Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
File:                     xcidUmDLNP27s7wlv0rbr0zcaKA.mft (raw, json)
Hash identifier:          rK1cO0w3ZuSWkXtSSkjqEShAJWIlstUogAeQ/tERmoM=
Subject key identifier:   61:E8:23:FC:23:5B:54:66:23:67:F9:47:7B:AE:5F:D7:B9:3E:56:1F
Authority key identifier: C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0
Certificate issuer:       /CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
Certificate serial:       019A4D078822629DB5EEECB766F9A4643282
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
Manifest number:          06C8
Signing time:             Tue 04 Nov 2025 04:02:10 +0000
Manifest this update:     Tue 04 Nov 2025 04:02:10 +0000
Manifest next update:     Wed 05 Nov 2025 04:02:10 +0000
Files and hashes:         1: xcidUmDLNP27s7wlv0rbr0zcaKA.crl (hash: fXTUd9sVg3W/O6cYsFuKcZku6LHNNgDXv9pOtrS98Lw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 04:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:07:88:22:62:9d:b5:ee:ec:b7:66:f9:a4:64:32:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
        Validity
            Not Before: Nov  4 04:02:10 2025 GMT
            Not After : Nov  5 04:02:10 2025 GMT
        Subject: CN=61e823fc235b54662367f9477bae5fd7b93e561f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:8e:0c:14:fa:16:bf:24:64:97:e1:e6:38:e9:
                    7e:42:e7:13:13:17:1f:99:b4:60:94:cb:14:d8:54:
                    ce:cd:d2:4d:55:bc:90:8c:14:e7:02:99:e5:13:c6:
                    00:c3:b8:38:e8:40:b4:4b:cb:1e:38:9b:73:58:8f:
                    bd:d1:a3:4d:d0:8b:c3:a4:56:81:2f:2b:2e:b3:d9:
                    62:e1:d6:6c:ac:10:35:24:f5:0f:f1:9c:13:a3:01:
                    eb:b7:7c:11:5b:c2:97:fe:64:f4:69:e7:0d:b5:6e:
                    fc:48:03:65:71:65:a2:a0:cd:05:de:90:63:9a:da:
                    47:2d:93:ab:cb:bf:04:d6:0e:23:63:88:dd:19:64:
                    94:9e:7b:a6:97:7e:e3:24:75:6b:32:cb:47:42:9b:
                    fa:de:e9:92:ae:78:d1:cb:25:d6:29:90:03:6e:7e:
                    c3:85:51:6b:e4:90:60:18:11:d3:e4:f8:99:6d:88:
                    47:44:20:33:1f:42:64:16:b1:59:54:3e:a8:2f:7e:
                    a0:0f:62:81:e4:c5:17:ae:0c:6a:c8:4f:f7:ef:8e:
                    f8:2f:30:43:2d:17:dc:79:2c:af:d5:a7:47:5b:b8:
                    9a:18:f1:64:4d:e9:60:f6:90:ad:a1:9c:6f:6a:c0:
                    81:ac:3a:75:e4:7d:31:70:19:2a:a5:f9:ee:31:28:
                    bf:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:E8:23:FC:23:5B:54:66:23:67:F9:47:7B:AE:5F:D7:B9:3E:56:1F
            X509v3 Authority Key Identifier:
                keyid:C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:da:3e:4e:0d:63:4c:cc:75:08:9f:30:d1:4f:61:25:7a:61:
         e5:db:48:a0:e6:47:5d:4b:7a:5f:34:bb:ff:4e:79:d4:1d:a5:
         77:b0:fe:18:38:db:e0:16:c2:90:2e:b9:dc:ba:38:57:0d:e6:
         16:1a:5b:7d:75:4a:44:1f:fc:e0:6b:c3:ff:35:a0:05:d4:ee:
         11:9b:03:96:52:fe:38:54:f2:c7:65:ab:60:c7:95:0a:d0:49:
         34:9e:28:38:68:8e:a8:de:03:d7:13:99:5f:91:5b:79:09:04:
         ea:03:3a:cb:35:b8:20:f5:fb:2a:f6:6e:b4:46:7e:df:85:21:
         e9:98:23:10:42:2f:cf:14:15:55:c4:44:65:b3:a1:3b:7a:12:
         6a:23:40:2b:ef:d1:6e:61:8d:da:3d:83:0a:69:93:6d:48:14:
         a6:52:44:a2:0b:1f:26:57:e4:68:3c:e8:83:86:2c:18:9a:15:
         22:4a:1f:74:fb:21:53:eb:91:83:6d:d8:b4:eb:ac:7e:a9:4a:
         b1:ab:1b:05:bd:81:29:96:fd:7d:33:11:5f:c3:dd:df:4f:6e:
         3f:f1:d6:e1:79:24:26:98:b2:52:3f:b5:a5:6c:2a:5e:2d:49:
         29:7b:f0:a0:b3:8a:59:27:68:76:86:fd:d3:0a:2e:2b:04:99:
         c9:49:c8:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNB4giYp217uy3ZvmkZDKCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1Yzg5ZDUyNjBjYjM0ZmRiYmIzYmMyNWJmNGFkYmFmNGNk
YzY4YTAwHhcNMjUxMTA0MDQwMjEwWhcNMjUxMTA1MDQwMjEwWjAzMTEwLwYDVQQD
Eyg2MWU4MjNmYzIzNWI1NDY2MjM2N2Y5NDc3YmFlNWZkN2I5M2U1NjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmY4MFPoWvyRkl+HmOOl+QucTExcf
mbRglMsU2FTOzdJNVbyQjBTnApnlE8YAw7g46EC0S8seOJtzWI+90aNN0IvDpFaB
Lysus9li4dZsrBA1JPUP8ZwTowHrt3wRW8KX/mT0aecNtW78SANlcWWioM0F3pBj
mtpHLZOry78E1g4jY4jdGWSUnnuml37jJHVrMstHQpv63umSrnjRyyXWKZADbn7D
hVFr5JBgGBHT5PiZbYhHRCAzH0JkFrFZVD6oL36gD2KB5MUXrgxqyE/37474LzBD
LRfceSyv1adHW7iaGPFkTelg9pCtoZxvasCBrDp15H0xcBkqpfnuMSi/wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGHoI/wjW1RmI2f5R3uuX9e5PlYfMB8GA1UdIwQY
MBaAFMXInVJgyzT9u7O8Jb9K269M3GigMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUt
OGViY2QwOWIyYmNhLzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUtOGViY2QwOWIyYmNh
LzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQNo+Tg1j
TMx1CJ8w0U9hJXph5dtIoOZHXUt6XzS7/0551B2ld7D+GDjb4BbCkC653Lo4Vw3m
FhpbfXVKRB/84GvD/zWgBdTuEZsDllL+OFTyx2WrYMeVCtBJNJ4oOGiOqN4D1xOZ
X5FbeQkE6gM6yzW4IPX7KvZutEZ+34Uh6ZgjEEIvzxQVVcREZbOhO3oSaiNAK+/R
bmGN2j2DCmmTbUgUplJEogsfJlfkaDzog4YsGJoVIkofdPshU+uRg23YtOusfqlK
sasbBb2BKZb9fTMRX8Pd309uP/HW4XkkJpiyUj+1pWwqXi1JKXvwoLOKWSdodob9
0wouKwSZyUnINg==
-----END CERTIFICATE-----