Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
File:                     XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft (raw, json)
Hash identifier:          daukbE9PpNeRoJuqPID0P0xlkQM3tTg1/5xk2s7sMho=
Subject key identifier:   AC:91:D8:A9:F2:23:00:EB:79:D9:40:1B:B4:9C:25:48:3C:D8:32:CD
Authority key identifier: 5E:A8:5F:1D:D4:D0:34:64:80:F0:09:87:4A:8F:56:70:E3:10:85:C2
Certificate issuer:       /CN=5ea85f1dd4d0346480f009874a8f5670e31085c2
Certificate serial:       019762F1261A38B9BFDE23486449E4A1B33F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
Manifest number:          1588
Signing time:             Thu 12 Jun 2025 07:01:00 +0000
Manifest this update:     Thu 12 Jun 2025 07:01:00 +0000
Manifest next update:     Fri 13 Jun 2025 07:01:00 +0000
Files and hashes:         1: XqhfHdTQNGSA8AmHSo9WcOMQhcI.crl (hash: K7knp2bmsCzokqXrPM7Im5oQqJzz2SA4w62qk60+ve0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 07:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:62:f1:26:1a:38:b9:bf:de:23:48:64:49:e4:a1:b3:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ea85f1dd4d0346480f009874a8f5670e31085c2
        Validity
            Not Before: Jun 12 07:01:00 2025 GMT
            Not After : Jun 13 07:01:00 2025 GMT
        Subject: CN=ac91d8a9f22300eb79d9401bb49c25483cd832cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:12:99:4b:4b:52:33:d2:4c:07:ad:fb:fb:f4:
                    5e:5a:c1:d6:26:aa:39:a7:ca:31:35:91:2f:92:a5:
                    19:8d:5e:89:e1:ee:86:87:f2:02:57:12:e3:58:bb:
                    94:25:bf:78:87:5e:16:a2:b7:5b:2c:a7:b2:6e:f0:
                    49:20:80:a1:98:59:83:96:cc:0d:0b:ed:8e:ec:d9:
                    87:4b:55:f2:f9:b1:8b:71:1c:c3:e7:92:14:bc:95:
                    fe:a1:ac:51:22:b5:45:fc:af:1e:2c:80:47:6e:f5:
                    ae:5f:ee:ce:d7:24:bb:d8:56:56:54:f4:58:cb:96:
                    33:03:1f:da:f6:5a:77:ed:e3:51:71:4c:2f:11:84:
                    fb:84:66:91:21:4a:bf:c0:7c:32:6f:3e:95:2b:9c:
                    62:d7:da:69:e7:9d:32:31:86:65:17:c9:3f:89:5c:
                    ee:a7:db:f8:51:84:43:e1:7e:69:58:87:eb:e1:ad:
                    ea:29:52:42:7b:3b:08:ca:2d:c4:24:72:04:95:ce:
                    1a:e1:b2:aa:28:c5:ad:c7:32:36:eb:22:ee:45:c3:
                    f4:f4:3d:55:f2:11:db:a4:da:7c:92:7f:aa:6f:01:
                    85:43:1b:68:d4:b7:d8:7c:0f:aa:bf:35:6f:a8:b1:
                    c5:0b:1b:2d:e2:1b:ed:78:84:c9:cc:64:fd:47:cb:
                    a8:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:91:D8:A9:F2:23:00:EB:79:D9:40:1B:B4:9C:25:48:3C:D8:32:CD
            X509v3 Authority Key Identifier:
