Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/16fdee-d397-41fd-888f-51de4964a913/1/xhjwP5h0NwZTqjoCb2cHwuDnR2Q.mft
File:                     xhjwP5h0NwZTqjoCb2cHwuDnR2Q.mft (raw, json)
Hash identifier:          IBQBmkf4wkYpKWrUHrpbUs8gko3AplvcHw5uUoJfplk=
Subject key identifier:   8C:57:9E:86:04:BA:D4:EC:5F:22:1B:F8:8F:89:2F:F3:06:DB:70:8B
Authority key identifier: C6:18:F0:3F:98:74:37:06:53:AA:3A:02:6F:67:07:C2:E0:E7:47:64
Certificate issuer:       /CN=c618f03f9874370653aa3a026f6707c2e0e74764
Certificate serial:       01988BEA2F77C6594D375945E64B4338F86F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xhjwP5h0NwZTqjoCb2cHwuDnR2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/16fdee-d397-41fd-888f-51de4964a913/1/xhjwP5h0NwZTqjoCb2cHwuDnR2Q.mft
Manifest number:          0708
Signing time:             Fri 08 Aug 2025 23:00:37 +0000
Manifest this update:     Fri 08 Aug 2025 23:00:37 +0000
Manifest next update:     Sat 09 Aug 2025 23:00:37 +0000
Files and hashes:         1: xhjwP5h0NwZTqjoCb2cHwuDnR2Q.crl (hash: k1nSaw9cJaNJtsEZV6BSFcWncgfcGQqaiVo1njYDBJ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/16fdee-d397-41fd-888f-51de4964a913/1/xhjwP5h0NwZTqjoCb2cHwuDnR2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/16fdee-d397-41fd-888f-51de4964a913/1/xhjwP5h0NwZTqjoCb2cHwuDnR2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xhjwP5h0NwZTqjoCb2cHwuDnR2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:ea:2f:77:c6:59:4d:37:59:45:e6:4b:43:38:f8:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c618f03f9874370653aa3a026f6707c2e0e74764
        Validity
            Not Before: Aug  8 23:00:37 2025 GMT
            Not After : Aug  9 23:00:37 2025 GMT
        Subject: CN=8c579e8604bad4ec5f221bf88f892ff306db708b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:a2:00:2c:f6:f6:4e:33:78:71:02:b7:b4:93:
                    57:ed:20:10:3d:32:7a:89:75:6e:5b:0f:9f:bf:91:
                    85:76:79:47:4f:04:da:48:af:6d:3f:58:9d:ef:2a:
                    7d:27:d1:ea:e8:24:33:d5:11:0c:92:a3:fd:ec:de:
                    ff:fd:63:a4:03:5c:fc:36:b3:ba:f2:5d:0d:4f:f2:
                    6b:27:58:8a:5d:d3:9a:8f:72:78:6f:c6:51:9c:a9:
                    05:55:8b:2a:13:1b:be:6b:14:6c:c4:8a:4c:83:31:
                    c2:70:ee:8a:f8:4b:78:63:fc:ed:3a:d9:70:c2:40:
                    24:89:b3:e8:31:2e:a3:26:43:0d:89:0f:6c:5c:08:
                    39:b7:af:31:b6:10:fc:68:b1:5f:1f:d2:c1:e9:95:
                    c0:e3:e6:10:fe:53:e9:46:36:a9:07:91:dd:e0:59:
                    d1:82:db:94:b4:ee:b7:83:e6:b4:82:15:bb:05:51:
                    bb:1e:09:58:20:f9:d8:47:29:90:bb:f7:98:10:f4:
                    dc:00:f2:11:ed:f9:fb:6a:d9:d8:da:4f:b4:b7:1b:
                    23:2b:69:10:4f:f2:fe:6d:82:8f:96:fa:2e:ac:5c:
                    64:3c:46:93:63:f4:32:0d:69:8f:77:94:33:87:9d:
                    27:95:3d:bb:eb:8d:28:f9:fe:65:9f:8b:7c:d5:7c:
                    ad:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:57:9E:86:04:BA:D4:EC:5F:22:1B:F8:8F:89:2F:F3:06:DB:70:8B
