GBZufpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMzQ0YTFhYzBjYmZjNDBjNzVhMGNmYzdiZWM5NmM3YzM1
YmQyN2IwHhcNMjUwODA0MDcwMjE1WhcNMjUwODA1MDcwMjE1WjAzMTEwLwYDVQQD
Eyg1Mjg1MmNhNmZmZjI3MDI0ZTBiNmY1MjE3NGE3ZTEyMDc1NjI5NDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrr747oTwgxL6hDcFf5etRx9u5KO
CVPssDOlzHVQzx2aTfkedzNVX7laQwuH2/VOOV7UUIOsw3MNDiQxHX3fPwBIFxfu
9pWmAToQs/cMbvROnpNbuYE9CjhOX9EB0MerHYxC7Wl9ehDYy0Bt5w9gg1MuTPd+
jlOyCl+hcOFAWHRm6q/G3H/U6w3L6KbMrIx+CElYqxqRVJ+6iB5UwqUWZZkpcXat
qULiMmOlNiGSw524FA3COFGg99HxX0r++cV0P15CTstW3HlSKnKVnRaj+1ISbXqn
bUsv5KsNalSTcioVL3+bMV6NQGqHSn9HvYfhq5+GXdbUVu46auABQQ6tJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFKFLKb/8nAk4Lb1IXSn4SB1YpQbMB8GA1UdIwQY
MBaAFFw0ShrAy/xAx1oM/HvslsfDW9J7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5Yzgt
Y2QxODUxMGVkY2RmLzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5YzgtY2QxODUxMGVkY2Rm
LzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA5L0MBQkG
9k1tdxWa9mN/PZWXvtezUEHQvKQ2IP5oA57l5ssEJBqzb6/6NUvOhokeNhqsgarM
56ef3RTY7lHInQ/9kywBv1I/u8Tr2kU0sD5TDAyKsgQg/NvA4gGcdR3h2gIk/nQj
7T9DH41G4KPUwbhRtUUCYcU/f38hWXpmMVyO8scFf4kfdrDewUYahYE+u0XfzHsN
fypeLuc9owea2999D5VxciOIN3lqS15qkq+uAseWrd2I3KXSmqZkMsuLYYFhrJAK
4hQNaoP3+fgBaYBLpPcpwlcet6m9ODDHXP8hLO7Hb25uBJQ0Xh18eUZmmJBWIfq+
3qx3wm/bQ7w2uQ==
-----END CERTIFICATE-----