                keyid:5E:A8:5F:1D:D4:D0:34:64:80:F0:09:87:4A:8F:56:70:E3:10:85:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:c9:46:64:1b:41:2b:0a:5c:1a:6b:e4:d9:70:00:e0:23:d8:
         74:78:72:08:26:3a:81:bc:cf:a2:69:5a:12:74:fb:64:0e:69:
         01:dc:9b:73:06:81:b7:50:b5:f9:b7:76:eb:76:a6:4a:b1:c2:
         84:29:b6:a3:4d:e2:fe:a1:be:bc:bb:91:c3:0a:f3:0c:21:8b:
         50:60:b7:c4:b9:dc:ee:68:73:b0:c4:23:7b:7a:fc:b6:25:12:
         74:b2:17:e0:78:8f:76:49:06:45:4e:4c:2a:5a:0d:e8:09:48:
         06:d9:5d:bc:f1:0d:e3:22:73:ff:e7:6d:56:13:00:0e:e4:1d:
         94:4a:b0:f3:ae:69:a1:3b:00:60:ef:7f:6a:ff:3a:b7:d9:33:
         46:61:ad:57:ab:ed:38:9b:d9:98:42:a0:40:b2:43:1e:6d:86:
         d4:c3:ba:61:84:49:ac:67:ce:64:8b:d5:1e:6f:1f:05:89:4a:
         34:bf:97:a4:df:7a:1f:f1:b6:e3:7e:42:92:66:a5:df:84:cf:
         fe:95:be:36:7a:ce:68:66:3f:16:5e:d6:f7:e4:54:09:da:87:
         04:14:59:42:79:45:8f:96:3d:61:7c:10:c2:48:46:bc:e4:d7:
         ec:d0:6e:f4:57:a0:ad:37:8d:ea:2e:2f:35:3f:83:ba:1e:c1:
         a7:33:1f:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdi8SYaOLm/3iNIZEnkobM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTg1ZjFkZDRkMDM0NjQ4MGYwMDk4NzRhOGY1NjcwZTMx
MDg1YzIwHhcNMjUwNjEyMDcwMTAwWhcNMjUwNjEzMDcwMTAwWjAzMTEwLwYDVQQD
EyhhYzkxZDhhOWYyMjMwMGViNzlkOTQwMWJiNDljMjU0ODNjZDgzMmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRKZS0tSM9JMB637+/ReWsHWJqo5
p8oxNZEvkqUZjV6J4e6Gh/ICVxLjWLuUJb94h14WordbLKeybvBJIIChmFmDlswN
C+2O7NmHS1Xy+bGLcRzD55IUvJX+oaxRIrVF/K8eLIBHbvWuX+7O1yS72FZWVPRY
y5YzAx/a9lp37eNRcUwvEYT7hGaRIUq/wHwybz6VK5xi19pp550yMYZlF8k/iVzu
p9v4UYRD4X5pWIfr4a3qKVJCezsIyi3EJHIElc4a4bKqKMWtxzI26yLuRcP09D1V
8hHbpNp8kn+qbwGFQxto1LfYfA+qvzVvqLHFCxst4hvteITJzGT9R8uowQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKyR2KnyIwDredlAG7ScJUg82DLNMB8GA1UdIwQY
MBaAFF6oXx3U0DRkgPAJh0qPVnDjEIXCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFoZkhkVFFOR1NBOEFtSFNvOVdjT01RaGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9lZjc4MDgtMTIyYi00Yjg5LTkzNTgt
NTkwYzVmMWIwMWIzLzEvWHFoZkhkVFFOR1NBOEFtSFNvOVdjT01RaGNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9lZjc4MDgtMTIyYi00Yjg5LTkzNTgtNTkwYzVmMWIwMWIz
LzEvWHFoZkhkVFFOR1NBOEFtSFNvOVdjT01RaGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANclGZBtB
KwpcGmvk2XAA4CPYdHhyCCY6gbzPomlaEnT7ZA5pAdybcwaBt1C1+bd263amSrHC
hCm2o03i/qG+vLuRwwrzDCGLUGC3xLnc7mhzsMQje3r8tiUSdLIX4HiPdkkGRU5M
KloN6AlIBtldvPEN4yJz/+dtVhMADuQdlEqw865poTsAYO9/av86t9kzRmGtV6vt
OJvZmEKgQLJDHm2G1MO6YYRJrGfOZIvVHm8fBYlKNL+XpN96H/G2435Ckmal34TP
/pW+NnrOaGY/Fl7W9+RUCdqHBBRZQnlFj5Y9YXwQwkhGvOTX7NBu9FegrTeN6i4v
NT+Duh7BpzMfsw==
-----END CERTIFICATE-----