Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
File:                     XYxMrtvxY99oiGrDtz8OTLQX4V4.mft (raw, json)
Hash identifier:          7Q9/mbjVEMwblRO2DjhqL9nZtcp8wtde2oQ5dUY+x2U=
Subject key identifier:   BF:0B:1B:7B:2B:9A:4A:C5:4F:39:82:1B:66:E4:24:3D:C2:D4:62:B3
Authority key identifier: 5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E
Certificate issuer:       /CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
Certificate serial:       01977AC1FECFC822F998986C5632BD4D3975
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
Manifest number:          0BD3
Signing time:             Mon 16 Jun 2025 22:00:23 +0000
Manifest this update:     Mon 16 Jun 2025 22:00:23 +0000
Manifest next update:     Tue 17 Jun 2025 22:00:23 +0000
Files and hashes:         1: XYxMrtvxY99oiGrDtz8OTLQX4V4.crl (hash: mUNTjcFsaiMavu8h1A1Jbm0/3SKEgEdXMGDwmWOI1lc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 14:25:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7a:c1:fe:cf:c8:22:f9:98:98:6c:56:32:bd:4d:39:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
        Validity
            Not Before: Jun 16 22:00:23 2025 GMT
            Not After : Jun 17 22:00:23 2025 GMT
        Subject: CN=bf0b1b7b2b9a4ac54f39821b66e4243dc2d462b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:33:c5:0a:bb:db:a5:7e:8a:35:19:56:b0:e1:
                    29:bc:1c:04:5c:5c:32:5d:e5:d0:cd:a6:9e:5c:e7:
                    3e:3a:e2:0d:7e:67:e7:4f:12:51:da:fa:15:40:59:
                    eb:2a:86:51:d4:b8:8d:82:71:a1:aa:f6:1b:13:40:
                    eb:a7:3f:28:f2:b6:ea:13:58:a5:25:8e:96:6d:a2:
                    3e:72:67:ff:a3:91:ea:e3:e4:c0:43:f0:10:dc:12:
                    fe:4c:03:51:7e:65:a3:6e:87:29:91:78:c2:ff:7a:
                    ec:65:57:31:f7:0a:37:17:27:de:69:25:ef:f8:13:
                    12:2e:78:fc:29:b2:54:18:dd:1b:17:3b:70:1d:0b:
                    8e:b5:9b:eb:4a:ce:64:56:40:e3:3f:1f:35:c6:34:
                    0d:73:75:56:1b:d4:4c:50:03:cc:88:ad:6e:84:44:
                    41:01:f3:cd:21:bc:38:68:62:f9:5e:d5:44:38:2e:
                    17:cc:1a:6b:c6:c0:80:e2:f3:8a:79:a0:15:6b:35:
                    62:4d:95:b0:7d:e9:a5:4c:d3:0e:9b:14:e3:3e:14:
                    53:51:c7:3b:be:97:52:da:cc:50:10:e2:64:1b:e3:
                    a8:d2:e7:80:f8:b0:13:45:49:96:59:2e:eb:1b:8c:
                    90:b3:55:2e:b4:f4:bb:8c:67:e3:47:f1:24:9f:23:
                    e9:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:0B:1B:7B:2B:9A:4A:C5:4F:39:82:1B:66:E4:24:3D:C2:D4:62:B3
            X509v3 Authority Key Identifier:
                keyid:5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:8f:dd:82:04:cc:6c:af:59:62:1b:1a:8a:49:61:0e:a8:f7:
         fa:a9:13:5a:39:97:f8:41:63:bc:ef:9b:40:f8:c0:c2:1f:8e:
         11:d4:a2:85:8f:da:a1:46:3b:fa:cd:17:97:ce:7d:97:a5:63:
         b6:56:f5:1c:fa:db:aa:6e:a9:92:18:fd:1e:b0:d7:b9:20:8a:
         6e:d8:9f:d8:e3:20:53:03:cb:d9:6b:b6:28:64:c9:a9:73:2c:
         31:e0:c4:4a:bf:0e:19:29:29:ba:dc:10:8f:36:e1:0e:49:78:
         5c:75:c8:6f:28:17:32:40:49:aa:63:aa:1a:23:f3:e6:17:20:
         c4:c8:e5:93:18:57:39:0f:66:82:18:69:c9:8e:28:ff:f6:e6:
         bd:67:9e:84:de:f7:8c:87:ce:7a:21:50:3b:a2:1f:58:f0:9f:
         f7:2d:79:9a:55:2c:bd:da:c8:e1:2c:98:b8:aa:f0:56:d5:a5:
         06:37:56:49:95:48:cb:9a:4a:c7:f9:5b:7f:a4:91:be:78:ae:
         68:7e:c9:c9:d5:b6:7b:71:de:6b:3b:6a:66:c5:33:e5:85:80:
         01:2f:cd:35:34:ec:80:03:3b:ac:36:8c:20:ce:df:93:22:ea:
         3f:cf:fe:fb:f2:00:eb:9c:4e:40:e8:06:0b:2e:ad:91:53:c2:
         61:bf:4b:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd6wf7PyCL5mJhsVjK9TTl1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGM0Y2FlZGJmMTYzZGY2ODg4NmFjM2I3M2YwZTRjYjQx
N2UxNWUwHhcNMjUwNjE2MjIwMDIzWhcNMjUwNjE3MjIwMDIzWjAzMTEwLwYDVQQD
EyhiZjBiMWI3YjJiOWE0YWM1NGYzOTgyMWI2NmU0MjQzZGMyZDQ2MmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDPFCrvbpX6KNRlWsOEpvBwEXFwy
XeXQzaaeXOc+OuINfmfnTxJR2voVQFnrKoZR1LiNgnGhqvYbE0Drpz8o8rbqE1il
JY6WbaI+cmf/o5Hq4+TAQ/AQ3BL+TANRfmWjbocpkXjC/3rsZVcx9wo3FyfeaSXv
+BMSLnj8KbJUGN0bFztwHQuOtZvrSs5kVkDjPx81xjQNc3VWG9RMUAPMiK1uhERB
AfPNIbw4aGL5XtVEOC4XzBprxsCA4vOKeaAVazViTZWwfemlTNMOmxTjPhRTUcc7
vpdS2sxQEOJkG+Oo0ueA+LATRUmWWS7rG4yQs1UutPS7jGfjR/EknyPpZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL8LG3srmkrFTzmCG2bkJD3C1GKzMB8GA1UdIwQY
MBaAFF2MTK7b8WPfaIhqw7c/Dky0F+FeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAt
ZmQ2YzQ3MDI5NWQ0LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAtZmQ2YzQ3MDI5NWQ0
LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYI/dggTM
bK9ZYhsaiklhDqj3+qkTWjmX+EFjvO+bQPjAwh+OEdSihY/aoUY7+s0Xl859l6Vj
tlb1HPrbqm6pkhj9HrDXuSCKbtif2OMgUwPL2Wu2KGTJqXMsMeDESr8OGSkputwQ
jzbhDkl4XHXIbygXMkBJqmOqGiPz5hcgxMjlkxhXOQ9mghhpyY4o//bmvWeehN73
jIfOeiFQO6IfWPCf9y15mlUsvdrI4SyYuKrwVtWlBjdWSZVIy5pKx/lbf6SRvniu
aH7JydW2e3HeaztqZsUz5YWAAS/NNTTsgAM7rDaMIM7fkyLqP8/++/IA65xOQOgG
Cy6tkVPCYb9LDQ==
-----END CERTIFICATE-----