Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
File:                     xq11SrfApAHA_x08Ensn1T_cyYE.mft (raw, json)
Hash identifier:          qneujQ03WMFQAEMqdpC8RhSTPeqmhQ/f3xYwaVFxPgg=
Subject key identifier:   06:57:24:5D:CB:F0:D2:CD:40:4B:02:B4:DA:47:57:7B:B0:DF:4A:B8
Authority key identifier: C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81
Certificate issuer:       /CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
Certificate serial:       0197707559BDA95FFC784E80B00786890483
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
Manifest number:          158E
Signing time:             Sat 14 Jun 2025 22:00:28 +0000
Manifest this update:     Sat 14 Jun 2025 22:00:28 +0000
Manifest next update:     Sun 15 Jun 2025 22:00:28 +0000
Files and hashes:         1: xq11SrfApAHA_x08Ensn1T_cyYE.crl (hash: R6VLgdQKqkaGE862sCNYVUuHR0JpZtBuYHdX2Pnao0I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 22:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:75:59:bd:a9:5f:fc:78:4e:80:b0:07:86:89:04:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
        Validity
            Not Before: Jun 14 22:00:28 2025 GMT
            Not After : Jun 15 22:00:28 2025 GMT
        Subject: CN=0657245dcbf0d2cd404b02b4da47577bb0df4ab8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:6c:dd:84:d2:32:ec:c1:6b:fb:47:b0:01:5b:
                    d1:03:f0:10:ef:d4:64:08:f3:33:b6:2d:04:74:17:
                    1f:31:1f:de:a8:df:c7:65:97:4a:b4:02:3b:18:94:
                    1d:f5:64:72:0a:77:2b:11:06:f7:ea:9b:e0:f9:18:
                    af:70:b6:90:22:7a:7e:ad:24:26:e4:94:08:e5:97:
                    1f:cc:95:80:0b:44:aa:51:e5:00:48:d3:08:dc:de:
                    ba:42:ef:39:92:1b:06:5b:c7:c2:fa:4b:3e:34:03:
                    a6:77:82:20:8f:90:52:97:19:55:51:a5:48:8c:09:
                    8f:38:98:ca:db:91:c3:f8:e0:a2:e4:ea:46:b0:f7:
                    c8:0c:03:d1:86:0b:b3:a6:36:60:37:fc:9e:df:44:
                    9a:51:d8:fc:e2:69:81:67:28:8b:3a:52:a4:b7:fa:
                    57:67:14:c1:12:7c:fc:d3:07:39:2b:84:28:d8:10:
                    2d:6e:76:b6:97:e1:26:b0:76:6a:62:d7:32:b1:a3:
                    f3:73:dd:b1:ca:d0:4c:1c:6b:6c:56:df:80:8e:a0:
                    e8:c3:3a:14:e9:45:28:0d:dd:98:42:67:2e:11:4a:
                    f6:56:f0:5e:06:c6:32:c2:3a:b8:a0:2a:89:2a:8b:
                    a6:96:9b:7f:44:4c:7a:d0:51:4d:d2:6c:9f:2e:ab:
                    61:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:57:24:5D:CB:F0:D2:CD:40:4B:02:B4:DA:47:57:7B:B0:DF:4A:B8
            X509v3 Authority Key Identifier:
                keyid:C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:81:9c:29:15:a9:9d:f1:43:6b:50:dc:12:d2:5f:22:8e:61:
         a4:ec:e2:06:81:f3:4b:87:9c:74:f2:1f:5e:95:5b:02:f1:6e:
         cf:8d:c6:57:76:77:c4:6a:cd:08:de:2d:cf:c4:4d:c1:ab:b5:
         45:5e:60:08:44:b9:ad:7b:cf:ab:32:b1:ca:be:f9:14:fa:c7:
         a4:e6:92:ed:bf:cf:4a:e2:d2:58:db:fb:c3:9d:42:da:95:ec:
         70:7e:5c:0e:bb:ee:f1:2a:19:72:09:b4:54:c1:fa:a3:18:5f:
         f0:04:cb:3a:ec:76:2f:0c:a1:dc:13:15:94:97:88:0c:fc:3b:
         7f:90:dd:5b:0c:38:29:d2:bc:f3:73:65:85:81:aa:a4:ff:dc:
         2f:54:f6:c9:5b:f8:74:04:f5:97:0f:21:88:07:a4:a4:4b:fa:
         2c:10:fc:10:63:5f:de:73:07:50:89:9e:e0:3c:ac:ae:24:07:
         fe:00:87:b9:3a:01:b2:5d:13:9c:44:73:67:d9:5c:2a:74:60:
         03:7f:02:0f:b8:51:5a:27:cf:10:b7:38:e7:c8:b3:70:87:9d:
         d4:7f:83:13:30:1a:de:9e:f6:1b:af:7b:b8:02:59:f1:5a:93:
         54:3b:0a:b9:5f:5f:ca:f6:66:d5:54:17:bc:fd:52:5e:b7:15:
         5e:da:23:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwdVm9qV/8eE6AsAeGiQSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YWQ3NTRhYjdjMGE0MDFjMGZmMWQzYzEyN2IyN2Q1M2Zk
Y2M5ODEwHhcNMjUwNjE0MjIwMDI4WhcNMjUwNjE1MjIwMDI4WjAzMTEwLwYDVQQD
EygwNjU3MjQ1ZGNiZjBkMmNkNDA0YjAyYjRkYTQ3NTc3YmIwZGY0YWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2zdhNIy7MFr+0ewAVvRA/AQ79Rk
CPMzti0EdBcfMR/eqN/HZZdKtAI7GJQd9WRyCncrEQb36pvg+RivcLaQInp+rSQm
5JQI5ZcfzJWAC0SqUeUASNMI3N66Qu85khsGW8fC+ks+NAOmd4Igj5BSlxlVUaVI
jAmPOJjK25HD+OCi5OpGsPfIDAPRhguzpjZgN/ye30SaUdj84mmBZyiLOlKkt/pX
ZxTBEnz80wc5K4Qo2BAtbna2l+EmsHZqYtcysaPzc92xytBMHGtsVt+AjqDowzoU
6UUoDd2YQmcuEUr2VvBeBsYywjq4oCqJKoumlpt/REx60FFN0myfLqth8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAZXJF3L8NLNQEsCtNpHV3uw30q4MB8GA1UdIwQY
MBaAFMatdUq3wKQBwP8dPBJ7J9U/3MmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2Ut
YmEzM2QzNjc1NWRmLzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2UtYmEzM2QzNjc1NWRm
LzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiYGcKRWp
nfFDa1DcEtJfIo5hpOziBoHzS4ecdPIfXpVbAvFuz43GV3Z3xGrNCN4tz8RNwau1
RV5gCES5rXvPqzKxyr75FPrHpOaS7b/PSuLSWNv7w51C2pXscH5cDrvu8SoZcgm0
VMH6oxhf8ATLOux2Lwyh3BMVlJeIDPw7f5DdWww4KdK883NlhYGqpP/cL1T2yVv4
dAT1lw8hiAekpEv6LBD8EGNf3nMHUIme4DysriQH/gCHuToBsl0TnERzZ9lcKnRg
A38CD7hRWifPELc458izcIed1H+DEzAa3p72G697uAJZ8VqTVDsKuV9fyvZm1VQX
vP1SXrcVXtoj4g==
-----END CERTIFICATE-----