Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft
File:                     XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft (raw, json)
Hash identifier:          HCCTjDRhkodr3wq9WjwGzi0VcbUpqCwgf6pKk6UFK4U=
Subject key identifier:   76:0D:E1:E2:80:5F:BD:C9:7A:AA:D1:5C:BF:83:C7:5F:3D:FC:F4:C9
Authority key identifier: 5D:FA:AF:B6:1A:0C:74:A0:49:D9:6B:CD:E5:9C:B9:42:CC:8D:55:79
Certificate issuer:       /CN=5dfaafb61a0c74a049d96bcde59cb942cc8d5579
Certificate serial:       01976929A58FCBAA63B6EEB5ACFFF0340F2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft
Manifest number:          1589
Signing time:             Fri 13 Jun 2025 12:00:26 +0000
Manifest this update:     Fri 13 Jun 2025 12:00:26 +0000
Manifest next update:     Sat 14 Jun 2025 12:00:26 +0000
Files and hashes:         1: XfqvthoMdKBJ2WvN5Zy5QsyNVXk.crl (hash: hKf2fTRd+Br5FstWf4v/RLkYGqmpas5Sc4LSakM/Kp0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 12:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:29:a5:8f:cb:aa:63:b6:ee:b5:ac:ff:f0:34:0f:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dfaafb61a0c74a049d96bcde59cb942cc8d5579
        Validity
            Not Before: Jun 13 12:00:26 2025 GMT
            Not After : Jun 14 12:00:26 2025 GMT
        Subject: CN=760de1e2805fbdc97aaad15cbf83c75f3dfcf4c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:10:93:30:01:da:5d:96:24:8a:c8:e7:dd:90:
                    cf:c8:14:06:19:0c:c4:3d:9c:6c:f6:52:b0:ef:49:
                    ef:29:96:75:fd:06:d3:84:e5:70:9f:6c:f6:08:f8:
                    e9:98:42:80:63:52:5c:3f:09:d3:ca:b6:0a:3f:1e:
                    44:20:d7:e5:d8:80:89:ff:0c:f5:ec:75:a1:53:9b:
                    48:11:d3:5c:96:8c:7b:23:e1:93:79:40:6d:7c:46:
                    a7:ee:06:cd:88:7c:91:14:44:bd:c8:4f:03:35:d3:
                    43:16:46:7c:db:d1:10:09:15:d7:e8:c2:83:50:04:
                    41:09:66:7f:f5:55:83:39:12:64:41:ab:e7:04:8f:
                    ee:19:e3:20:09:3f:9a:09:ce:59:e7:82:f2:5b:21:
                    09:d3:53:7d:a8:f5:35:ef:78:3b:79:6a:74:58:77:
                    54:51:d8:e6:bf:cc:59:71:fc:b9:3d:d5:56:90:e8:
                    de:e7:54:77:f4:e0:e2:9a:30:23:c9:54:71:2a:9a:
                    51:f1:e6:f4:2e:ed:e6:10:89:c4:74:b6:28:7d:10:
                    88:f6:ca:04:5f:0e:ac:ef:de:69:27:c6:ea:1f:6d:
                    95:fe:ed:e7:ca:41:4d:79:85:22:b6:b9:2d:fd:be:
                    94:b5:63:b9:18:dc:57:21:f9:46:b7:e3:81:8b:22:
                    72:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:0D:E1:E2:80:5F:BD:C9:7A:AA:D1:5C:BF:83:C7:5F:3D:FC:F4:C9
            X509v3 Authority Key Identifier:
