Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
File:                     xq11SrfApAHA_x08Ensn1T_cyYE.mft (raw, json)
Hash identifier:          5HYQp1mI0p0GE2R8spwZelhw2X1w6tlLZJ6ysB8k4Ls=
Subject key identifier:   AC:81:B7:AE:EB:79:48:76:91:ED:BB:5E:AC:2B:CA:EA:88:BC:30:2C
Authority key identifier: C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81
Certificate issuer:       /CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
Certificate serial:       01975D255BCFC7D25B7009FA87E84BDCEC4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
Manifest number:          1584
Signing time:             Wed 11 Jun 2025 04:00:18 +0000
Manifest this update:     Wed 11 Jun 2025 04:00:18 +0000
Manifest next update:     Thu 12 Jun 2025 04:00:18 +0000
Files and hashes:         1: xq11SrfApAHA_x08Ensn1T_cyYE.crl (hash: CdqFs30tBvdVIYLmcAtFZsPjhC8WbyuX6g/qdzp1uuQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:25:5b:cf:c7:d2:5b:70:09:fa:87:e8:4b:dc:ec:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
        Validity
            Not Before: Jun 11 04:00:18 2025 GMT
            Not After : Jun 12 04:00:18 2025 GMT
        Subject: CN=ac81b7aeeb79487691edbb5eac2bcaea88bc302c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:7c:23:b5:0c:95:e1:f4:30:05:06:07:7f:5f:
                    9f:3f:0f:dc:00:7a:e0:ec:94:0e:20:02:30:27:50:
                    b4:d3:64:f6:8a:c9:ba:2f:35:9d:93:d5:d0:60:68:
                    ca:ac:d9:e9:7d:bb:09:38:d2:69:01:af:46:68:b3:
                    ad:78:90:f2:60:2a:06:d2:80:f4:c2:6a:e6:3a:35:
                    14:be:1d:57:1c:f1:5a:e0:93:b0:41:ab:60:42:68:
                    39:de:3b:ab:66:b8:eb:a9:6b:45:35:30:8d:d4:42:
                    b2:0a:f2:2c:60:30:f6:8d:80:81:9d:25:1c:aa:49:
                    6f:0a:48:93:49:71:34:f7:80:fe:54:2a:33:80:2e:
                    2d:23:98:83:2f:cd:79:68:9a:ad:3c:1c:fd:22:47:
                    06:38:27:43:83:5e:69:60:95:ab:cf:7e:0c:c6:72:
                    58:94:2c:8f:01:b2:37:90:df:fe:a4:d6:ba:2e:5a:
                    e4:4d:c6:a9:84:1e:72:a6:64:7f:92:ef:3c:62:ec:
                    d1:ef:f0:52:b0:9d:7a:ed:33:68:80:11:04:1e:0a:
                    d9:c2:da:2e:47:51:c2:a3:1f:cd:82:24:92:5b:c5:
                    70:43:ac:71:d5:6c:a4:27:29:bf:e3:6f:02:51:c9:
                    50:36:06:3f:e6:56:c6:5a:2d:35:c1:83:26:6f:18:
                    95:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:81:B7:AE:EB:79:48:76:91:ED:BB:5E:AC:2B:CA:EA:88:BC:30:2C
            X509v3 Authority Key Identifier:
                keyid:C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:00:72:48:a2:f9:e9:7b:a1:90:ed:61:57:35:90:7c:a7:0b:
         ef:34:f4:a8:83:3c:5c:90:21:03:61:ea:d6:1e:6b:9d:6b:9d:
         18:86:31:bb:59:52:6a:16:94:90:fc:be:7f:61:13:7a:f7:b7:
         5b:ef:16:0d:21:e0:f0:0f:a5:1f:5b:0f:f0:c5:50:23:53:06:
         fe:a2:0b:a5:17:ac:08:3e:8d:6d:81:99:9e:25:09:2e:3c:0f:
         a8:27:87:ab:2d:0e:b2:f8:8d:9b:03:e6:ed:be:f7:9c:40:01:
         a4:1d:e4:40:4e:d2:c5:8f:f3:9c:ae:ba:0b:f4:51:ee:1b:f9:
         18:2b:37:c6:c1:e7:8f:b6:d5:4d:f2:98:66:b9:23:85:7f:66:
         a3:44:da:a8:67:09:32:24:c4:34:6d:28:c0:80:53:9e:c4:fb:
         7f:62:a3:f2:87:26:b4:c5:6d:a3:e3:31:62:dc:80:f3:58:7c:
         f4:db:c4:d1:22:ee:ad:e6:6e:59:1a:db:85:3a:0d:9e:26:0c:
         7f:04:84:54:de:ba:5f:2b:89:ce:93:1b:2f:8a:b2:1c:e9:c6:
         ef:94:bf:c0:f5:65:d9:f7:1e:39:01:92:e6:7d:c1:16:d2:7d:
         fc:1a:1e:50:1b:13:22:dc:f8:76:5e:03:8e:5b:a0:5d:2b:49:
         27:8c:47:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddJVvPx9JbcAn6h+hL3OxLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YWQ3NTRhYjdjMGE0MDFjMGZmMWQzYzEyN2IyN2Q1M2Zk
Y2M5ODEwHhcNMjUwNjExMDQwMDE4WhcNMjUwNjEyMDQwMDE4WjAzMTEwLwYDVQQD
EyhhYzgxYjdhZWViNzk0ODc2OTFlZGJiNWVhYzJiY2FlYTg4YmMzMDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHwjtQyV4fQwBQYHf1+fPw/cAHrg
7JQOIAIwJ1C002T2ism6LzWdk9XQYGjKrNnpfbsJONJpAa9GaLOteJDyYCoG0oD0
wmrmOjUUvh1XHPFa4JOwQatgQmg53jurZrjrqWtFNTCN1EKyCvIsYDD2jYCBnSUc
qklvCkiTSXE094D+VCozgC4tI5iDL815aJqtPBz9IkcGOCdDg15pYJWrz34MxnJY
lCyPAbI3kN/+pNa6LlrkTcaphB5ypmR/ku88YuzR7/BSsJ167TNogBEEHgrZwtou
R1HCox/NgiSSW8VwQ6xx1WykJym/428CUclQNgY/5lbGWi01wYMmbxiV8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKyBt67reUh2ke27XqwryuqIvDAsMB8GA1UdIwQY
MBaAFMatdUq3wKQBwP8dPBJ7J9U/3MmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2Ut
YmEzM2QzNjc1NWRmLzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2UtYmEzM2QzNjc1NWRm
LzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdwBySKL5
6XuhkO1hVzWQfKcL7zT0qIM8XJAhA2Hq1h5rnWudGIYxu1lSahaUkPy+f2ETeve3
W+8WDSHg8A+lH1sP8MVQI1MG/qILpResCD6NbYGZniUJLjwPqCeHqy0OsviNmwPm
7b73nEABpB3kQE7SxY/znK66C/RR7hv5GCs3xsHnj7bVTfKYZrkjhX9mo0TaqGcJ
MiTENG0owIBTnsT7f2Kj8ocmtMVto+MxYtyA81h89NvE0SLureZuWRrbhToNniYM
fwSEVN66XyuJzpMbL4qyHOnG75S/wPVl2fceOQGS5n3BFtJ9/BoeUBsTItz4dl4D
jlugXStJJ4xHdA==
-----END CERTIFICATE-----