Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.mft
File:                     xBHDOVke38lmej55EY3SPEAr6H8.mft (raw, json)
Hash identifier:          mY2hQhGsnkMUl+gTiCgR1deZZ/SGE9e/MD5o1ATdQCA=
Subject key identifier:   B1:ED:1C:1D:0A:53:94:22:75:4C:E8:B2:9D:29:90:56:A9:20:DE:F0
Authority key identifier: C4:11:C3:39:59:1E:DF:C9:66:7A:3E:79:11:8D:D2:3C:40:2B:E8:7F
Certificate issuer:       /CN=c411c339591edfc9667a3e79118dd23c402be87f
Certificate serial:       01974931272ECFFDE2E36D5C96C13A5341E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xBHDOVke38lmej55EY3SPEAr6H8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.mft
Manifest number:          0576
Signing time:             Sat 07 Jun 2025 07:00:47 +0000
Manifest this update:     Sat 07 Jun 2025 07:00:47 +0000
Manifest next update:     Sun 08 Jun 2025 07:00:47 +0000
Files and hashes:         1: xBHDOVke38lmej55EY3SPEAr6H8.crl (hash: aa54yLJdR5fiSJ9GhdiV7QeeeqQvTgqVnoYOc0oOmZ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xBHDOVke38lmej55EY3SPEAr6H8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:27:2e:cf:fd:e2:e3:6d:5c:96:c1:3a:53:41:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c411c339591edfc9667a3e79118dd23c402be87f
        Validity
            Not Before: Jun  7 07:00:47 2025 GMT
            Not After : Jun  8 07:00:47 2025 GMT
        Subject: CN=b1ed1c1d0a539422754ce8b29d299056a920def0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:02:39:8c:1d:2c:04:b3:68:14:12:79:fa:e8:
                    71:2c:c6:77:02:0f:f8:f8:23:42:87:de:93:15:94:
                    55:dc:32:4c:14:f2:66:54:92:77:0f:9a:39:3e:7b:
                    e3:8f:9f:d2:da:20:ed:f2:bb:a6:d9:b8:7a:a7:a7:
                    63:e6:22:92:5c:09:f6:82:bb:cd:be:5c:dc:10:7b:
                    54:a0:a8:d4:8e:fd:14:1c:6a:4d:15:96:6f:d5:15:
                    b0:bc:d7:9f:21:f8:5b:bc:da:a1:c5:91:00:27:dc:
                    ce:52:ef:8e:49:25:6d:e7:a9:8d:40:74:45:a4:5c:
                    fd:ba:9d:2c:a8:22:fa:7e:96:2e:98:2c:fe:86:06:
                    d3:ad:7a:1a:d7:a7:ae:9e:aa:b0:27:49:b7:48:f6:
                    99:ef:4f:cc:b2:23:a8:b9:8f:72:45:82:80:fc:b5:
                    a7:df:5b:06:0a:ad:1d:60:cf:20:98:24:3b:b0:b5:
                    26:b9:7a:76:15:08:72:ce:8e:ec:37:c8:3a:80:d4:
                    1c:a9:26:f8:96:e0:a4:68:e3:d4:f8:cc:86:09:5b:
                    51:1c:c4:e3:8d:b5:47:91:49:d7:49:a3:9d:b4:5e:
                    46:80:fb:80:19:7f:3d:56:3a:1e:ef:a5:da:14:c4:
                    a4:03:38:bd:86:ed:d1:21:54:7f:b9:1e:fc:0b:9b:
                    36:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:ED:1C:1D:0A:53:94:22:75:4C:E8:B2:9D:29:90:56:A9:20:DE:F0
            X509v3 Authority Key Identifier:
