Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
File:                     XYxMrtvxY99oiGrDtz8OTLQX4V4.mft (raw, json)
Hash identifier:          pfc+JwpBX4FqkmPthcFBXcqFwflE+lIfB5hJlbQ+ObM=
Subject key identifier:   FE:68:FA:4B:92:5F:D7:77:0B:F6:A1:4E:98:15:6C:BA:E3:43:9F:85
Authority key identifier: 5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E
Certificate issuer:       /CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
Certificate serial:       0198A04EE0AE3FE242A66D5160C2384B1854
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
Manifest number:          0C6B
Signing time:             Tue 12 Aug 2025 22:03:00 +0000
Manifest this update:     Tue 12 Aug 2025 22:03:00 +0000
Manifest next update:     Wed 13 Aug 2025 22:03:00 +0000
Files and hashes:         1: XYxMrtvxY99oiGrDtz8OTLQX4V4.crl (hash: JSPnvqLiwVTcZMr6/VVZ6SZRh7ei50fTSqOwrjhp95Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:4e:e0:ae:3f:e2:42:a6:6d:51:60:c2:38:4b:18:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
        Validity
            Not Before: Aug 12 22:03:00 2025 GMT
            Not After : Aug 13 22:03:00 2025 GMT
        Subject: CN=fe68fa4b925fd7770bf6a14e98156cbae3439f85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:2c:a6:89:d5:15:27:a2:bd:89:ce:e8:fa:7b:
                    d2:69:fd:cc:91:d2:af:45:d7:a0:20:f1:4e:49:03:
                    08:67:0e:ca:03:6e:74:be:a9:d8:b5:05:cd:98:76:
                    2b:d4:2c:8d:3a:f2:0f:a7:e5:db:fb:2d:18:4a:5a:
                    89:ec:f8:02:44:92:82:45:b9:93:18:d7:1e:8a:a7:
                    ca:07:f9:09:77:79:a5:d1:61:8f:31:7e:d2:e7:c6:
                    7f:85:8a:ad:95:8d:c3:13:c9:a3:95:7e:10:0f:12:
                    fa:af:61:76:47:ef:64:ae:69:dc:6d:14:b3:85:47:
                    51:c8:66:9b:47:c9:b1:b5:96:b6:a7:77:9c:4d:be:
                    b3:31:a0:52:8f:b7:72:56:8e:df:4a:3c:b2:26:57:
                    0a:67:ad:8c:13:46:57:f8:1d:cd:97:84:97:ff:3a:
                    c2:d4:32:1a:5f:bf:68:81:49:0b:cd:85:77:b7:38:
                    a0:e5:ac:5a:ae:ee:bb:af:06:5f:61:5f:d1:d7:2b:
                    7a:c0:3e:0c:76:32:3f:b4:a7:29:e7:89:d5:9f:df:
                    d6:6c:82:31:3e:17:06:03:01:f3:7f:92:f1:85:2c:
                    fc:0f:5d:72:69:f3:14:6a:3d:7b:0b:a4:42:74:82:
                    42:eb:ce:6e:e8:21:94:07:3e:b8:93:29:a4:aa:c5:
                    ef:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:68:FA:4B:92:5F:D7:77:0B:F6:A1:4E:98:15:6C:BA:E3:43:9F:85
            X509v3 Authority Key Identifier:
                keyid:5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:cf:13:ca:9a:35:53:78:38:23:63:66:e2:a4:85:43:4b:d4:
         0b:c7:66:5c:d1:a7:6e:49:0a:67:a3:3f:5b:41:73:b8:d3:70:
         f4:33:0e:1b:a4:a7:bc:86:4d:f2:f9:4c:db:23:12:04:c6:b1:
         d2:10:93:fb:81:e8:01:56:88:32:0b:23:a8:ed:21:14:66:b2:
         d9:5c:e9:ad:e8:95:5d:46:e3:8f:c4:7b:34:8a:60:2d:8c:c0:
         48:d9:c5:b0:23:22:3f:3f:8c:a4:02:92:c7:2e:98:d8:d7:ca:
         65:3e:32:34:07:36:f7:6b:f9:03:21:1f:f7:1a:22:16:51:6a:
         b8:18:a8:3a:52:05:09:66:78:32:23:7e:26:ba:27:e5:45:55:
         1a:5b:a1:a3:21:b3:58:49:63:f4:f6:1a:a4:ac:bb:d3:39:2f:
         9f:be:93:c0:09:34:39:ec:96:12:76:6e:6e:6c:b9:d4:5f:7a:
         25:1c:ca:9d:ec:c7:84:fe:09:72:8b:73:f9:44:7d:18:b3:eb:
         43:58:ee:68:2b:c7:1c:53:c4:60:38:05:c8:1d:7e:ea:cc:43:
         4f:4e:36:f1:75:ca:d8:9b:fe:d5:d2:db:54:c2:54:e7:4e:b2:
         61:dd:c5:cb:21:3e:1c:87:be:6b:b4:de:34:76:7e:41:56:60:
         df:30:39:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigTuCuP+JCpm1RYMI4SxhUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGM0Y2FlZGJmMTYzZGY2ODg4NmFjM2I3M2YwZTRjYjQx
N2UxNWUwHhcNMjUwODEyMjIwMzAwWhcNMjUwODEzMjIwMzAwWjAzMTEwLwYDVQQD
EyhmZTY4ZmE0YjkyNWZkNzc3MGJmNmExNGU5ODE1NmNiYWUzNDM5Zjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiymidUVJ6K9ic7o+nvSaf3MkdKv
RdegIPFOSQMIZw7KA250vqnYtQXNmHYr1CyNOvIPp+Xb+y0YSlqJ7PgCRJKCRbmT
GNceiqfKB/kJd3ml0WGPMX7S58Z/hYqtlY3DE8mjlX4QDxL6r2F2R+9krmncbRSz
hUdRyGabR8mxtZa2p3ecTb6zMaBSj7dyVo7fSjyyJlcKZ62ME0ZX+B3Nl4SX/zrC
1DIaX79ogUkLzYV3tzig5axaru67rwZfYV/R1yt6wD4MdjI/tKcp54nVn9/WbIIx
PhcGAwHzf5LxhSz8D11yafMUaj17C6RCdIJC685u6CGUBz64kymkqsXvKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP5o+kuSX9d3C/ahTpgVbLrjQ5+FMB8GA1UdIwQY
MBaAFF2MTK7b8WPfaIhqw7c/Dky0F+FeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAt
ZmQ2YzQ3MDI5NWQ0LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAtZmQ2YzQ3MDI5NWQ0
LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlc8Typo1
U3g4I2Nm4qSFQ0vUC8dmXNGnbkkKZ6M/W0FzuNNw9DMOG6SnvIZN8vlM2yMSBMax
0hCT+4HoAVaIMgsjqO0hFGay2VzpreiVXUbjj8R7NIpgLYzASNnFsCMiPz+MpAKS
xy6Y2NfKZT4yNAc292v5AyEf9xoiFlFquBioOlIFCWZ4MiN+Jron5UVVGluhoyGz
WElj9PYapKy70zkvn76TwAk0OeyWEnZubmy51F96JRzKnezHhP4Jcotz+UR9GLPr
Q1juaCvHHFPEYDgFyB1+6sxDT0428XXK2Jv+1dLbVMJU506yYd3FyyE+HIe+a7Te
NHZ+QVZg3zA5kQ==
-----END CERTIFICATE-----