Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft
File:                     XeYTaCVSAQKY86aUoA18WQYGC5U.mft (raw, json)
Hash identifier:          1phhc0JZC8IXbiQy7ga4Ev62X+f0qyE9AnGN+/XAvEY=
Subject key identifier:   4C:A5:71:AC:26:6E:64:2F:21:26:F7:A8:B9:85:85:96:80:3C:29:F0
Authority key identifier: 5D:E6:13:68:25:52:01:02:98:F3:A6:94:A0:0D:7C:59:06:06:0B:95
Certificate issuer:       /CN=5de613682552010298f3a694a00d7c5906060b95
Certificate serial:       019754C7274C7B2C29C310AEE3D91AF3A82F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft
Manifest number:          1585
Signing time:             Mon 09 Jun 2025 13:00:27 +0000
Manifest this update:     Mon 09 Jun 2025 13:00:27 +0000
Manifest next update:     Tue 10 Jun 2025 13:00:27 +0000
Files and hashes:         1: XeYTaCVSAQKY86aUoA18WQYGC5U.crl (hash: M54npS3DYm0Za5dGevFfA/GMLznqHsygrjf1ufyvao0=)
                          2: auYlcZnEp-yqavQsok9_TPLHAq0.roa (hash: kbe3quRrlIxTjuDhfKrAisNkV8HOTBuxWR/raJshlU4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 11:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:c7:27:4c:7b:2c:29:c3:10:ae:e3:d9:1a:f3:a8:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5de613682552010298f3a694a00d7c5906060b95
        Validity
            Not Before: Jun  9 13:00:27 2025 GMT
            Not After : Jun 10 13:00:27 2025 GMT
        Subject: CN=4ca571ac266e642f2126f7a8b9858596803c29f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:50:5a:2c:2c:57:08:fd:1a:06:96:d5:e4:3c:
                    b2:3e:61:a3:36:8b:47:64:31:d7:a7:88:d0:bb:a5:
                    5d:a4:d4:ff:17:30:62:ee:c7:53:2c:65:9e:61:92:
                    d9:c4:b4:0d:15:5e:de:dd:4a:7a:f4:40:b8:6c:7b:
                    08:59:09:37:88:a3:07:40:58:b4:bd:13:93:34:47:
                    69:63:15:0b:11:5f:b4:fd:8f:3d:29:ff:68:63:a6:
                    8e:6b:ac:54:07:b9:2c:12:84:43:78:d2:7b:b2:9d:
                    11:6e:9b:9e:d4:37:97:1e:26:82:29:bb:80:b1:e6:
                    35:2b:31:5a:06:23:83:b7:59:65:c2:e8:1f:e3:07:
                    de:a9:fb:2b:0c:e1:85:7b:e0:68:e6:e4:a7:1c:aa:
                    b0:43:d2:fb:52:9c:8c:cf:b5:47:80:04:e0:61:35:
                    46:c6:72:be:e3:1e:49:48:16:cc:3d:7a:33:27:70:
                    11:8e:bb:df:3b:7b:16:68:da:8f:08:6e:c3:7b:90:
                    07:fa:22:90:fd:69:a7:17:7c:e9:f4:74:21:f6:a7:
                    eb:ed:b1:0a:d8:f0:a9:5f:33:1c:52:05:90:be:ce:
                    e3:54:ef:1f:9f:83:34:59:34:0e:e9:eb:38:11:80:
                    92:47:b9:2d:4f:57:39:86:fc:34:1c:66:96:7d:e8:
                    cb:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:A5:71:AC:26:6E:64:2F:21:26:F7:A8:B9:85:85:96:80:3C:29:F0
