Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
File:                     XtGkql_QUBs-ptafQzwvFkIRYIk.mft (raw, json)
Hash identifier:          rr2o8HyxB2rgfVnGFMZjW+ZeXwPpXWKMnZQyt6DUDOQ=
Subject key identifier:   C5:19:A4:B5:AB:9D:F8:07:01:1E:06:84:16:62:BD:4E:FB:9A:30:DD
Authority key identifier: 5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89
Certificate issuer:       /CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
Certificate serial:       01988B7D695BC96C27D879067FD1B7355AB7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
Manifest number:          161E
Signing time:             Fri 08 Aug 2025 21:01:48 +0000
Manifest this update:     Fri 08 Aug 2025 21:01:48 +0000
Manifest next update:     Sat 09 Aug 2025 21:01:48 +0000
Files and hashes:         1: XtGkql_QUBs-ptafQzwvFkIRYIk.crl (hash: KVEgfxF0k8ALFqgrU0EIOXdKbz8ANtnouWE/wBQr/Ek=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:7d:69:5b:c9:6c:27:d8:79:06:7f:d1:b7:35:5a:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
        Validity
            Not Before: Aug  8 21:01:48 2025 GMT
            Not After : Aug  9 21:01:48 2025 GMT
        Subject: CN=c519a4b5ab9df807011e06841662bd4efb9a30dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:95:48:12:cb:9a:c9:3d:31:d9:34:8f:55:05:
                    f8:31:98:87:dd:c0:64:30:f2:e1:f4:44:bd:07:c6:
                    d5:4a:a5:3a:4d:ef:68:c6:60:d7:6d:d9:9a:f3:59:
                    d6:81:21:70:e1:a0:e4:be:90:fe:8b:b0:e3:e1:a1:
                    62:db:90:a0:67:52:fb:23:d9:f4:a1:3d:a1:20:b1:
                    6b:33:a0:8f:fc:17:e9:fb:4f:21:2d:7d:03:61:d7:
                    17:91:ae:a9:bf:3b:43:25:33:f3:1c:1b:26:b0:cd:
                    99:52:a2:7a:39:53:a5:ed:b1:2d:91:78:62:d9:ad:
                    70:30:18:02:06:8d:35:95:7c:13:d1:1f:77:d8:27:
                    36:a3:68:2b:b9:e8:db:c9:70:7d:55:a3:ba:bc:05:
                    3c:75:10:72:48:91:d1:7e:79:57:50:97:a5:b7:77:
                    75:3d:fa:8f:a7:3c:85:76:56:8b:8e:ea:00:14:b9:
                    19:d5:bd:b4:8c:7d:7b:3e:32:1d:cb:c5:37:5d:52:
                    27:1d:86:2a:b6:a0:01:e3:9a:ac:8c:cc:9d:e5:a1:
                    ba:24:78:97:7f:cb:ca:41:a1:07:e7:49:4a:8f:2e:
                    6b:76:50:12:1f:85:d2:8b:11:f1:2a:7c:92:6e:41:
                    1d:e1:5f:4b:9a:74:94:7b:68:23:66:98:08:77:46:
                    d8:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:19:A4:B5:AB:9D:F8:07:01:1E:06:84:16:62:BD:4E:FB:9A:30:DD
            X509v3 Authority Key Identifier:
                keyid:5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:27:ce:0c:83:b0:0c:69:b6:37:3a:3c:c8:23:35:29:f0:fb:
         13:21:2d:ab:3f:08:2e:39:78:45:ac:fd:ca:45:a1:0b:75:94:
         02:3c:cb:5c:e0:77:95:e2:c9:aa:23:5f:55:21:1a:d8:7a:b5:
         85:59:39:e9:d9:75:15:5e:e4:91:42:47:40:16:93:92:3a:68:
         07:13:bc:f0:57:78:b9:97:09:a6:ff:12:1f:95:6d:be:95:4d:
         78:05:64:43:82:85:57:1e:f9:8e:cf:ef:03:36:fd:eb:81:73:
         12:89:7b:1b:0a:d9:4b:6d:8d:a0:e7:fc:4e:26:46:b7:bf:7c:
         61:ab:d8:b7:76:ca:5b:41:a4:1c:2e:22:e4:e8:3c:5e:b9:03:
         1e:7d:d8:43:8b:a6:bd:35:c6:46:ab:b9:0a:a7:c1:04:69:49:
         28:62:19:88:49:33:c1:a1:d0:fc:bc:ec:16:10:53:62:46:87:
         d0:e8:6e:c3:ab:1a:e9:92:8f:e6:68:f3:69:22:53:32:97:f1:
         bc:88:47:c2:ce:c1:91:b5:f8:1f:de:ae:c5:84:4a:56:da:ef:
         d1:02:e6:a6:51:56:8d:aa:5a:ba:55:81:a2:6c:b9:9a:4a:d5:
         36:62:cb:e2:40:80:3b:c6:fa:62:2b:1a:3e:1c:34:ef:9f:8f:
         35:ab:56:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLfWlbyWwn2HkGf9G3NVq3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDFhNGFhNWZkMDUwMWIzZWE2ZDY5ZjQzM2MyZjE2NDIx
MTYwODkwHhcNMjUwODA4MjEwMTQ4WhcNMjUwODA5MjEwMTQ4WjAzMTEwLwYDVQQD
EyhjNTE5YTRiNWFiOWRmODA3MDExZTA2ODQxNjYyYmQ0ZWZiOWEzMGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05VIEsuayT0x2TSPVQX4MZiH3cBk
MPLh9ES9B8bVSqU6Te9oxmDXbdma81nWgSFw4aDkvpD+i7Dj4aFi25CgZ1L7I9n0
oT2hILFrM6CP/Bfp+08hLX0DYdcXka6pvztDJTPzHBsmsM2ZUqJ6OVOl7bEtkXhi
2a1wMBgCBo01lXwT0R932Cc2o2gruejbyXB9VaO6vAU8dRBySJHRfnlXUJelt3d1
PfqPpzyFdlaLjuoAFLkZ1b20jH17PjIdy8U3XVInHYYqtqAB45qsjMyd5aG6JHiX
f8vKQaEH50lKjy5rdlASH4XSixHxKnySbkEd4V9LmnSUe2gjZpgId0bYiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMUZpLWrnfgHAR4GhBZivU77mjDdMB8GA1UdIwQY
MBaAFF7RpKpf0FAbPqbWn0M8LxZCEWCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTkt
YjlhODZhYzNlOGJlLzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTktYjlhODZhYzNlOGJl
LzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjifODIOw
DGm2Nzo8yCM1KfD7EyEtqz8ILjl4Raz9ykWhC3WUAjzLXOB3leLJqiNfVSEa2Hq1
hVk56dl1FV7kkUJHQBaTkjpoBxO88Fd4uZcJpv8SH5VtvpVNeAVkQ4KFVx75js/v
Azb964FzEol7GwrZS22NoOf8TiZGt798YavYt3bKW0GkHC4i5Og8XrkDHn3YQ4um
vTXGRqu5CqfBBGlJKGIZiEkzwaHQ/LzsFhBTYkaH0Ohuw6sa6ZKP5mjzaSJTMpfx
vIhHws7BkbX4H96uxYRKVtrv0QLmplFWjapaulWBomy5mkrVNmLL4kCAO8b6Yisa
Phw075+PNatWpA==
-----END CERTIFICATE-----