                keyid:C4:11:C3:39:59:1E:DF:C9:66:7A:3E:79:11:8D:D2:3C:40:2B:E8:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBHDOVke38lmej55EY3SPEAr6H8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:00:6a:47:d4:59:01:59:2b:6d:cb:45:32:be:4d:e9:52:c6:
         0a:f3:a5:5b:72:bd:af:79:b9:f9:60:aa:1f:05:f8:50:1b:21:
         db:c4:08:41:c9:5c:e0:be:ac:8a:88:50:59:3f:18:84:1a:51:
         c7:32:d5:81:49:5f:40:b0:ef:32:68:b2:1b:39:3c:59:60:ce:
         58:25:88:9b:4c:12:fd:6e:67:51:7a:1e:f7:9a:62:77:1b:d2:
         1b:11:8e:bc:02:af:fa:f7:38:04:7c:c0:e4:7d:f6:e6:09:ef:
         6e:bd:ea:6f:4e:2f:0f:10:50:c9:92:1c:b6:cd:43:7c:8b:a0:
         fa:86:0b:0a:06:1b:07:8d:12:1d:83:0f:06:03:43:58:d5:a6:
         80:5a:51:ea:f8:7b:e4:40:95:e4:9a:8b:3d:4a:d5:a3:eb:ad:
         69:ca:a2:06:8c:82:dc:ee:03:94:d9:c4:83:54:17:5f:0b:8c:
         da:95:22:88:1b:be:fd:1f:38:03:b7:3c:7a:14:43:35:2a:e7:
         59:c6:0a:3d:a2:40:72:d7:01:d9:24:64:6c:b4:ea:bd:e8:86:
         8a:fb:f0:0a:e8:61:1a:de:59:03:94:e3:f7:67:2a:2c:6a:da:
         82:73:cd:60:7d:7f:2b:34:cf:c9:a8:45:ff:1d:1e:c4:2a:37:
         e1:3f:d1:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMScuz/3i421clsE6U0HlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTFjMzM5NTkxZWRmYzk2NjdhM2U3OTExOGRkMjNjNDAy
YmU4N2YwHhcNMjUwNjA3MDcwMDQ3WhcNMjUwNjA4MDcwMDQ3WjAzMTEwLwYDVQQD
EyhiMWVkMWMxZDBhNTM5NDIyNzU0Y2U4YjI5ZDI5OTA1NmE5MjBkZWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQI5jB0sBLNoFBJ5+uhxLMZ3Ag/4
+CNCh96TFZRV3DJMFPJmVJJ3D5o5Pnvjj5/S2iDt8rum2bh6p6dj5iKSXAn2grvN
vlzcEHtUoKjUjv0UHGpNFZZv1RWwvNefIfhbvNqhxZEAJ9zOUu+OSSVt56mNQHRF
pFz9up0sqCL6fpYumCz+hgbTrXoa16eunqqwJ0m3SPaZ70/MsiOouY9yRYKA/LWn
31sGCq0dYM8gmCQ7sLUmuXp2FQhyzo7sN8g6gNQcqSb4luCkaOPU+MyGCVtRHMTj
jbVHkUnXSaOdtF5GgPuAGX89Vjoe76XaFMSkAzi9hu3RIVR/uR78C5s2YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLHtHB0KU5QidUzosp0pkFapIN7wMB8GA1UdIwQY
MBaAFMQRwzlZHt/JZno+eRGN0jxAK+h/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJIRE9Wa2UzOGxtZWo1NUVZM1NQRUFyNkg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMjMzNDQtYjI4MS00MmQyLWJjMzMt
ZWNiZjdmMTdmNjA0LzEveEJIRE9Wa2UzOGxtZWo1NUVZM1NQRUFyNkg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMjMzNDQtYjI4MS00MmQyLWJjMzMtZWNiZjdmMTdmNjA0
LzEveEJIRE9Wa2UzOGxtZWo1NUVZM1NQRUFyNkg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHgBqR9RZ
AVkrbctFMr5N6VLGCvOlW3K9r3m5+WCqHwX4UBsh28QIQclc4L6siohQWT8YhBpR
xzLVgUlfQLDvMmiyGzk8WWDOWCWIm0wS/W5nUXoe95pidxvSGxGOvAKv+vc4BHzA
5H325gnvbr3qb04vDxBQyZIcts1DfIug+oYLCgYbB40SHYMPBgNDWNWmgFpR6vh7
5ECV5JqLPUrVo+utacqiBoyC3O4DlNnEg1QXXwuM2pUiiBu+/R84A7c8ehRDNSrn
WcYKPaJActcB2SRkbLTqveiGivvwCuhhGt5ZA5Tj92cqLGragnPNYH1/KzTPyahF
/x0exCo34T/RYA==
-----END CERTIFICATE-----