            X509v3 Authority Key Identifier:
                keyid:C6:18:F0:3F:98:74:37:06:53:AA:3A:02:6F:67:07:C2:E0:E7:47:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhjwP5h0NwZTqjoCb2cHwuDnR2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/16fdee-d397-41fd-888f-51de4964a913/1/xhjwP5h0NwZTqjoCb2cHwuDnR2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/16fdee-d397-41fd-888f-51de4964a913/1/xhjwP5h0NwZTqjoCb2cHwuDnR2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:2e:c3:93:1c:df:d6:e8:46:bd:bb:e1:f7:ea:ea:d2:7d:d6:
         36:9b:ed:af:e4:4b:0a:2f:52:c8:24:32:4b:74:9f:26:4d:f1:
         44:77:52:48:05:11:0e:8a:47:0d:e6:75:8e:e5:c4:54:43:48:
         25:25:a0:fb:77:7b:fc:7a:d4:cf:a9:60:06:44:65:8d:13:d4:
         58:79:ec:90:e7:78:42:16:cb:a6:a1:a9:e3:7c:ef:0a:44:98:
         1b:4e:8a:7d:cb:5e:ab:7b:8a:86:0e:1b:a7:85:71:69:fc:c6:
         79:11:5b:34:ac:00:79:db:95:8d:54:9d:ee:97:a1:d6:d6:47:
         4b:d7:f1:d4:5c:4c:42:2b:e2:9d:eb:2b:cc:f5:12:b0:87:96:
         4f:e5:c2:88:38:59:74:66:c4:ec:0f:50:1f:6e:3c:38:eb:ca:
         9a:8f:2a:15:93:14:71:c0:a7:eb:0f:73:e7:67:b8:5e:07:67:
         1d:73:2f:5f:37:9c:d8:79:a7:f5:86:f7:1d:b9:ec:1c:ae:84:
         05:5e:8e:60:d9:8f:99:a1:a0:6f:6f:d5:25:77:ac:da:63:72:
         db:4c:0d:d9:8a:30:cd:ad:38:4f:ff:41:13:87:f2:c5:95:11:
         5a:c6:d1:08:d6:04:11:f7:74:e3:13:52:58:43:88:c6:85:a0:
         b6:c0:57:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiL6i93xllNN1lF5ktDOPhvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MThmMDNmOTg3NDM3MDY1M2FhM2EwMjZmNjcwN2MyZTBl
NzQ3NjQwHhcNMjUwODA4MjMwMDM3WhcNMjUwODA5MjMwMDM3WjAzMTEwLwYDVQQD
Eyg4YzU3OWU4NjA0YmFkNGVjNWYyMjFiZjg4Zjg5MmZmMzA2ZGI3MDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKIALPb2TjN4cQK3tJNX7SAQPTJ6
iXVuWw+fv5GFdnlHTwTaSK9tP1id7yp9J9Hq6CQz1REMkqP97N7//WOkA1z8NrO6
8l0NT/JrJ1iKXdOaj3J4b8ZRnKkFVYsqExu+axRsxIpMgzHCcO6K+Et4Y/ztOtlw
wkAkibPoMS6jJkMNiQ9sXAg5t68xthD8aLFfH9LB6ZXA4+YQ/lPpRjapB5Hd4FnR
gtuUtO63g+a0ghW7BVG7HglYIPnYRymQu/eYEPTcAPIR7fn7atnY2k+0txsjK2kQ
T/L+bYKPlvourFxkPEaTY/QyDWmPd5Qzh50nlT27640o+f5ln4t81XytdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIxXnoYEutTsXyIb+I+JL/MG23CLMB8GA1UdIwQY
MBaAFMYY8D+YdDcGU6o6Am9nB8Lg50dkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhqd1A1aDBOd1pUcWpvQ2IyY0h3dURuUjJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8xNmZkZWUtZDM5Ny00MWZkLTg4OGYt
NTFkZTQ5NjRhOTEzLzEveGhqd1A1aDBOd1pUcWpvQ2IyY0h3dURuUjJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8xNmZkZWUtZDM5Ny00MWZkLTg4OGYtNTFkZTQ5NjRhOTEz
LzEveGhqd1A1aDBOd1pUcWpvQ2IyY0h3dURuUjJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdi7Dkxzf
1uhGvbvh9+rq0n3WNpvtr+RLCi9SyCQyS3SfJk3xRHdSSAURDopHDeZ1juXEVENI
JSWg+3d7/HrUz6lgBkRljRPUWHnskOd4QhbLpqGp43zvCkSYG06Kfcteq3uKhg4b
p4VxafzGeRFbNKwAeduVjVSd7peh1tZHS9fx1FxMQivinesrzPUSsIeWT+XCiDhZ
dGbE7A9QH248OOvKmo8qFZMUccCn6w9z52e4XgdnHXMvXzec2Hmn9Yb3HbnsHK6E
BV6OYNmPmaGgb2/VJXes2mNy20wN2Yowza04T/9BE4fyxZURWsbRCNYEEfd04xNS
WEOIxoWgtsBXSg==
-----END CERTIFICATE-----