Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
File:                     XtGkql_QUBs-ptafQzwvFkIRYIk.mft (raw, json)
Hash identifier:          hz//pWJ7mhZQJccsgBnxfc+p4fH4YRSilK0Ys4zt0J0=
Subject key identifier:   AF:32:E9:FD:64:59:D3:D4:BB:4A:DB:BC:CE:C0:0A:C8:19:63:D2:D0
Authority key identifier: 5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89
Certificate issuer:       /CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
Certificate serial:       01974CD6F32C70FC61950FC22CE81242A064
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
Manifest number:          1579
Signing time:             Sun 08 Jun 2025 00:00:44 +0000
Manifest this update:     Sun 08 Jun 2025 00:00:44 +0000
Manifest next update:     Mon 09 Jun 2025 00:00:44 +0000
Files and hashes:         1: XtGkql_QUBs-ptafQzwvFkIRYIk.crl (hash: SlO3fhVl5EqeTwg8YwAWcYDc70NOk6j5/u6Yk56nDck=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:d6:f3:2c:70:fc:61:95:0f:c2:2c:e8:12:42:a0:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
        Validity
            Not Before: Jun  8 00:00:44 2025 GMT
            Not After : Jun  9 00:00:44 2025 GMT
        Subject: CN=af32e9fd6459d3d4bb4adbbccec00ac81963d2d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:1e:b3:e2:90:02:15:b3:a1:81:4d:62:53:f9:
                    7a:f1:35:5f:2e:de:43:2f:3a:be:e6:26:1f:ed:c6:
                    33:ce:1d:7c:5a:d8:6e:16:64:2f:88:53:ee:a4:69:
                    21:54:5c:b1:31:27:a4:62:b7:2a:a4:a0:b0:fb:ba:
                    b1:33:bd:dd:e3:12:95:dc:77:a6:ab:0b:59:06:ed:
                    9e:e9:8d:8f:03:5e:b8:4d:a3:bd:77:3f:9e:7c:23:
                    c3:d5:8f:9a:25:77:6e:79:f6:9e:07:4c:b3:87:03:
                    ff:40:4d:49:a7:96:13:d3:64:1e:98:c7:08:10:89:
                    ed:fe:3e:29:80:ce:dd:d4:66:8a:fe:7e:d8:3f:8b:
                    cf:57:88:3b:56:71:ac:98:ec:55:7c:9d:df:95:60:
                    ce:a7:5f:65:8f:af:65:d4:d6:c4:3c:ad:f0:ca:1f:
                    00:a0:9e:66:c9:0b:89:16:27:30:47:f8:0f:2d:19:
                    63:a3:46:e1:ab:e8:04:1a:e5:13:03:04:5c:2a:22:
                    23:2d:38:11:a0:b9:5d:29:e1:3c:64:82:65:c9:0c:
                    88:19:a7:cc:17:8d:27:d7:95:f5:fd:49:cd:14:5f:
                    9e:17:2f:bf:52:86:0b:f9:0b:f2:18:52:85:6c:b6:
                    bb:2e:fa:92:bc:5e:01:e4:bc:52:03:d3:ae:cd:81:
                    10:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:32:E9:FD:64:59:D3:D4:BB:4A:DB:BC:CE:C0:0A:C8:19:63:D2:D0
            X509v3 Authority Key Identifier:
                keyid:5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:7f:ef:10:d9:4d:4d:04:61:95:8b:06:c5:a0:f8:5a:d0:3a:
         f8:d0:29:be:b0:fd:3f:28:8d:f7:cf:89:cd:06:72:d5:1d:8b:
         79:55:3e:11:e2:d8:41:41:ec:79:58:c9:f5:f3:87:cb:aa:de:
         e6:dc:fd:7e:97:a5:e2:7f:56:32:01:cb:f3:5f:87:47:74:14:
         5c:9b:a5:75:1f:ac:09:a5:b4:b5:9e:b1:41:8f:9e:2b:f7:10:
         aa:a2:4b:cf:0d:a3:ef:77:e9:9b:13:14:68:73:ac:b0:98:e5:
         83:53:f4:1d:81:19:65:b8:88:20:8a:77:f0:8e:c5:8d:34:ed:
         a4:62:d2:09:52:b8:40:38:4a:e7:52:35:5b:43:b1:48:39:dd:
         6d:84:43:45:99:eb:20:cc:ba:d9:1f:62:4d:b3:e7:d0:18:b0:
         e1:4b:ec:3d:ce:92:ec:d5:24:4b:03:56:0e:48:90:dd:ae:d8:
         72:39:b8:76:56:da:32:08:a1:0c:65:68:b4:25:ad:64:1b:8e:
         50:f8:ff:8f:a8:54:88:b5:ac:b4:dd:f5:63:33:7d:88:60:d3:
         28:4b:1a:01:5a:b3:2b:86:eb:13:f0:f6:c1:fd:1f:94:82:58:
         dc:ff:98:1b:09:04:ac:13:77:c8:ca:74:44:ed:17:72:ac:a2:
         d2:55:9b:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdM1vMscPxhlQ/CLOgSQqBkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDFhNGFhNWZkMDUwMWIzZWE2ZDY5ZjQzM2MyZjE2NDIx
MTYwODkwHhcNMjUwNjA4MDAwMDQ0WhcNMjUwNjA5MDAwMDQ0WjAzMTEwLwYDVQQD
EyhhZjMyZTlmZDY0NTlkM2Q0YmI0YWRiYmNjZWMwMGFjODE5NjNkMmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkB6z4pACFbOhgU1iU/l68TVfLt5D
Lzq+5iYf7cYzzh18WthuFmQviFPupGkhVFyxMSekYrcqpKCw+7qxM73d4xKV3Hem
qwtZBu2e6Y2PA164TaO9dz+efCPD1Y+aJXduefaeB0yzhwP/QE1Jp5YT02QemMcI
EInt/j4pgM7d1GaK/n7YP4vPV4g7VnGsmOxVfJ3flWDOp19lj69l1NbEPK3wyh8A
oJ5myQuJFicwR/gPLRljo0bhq+gEGuUTAwRcKiIjLTgRoLldKeE8ZIJlyQyIGafM
F40n15X1/UnNFF+eFy+/UoYL+QvyGFKFbLa7LvqSvF4B5LxSA9OuzYEQRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8y6f1kWdPUu0rbvM7ACsgZY9LQMB8GA1UdIwQY
MBaAFF7RpKpf0FAbPqbWn0M8LxZCEWCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTkt
YjlhODZhYzNlOGJlLzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTktYjlhODZhYzNlOGJl
LzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgH/vENlN
TQRhlYsGxaD4WtA6+NApvrD9PyiN98+JzQZy1R2LeVU+EeLYQUHseVjJ9fOHy6re
5tz9fpel4n9WMgHL81+HR3QUXJuldR+sCaW0tZ6xQY+eK/cQqqJLzw2j73fpmxMU
aHOssJjlg1P0HYEZZbiIIIp38I7FjTTtpGLSCVK4QDhK51I1W0OxSDndbYRDRZnr
IMy62R9iTbPn0Biw4UvsPc6S7NUkSwNWDkiQ3a7Ycjm4dlbaMgihDGVotCWtZBuO
UPj/j6hUiLWstN31YzN9iGDTKEsaAVqzK4brE/D2wf0flIJY3P+YGwkErBN3yMp0
RO0Xcqyi0lWbiQ==
-----END CERTIFICATE-----