Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
File:                     xVRM5A0R1h07gKfRAyMBI_t9aKU.mft (raw, json)
Hash identifier:          SwK/VT25GbLMvg9nhxBIzeCPX/0t5u6/9cbsExCX1Qc=
Subject key identifier:   1F:F8:66:97:72:5F:AA:FF:F7:0E:83:AA:4C:4F:71:67:95:1E:72:70
Authority key identifier: C5:54:4C:E4:0D:11:D6:1D:3B:80:A7:D1:03:23:01:23:FB:7D:68:A5
Certificate issuer:       /CN=c5544ce40d11d61d3b80a7d103230123fb7d68a5
Certificate serial:       01989034AEC597A37C4FC5E2AAB1581E74E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
Manifest number:          0F45
Signing time:             Sat 09 Aug 2025 19:00:28 +0000
Manifest this update:     Sat 09 Aug 2025 19:00:28 +0000
Manifest next update:     Sun 10 Aug 2025 19:00:28 +0000
Files and hashes:         1: xVRM5A0R1h07gKfRAyMBI_t9aKU.crl (hash: Rp9obOOCvizmEQQSuUNLHAnVqParuYDnU9ZJqv4rUpo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 19:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:90:34:ae:c5:97:a3:7c:4f:c5:e2:aa:b1:58:1e:74:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5544ce40d11d61d3b80a7d103230123fb7d68a5
        Validity
            Not Before: Aug  9 19:00:28 2025 GMT
            Not After : Aug 10 19:00:28 2025 GMT
        Subject: CN=1ff86697725faafff70e83aa4c4f7167951e7270
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:7a:58:e1:28:be:e1:65:f9:04:8c:fd:94:a1:
                    35:54:5a:1f:9f:d0:e6:83:41:f2:63:63:45:c5:b9:
                    16:d7:bf:8f:8b:0f:d8:a0:9f:ac:d5:d8:5d:b9:13:
                    73:f4:3c:da:23:7d:c8:79:0d:59:ba:2a:ff:e1:aa:
                    bb:7a:92:60:da:92:1e:88:82:0f:e9:0f:37:21:72:
                    aa:12:d2:07:08:b7:9e:7a:62:0e:7a:01:12:ca:55:
                    c6:b1:2b:93:5f:fe:37:c1:ee:52:af:f7:6e:4d:62:
                    85:f7:27:3d:66:f2:28:35:da:e5:9d:30:f9:62:4d:
                    40:5b:ad:57:14:e5:3d:6c:b3:d1:b1:14:65:3d:a2:
                    33:61:eb:67:1e:3f:60:d2:92:7a:16:a8:32:0c:cd:
                    e5:0c:46:ef:45:6f:06:73:82:11:e3:3f:bd:a5:72:
                    c1:c0:f0:d1:a7:dc:43:6b:a5:fb:cf:64:b9:a5:e0:
                    ab:9b:86:cc:c3:be:2f:47:3b:17:bf:07:3d:ac:64:
                    1c:d0:ae:61:d8:68:d0:14:43:0e:55:6b:3f:fe:70:
                    d9:f7:be:cd:40:f9:c7:52:bd:98:d7:d0:67:53:36:
                    06:d2:73:be:f9:12:1f:13:82:70:27:10:12:bb:c5:
                    1f:1b:37:54:92:ec:d1:ef:9d:8b:83:90:4a:81:7a:
                    a5:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:F8:66:97:72:5F:AA:FF:F7:0E:83:AA:4C:4F:71:67:95:1E:72:70
