Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
File:                     Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft (raw, json)
Hash identifier:          WAf8+d3VwLjwALcdmSUYTd/IxfN+WRBvsajhqg7vmaQ=
Subject key identifier:   FD:FF:A2:B7:4D:6F:65:94:02:4D:0E:64:35:FE:73:1E:4D:38:BE:51
Authority key identifier: 5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D
Certificate issuer:       /CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
Certificate serial:       019750EA684B13C7DA9C67816960359CC2FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
Manifest number:          138F
Signing time:             Sun 08 Jun 2025 19:00:28 +0000
Manifest this update:     Sun 08 Jun 2025 19:00:28 +0000
Manifest next update:     Mon 09 Jun 2025 19:00:28 +0000
Files and hashes:         1: Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl (hash: AoC/AZVAFrFogXmbYNz3Ke14P/e3f/CwgrZvBiBQRG8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 17:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:ea:68:4b:13:c7:da:9c:67:81:69:60:35:9c:c2:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
        Validity
            Not Before: Jun  8 19:00:28 2025 GMT
            Not After : Jun  9 19:00:28 2025 GMT
        Subject: CN=fdffa2b74d6f6594024d0e6435fe731e4d38be51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:e5:14:c0:fc:09:3c:8d:7b:b1:d5:9f:ab:8b:
                    ba:ec:d0:3c:49:65:ee:fa:72:1d:d7:58:39:3e:51:
                    de:3b:4d:69:17:2f:4d:e6:65:c9:09:3f:58:78:62:
                    a7:51:e5:81:76:48:ed:86:a1:64:15:4c:08:8d:68:
                    8f:30:b9:a3:76:a1:ad:6b:38:b2:e5:b9:e1:ff:c7:
                    9e:c5:6b:fe:b7:be:de:ac:f2:21:ac:c2:e0:52:fa:
                    7f:c1:5d:f6:07:31:da:df:f8:68:d0:41:d3:8b:d0:
                    7c:e2:09:0a:a9:9e:0e:fa:03:b9:df:54:2b:e6:43:
                    93:3d:47:18:d2:8b:33:63:39:fb:e4:71:be:68:9d:
                    34:21:7d:3a:21:8c:d6:2f:48:60:75:c5:00:c0:58:
                    9e:3f:85:2f:40:fd:52:96:d7:da:a1:d3:12:5e:8f:
                    d8:55:6b:2a:6b:90:6c:a4:bf:9d:78:7c:78:12:bd:
                    63:09:92:0f:80:cc:19:6c:6f:71:74:f0:2b:70:87:
                    5f:3c:44:10:58:de:f9:23:ad:7a:c3:b3:b9:3d:1b:
                    8f:a3:9c:79:af:aa:a2:af:5a:d6:d4:b7:c9:75:c2:
                    ef:a7:8c:91:b0:5d:d7:5e:1f:7d:1c:d0:74:db:49:
                    99:7d:22:33:e2:6a:e2:34:83:69:78:e7:0a:61:56:
                    e6:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:FF:A2:B7:4D:6F:65:94:02:4D:0E:64:35:FE:73:1E:4D:38:BE:51
            X509v3 Authority Key Identifier:
                keyid:5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:13:18:17:12:f4:cc:8b:12:87:91:68:c8:cd:ff:cb:2f:b2:
         a6:fa:1e:54:05:40:4c:2c:78:23:6f:5f:9b:ff:57:99:ef:91:
         f0:0b:32:eb:71:71:6c:73:98:98:89:18:7d:e6:94:ec:e1:27:
         cd:60:42:c7:f4:50:04:d6:f8:38:ed:d7:eb:6f:cb:f7:f4:5b:
         55:96:1e:61:a1:ba:32:b1:89:61:2b:58:8c:1b:d9:80:a2:46:
         32:2a:38:9e:00:9d:ad:04:c1:80:68:cc:dd:e9:79:88:47:7e:
         96:04:41:04:e9:65:c2:f9:1c:2c:90:b7:02:e5:d4:59:2f:f3:
         66:3b:8d:4c:38:84:36:50:8f:a0:94:ec:41:cc:3b:99:d7:e2:
         07:8e:1a:63:eb:81:fe:d1:9f:e8:2e:fb:74:3d:30:5e:82:ce:
         61:0d:6c:6a:f2:51:c7:3d:84:89:66:b3:f1:6a:4d:67:8c:ff:
         83:e1:ae:d1:d2:66:47:b0:c9:1d:36:51:61:2e:26:0d:eb:23:
         0f:a1:a2:ee:2e:bc:bd:c4:aa:cf:4d:f0:4c:ef:05:c6:d3:5d:
         9d:ed:27:16:3b:ac:dc:96:34:35:92:fa:d5:4a:bf:35:46:fe:
         3c:6e:50:d7:5f:ad:a8:95:fc:73:29:e3:99:d0:2a:a5:2c:eb:
         bd:95:b0:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQ6mhLE8fanGeBaWA1nML+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTg3OTBhMDhjOGUwZDg0NTg4ZDk0ZDFhNTFiY2E5YWJl
NzU4MWQwHhcNMjUwNjA4MTkwMDI4WhcNMjUwNjA5MTkwMDI4WjAzMTEwLwYDVQQD
EyhmZGZmYTJiNzRkNmY2NTk0MDI0ZDBlNjQzNWZlNzMxZTRkMzhiZTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeUUwPwJPI17sdWfq4u67NA8SWXu
+nId11g5PlHeO01pFy9N5mXJCT9YeGKnUeWBdkjthqFkFUwIjWiPMLmjdqGtaziy
5bnh/8eexWv+t77erPIhrMLgUvp/wV32BzHa3/ho0EHTi9B84gkKqZ4O+gO531Qr
5kOTPUcY0oszYzn75HG+aJ00IX06IYzWL0hgdcUAwFieP4UvQP1SltfaodMSXo/Y
VWsqa5BspL+deHx4Er1jCZIPgMwZbG9xdPArcIdfPEQQWN75I616w7O5PRuPo5x5
r6qir1rW1LfJdcLvp4yRsF3XXh99HNB020mZfSIz4mriNINpeOcKYVbmCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP3/ordNb2WUAk0OZDX+cx5NOL5RMB8GA1UdIwQY
MBaAFF6oeQoIyODYRYjZTRpRvKmr51gdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgt
MzBjMGExMTFjZDU1LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgtMzBjMGExMTFjZDU1
LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsBMYFxL0
zIsSh5FoyM3/yy+ypvoeVAVATCx4I29fm/9Xme+R8Asy63FxbHOYmIkYfeaU7OEn
zWBCx/RQBNb4OO3X62/L9/RbVZYeYaG6MrGJYStYjBvZgKJGMio4ngCdrQTBgGjM
3el5iEd+lgRBBOllwvkcLJC3AuXUWS/zZjuNTDiENlCPoJTsQcw7mdfiB44aY+uB
/tGf6C77dD0wXoLOYQ1savJRxz2EiWaz8WpNZ4z/g+Gu0dJmR7DJHTZRYS4mDesj
D6Gi7i68vcSqz03wTO8FxtNdne0nFjus3JY0NZL61Uq/NUb+PG5Q11+tqJX8cynj
mdAqpSzrvZWwLg==
-----END CERTIFICATE-----