            X509v3 Authority Key Identifier:
                keyid:5D:E6:13:68:25:52:01:02:98:F3:A6:94:A0:0D:7C:59:06:06:0B:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:bc:b2:6b:7f:b3:4f:ea:d7:cf:b5:c1:fb:f8:bc:47:cf:64:
         d9:67:a1:e9:15:82:92:ed:d2:f2:76:1b:05:fd:01:41:3d:55:
         43:0a:6f:bd:01:e3:54:35:92:ba:c6:41:f9:14:89:84:ff:21:
         46:02:4d:db:5a:bc:7d:b1:04:21:85:a7:bb:7e:27:0c:fc:b8:
         19:3d:a4:ca:33:a2:de:c6:c3:36:0c:d7:69:33:b7:d5:1b:8d:
         c7:a3:89:07:33:60:0a:bd:05:2a:4a:39:f8:5e:36:da:b7:f1:
         bb:8f:c7:1f:ea:c7:51:17:71:78:4d:8f:4f:1f:1d:79:e3:74:
         b2:74:ea:8a:c3:a5:6d:33:ec:99:ba:e4:e6:af:43:ef:63:d6:
         be:b8:78:e5:2d:bd:92:83:39:ae:78:0e:ec:33:2f:0c:0f:af:
         c1:87:41:88:8c:55:50:62:9c:ad:7a:53:00:73:db:12:07:5e:
         1a:39:09:36:88:27:db:98:32:14:05:35:c1:92:a9:fb:d8:ae:
         ab:44:cd:b9:f9:c3:4f:75:9f:ae:c8:69:e8:11:c4:76:c1:d1:
         d2:78:df:95:de:75:fb:98:84:07:3e:66:3f:71:ae:cb:fb:e1:
         30:49:f4:1c:64:5e:a4:33:c1:fb:65:c5:28:40:c1:b9:08:59:
         d5:a5:1a:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUxydMeywpwxCu49ka86gvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTYxMzY4MjU1MjAxMDI5OGYzYTY5NGEwMGQ3YzU5MDYw
NjBiOTUwHhcNMjUwNjA5MTMwMDI3WhcNMjUwNjEwMTMwMDI3WjAzMTEwLwYDVQQD
Eyg0Y2E1NzFhYzI2NmU2NDJmMjEyNmY3YThiOTg1ODU5NjgwM2MyOWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlBaLCxXCP0aBpbV5DyyPmGjNotH
ZDHXp4jQu6VdpNT/FzBi7sdTLGWeYZLZxLQNFV7e3Up69EC4bHsIWQk3iKMHQFi0
vROTNEdpYxULEV+0/Y89Kf9oY6aOa6xUB7ksEoRDeNJ7sp0Rbpue1DeXHiaCKbuA
seY1KzFaBiODt1llwugf4wfeqfsrDOGFe+Bo5uSnHKqwQ9L7UpyMz7VHgATgYTVG
xnK+4x5JSBbMPXozJ3ARjrvfO3sWaNqPCG7De5AH+iKQ/WmnF3zp9HQh9qfr7bEK
2PCpXzMcUgWQvs7jVO8fn4M0WTQO6es4EYCSR7ktT1c5hvw0HGaWfejLZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEylcawmbmQvISb3qLmFhZaAPCnwMB8GA1UdIwQY
MBaAFF3mE2glUgECmPOmlKANfFkGBguVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wYzIzMjAtYmE5NS00NTMxLThjODEt
MjIyOTVkZjEyYjI3LzEvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wYzIzMjAtYmE5NS00NTMxLThjODEtMjIyOTVkZjEyYjI3
LzEvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhbyya3+z
T+rXz7XB+/i8R89k2Weh6RWCku3S8nYbBf0BQT1VQwpvvQHjVDWSusZB+RSJhP8h
RgJN21q8fbEEIYWnu34nDPy4GT2kyjOi3sbDNgzXaTO31RuNx6OJBzNgCr0FKko5
+F422rfxu4/HH+rHURdxeE2PTx8deeN0snTqisOlbTPsmbrk5q9D72PWvrh45S29
koM5rngO7DMvDA+vwYdBiIxVUGKcrXpTAHPbEgdeGjkJNogn25gyFAU1wZKp+9iu
q0TNufnDT3Wfrshp6BHEdsHR0njfld51+5iEBz5mP3Guy/vhMEn0HGRepDPB+2XF
KEDBuQhZ1aUa4w==
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:05:05 2025 by rpki-client