            X509v3 Authority Key Identifier:
                keyid:C5:54:4C:E4:0D:11:D6:1D:3B:80:A7:D1:03:23:01:23:FB:7D:68:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:12:07:3a:90:f4:dd:2e:74:18:46:72:9e:3a:07:9c:ae:31:
         0f:a2:39:73:fa:08:5b:26:10:76:5f:ee:db:ec:f3:11:ff:8a:
         88:39:02:60:2d:7a:c8:a3:f7:0b:ce:55:1c:30:d8:31:e4:1f:
         3f:3b:65:76:9f:28:f9:7d:43:b1:3a:9f:30:3e:00:24:61:f7:
         fb:d1:7a:80:3b:60:7a:a8:9d:fc:8b:e4:ac:1c:4f:13:37:f8:
         7b:46:c2:21:30:8a:36:d8:51:6c:aa:83:94:9e:4e:22:36:1b:
         87:65:bb:2d:37:a3:dd:2c:e1:25:d2:10:41:e9:6a:27:07:72:
         ad:3d:b5:ec:fc:37:fd:f9:84:95:bd:14:9d:0e:14:72:6b:6e:
         f6:48:4b:85:50:d5:3e:04:99:c1:d3:9f:3e:58:db:7c:a7:c2:
         dc:d4:10:fa:e4:9a:9e:71:26:19:25:dd:84:32:0c:ca:d8:5f:
         0c:5b:b5:17:d9:7c:4d:71:30:94:02:e3:9d:08:58:80:64:a3:
         a6:2c:46:15:a6:d0:fb:4e:04:19:4a:47:df:dd:6b:63:94:cc:
         91:bc:3c:91:e2:bf:55:3a:5b:c6:62:1e:bd:d9:0a:95:87:56:
         84:36:db:64:e4:34:86:a0:47:26:5d:8a:9e:2d:32:36:e2:90:
         34:ae:f8:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiQNK7Fl6N8T8XiqrFYHnTkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NTQ0Y2U0MGQxMWQ2MWQzYjgwYTdkMTAzMjMwMTIzZmI3
ZDY4YTUwHhcNMjUwODA5MTkwMDI4WhcNMjUwODEwMTkwMDI4WjAzMTEwLwYDVQQD
EygxZmY4NjY5NzcyNWZhYWZmZjcwZTgzYWE0YzRmNzE2Nzk1MWU3MjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHpY4Si+4WX5BIz9lKE1VFofn9Dm
g0HyY2NFxbkW17+Piw/YoJ+s1dhduRNz9DzaI33IeQ1Zuir/4aq7epJg2pIeiIIP
6Q83IXKqEtIHCLeeemIOegESylXGsSuTX/43we5Sr/duTWKF9yc9ZvIoNdrlnTD5
Yk1AW61XFOU9bLPRsRRlPaIzYetnHj9g0pJ6FqgyDM3lDEbvRW8Gc4IR4z+9pXLB
wPDRp9xDa6X7z2S5peCrm4bMw74vRzsXvwc9rGQc0K5h2GjQFEMOVWs//nDZ977N
QPnHUr2Y19BnUzYG0nO++RIfE4JwJxASu8UfGzdUkuzR752Lg5BKgXqlTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB/4ZpdyX6r/9w6DqkxPcWeVHnJwMB8GA1UdIwQY
MBaAFMVUTOQNEdYdO4Cn0QMjASP7fWilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82NDYyOTYtZTRiZC00ZmViLTlmOWQt
NTI3Y2IyNGRiZDQwLzEveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82NDYyOTYtZTRiZC00ZmViLTlmOWQtNTI3Y2IyNGRiZDQw
LzEveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuRIHOpD0
3S50GEZynjoHnK4xD6I5c/oIWyYQdl/u2+zzEf+KiDkCYC16yKP3C85VHDDYMeQf
Pztldp8o+X1DsTqfMD4AJGH3+9F6gDtgeqid/IvkrBxPEzf4e0bCITCKNthRbKqD
lJ5OIjYbh2W7LTej3SzhJdIQQelqJwdyrT217Pw3/fmElb0UnQ4Ucmtu9khLhVDV
PgSZwdOfPljbfKfC3NQQ+uSannEmGSXdhDIMythfDFu1F9l8TXEwlALjnQhYgGSj
pixGFabQ+04EGUpH391rY5TMkbw8keK/VTpbxmIevdkKlYdWhDbbZOQ0hqBHJl2K
ni0yNuKQNK74bg==
-----END CERTIFICATE-----