Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
File:                     xq11SrfApAHA_x08Ensn1T_cyYE.mft (raw, json)
Hash identifier:          lNORAKiwDBpecGuV0PGMkRztlAfqyErOoCE0NnzwRTc=
Subject key identifier:   BF:DF:C2:A8:BF:1C:46:DA:12:47:12:9D:57:3A:B1:65:48:7F:5B:85
Authority key identifier: C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81
Certificate issuer:       /CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
Certificate serial:       01988E46DA8269ADDCC31ECF86CADCCEB58F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
Manifest number:          1622
Signing time:             Sat 09 Aug 2025 10:01:04 +0000
Manifest this update:     Sat 09 Aug 2025 10:01:04 +0000
Manifest next update:     Sun 10 Aug 2025 10:01:04 +0000
Files and hashes:         1: xq11SrfApAHA_x08Ensn1T_cyYE.crl (hash: RSM+f0T2VNaLz0+5+F3Ss2ckmhKQncxeChyVpLJtuuk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 05:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8e:46:da:82:69:ad:dc:c3:1e:cf:86:ca:dc:ce:b5:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
        Validity
            Not Before: Aug  9 10:01:04 2025 GMT
            Not After : Aug 10 10:01:04 2025 GMT
        Subject: CN=bfdfc2a8bf1c46da1247129d573ab165487f5b85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:81:f5:7c:7d:e4:74:12:d7:83:ce:6c:b1:50:
                    d0:06:f7:42:b4:46:b2:6b:ea:09:17:7e:7e:8b:56:
                    f0:cd:b9:b1:5f:7f:3b:5d:c4:fb:6b:5a:86:30:9a:
                    4a:c8:1b:6b:90:d3:28:7e:6d:be:a0:21:1b:e9:59:
                    e3:83:6a:19:07:58:3d:55:89:b9:61:4e:4c:9d:08:
                    4e:80:01:17:18:3b:c6:7c:d2:26:1f:95:88:0f:c7:
                    17:cf:48:54:6e:5a:be:f0:7c:45:cb:7a:9c:69:20:
                    7b:c7:40:24:96:cf:77:c1:0a:03:8f:81:8d:3a:04:
                    61:bc:c4:d9:cb:94:26:e0:e9:47:a7:8e:e8:2b:26:
                    5d:e7:15:dc:0a:99:13:2d:c1:a3:f3:fd:8d:7b:ee:
                    af:ba:03:17:1c:82:6c:e8:da:25:90:a1:f3:0b:5b:
                    97:29:ae:a0:3a:90:8e:ed:4d:d9:27:6a:94:e5:97:
                    27:74:c4:c7:cb:5f:08:99:78:2b:3a:93:70:c6:91:
                    90:d7:50:78:8f:4e:78:70:9e:11:e1:02:c9:75:4a:
                    c0:fe:db:97:2c:81:2f:72:7f:77:d8:57:a9:8a:f4:
                    59:96:d4:5e:fa:75:f5:44:1c:e1:ce:99:80:6d:2f:
                    09:eb:ad:d4:5c:50:af:34:9c:8d:50:8c:77:3c:bd:
                    c2:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:DF:C2:A8:BF:1C:46:DA:12:47:12:9D:57:3A:B1:65:48:7F:5B:85
            X509v3 Authority Key Identifier:
                keyid:C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:cf:cb:31:cd:b8:6f:aa:6c:25:2e:9e:c7:4f:53:de:bf:fe:
         3b:14:c6:13:93:f4:eb:a2:4a:8f:f2:ec:2d:38:6f:46:7c:9b:
         d4:28:d0:dd:04:56:f9:d1:88:9e:a3:fb:f0:1a:1c:ad:fe:48:
         95:38:ab:af:5e:c6:72:0d:ce:c6:42:4b:ba:5e:f2:d7:90:1d:
         f8:32:98:09:8f:da:35:85:97:bd:6c:ae:f0:1f:2c:46:0c:be:
         31:5d:f2:64:4d:8c:ab:79:c3:3a:2f:62:27:dc:1a:ab:a8:3c:
         95:99:fb:48:bf:c9:88:57:d0:e7:03:35:a8:48:a1:b7:24:01:
         d1:6a:23:69:49:63:eb:56:96:27:4a:46:b9:f0:ee:d7:88:4f:
         d1:88:a5:ed:50:2e:6e:96:dc:bb:be:4a:dc:c9:07:f9:6c:7e:
         86:86:43:99:5b:40:10:12:9b:6b:fa:bf:67:27:40:b3:97:92:
         ed:e5:3e:9d:9e:90:aa:04:17:ec:25:6d:9c:81:0f:e8:1f:32:
         56:be:ee:13:16:91:8d:59:3d:69:4e:d5:ba:e4:14:79:6c:b0:
         00:5d:1e:bd:cd:e2:5d:11:2f:05:ef:1c:b3:93:28:e1:af:ff:
         41:ec:e1:7e:c5:9c:63:71:32:ff:90:a4:d8:a5:58:b2:66:cf:
         f1:da:f2:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiORtqCaa3cwx7PhsrczrWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YWQ3NTRhYjdjMGE0MDFjMGZmMWQzYzEyN2IyN2Q1M2Zk
Y2M5ODEwHhcNMjUwODA5MTAwMTA0WhcNMjUwODEwMTAwMTA0WjAzMTEwLwYDVQQD
EyhiZmRmYzJhOGJmMWM0NmRhMTI0NzEyOWQ1NzNhYjE2NTQ4N2Y1Yjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YH1fH3kdBLXg85ssVDQBvdCtEay
a+oJF35+i1bwzbmxX387XcT7a1qGMJpKyBtrkNMofm2+oCEb6Vnjg2oZB1g9VYm5
YU5MnQhOgAEXGDvGfNImH5WID8cXz0hUblq+8HxFy3qcaSB7x0Akls93wQoDj4GN
OgRhvMTZy5Qm4OlHp47oKyZd5xXcCpkTLcGj8/2Ne+6vugMXHIJs6NolkKHzC1uX
Ka6gOpCO7U3ZJ2qU5ZcndMTHy18ImXgrOpNwxpGQ11B4j054cJ4R4QLJdUrA/tuX
LIEvcn932FepivRZltRe+nX1RBzhzpmAbS8J663UXFCvNJyNUIx3PL3C+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL/fwqi/HEbaEkcSnVc6sWVIf1uFMB8GA1UdIwQY
MBaAFMatdUq3wKQBwP8dPBJ7J9U/3MmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2Ut
YmEzM2QzNjc1NWRmLzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2UtYmEzM2QzNjc1NWRm
LzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARM/LMc24
b6psJS6ex09T3r/+OxTGE5P066JKj/LsLThvRnyb1CjQ3QRW+dGInqP78Bocrf5I
lTirr17Gcg3OxkJLul7y15Ad+DKYCY/aNYWXvWyu8B8sRgy+MV3yZE2Mq3nDOi9i
J9waq6g8lZn7SL/JiFfQ5wM1qEihtyQB0WojaUlj61aWJ0pGufDu14hP0Yil7VAu
bpbcu75K3MkH+Wx+hoZDmVtAEBKba/q/ZydAs5eS7eU+nZ6QqgQX7CVtnIEP6B8y
Vr7uExaRjVk9aU7VuuQUeWywAF0evc3iXREvBe8cs5Mo4a//QezhfsWcY3Ey/5Ck
2KVYsmbP8dryiQ==
-----END CERTIFICATE-----