Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
File:                     xq11SrfApAHA_x08Ensn1T_cyYE.mft (raw, json)
Hash identifier:          5F2HrL9CPHuGYzFS/efGjtFLrQ4hUcb9+i4/izGtKMc=
Subject key identifier:   81:C3:02:76:AE:F3:39:4C:98:EE:67:1F:1D:65:7E:9C:97:6C:B2:26
Authority key identifier: C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81
Certificate issuer:       /CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
Certificate serial:       019764DEE197D6F968010EE5B51FA15A7E22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
Manifest number:          1588
Signing time:             Thu 12 Jun 2025 16:00:17 +0000
Manifest this update:     Thu 12 Jun 2025 16:00:17 +0000
Manifest next update:     Fri 13 Jun 2025 16:00:17 +0000
Files and hashes:         1: xq11SrfApAHA_x08Ensn1T_cyYE.crl (hash: Sj64ajE0G7iXoAx9QJhm7bqEkY+iTdFH4qdImWoI0ys=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:de:e1:97:d6:f9:68:01:0e:e5:b5:1f:a1:5a:7e:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
        Validity
            Not Before: Jun 12 16:00:17 2025 GMT
            Not After : Jun 13 16:00:17 2025 GMT
        Subject: CN=81c30276aef3394c98ee671f1d657e9c976cb226
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:aa:f5:19:f9:a3:1d:d2:76:f6:e4:d0:c7:1d:
                    af:e5:68:d6:7c:f6:79:fd:4d:14:22:2d:6e:54:db:
                    d6:5a:a5:6c:98:4c:88:2b:16:49:73:a2:0b:eb:25:
                    14:7f:6d:2d:09:87:67:08:cb:68:a0:f3:a6:1d:85:
                    11:86:ef:9d:ac:03:b0:7f:47:7f:ec:bb:07:64:7a:
                    13:47:e4:9d:b8:cb:8d:2a:48:f2:88:24:ac:8d:ce:
                    20:e6:35:e0:ee:4e:8d:ae:76:06:91:ec:0e:e2:e8:
                    d5:db:27:8a:f6:cf:8b:41:ce:df:f5:dd:09:99:74:
                    4c:38:30:56:f6:1d:da:75:6f:6b:2d:11:29:79:11:
                    ab:0b:af:ff:ef:23:a0:a7:8d:b0:9a:3c:2e:72:f9:
                    5c:e8:ec:7e:56:b6:c6:63:69:b9:19:7c:2e:9e:8e:
                    f0:6f:c6:78:12:28:df:ba:9e:f4:2d:c2:0a:57:42:
                    85:c7:5a:b7:f5:c0:6f:16:bb:cf:99:10:38:e8:de:
                    a8:32:12:28:3f:9b:be:a8:91:45:83:ae:0f:c3:4e:
                    ed:e5:75:4d:c0:19:a6:b5:dc:5b:65:c9:74:b9:e2:
                    96:e9:05:07:c6:d7:ed:2e:63:bb:97:37:ba:6b:13:
                    ef:71:d2:16:f6:a5:1c:09:fc:bd:c3:a4:27:7d:63:
                    11:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:C3:02:76:AE:F3:39:4C:98:EE:67:1F:1D:65:7E:9C:97:6C:B2:26
            X509v3 Authority Key Identifier:
                keyid:C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:8c:87:99:f8:4f:09:c0:eb:ea:9a:67:08:32:69:58:f1:88:
         a9:c9:d2:61:bd:05:e3:61:7c:05:b1:40:67:0d:06:84:4e:1f:
         ff:7b:3c:f8:05:55:2b:a2:d7:27:c5:d3:5f:83:b7:24:2d:f2:
         67:b8:6e:de:f0:2c:01:62:73:53:00:86:92:3d:f3:1a:4a:08:
         2b:27:80:73:9f:6d:ab:00:ba:e0:81:73:dd:97:cc:fd:55:6d:
         5c:c1:b8:3b:82:66:35:7a:49:73:60:10:85:65:9f:06:23:81:
         69:04:88:fb:b9:fb:9d:37:76:95:0e:52:30:6c:06:2c:d9:3c:
         2a:f1:d3:2b:02:20:43:a2:6c:d5:99:71:77:8c:89:a2:aa:32:
         e1:df:2c:3d:56:c6:63:08:96:d8:34:b1:83:02:d5:d8:03:ad:
         b6:1e:d5:09:d0:c1:3e:32:74:f1:30:41:50:14:86:5b:18:86:
         7a:f4:14:9e:0b:45:f9:ce:68:da:f9:7d:9f:64:f9:53:1c:5b:
         3e:22:8e:6a:35:95:c5:8e:ca:3c:db:39:4a:0a:15:9d:e6:65:
         fe:ae:f6:75:1b:0a:e7:de:1c:51:75:ac:16:c1:a8:f1:2c:3e:
         6b:d3:c1:d2:6b:47:5e:e2:50:37:f8:25:31:33:82:fc:b6:2a:
         a8:73:13:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdk3uGX1vloAQ7ltR+hWn4iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YWQ3NTRhYjdjMGE0MDFjMGZmMWQzYzEyN2IyN2Q1M2Zk
Y2M5ODEwHhcNMjUwNjEyMTYwMDE3WhcNMjUwNjEzMTYwMDE3WjAzMTEwLwYDVQQD
Eyg4MWMzMDI3NmFlZjMzOTRjOThlZTY3MWYxZDY1N2U5Yzk3NmNiMjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKr1GfmjHdJ29uTQxx2v5WjWfPZ5
/U0UIi1uVNvWWqVsmEyIKxZJc6IL6yUUf20tCYdnCMtooPOmHYURhu+drAOwf0d/
7LsHZHoTR+SduMuNKkjyiCSsjc4g5jXg7k6NrnYGkewO4ujV2yeK9s+LQc7f9d0J
mXRMODBW9h3adW9rLREpeRGrC6//7yOgp42wmjwucvlc6Ox+VrbGY2m5GXwuno7w
b8Z4Eijfup70LcIKV0KFx1q39cBvFrvPmRA46N6oMhIoP5u+qJFFg64Pw07t5XVN
wBmmtdxbZcl0ueKW6QUHxtftLmO7lze6axPvcdIW9qUcCfy9w6QnfWMRywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIHDAnau8zlMmO5nHx1lfpyXbLImMB8GA1UdIwQY
MBaAFMatdUq3wKQBwP8dPBJ7J9U/3MmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2Ut
YmEzM2QzNjc1NWRmLzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2UtYmEzM2QzNjc1NWRm
LzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXIyHmfhP
CcDr6ppnCDJpWPGIqcnSYb0F42F8BbFAZw0GhE4f/3s8+AVVK6LXJ8XTX4O3JC3y
Z7hu3vAsAWJzUwCGkj3zGkoIKyeAc59tqwC64IFz3ZfM/VVtXMG4O4JmNXpJc2AQ
hWWfBiOBaQSI+7n7nTd2lQ5SMGwGLNk8KvHTKwIgQ6Js1Zlxd4yJoqoy4d8sPVbG
YwiW2DSxgwLV2AOtth7VCdDBPjJ08TBBUBSGWxiGevQUngtF+c5o2vl9n2T5Uxxb
PiKOajWVxY7KPNs5SgoVneZl/q72dRsK594cUXWsFsGo8Sw+a9PB0mtHXuJQN/gl
MTOC/LYqqHMTVA==
-----END CERTIFICATE-----