Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
File:                     Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft (raw, json)
Hash identifier:          i8Eys/C3AfoE6hPB+K4TZgvy8GtuxsksI+E8T3a/OpM=
Subject key identifier:   7A:A8:9E:A4:32:EB:58:50:EC:A3:85:B4:C0:E4:1D:6D:97:FA:89:0F
Authority key identifier: 5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D
Certificate issuer:       /CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
Certificate serial:       01984BF8832325B79DC8DBB317AF8682C7D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
Manifest number:          1411
Signing time:             Sun 27 Jul 2025 13:00:34 +0000
Manifest this update:     Sun 27 Jul 2025 13:00:34 +0000
Manifest next update:     Mon 28 Jul 2025 13:00:34 +0000
Files and hashes:         1: Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl (hash: x2k3VwICkj/AjDTzaEjAirD5ykNCqtFrHOQnVdIhriU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 05:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4b:f8:83:23:25:b7:9d:c8:db:b3:17:af:86:82:c7:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
        Validity
            Not Before: Jul 27 13:00:34 2025 GMT
            Not After : Jul 28 13:00:34 2025 GMT
        Subject: CN=7aa89ea432eb5850eca385b4c0e41d6d97fa890f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:41:67:2d:19:19:21:91:66:95:a4:46:a3:dd:
                    e5:47:10:02:31:13:8d:f4:4d:ab:94:d7:9c:11:8e:
                    72:11:f2:d7:d6:d9:33:9e:1f:7b:2a:93:b0:e6:81:
                    40:1e:77:4c:32:e4:02:5c:2e:e2:91:cc:9d:75:0b:
                    f5:f6:21:86:7b:e5:67:95:25:21:75:97:e0:e3:61:
                    77:37:5a:42:f4:5e:26:7e:a4:2e:4c:f7:ad:37:46:
                    03:78:cd:95:32:c8:9c:0d:16:fd:98:75:cb:3c:a8:
                    cc:46:e5:df:d0:41:6a:ec:f8:19:ca:6f:49:3f:9f:
                    fb:c8:e3:f0:39:e5:d9:67:fa:d6:86:99:07:ae:dd:
                    4c:be:61:f3:a6:e3:2d:50:a5:96:1d:dc:1a:9d:52:
                    c3:7b:d9:4f:70:84:6a:00:92:a1:44:12:f4:a0:e5:
                    74:d8:ac:11:59:58:2b:2a:42:eb:48:f3:f6:2f:4f:
                    a4:fb:3b:5f:39:e0:64:97:30:fd:0c:31:08:6d:fe:
                    2a:b5:bb:58:96:72:13:81:98:ec:c1:90:83:72:a1:
                    fa:ce:24:2f:8f:1d:e4:45:9d:6c:22:b3:9c:8f:9e:
                    80:54:31:ee:14:96:fa:86:18:7d:09:3d:ac:e6:37:
                    75:25:32:4d:80:70:1c:b1:a6:e3:4e:71:82:d0:6f:
                    f5:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:A8:9E:A4:32:EB:58:50:EC:A3:85:B4:C0:E4:1D:6D:97:FA:89:0F
            X509v3 Authority Key Identifier:
                keyid:5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:a4:76:50:f8:f6:9a:ee:7c:24:4c:c3:11:28:21:01:23:62:
         02:40:e0:69:f4:43:bb:36:bb:e5:11:59:8c:0e:9d:08:6f:12:
         a9:1b:0a:47:04:ac:3f:78:dc:1c:a4:65:53:de:88:4f:28:9d:
         b4:7c:4e:d4:a4:29:b1:f7:c7:f3:b0:f5:51:61:d4:73:d6:15:
         96:07:0a:7d:96:69:82:2d:2a:d0:db:11:ee:3a:50:bf:0d:05:
         3b:a3:9e:0c:4b:ba:a8:c8:1a:c1:14:8f:54:35:53:b1:71:01:
         93:98:41:4e:2f:75:2a:59:8e:ce:5e:c8:12:4e:86:87:86:d8:
         94:48:72:a3:6d:d5:0e:e9:9f:7d:cf:44:a2:90:cb:f5:c2:df:
         36:2a:1d:b8:c1:93:3a:56:da:ba:20:88:76:2a:01:e1:77:de:
         33:6c:e4:28:9a:e8:0c:31:a3:2d:77:df:a8:0c:e5:fb:ff:cc:
         58:d6:56:69:45:4e:ce:40:ef:58:fa:0a:01:d2:25:b7:26:6a:
         13:c1:b3:4c:bc:2f:54:79:35:3b:8e:c6:10:7c:94:91:3b:be:
         49:87:cd:2c:2b:1d:25:e7:1c:54:8b:a2:dd:b0:86:01:bc:15:
         fa:c7:0c:48:9a:c5:8b:8e:5d:f5:ce:c8:18:26:f5:ad:b4:e0:
         c5:f2:a2:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhL+IMjJbedyNuzF6+GgsfVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTg3OTBhMDhjOGUwZDg0NTg4ZDk0ZDFhNTFiY2E5YWJl
NzU4MWQwHhcNMjUwNzI3MTMwMDM0WhcNMjUwNzI4MTMwMDM0WjAzMTEwLwYDVQQD
Eyg3YWE4OWVhNDMyZWI1ODUwZWNhMzg1YjRjMGU0MWQ2ZDk3ZmE4OTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskFnLRkZIZFmlaRGo93lRxACMRON
9E2rlNecEY5yEfLX1tkznh97KpOw5oFAHndMMuQCXC7ikcyddQv19iGGe+VnlSUh
dZfg42F3N1pC9F4mfqQuTPetN0YDeM2VMsicDRb9mHXLPKjMRuXf0EFq7PgZym9J
P5/7yOPwOeXZZ/rWhpkHrt1MvmHzpuMtUKWWHdwanVLDe9lPcIRqAJKhRBL0oOV0
2KwRWVgrKkLrSPP2L0+k+ztfOeBklzD9DDEIbf4qtbtYlnITgZjswZCDcqH6ziQv
jx3kRZ1sIrOcj56AVDHuFJb6hhh9CT2s5jd1JTJNgHAcsabjTnGC0G/1dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHqonqQy61hQ7KOFtMDkHW2X+okPMB8GA1UdIwQY
MBaAFF6oeQoIyODYRYjZTRpRvKmr51gdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgt
MzBjMGExMTFjZDU1LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgtMzBjMGExMTFjZDU1
LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASqR2UPj2
mu58JEzDESghASNiAkDgafRDuza75RFZjA6dCG8SqRsKRwSsP3jcHKRlU96ITyid
tHxO1KQpsffH87D1UWHUc9YVlgcKfZZpgi0q0NsR7jpQvw0FO6OeDEu6qMgawRSP
VDVTsXEBk5hBTi91KlmOzl7IEk6Gh4bYlEhyo23VDumffc9EopDL9cLfNioduMGT
OlbauiCIdioB4XfeM2zkKJroDDGjLXffqAzl+//MWNZWaUVOzkDvWPoKAdIltyZq
E8GzTLwvVHk1O47GEHyUkTu+SYfNLCsdJeccVIui3bCGAbwV+scMSJrFi45d9c7I
GCb1rbTgxfKiXA==
-----END CERTIFICATE-----