Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
File:                     xcidUmDLNP27s7wlv0rbr0zcaKA.mft (raw, json)
Hash identifier:          VoH6tGKvdMov1ffbzaxsEXWrIkJsFMkzlV78cGiNkXQ=
Subject key identifier:   E3:96:A1:14:CD:71:2D:21:F3:4A:C0:69:5E:D0:72:EF:5F:45:B6:5E
Authority key identifier: C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0
Certificate issuer:       /CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
Certificate serial:       01987D8AA806608F0CEBA7B7FB2CE399A737
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
Manifest number:          05D8
Signing time:             Wed 06 Aug 2025 04:01:35 +0000
Manifest this update:     Wed 06 Aug 2025 04:01:35 +0000
Manifest next update:     Thu 07 Aug 2025 04:01:35 +0000
Files and hashes:         1: xcidUmDLNP27s7wlv0rbr0zcaKA.crl (hash: +0A2YMcnKQNxTDD7JO9xCQvJqMJU8PPfdds1oPig7uQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 04:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7d:8a:a8:06:60:8f:0c:eb:a7:b7:fb:2c:e3:99:a7:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
        Validity
            Not Before: Aug  6 04:01:35 2025 GMT
            Not After : Aug  7 04:01:35 2025 GMT
        Subject: CN=e396a114cd712d21f34ac0695ed072ef5f45b65e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:02:92:b0:8b:e7:b6:e2:ef:4f:04:cb:72:e0:
                    3c:1e:92:dd:86:f7:ba:1a:d2:d2:84:ce:2f:ce:a3:
                    a2:a4:84:45:9f:81:0e:62:13:80:2e:d2:af:7b:4a:
                    14:93:90:3a:47:26:4a:84:83:ea:b2:58:27:bc:c8:
                    50:01:14:54:c5:20:eb:ff:02:1f:3b:54:1d:31:bc:
                    1e:98:b8:33:13:53:ff:e7:4f:b9:bf:cf:a0:6c:2d:
                    e5:be:44:33:6e:16:2f:e3:48:72:4d:0e:19:54:c6:
                    ca:9b:4d:db:39:7c:c4:ac:b7:7e:0c:1a:a0:83:d2:
                    8f:9d:ee:e5:86:e8:be:e8:99:cd:dd:cf:33:5e:90:
                    a1:bb:e2:2e:72:37:76:82:50:78:4b:47:54:d4:6c:
                    46:fb:ba:16:ce:13:84:10:7d:9f:62:b4:c5:a1:f3:
                    4d:54:2c:43:92:3b:12:2e:09:68:af:b0:24:94:55:
                    66:73:21:79:f9:50:4a:75:e7:de:18:3c:e2:c1:a6:
                    c8:70:47:45:65:b5:57:99:8e:51:ca:28:8a:85:34:
                    5b:24:4f:ac:10:cb:d8:33:78:2b:15:0b:5c:73:ce:
                    fb:f6:c7:9e:13:96:44:b3:cb:a3:33:0c:12:de:b5:
                    25:11:99:73:bc:13:6f:77:4d:f8:12:f7:51:a7:41:
                    92:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:96:A1:14:CD:71:2D:21:F3:4A:C0:69:5E:D0:72:EF:5F:45:B6:5E
            X509v3 Authority Key Identifier:
                keyid:C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:58:a0:e8:19:51:2b:2d:a4:ef:56:46:98:53:60:4f:0c:f2:
         a2:f9:66:4c:4d:5b:54:0d:e8:bf:51:12:58:32:b4:83:29:68:
         27:1d:65:1a:7f:8f:25:e0:f4:e6:06:2f:36:89:e1:e5:0c:a2:
         a6:3f:09:e8:e5:4c:28:9b:17:c5:dd:26:03:dd:8b:12:53:9c:
         96:74:7f:c5:b0:cb:64:94:4c:eb:6c:de:89:1b:7c:d0:48:d6:
         01:3b:3f:ce:ef:50:a9:5e:8b:e4:b5:9e:cb:38:eb:c6:58:9d:
         00:3c:5b:0a:27:33:31:93:03:02:b4:9b:d5:1e:05:d7:12:f5:
         e7:ba:80:8f:c9:97:93:d2:bb:98:91:5b:62:9b:14:8e:6f:d0:
         08:47:fe:08:c7:3b:2b:ad:12:94:05:58:58:cb:b0:c4:cd:fc:
         5d:88:d9:11:6b:3e:30:5e:1e:df:95:c2:7a:b2:30:69:71:f1:
         04:80:f5:67:c9:2b:41:d9:d0:88:e4:b3:d0:3b:1c:7b:ea:0c:
         9c:19:9f:e8:27:3c:80:22:c3:32:ac:38:43:72:66:5a:9e:11:
         d2:d2:20:30:95:c4:99:71:ed:57:49:0f:0d:7c:bf:6e:60:20:
         bc:25:62:53:0c:dd:3e:b5:41:28:ff:18:6f:36:38:4c:86:d9:
         2b:43:3a:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9iqgGYI8M66e3+yzjmac3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1Yzg5ZDUyNjBjYjM0ZmRiYmIzYmMyNWJmNGFkYmFmNGNk
YzY4YTAwHhcNMjUwODA2MDQwMTM1WhcNMjUwODA3MDQwMTM1WjAzMTEwLwYDVQQD
EyhlMzk2YTExNGNkNzEyZDIxZjM0YWMwNjk1ZWQwNzJlZjVmNDViNjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQKSsIvntuLvTwTLcuA8HpLdhve6
GtLShM4vzqOipIRFn4EOYhOALtKve0oUk5A6RyZKhIPqslgnvMhQARRUxSDr/wIf
O1QdMbwemLgzE1P/50+5v8+gbC3lvkQzbhYv40hyTQ4ZVMbKm03bOXzErLd+DBqg
g9KPne7lhui+6JnN3c8zXpChu+Iucjd2glB4S0dU1GxG+7oWzhOEEH2fYrTFofNN
VCxDkjsSLglor7AklFVmcyF5+VBKdefeGDziwabIcEdFZbVXmY5RyiiKhTRbJE+s
EMvYM3grFQtcc8779seeE5ZEs8ujMwwS3rUlEZlzvBNvd034EvdRp0GSswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOOWoRTNcS0h80rAaV7Qcu9fRbZeMB8GA1UdIwQY
MBaAFMXInVJgyzT9u7O8Jb9K269M3GigMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUt
OGViY2QwOWIyYmNhLzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUtOGViY2QwOWIyYmNh
LzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIFig6BlR
Ky2k71ZGmFNgTwzyovlmTE1bVA3ov1ESWDK0gyloJx1lGn+PJeD05gYvNonh5Qyi
pj8J6OVMKJsXxd0mA92LElOclnR/xbDLZJRM62zeiRt80EjWATs/zu9QqV6L5LWe
yzjrxlidADxbCiczMZMDArSb1R4F1xL157qAj8mXk9K7mJFbYpsUjm/QCEf+CMc7
K60SlAVYWMuwxM38XYjZEWs+MF4e35XCerIwaXHxBID1Z8krQdnQiOSz0Dsce+oM
nBmf6Cc8gCLDMqw4Q3JmWp4R0tIgMJXEmXHtV0kPDXy/bmAgvCViUwzdPrVBKP8Y
bzY4TIbZK0M6GA==
-----END CERTIFICATE-----
Generated at Wed Aug 6 13:23:25 2025 by rpki-client