Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
File:                     XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft (raw, json)
Hash identifier:          WHVDr7aQYimRAvTbayc8awQ3KVRQXpW60Qr4XE7aNI0=
Subject key identifier:   13:C5:B2:30:44:F2:35:91:66:AC:9D:79:08:61:8A:42:35:2E:36:3B
Authority key identifier: 5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D
Certificate issuer:       /CN=5cdf301ac01526d08cdec242cc5a140141fb153d
Certificate serial:       01989636DCF63D4A5202F4A7E1C81A0CFAB5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
Manifest number:          024D
Signing time:             Sun 10 Aug 2025 23:00:34 +0000
Manifest this update:     Sun 10 Aug 2025 23:00:34 +0000
Manifest next update:     Mon 11 Aug 2025 23:00:34 +0000
Files and hashes:         1: XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl (hash: DZ/NHzBkVj382utEjeUv+Glu/dDAMPV6dTYRbhHVZAY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:36:dc:f6:3d:4a:52:02:f4:a7:e1:c8:1a:0c:fa:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cdf301ac01526d08cdec242cc5a140141fb153d
        Validity
            Not Before: Aug 10 23:00:34 2025 GMT
            Not After : Aug 11 23:00:34 2025 GMT
        Subject: CN=13c5b23044f2359166ac9d7908618a42352e363b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:3f:bd:a6:e5:da:2f:a0:53:bf:5f:af:d5:63:
                    2c:c7:4e:ac:e4:87:8d:85:c3:5a:f0:b1:04:dd:90:
                    06:2c:bd:e0:18:79:5c:fa:25:5d:af:84:9f:ab:a3:
                    78:0a:f0:39:83:22:55:f4:69:a2:4d:66:a4:bd:ef:
                    ea:3f:a3:79:75:df:c2:da:09:da:7c:89:d5:8d:71:
                    23:dd:45:61:fb:98:a3:27:8e:1c:01:5b:71:b4:74:
                    79:58:bc:a3:04:65:66:33:c5:a4:c7:37:0c:69:a9:
                    14:6b:39:d9:6f:68:50:55:11:02:e7:10:1c:92:6f:
                    5d:47:15:8c:55:d1:7c:da:c3:98:53:aa:25:f9:d0:
                    0a:e2:16:89:24:ef:3d:32:55:5b:0e:62:90:c6:af:
                    a3:f9:2c:cc:d0:37:04:56:8d:7f:bf:f2:b0:c8:e1:
                    5f:b6:da:93:99:42:13:2f:1c:7c:82:90:1b:f2:8f:
                    3e:cb:16:ab:9e:26:16:7a:3c:ae:32:6e:4f:4e:fa:
                    cb:6d:d5:50:07:0a:78:81:68:d0:b1:e0:a3:7a:69:
                    1e:6f:45:17:bf:e3:97:23:76:7b:0e:bd:7c:96:38:
                    d5:b9:fb:0c:b4:91:5e:dc:ab:61:94:cd:6a:33:90:
                    f0:04:76:de:da:fb:1d:5d:4f:cd:5b:7d:d7:0b:63:
                    ab:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:C5:B2:30:44:F2:35:91:66:AC:9D:79:08:61:8A:42:35:2E:36:3B
            X509v3 Authority Key Identifier:
                keyid:5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:d4:7b:b4:c2:52:ed:14:7c:dd:41:c2:f8:6e:b1:5f:c7:78:
         a7:a8:bb:f4:c5:5c:a1:f1:11:0d:7d:b5:e3:d4:7e:99:9d:48:
         67:52:34:9d:d2:fc:2a:9c:6c:0a:ec:aa:d7:2a:e9:57:69:74:
         a3:ca:9d:fb:d5:16:80:d8:40:98:32:36:34:79:c3:62:ed:2d:
         6d:da:e3:a3:e1:30:ae:67:20:38:34:00:2f:00:00:2f:10:ed:
         f2:8f:b2:fe:ea:0f:09:88:20:5e:97:c2:00:20:8e:4d:a1:94:
         d9:ca:30:56:ab:bc:8d:46:3d:02:5f:f5:0a:77:98:d1:35:03:
         70:c0:7f:36:cc:e4:3f:69:99:b1:62:5d:31:c9:46:62:b7:67:
         f8:41:ac:af:ef:b8:27:c3:5a:18:b9:ed:5f:66:a0:da:4c:85:
         f0:3c:88:26:3b:01:93:73:1a:58:65:7c:3d:05:0a:26:d5:26:
         b2:95:d5:02:48:59:e6:60:ba:72:a0:5b:8f:c1:19:fe:d5:55:
         b0:08:b6:6b:ca:a8:0f:bf:77:fc:4d:aa:ba:ff:c2:2d:88:1e:
         22:de:89:ba:64:b7:aa:d3:d3:66:48:06:41:20:90:c1:f9:68:
         dd:a7:41:2a:5e:98:f5:78:c2:ae:b9:46:db:56:f6:b9:b3:20:
         5f:45:fc:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWNtz2PUpSAvSn4cgaDPq1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZGYzMDFhYzAxNTI2ZDA4Y2RlYzI0MmNjNWExNDAxNDFm
YjE1M2QwHhcNMjUwODEwMjMwMDM0WhcNMjUwODExMjMwMDM0WjAzMTEwLwYDVQQD
EygxM2M1YjIzMDQ0ZjIzNTkxNjZhYzlkNzkwODYxOGE0MjM1MmUzNjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqz+9puXaL6BTv1+v1WMsx06s5IeN
hcNa8LEE3ZAGLL3gGHlc+iVdr4Sfq6N4CvA5gyJV9GmiTWakve/qP6N5dd/C2gna
fInVjXEj3UVh+5ijJ44cAVtxtHR5WLyjBGVmM8WkxzcMaakUaznZb2hQVREC5xAc
km9dRxWMVdF82sOYU6ol+dAK4haJJO89MlVbDmKQxq+j+SzM0DcEVo1/v/KwyOFf
ttqTmUITLxx8gpAb8o8+yxarniYWejyuMm5PTvrLbdVQBwp4gWjQseCjemkeb0UX
v+OXI3Z7Dr18ljjVufsMtJFe3KthlM1qM5DwBHbe2vsdXU/NW33XC2OrmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBPFsjBE8jWRZqydeQhhikI1LjY7MB8GA1UdIwQY
MBaAFFzfMBrAFSbQjN7CQsxaFAFB+xU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMt
Yzk2NDIyMGJhZTgwLzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMtYzk2NDIyMGJhZTgw
LzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKNR7tMJS
7RR83UHC+G6xX8d4p6i79MVcofERDX2149R+mZ1IZ1I0ndL8KpxsCuyq1yrpV2l0
o8qd+9UWgNhAmDI2NHnDYu0tbdrjo+EwrmcgODQALwAALxDt8o+y/uoPCYggXpfC
ACCOTaGU2cowVqu8jUY9Al/1CneY0TUDcMB/NszkP2mZsWJdMclGYrdn+EGsr++4
J8NaGLntX2ag2kyF8DyIJjsBk3MaWGV8PQUKJtUmspXVAkhZ5mC6cqBbj8EZ/tVV
sAi2a8qoD793/E2quv/CLYgeIt6JumS3qtPTZkgGQSCQwflo3adBKl6Y9XjCrrlG
21b2ubMgX0X8Rw==
-----END CERTIFICATE-----