Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
File:                     xq11SrfApAHA_x08Ensn1T_cyYE.mft (raw, json)
Hash identifier:          ZNaxKC3Q59w1Ib7RleCWhfY50YEydoH9UHwANXkLI+k=
Subject key identifier:   98:09:BC:A7:93:01:38:74:38:9B:1D:6B:C4:47:6A:67:FD:67:B8:92
Authority key identifier: C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81
Certificate issuer:       /CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
Certificate serial:       0197575A444C864FAD2EC02A8AF6C24141E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
Manifest number:          1581
Signing time:             Tue 10 Jun 2025 01:00:22 +0000
Manifest this update:     Tue 10 Jun 2025 01:00:22 +0000
Manifest next update:     Wed 11 Jun 2025 01:00:22 +0000
Files and hashes:         1: xq11SrfApAHA_x08Ensn1T_cyYE.crl (hash: Cft5FY0qjc/V6PME7IZ06uBzk7UQjL3kda6Zr0GG8XU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 01:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:5a:44:4c:86:4f:ad:2e:c0:2a:8a:f6:c2:41:41:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
        Validity
            Not Before: Jun 10 01:00:22 2025 GMT
            Not After : Jun 11 01:00:22 2025 GMT
        Subject: CN=9809bca793013874389b1d6bc4476a67fd67b892
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:5b:b0:e1:ad:57:cb:88:d5:47:f4:74:8c:6e:
                    5f:a0:d0:2e:e0:23:71:37:4d:ea:38:d4:39:ee:44:
                    b5:6d:44:b5:c9:c4:2b:e2:8c:d2:0e:5e:72:60:53:
                    db:bf:ce:cc:e5:24:fb:3f:23:b6:d3:90:9d:ba:c0:
                    8b:a6:aa:9c:f2:5a:13:d4:2e:7d:40:39:fe:9d:f9:
                    00:df:0f:82:d7:58:d4:b5:1f:24:87:41:df:63:fe:
                    aa:d2:6b:00:6a:21:00:67:e8:d2:fe:28:00:f8:29:
                    b8:55:eb:aa:c4:20:04:54:98:8b:01:bf:93:27:0b:
                    50:de:e9:f4:36:48:a1:85:7a:0d:95:c8:48:14:f2:
                    7c:d9:8a:ed:3e:c4:94:1a:70:65:5d:76:81:92:3e:
                    46:44:18:f2:48:5f:1b:28:4c:3b:41:69:db:a2:46:
                    93:9f:9b:d9:49:5e:d8:9e:07:d7:65:b1:13:bc:a4:
                    d3:21:66:96:0e:e4:1d:83:f5:cb:7e:37:c6:29:f3:
                    ca:9c:50:a1:0c:a0:88:d4:81:f2:51:5e:a7:36:44:
                    11:dd:58:ab:65:71:c3:a0:5a:66:29:e0:42:2e:cc:
                    28:dd:91:18:e1:88:f1:db:ff:33:8c:ee:35:02:24:
                    e4:78:c4:ea:b8:06:a8:ad:f3:43:b6:53:1b:cd:6c:
                    7a:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:09:BC:A7:93:01:38:74:38:9B:1D:6B:C4:47:6A:67:FD:67:B8:92
            X509v3 Authority Key Identifier:
                keyid:C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:c5:3e:61:10:03:e8:29:4b:13:cd:32:83:2d:53:c3:6f:78:
         da:f5:ce:bf:2f:0e:e4:5f:5d:e3:47:6f:98:41:4e:63:a3:91:
         cf:e8:40:93:93:aa:d1:11:32:74:66:88:b2:af:ea:22:d9:f5:
         e9:08:a7:b7:8d:41:22:ca:8d:a6:11:56:58:25:6f:0b:f2:0a:
         93:65:1e:59:9b:0c:87:d2:dc:f8:fb:0a:01:5b:9b:e0:e4:10:
         e8:12:bb:4c:00:eb:04:27:8d:38:bd:5a:76:ec:e1:a8:27:f3:
         4e:4d:48:95:9a:7f:57:6b:08:c1:19:f3:0d:cb:a7:76:23:8b:
         2f:04:42:24:9c:ee:ce:c5:0b:f5:63:09:e3:0a:b9:d2:93:7d:
         30:eb:36:e8:f6:08:16:a5:36:fd:8f:9c:a9:7d:66:b2:a9:d0:
         97:d5:24:e6:ea:b8:80:0b:2a:e0:ed:c3:c4:53:9e:f4:19:fd:
         6d:60:61:06:73:86:1e:ec:c6:7d:c3:13:47:9e:e0:81:f1:b2:
         74:4e:c6:d5:ae:4f:4a:00:fb:f9:62:a5:9e:f4:b1:c3:ad:8a:
         81:47:16:4f:3a:8c:8c:9c:75:8d:76:d2:68:39:94:7b:d3:2c:
         50:2c:f9:6b:29:fa:05:a9:5b:c4:86:c3:3f:24:f6:67:67:44:
         f8:e8:54:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdXWkRMhk+tLsAqivbCQUHhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YWQ3NTRhYjdjMGE0MDFjMGZmMWQzYzEyN2IyN2Q1M2Zk
Y2M5ODEwHhcNMjUwNjEwMDEwMDIyWhcNMjUwNjExMDEwMDIyWjAzMTEwLwYDVQQD
Eyg5ODA5YmNhNzkzMDEzODc0Mzg5YjFkNmJjNDQ3NmE2N2ZkNjdiODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1uw4a1Xy4jVR/R0jG5foNAu4CNx
N03qONQ57kS1bUS1ycQr4ozSDl5yYFPbv87M5ST7PyO205CdusCLpqqc8loT1C59
QDn+nfkA3w+C11jUtR8kh0HfY/6q0msAaiEAZ+jS/igA+Cm4VeuqxCAEVJiLAb+T
JwtQ3un0NkihhXoNlchIFPJ82YrtPsSUGnBlXXaBkj5GRBjySF8bKEw7QWnbokaT
n5vZSV7YngfXZbETvKTTIWaWDuQdg/XLfjfGKfPKnFChDKCI1IHyUV6nNkQR3Vir
ZXHDoFpmKeBCLswo3ZEY4Yjx2/8zjO41AiTkeMTquAaorfNDtlMbzWx6DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJgJvKeTATh0OJsda8RHamf9Z7iSMB8GA1UdIwQY
MBaAFMatdUq3wKQBwP8dPBJ7J9U/3MmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2Ut
YmEzM2QzNjc1NWRmLzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2UtYmEzM2QzNjc1NWRm
LzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJsU+YRAD
6ClLE80ygy1Tw2942vXOvy8O5F9d40dvmEFOY6ORz+hAk5Oq0REydGaIsq/qItn1
6Qint41BIsqNphFWWCVvC/IKk2UeWZsMh9Lc+PsKAVub4OQQ6BK7TADrBCeNOL1a
duzhqCfzTk1IlZp/V2sIwRnzDcundiOLLwRCJJzuzsUL9WMJ4wq50pN9MOs26PYI
FqU2/Y+cqX1msqnQl9Uk5uq4gAsq4O3DxFOe9Bn9bWBhBnOGHuzGfcMTR57ggfGy
dE7G1a5PSgD7+WKlnvSxw62KgUcWTzqMjJx1jXbSaDmUe9MsUCz5ayn6BalbxIbD
PyT2Z2dE+OhUXw==
-----END CERTIFICATE-----