Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
File:                     Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft (raw, json)
Hash identifier:          GivRUyEFXEWoYdB+4afXCXvBrTm5LFX2pCeSIbxZF+4=
Subject key identifier:   18:98:52:38:CA:0B:0C:38:A5:06:2C:16:B3:36:60:2D:D5:5E:FA:AF
Authority key identifier: 5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D
Certificate issuer:       /CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
Certificate serial:       019786FD441D76828832319A03C1D97F8F30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
Manifest number:          13AB
Signing time:             Thu 19 Jun 2025 07:00:34 +0000
Manifest this update:     Thu 19 Jun 2025 07:00:34 +0000
Manifest next update:     Fri 20 Jun 2025 07:00:34 +0000
Files and hashes:         1: Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl (hash: TwR9Lbc92PKZKf8763p3pfj750rFiOb+PC34r0VSnLk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 20 Jun 2025 07:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:86:fd:44:1d:76:82:88:32:31:9a:03:c1:d9:7f:8f:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
        Validity
            Not Before: Jun 19 07:00:34 2025 GMT
            Not After : Jun 20 07:00:34 2025 GMT
        Subject: CN=18985238ca0b0c38a5062c16b336602dd55efaaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:0d:5b:5d:2d:07:12:9c:0c:73:fd:11:34:e6:
                    67:a8:9d:62:f1:07:14:b6:f4:7f:ff:68:05:18:e3:
                    51:5f:16:08:05:51:cc:a8:22:27:90:04:17:d2:8d:
                    bf:92:56:a5:0d:de:35:94:2e:d8:bb:4b:8e:19:cd:
                    08:30:c8:7a:4a:fe:f4:d6:ae:65:dc:7e:3b:c6:df:
                    8c:7c:89:58:45:c0:12:2b:de:0d:7e:e7:45:79:27:
                    9f:4e:5d:cf:9e:ca:89:07:bf:cb:64:fa:f6:80:ec:
                    9e:56:e4:1b:37:13:d1:f6:31:36:1e:e2:22:00:08:
                    7b:76:92:e5:33:4e:98:32:b0:9c:dd:6c:c4:7e:69:
                    bc:00:89:81:fa:39:e6:50:ed:45:f0:6c:93:d3:08:
                    ae:af:ee:5f:23:0f:b7:e2:c8:f0:72:87:8e:bf:3b:
                    0e:4a:62:ef:42:fa:89:5b:b3:f9:a8:28:d1:90:32:
                    60:d7:0b:98:d2:47:4c:0e:92:ee:57:9a:df:9f:4e:
                    a8:43:7f:ec:6a:a9:a0:f5:a2:21:ca:bd:a7:5c:2d:
                    a1:75:61:c3:f3:a8:c1:02:91:ae:01:ce:57:04:59:
                    6d:27:40:aa:e4:50:60:36:df:ee:b4:9d:c5:5b:41:
                    d8:a1:0b:d8:7d:a4:be:59:eb:c1:af:d0:43:b4:ce:
                    fb:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:98:52:38:CA:0B:0C:38:A5:06:2C:16:B3:36:60:2D:D5:5E:FA:AF
            X509v3 Authority Key Identifier:
                keyid:5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:2a:f6:a0:09:2d:23:c4:14:12:a9:4e:e1:bc:4a:00:6a:55:
         fc:65:ce:fa:59:b5:66:fc:0e:bc:7c:2b:1b:a7:ed:21:ab:ca:
         c3:c1:ab:21:58:9f:66:79:39:00:dd:5f:e4:ae:cc:e8:08:45:
         3a:57:88:05:8c:a3:57:fd:89:6b:dd:3f:9e:09:1b:34:d7:4a:
         69:b0:3f:0f:b7:2e:c7:5e:86:05:17:83:2f:6d:28:c1:2a:67:
         6e:f7:d7:7c:8b:5b:de:82:ad:dc:66:ff:e8:72:26:27:25:5b:
         35:3c:c9:a5:d5:f3:c7:6e:12:06:31:ba:25:2a:fe:f0:6e:3c:
         0a:87:da:27:e5:fc:0d:c5:fd:9c:9d:01:a3:74:ec:b1:da:85:
         9b:d3:b8:8f:15:45:4c:f3:2d:b2:53:05:80:61:c1:5c:5a:1b:
         dc:cc:98:7d:48:e4:1c:72:b5:92:89:36:38:dc:7d:36:79:2b:
         be:35:21:8f:44:63:49:82:c9:c8:7e:1f:92:98:db:b5:39:e0:
         47:bb:05:a5:e5:70:06:c0:96:1b:e5:06:4b:5a:7d:a6:47:b9:
         c0:a1:93:73:ee:53:ad:bf:da:e2:b8:79:50:ce:0d:0d:10:5d:
         91:c9:af:1c:ae:36:47:fc:38:88:59:f8:01:94:4c:09:97:43:
         b0:39:be:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeG/UQddoKIMjGaA8HZf48wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTg3OTBhMDhjOGUwZDg0NTg4ZDk0ZDFhNTFiY2E5YWJl
NzU4MWQwHhcNMjUwNjE5MDcwMDM0WhcNMjUwNjIwMDcwMDM0WjAzMTEwLwYDVQQD
EygxODk4NTIzOGNhMGIwYzM4YTUwNjJjMTZiMzM2NjAyZGQ1NWVmYWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlg1bXS0HEpwMc/0RNOZnqJ1i8QcU
tvR//2gFGONRXxYIBVHMqCInkAQX0o2/klalDd41lC7Yu0uOGc0IMMh6Sv701q5l
3H47xt+MfIlYRcASK94NfudFeSefTl3PnsqJB7/LZPr2gOyeVuQbNxPR9jE2HuIi
AAh7dpLlM06YMrCc3WzEfmm8AImB+jnmUO1F8GyT0wiur+5fIw+34sjwcoeOvzsO
SmLvQvqJW7P5qCjRkDJg1wuY0kdMDpLuV5rfn06oQ3/saqmg9aIhyr2nXC2hdWHD
86jBApGuAc5XBFltJ0Cq5FBgNt/utJ3FW0HYoQvYfaS+WevBr9BDtM77vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBiYUjjKCww4pQYsFrM2YC3VXvqvMB8GA1UdIwQY
MBaAFF6oeQoIyODYRYjZTRpRvKmr51gdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgt
MzBjMGExMTFjZDU1LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgtMzBjMGExMTFjZDU1
LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXSr2oAkt
I8QUEqlO4bxKAGpV/GXO+lm1ZvwOvHwrG6ftIavKw8GrIVifZnk5AN1f5K7M6AhF
OleIBYyjV/2Ja90/ngkbNNdKabA/D7cux16GBReDL20owSpnbvfXfItb3oKt3Gb/
6HImJyVbNTzJpdXzx24SBjG6JSr+8G48CofaJ+X8DcX9nJ0Bo3TssdqFm9O4jxVF
TPMtslMFgGHBXFob3MyYfUjkHHK1kok2ONx9NnkrvjUhj0RjSYLJyH4fkpjbtTng
R7sFpeVwBsCWG+UGS1p9pke5wKGTc+5Trb/a4rh5UM4NDRBdkcmvHK42R/w4iFn4
AZRMCZdDsDm+EA==
-----END CERTIFICATE-----