Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
File:                     xq11SrfApAHA_x08Ensn1T_cyYE.mft (raw, json)
Hash identifier:          9TEYqbIKPdoM+1rd5NdJF1ACfLTNzlL0d6OEfViTmrA=
Subject key identifier:   40:49:12:6F:BC:CE:8E:C6:51:AD:A7:0B:72:0E:4A:04:02:79:2D:2A
Authority key identifier: C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81
Certificate issuer:       /CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
Certificate serial:       01976C99245C0FDF83F8BAB9FED10F18D2D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
Manifest number:          158C
Signing time:             Sat 14 Jun 2025 04:01:05 +0000
Manifest this update:     Sat 14 Jun 2025 04:01:05 +0000
Manifest next update:     Sun 15 Jun 2025 04:01:05 +0000
Files and hashes:         1: xq11SrfApAHA_x08Ensn1T_cyYE.crl (hash: 3Okk5onoZImzm9m0zyo7dH/r8r2lqf8AU9qNgMDU9wo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:99:24:5c:0f:df:83:f8:ba:b9:fe:d1:0f:18:d2:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
        Validity
            Not Before: Jun 14 04:01:05 2025 GMT
            Not After : Jun 15 04:01:05 2025 GMT
        Subject: CN=4049126fbcce8ec651ada70b720e4a0402792d2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:04:e2:c3:c5:42:09:df:6a:0c:09:e8:ac:ca:
                    8c:70:93:d4:33:4a:29:1b:ef:bf:c7:c5:30:52:c1:
                    6f:a8:e7:45:23:9d:10:44:25:40:6a:2b:e9:09:e1:
                    ad:74:e2:cc:31:55:27:2f:8e:67:45:17:91:86:68:
                    0d:f1:50:b0:a0:b3:d9:c0:68:bd:68:3e:e6:1a:1a:
                    05:57:5f:d5:3e:64:24:93:a6:cb:13:03:40:66:35:
                    70:b1:4c:ec:c4:19:64:de:1e:56:1d:ae:7a:0e:23:
                    d9:d3:76:a9:91:e1:b7:1c:e3:86:4b:ce:9a:d0:7e:
                    43:02:10:73:2d:83:2d:3a:39:31:b8:81:99:15:08:
                    39:41:4c:eb:9a:37:9d:28:ab:46:08:cb:e2:03:d1:
                    4c:47:2c:49:88:ed:b8:98:3b:c2:23:be:77:bf:2d:
                    5f:c8:34:8b:d4:7a:95:38:35:80:cc:af:85:e1:c5:
                    77:47:01:6d:0a:89:08:d8:91:8b:4b:46:e3:cf:27:
                    0b:66:ed:60:6d:13:2f:e0:44:2b:6d:c3:7b:4e:8d:
                    d3:71:ce:37:0a:c7:78:b3:b6:0c:a5:04:9a:44:a9:
                    2c:75:81:f4:ee:e5:98:a9:cd:da:a6:e7:68:16:96:
                    a2:f3:a6:97:11:6d:7f:a2:e8:02:17:f8:f2:05:e0:
                    a0:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:49:12:6F:BC:CE:8E:C6:51:AD:A7:0B:72:0E:4A:04:02:79:2D:2A
            X509v3 Authority Key Identifier:
                keyid:C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:4a:d7:c1:7a:3b:a7:33:81:35:ea:29:ea:8a:d2:f7:72:e6:
         ef:0e:0d:d6:6f:9e:9b:f0:00:89:90:43:0d:c5:ae:d9:ed:0a:
         78:6f:23:b9:81:8d:5c:dd:ab:ac:22:2d:8f:d4:36:b4:87:c3:
         0c:b0:cd:d2:2f:a2:20:61:07:ee:90:c7:d5:05:b4:77:48:28:
         68:01:e5:b1:fb:29:20:9d:da:c4:24:2b:4e:85:e9:e4:0d:73:
         c1:ee:8c:6a:b7:23:7e:00:45:3b:7f:bf:52:a5:74:36:5f:a4:
         bb:3f:9d:c4:3f:c9:8f:a4:01:e1:a3:10:c5:62:b3:0e:7f:f3:
         9e:de:70:1a:dc:65:0e:59:63:50:01:d4:ce:8e:5e:11:5e:f6:
         a4:f4:df:07:e6:d5:8c:e9:e4:8e:41:a2:ab:d8:22:08:9b:4f:
         aa:c0:66:34:56:57:c4:39:ec:ac:86:a1:60:00:90:fd:4b:e4:
         98:df:ed:7b:ae:5b:9e:57:e3:58:60:89:47:5b:ff:cb:33:84:
         f6:f3:8e:9d:4c:6c:ca:7b:cd:6e:4a:08:9e:ec:62:a4:a5:9b:
         89:7a:bb:19:5d:3f:60:03:0d:56:f3:ea:d2:71:a1:d6:9c:29:
         7e:c8:c9:75:8f:da:94:1f:8b:60:a5:d4:47:cc:97:b5:bb:bd:
         4d:a9:1d:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmSRcD9+D+Lq5/tEPGNLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YWQ3NTRhYjdjMGE0MDFjMGZmMWQzYzEyN2IyN2Q1M2Zk
Y2M5ODEwHhcNMjUwNjE0MDQwMTA1WhcNMjUwNjE1MDQwMTA1WjAzMTEwLwYDVQQD
Eyg0MDQ5MTI2ZmJjY2U4ZWM2NTFhZGE3MGI3MjBlNGEwNDAyNzkyZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQTiw8VCCd9qDAnorMqMcJPUM0op
G++/x8UwUsFvqOdFI50QRCVAaivpCeGtdOLMMVUnL45nRReRhmgN8VCwoLPZwGi9
aD7mGhoFV1/VPmQkk6bLEwNAZjVwsUzsxBlk3h5WHa56DiPZ03apkeG3HOOGS86a
0H5DAhBzLYMtOjkxuIGZFQg5QUzrmjedKKtGCMviA9FMRyxJiO24mDvCI753vy1f
yDSL1HqVODWAzK+F4cV3RwFtCokI2JGLS0bjzycLZu1gbRMv4EQrbcN7To3Tcc43
Csd4s7YMpQSaRKksdYH07uWYqc3apudoFpai86aXEW1/ougCF/jyBeCg+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEBJEm+8zo7GUa2nC3IOSgQCeS0qMB8GA1UdIwQY
MBaAFMatdUq3wKQBwP8dPBJ7J9U/3MmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2Ut
YmEzM2QzNjc1NWRmLzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2UtYmEzM2QzNjc1NWRm
LzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARUrXwXo7
pzOBNeop6orS93Lm7w4N1m+em/AAiZBDDcWu2e0KeG8juYGNXN2rrCItj9Q2tIfD
DLDN0i+iIGEH7pDH1QW0d0goaAHlsfspIJ3axCQrToXp5A1zwe6MarcjfgBFO3+/
UqV0Nl+kuz+dxD/Jj6QB4aMQxWKzDn/znt5wGtxlDlljUAHUzo5eEV72pPTfB+bV
jOnkjkGiq9giCJtPqsBmNFZXxDnsrIahYACQ/UvkmN/te65bnlfjWGCJR1v/yzOE
9vOOnUxsynvNbkoInuxipKWbiXq7GV0/YAMNVvPq0nGh1pwpfsjJdY/alB+LYKXU
R8yXtbu9TakdtA==
-----END CERTIFICATE-----