Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
File:                     X1G82J639bOrCIBu9Rp8L265jvw.mft (raw, json)
Hash identifier:          i0hwLkctj5VkbAxIW4McQoXuQTrwmsYJfi1KCmUOBQY=
Subject key identifier:   5B:A7:FD:42:AB:E9:FF:14:0F:87:79:EC:3F:B1:62:EF:36:10:47:95
Authority key identifier: 5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC
Certificate issuer:       /CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
Certificate serial:       0197523472AB456D147CE30AAB1FD41501E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
Manifest number:          1587
Signing time:             Mon 09 Jun 2025 01:00:58 +0000
Manifest this update:     Mon 09 Jun 2025 01:00:58 +0000
Manifest next update:     Tue 10 Jun 2025 01:00:58 +0000
Files and hashes:         1: X1G82J639bOrCIBu9Rp8L265jvw.crl (hash: nNJQ137Tapn2/3v/KnYGkgt6YNHs2+HYLOZmGD8zhL0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 01:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:34:72:ab:45:6d:14:7c:e3:0a:ab:1f:d4:15:01:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
        Validity
            Not Before: Jun  9 01:00:58 2025 GMT
            Not After : Jun 10 01:00:58 2025 GMT
        Subject: CN=5ba7fd42abe9ff140f8779ec3fb162ef36104795
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:96:f5:05:6b:34:19:21:5d:22:f6:53:3b:09:
                    06:ca:4f:61:65:f7:20:88:eb:9f:3f:8f:f7:b9:e5:
                    66:19:6e:42:36:7f:07:f6:e2:a5:77:77:71:55:ae:
                    70:68:f2:6d:67:53:a3:83:b4:d4:ac:d2:bf:33:44:
                    9e:80:89:13:bb:eb:1e:2f:3a:0a:61:76:10:42:78:
                    e8:d8:e0:a9:08:76:ab:36:28:cd:72:a7:21:95:91:
                    e9:5d:81:1d:27:39:ad:e8:f0:9f:2d:46:b2:e0:21:
                    15:92:76:07:ea:0d:8e:a2:a0:10:aa:76:ba:4d:35:
                    26:f7:42:9c:d4:b1:80:a3:b8:0d:c0:13:d7:e9:ff:
                    ce:3d:6a:f9:de:4d:b0:d8:47:d7:c2:88:99:f1:cd:
                    4e:4c:0b:5a:48:a1:1f:54:e4:0b:11:d3:78:b2:c1:
                    63:06:9e:c7:92:b2:06:1c:29:79:08:c7:98:b3:43:
                    88:97:86:56:19:cb:2b:9b:7b:6c:dc:71:1f:4c:4f:
                    1c:f5:a3:ab:2b:b6:91:56:ec:e8:db:a8:47:e3:52:
                    fa:79:93:3c:ec:0f:09:90:4f:48:61:a3:70:8a:00:
                    2d:cd:9e:ec:d8:e7:1a:e4:4c:9d:51:dc:62:f2:d8:
                    d5:e4:30:1f:88:0c:ee:ab:a0:41:c3:3a:ed:ea:51:
                    ae:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:A7:FD:42:AB:E9:FF:14:0F:87:79:EC:3F:B1:62:EF:36:10:47:95
            X509v3 Authority Key Identifier:
                keyid:5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:b4:ca:ef:ec:d8:8b:f3:1a:89:4d:57:89:98:fc:5c:a9:7e:
         6a:94:90:cd:1e:6c:e6:fa:9d:90:2e:67:4f:48:38:31:10:77:
         88:25:4b:5d:1a:b9:4b:4c:be:a4:34:5e:12:13:90:2c:04:dc:
         ce:78:c7:f5:62:0a:2d:d9:09:c6:97:c6:dc:47:4f:8a:3e:1f:
         78:d2:82:cc:34:6c:b2:39:a8:84:3e:19:00:0b:61:cc:22:64:
         3b:41:b6:67:dd:f2:31:a0:66:52:f4:36:55:91:92:2d:ed:71:
         75:15:22:98:b9:bf:f7:bc:a6:5d:e8:4f:b4:a8:94:c7:3c:de:
         f8:a8:a6:1e:ee:b6:54:88:44:46:f4:f8:c8:97:91:06:76:55:
         77:a6:e5:f9:4c:e7:32:5e:8e:28:a4:95:13:b5:52:66:33:99:
         e3:ee:09:3f:fd:39:f8:79:91:fb:3b:5c:2f:72:20:78:a1:89:
         2e:4f:f4:96:a6:b7:32:58:51:03:a5:6f:68:fb:dc:34:8b:a7:
         72:9c:5d:97:18:e7:d1:f5:42:10:16:b6:fa:a5:e8:e2:1c:b2:
         85:0f:58:d4:82:2c:c7:bd:4b:d6:d0:d9:7a:75:07:62:9f:91:
         3c:3b:3d:1d:45:05:f1:56:3c:8c:83:84:d9:27:aa:b1:36:74:
         dc:10:65:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSNHKrRW0UfOMKqx/UFQHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTFiY2Q4OWViN2Y1YjNhYjA4ODA2ZWY1MWE3YzJmNmVi
OThlZmMwHhcNMjUwNjA5MDEwMDU4WhcNMjUwNjEwMDEwMDU4WjAzMTEwLwYDVQQD
Eyg1YmE3ZmQ0MmFiZTlmZjE0MGY4Nzc5ZWMzZmIxNjJlZjM2MTA0Nzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpb1BWs0GSFdIvZTOwkGyk9hZfcg
iOufP4/3ueVmGW5CNn8H9uKld3dxVa5waPJtZ1Ojg7TUrNK/M0SegIkTu+seLzoK
YXYQQnjo2OCpCHarNijNcqchlZHpXYEdJzmt6PCfLUay4CEVknYH6g2OoqAQqna6
TTUm90Kc1LGAo7gNwBPX6f/OPWr53k2w2EfXwoiZ8c1OTAtaSKEfVOQLEdN4ssFj
Bp7HkrIGHCl5CMeYs0OIl4ZWGcsrm3ts3HEfTE8c9aOrK7aRVuzo26hH41L6eZM8
7A8JkE9IYaNwigAtzZ7s2Oca5EydUdxi8tjV5DAfiAzuq6BBwzrt6lGuUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFun/UKr6f8UD4d57D+xYu82EEeVMB8GA1UdIwQY
MBaAFF9RvNiet/WzqwiAbvUafC9uuY78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDct
MGE4NTk4NjIwOGE5LzEvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDctMGE4NTk4NjIwOGE5
LzEvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKrTK7+zY
i/MaiU1XiZj8XKl+apSQzR5s5vqdkC5nT0g4MRB3iCVLXRq5S0y+pDReEhOQLATc
znjH9WIKLdkJxpfG3EdPij4feNKCzDRssjmohD4ZAAthzCJkO0G2Z93yMaBmUvQ2
VZGSLe1xdRUimLm/97ymXehPtKiUxzze+KimHu62VIhERvT4yJeRBnZVd6bl+Uzn
Ml6OKKSVE7VSZjOZ4+4JP/05+HmR+ztcL3IgeKGJLk/0lqa3MlhRA6VvaPvcNIun
cpxdlxjn0fVCEBa2+qXo4hyyhQ9Y1IIsx71L1tDZenUHYp+RPDs9HUUF8VY8jIOE
2SeqsTZ03BBlfw==
-----END CERTIFICATE-----