Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
File:                     xq11SrfApAHA_x08Ensn1T_cyYE.mft (raw, json)
Hash identifier:          tsC4PPxMK3GhcgBkFYqnkDdevIle+N+/fA3NDtiaTcE=
Subject key identifier:   31:83:36:86:03:64:1B:4E:45:FD:B1:4A:05:32:5C:B5:F7:3D:CA:92
Authority key identifier: C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81
Certificate issuer:       /CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
Certificate serial:       01991763C86C174FBF851BC0870A03CD767B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
Manifest number:          1669
Signing time:             Fri 05 Sep 2025 01:00:39 +0000
Manifest this update:     Fri 05 Sep 2025 01:00:39 +0000
Manifest next update:     Sat 06 Sep 2025 01:00:39 +0000
Files and hashes:         1: xq11SrfApAHA_x08Ensn1T_cyYE.crl (hash: 6UfL9Ybu3lKKeMLVNVO7Ld5DZSt8uEeb99is2aW9bns=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 19:46:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:17:63:c8:6c:17:4f:bf:85:1b:c0:87:0a:03:cd:76:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
        Validity
            Not Before: Sep  5 01:00:39 2025 GMT
            Not After : Sep  6 01:00:39 2025 GMT
        Subject: CN=3183368603641b4e45fdb14a05325cb5f73dca92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:52:39:53:93:91:f3:b9:2c:ce:c2:c7:9a:5d:
                    60:30:a5:97:c8:84:8e:f0:72:35:80:8d:55:43:5c:
                    9a:ae:d9:f0:8c:09:4b:a5:9d:db:0c:8c:36:38:c3:
                    22:48:99:c4:54:db:2c:09:94:9e:60:fb:69:d7:72:
                    15:00:91:26:e9:2f:fd:23:91:46:e1:cd:18:be:77:
                    50:0d:c4:a1:ed:f9:f2:de:27:e5:36:b1:2b:48:f1:
                    a3:49:f6:8a:98:60:87:94:18:c0:79:4d:46:db:59:
                    7a:4a:2e:15:ce:03:40:e9:1c:70:5c:df:6a:4b:aa:
                    70:e3:d0:a2:92:0c:21:41:ca:09:30:af:f5:31:12:
                    14:5a:6c:4f:fe:9c:15:e0:69:63:a2:f2:03:ad:22:
                    45:fd:73:15:d1:dd:69:de:b3:7b:80:3c:b6:79:af:
                    c7:cb:13:dc:15:6a:69:d6:a9:b4:05:ea:fc:e9:21:
                    ea:35:d6:f9:0a:40:99:fd:12:ca:3f:cf:df:f8:31:
                    a5:25:98:5e:4e:b8:3d:1b:4a:98:71:13:ec:67:74:
                    d3:a5:2d:a6:41:bf:30:f8:ea:9c:e7:64:de:a6:53:
                    97:b0:4e:7a:90:52:c7:e7:7d:f9:b0:89:41:2b:eb:
                    da:c8:55:f0:87:33:62:57:8e:99:2f:bb:17:68:3e:
                    7a:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:83:36:86:03:64:1B:4E:45:FD:B1:4A:05:32:5C:B5:F7:3D:CA:92
            X509v3 Authority Key Identifier:
                keyid:C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:4b:b8:a2:ca:07:0a:68:b6:c0:74:a0:1c:f8:76:a7:ae:01:
         50:91:c9:e6:87:e7:3a:74:57:a8:61:d8:a7:66:0a:7b:38:9a:
         48:0b:91:64:fb:d9:e0:0f:8b:0f:ce:0f:42:be:bf:f0:9c:d5:
         5b:09:e8:48:fd:84:f3:5d:87:e8:cb:e6:5e:90:25:db:c7:b1:
         d9:78:91:dc:13:62:8d:86:a3:aa:65:f0:e8:84:58:18:ae:da:
         b4:a8:f1:b6:af:b9:82:71:f3:d9:b9:d4:e2:da:af:5a:12:03:
         44:5d:c7:54:89:cc:ba:ff:aa:a1:7a:9c:ca:8a:c7:a7:2e:92:
         ba:95:a5:d8:8c:2f:2a:2b:b6:ae:bc:9d:6e:2f:69:52:be:cc:
         2a:26:29:34:fc:87:db:6e:e7:8e:e0:97:a6:51:a2:6e:6c:a0:
         05:41:59:dc:ff:b4:14:1e:43:a2:89:a5:36:f4:fd:ef:2d:01:
         da:1e:8c:f2:7a:de:d9:fd:b0:91:c9:e6:5e:47:2e:6e:10:c8:
         b2:02:cb:d9:81:73:85:9a:7a:63:36:05:ac:71:8d:d1:ef:58:
         33:7e:27:47:fb:a9:59:20:05:d8:8a:45:2b:39:42:d6:33:15:
         a6:75:10:56:9a:8d:e9:31:7e:ef:72:ee:3c:e8:0b:06:73:7f:
         7a:95:d6:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkXY8hsF0+/hRvAhwoDzXZ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YWQ3NTRhYjdjMGE0MDFjMGZmMWQzYzEyN2IyN2Q1M2Zk
Y2M5ODEwHhcNMjUwOTA1MDEwMDM5WhcNMjUwOTA2MDEwMDM5WjAzMTEwLwYDVQQD
EygzMTgzMzY4NjAzNjQxYjRlNDVmZGIxNGEwNTMyNWNiNWY3M2RjYTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFI5U5OR87kszsLHml1gMKWXyISO
8HI1gI1VQ1yartnwjAlLpZ3bDIw2OMMiSJnEVNssCZSeYPtp13IVAJEm6S/9I5FG
4c0YvndQDcSh7fny3iflNrErSPGjSfaKmGCHlBjAeU1G21l6Si4VzgNA6RxwXN9q
S6pw49CikgwhQcoJMK/1MRIUWmxP/pwV4GljovIDrSJF/XMV0d1p3rN7gDy2ea/H
yxPcFWpp1qm0Ber86SHqNdb5CkCZ/RLKP8/f+DGlJZheTrg9G0qYcRPsZ3TTpS2m
Qb8w+Oqc52TeplOXsE56kFLH5335sIlBK+vayFXwhzNiV46ZL7sXaD56bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDGDNoYDZBtORf2xSgUyXLX3PcqSMB8GA1UdIwQY
MBaAFMatdUq3wKQBwP8dPBJ7J9U/3MmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2Ut
YmEzM2QzNjc1NWRmLzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2UtYmEzM2QzNjc1NWRm
LzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQUu4osoH
Cmi2wHSgHPh2p64BUJHJ5ofnOnRXqGHYp2YKeziaSAuRZPvZ4A+LD84PQr6/8JzV
WwnoSP2E812H6MvmXpAl28ex2XiR3BNijYajqmXw6IRYGK7atKjxtq+5gnHz2bnU
4tqvWhIDRF3HVInMuv+qoXqcyorHpy6SupWl2IwvKiu2rrydbi9pUr7MKiYpNPyH
227njuCXplGibmygBUFZ3P+0FB5DoomlNvT97y0B2h6M8nre2f2wkcnmXkcubhDI
sgLL2YFzhZp6YzYFrHGN0e9YM34nR/upWSAF2IpFKzlC1jMVpnUQVpqN6TF+73Lu
POgLBnN/epXWWQ==
-----END CERTIFICATE-----