Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
File:                     Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft (raw, json)
Hash identifier:          gE5nB0ogutYpEmKjUItuRSQ7wBDjkpl4nYXf7mH0Qf0=
Subject key identifier:   71:49:D9:94:13:EA:F5:3D:D9:5D:A2:CE:1E:81:C2:45:EF:40:5B:03
Authority key identifier: 5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B
Certificate issuer:       /CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b
Certificate serial:       019763CC3994771615E5881A90933014EC67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
Manifest number:          23
Signing time:             Thu 12 Jun 2025 11:00:17 +0000
Manifest this update:     Thu 12 Jun 2025 11:00:17 +0000
Manifest next update:     Fri 13 Jun 2025 11:00:17 +0000
Files and hashes:         1: Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl (hash: lf6sLii0XXF/Da68SmuExMrnTZNFYZbCENn4xhB5SJc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 11:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:cc:39:94:77:16:15:e5:88:1a:90:93:30:14:ec:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b
        Validity
            Not Before: Jun 12 11:00:17 2025 GMT
            Not After : Jun 13 11:00:17 2025 GMT
        Subject: CN=7149d99413eaf53dd95da2ce1e81c245ef405b03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:9e:54:5c:ce:a3:71:e9:ba:e9:7d:79:b2:4c:
                    27:7a:23:66:d2:18:c4:76:02:ab:1c:49:2e:21:86:
                    4c:68:65:2f:1d:2d:c2:2f:98:24:17:66:3a:a3:37:
                    5d:5d:79:db:66:82:fc:f1:f8:a3:40:b1:fd:81:93:
                    33:b7:d9:55:8c:50:60:b1:cf:ed:31:fe:5b:db:5d:
                    10:cc:b7:83:43:69:b7:38:d2:dd:1c:34:76:d0:28:
                    4e:d1:54:c0:5e:8e:bc:8f:cc:cb:73:b3:be:b9:e5:
                    19:e6:7c:01:53:10:4c:5d:c0:ee:99:de:65:7d:ec:
                    65:54:0d:78:f3:fe:40:be:4e:56:cd:ab:ac:5b:a1:
                    71:f2:45:a0:4f:a2:84:dd:e1:8f:7b:a2:fb:f8:c1:
                    34:18:b9:57:61:19:29:29:e6:f9:eb:8d:54:4c:2a:
                    3e:c1:33:fb:9b:32:f0:75:dc:67:87:f4:95:bf:ab:
                    48:25:38:70:a4:85:a2:98:ae:ea:84:8b:7c:ce:19:
                    5e:40:1b:fd:28:57:f2:17:a9:bb:82:ca:73:43:40:
                    9c:98:81:e6:3d:da:10:57:87:eb:3e:f5:97:cb:00:
                    80:55:14:98:37:25:f7:c8:25:c5:91:04:8f:f5:70:
                    e2:af:b2:0e:b5:40:30:08:43:d2:31:17:e9:26:85:
                    2d:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:49:D9:94:13:EA:F5:3D:D9:5D:A2:CE:1E:81:C2:45:EF:40:5B:03
            X509v3 Authority Key Identifier:
                keyid:5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:2a:fa:6e:ad:c4:d6:be:d7:fd:a7:8d:31:11:bd:4b:32:40:
         e4:21:70:7d:28:8c:16:0a:8b:e7:37:9c:cc:e4:e4:af:b6:b4:
         eb:e9:ba:cd:a0:9c:55:7e:da:3e:53:07:98:23:7f:fb:93:c2:
         28:6f:e0:17:c5:7b:b9:56:cb:97:07:71:00:19:30:18:02:5c:
         77:d5:51:4d:61:a2:aa:7b:98:e8:05:8d:70:a2:6a:76:b2:29:
         07:28:5d:20:b8:2a:8b:4f:d9:21:ec:7f:77:f6:c4:39:fa:7a:
         1b:a6:b1:08:1c:5f:1c:4c:ee:b2:d0:67:25:b8:1c:be:ae:87:
         f9:04:04:bc:07:57:38:6b:01:11:9b:0b:47:3c:66:79:bf:14:
         85:57:70:82:55:24:62:54:28:ea:50:6d:f8:d7:2f:ea:6f:24:
         7d:96:05:4f:8f:d9:d3:55:61:f6:d7:0a:58:3f:ba:72:df:4e:
         cf:a2:0e:15:89:0f:13:59:54:6e:d8:fe:7e:6c:00:fa:ea:6f:
         33:91:69:4c:a2:0a:66:d6:46:47:f0:6c:6e:e6:ca:56:8f:6f:
         42:1b:34:27:f0:de:98:cb:9f:a9:f5:11:87:a9:9c:53:d5:62:
         80:87:5c:37:97:64:3e:e4:17:c5:51:d7:d9:ee:c0:c0:72:c3:
         61:ff:ed:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjzDmUdxYV5YgakJMwFOxnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZmQzODNlMTY4ZDJlYzlmYmMzOTBlYThkOTlhNGJhZjdl
YzNiNWIwHhcNMjUwNjEyMTEwMDE3WhcNMjUwNjEzMTEwMDE3WjAzMTEwLwYDVQQD
Eyg3MTQ5ZDk5NDEzZWFmNTNkZDk1ZGEyY2UxZTgxYzI0NWVmNDA1YjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh55UXM6jcem66X15skwneiNm0hjE
dgKrHEkuIYZMaGUvHS3CL5gkF2Y6ozddXXnbZoL88fijQLH9gZMzt9lVjFBgsc/t
Mf5b210QzLeDQ2m3ONLdHDR20ChO0VTAXo68j8zLc7O+ueUZ5nwBUxBMXcDumd5l
fexlVA148/5Avk5WzausW6Fx8kWgT6KE3eGPe6L7+ME0GLlXYRkpKeb5641UTCo+
wTP7mzLwddxnh/SVv6tIJThwpIWimK7qhIt8zhleQBv9KFfyF6m7gspzQ0CcmIHm
PdoQV4frPvWXywCAVRSYNyX3yCXFkQSP9XDir7IOtUAwCEPSMRfpJoUtGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHFJ2ZQT6vU92V2izh6BwkXvQFsDMB8GA1UdIwQY
MBaAFF39OD4WjS7J+8OQ6o2ZpLr37DtbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYt
MzkwZTkzNWJlZGEzLzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYtMzkwZTkzNWJlZGEz
LzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdir6bq3E
1r7X/aeNMRG9SzJA5CFwfSiMFgqL5zeczOTkr7a06+m6zaCcVX7aPlMHmCN/+5PC
KG/gF8V7uVbLlwdxABkwGAJcd9VRTWGiqnuY6AWNcKJqdrIpByhdILgqi0/ZIex/
d/bEOfp6G6axCBxfHEzustBnJbgcvq6H+QQEvAdXOGsBEZsLRzxmeb8UhVdwglUk
YlQo6lBt+Ncv6m8kfZYFT4/Z01Vh9tcKWD+6ct9Oz6IOFYkPE1lUbtj+fmwA+upv
M5FpTKIKZtZGR/BsbubKVo9vQhs0J/DemMufqfURh6mcU9VigIdcN5dkPuQXxVHX
2e7AwHLDYf/tdw==
-----END CERTIFICATE-----