                keyid:5D:FA:AF:B6:1A:0C:74:A0:49:D9:6B:CD:E5:9C:B9:42:CC:8D:55:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e8:0a:cf:56:26:00:d0:4b:7e:d4:11:bf:f3:57:a0:54:1a:cb:
         38:b9:69:1d:5e:cc:48:8c:c8:fc:6d:4a:32:83:29:34:cb:3d:
         6f:49:db:7d:74:ad:b2:a4:f8:13:76:c3:46:d9:d5:1b:77:f6:
         4c:cc:e7:61:1f:73:53:7f:06:51:35:2e:71:26:ce:21:f4:1f:
         ed:fa:50:5f:8e:bb:9a:4d:51:61:31:e6:c2:ae:53:08:f5:03:
         dc:9b:f7:c0:85:55:f8:c9:38:74:83:51:76:15:88:16:b9:6e:
         d4:82:dd:af:a7:6d:c5:80:1a:6d:54:ca:ef:60:21:58:27:7e:
         3b:41:60:e4:fd:df:c9:64:e9:05:86:57:f1:53:0e:03:0c:4f:
         ea:08:66:c8:9a:e4:6a:85:f6:5b:31:1c:e9:5f:4a:6a:0d:f8:
         33:50:55:1a:41:07:3b:92:bd:5d:7a:72:57:64:95:6c:fe:82:
         22:71:27:59:15:c4:ad:22:f0:c5:0f:0f:cc:b6:af:27:ac:33:
         38:50:62:ff:cd:98:a0:81:af:58:2d:ee:fe:b2:d9:73:e2:ce:
         3a:5f:c8:d7:eb:9e:db:86:59:12:a9:4a:d7:d4:b1:f0:5d:f9:
         cb:3e:b0:09:a0:c6:3c:75:46:40:cc:09:4d:72:1f:e0:e1:cf:
         87:96:b3:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpKaWPy6pjtu61rP/wNA8uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZmFhZmI2MWEwYzc0YTA0OWQ5NmJjZGU1OWNiOTQyY2M4
ZDU1NzkwHhcNMjUwNjEzMTIwMDI2WhcNMjUwNjE0MTIwMDI2WjAzMTEwLwYDVQQD
Eyg3NjBkZTFlMjgwNWZiZGM5N2FhYWQxNWNiZjgzYzc1ZjNkZmNmNGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixCTMAHaXZYkisjn3ZDPyBQGGQzE
PZxs9lKw70nvKZZ1/QbThOVwn2z2CPjpmEKAY1JcPwnTyrYKPx5EINfl2ICJ/wz1
7HWhU5tIEdNclox7I+GTeUBtfEan7gbNiHyRFES9yE8DNdNDFkZ829EQCRXX6MKD
UARBCWZ/9VWDORJkQavnBI/uGeMgCT+aCc5Z54LyWyEJ01N9qPU173g7eWp0WHdU
Udjmv8xZcfy5PdVWkOje51R39ODimjAjyVRxKppR8eb0Lu3mEInEdLYofRCI9soE
Xw6s795pJ8bqH22V/u3nykFNeYUitrkt/b6UtWO5GNxXIflGt+OBiyJyLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHYN4eKAX73JeqrRXL+Dx189/PTJMB8GA1UdIwQY
MBaAFF36r7YaDHSgSdlrzeWcuULMjVV5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGZxdnRob01kS0JKMld2TjVaeTVRc3lOVlhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC80OTQyZjYtZjU4Yy00ZWVmLTkxOGIt
ZjJkOWYwZTdhNjk3LzEvWGZxdnRob01kS0JKMld2TjVaeTVRc3lOVlhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC80OTQyZjYtZjU4Yy00ZWVmLTkxOGItZjJkOWYwZTdhNjk3
LzEvWGZxdnRob01kS0JKMld2TjVaeTVRc3lOVlhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA6ArPViYA
0Et+1BG/81egVBrLOLlpHV7MSIzI/G1KMoMpNMs9b0nbfXStsqT4E3bDRtnVG3f2
TMznYR9zU38GUTUucSbOIfQf7fpQX467mk1RYTHmwq5TCPUD3Jv3wIVV+Mk4dINR
dhWIFrlu1ILdr6dtxYAabVTK72AhWCd+O0Fg5P3fyWTpBYZX8VMOAwxP6ghmyJrk
aoX2WzEc6V9Kag34M1BVGkEHO5K9XXpyV2SVbP6CInEnWRXErSLwxQ8PzLavJ6wz
OFBi/82YoIGvWC3u/rLZc+LOOl/I1+ue24ZZEqlK19Sx8F35yz6wCaDGPHVGQMwJ
TXIf4OHPh5azIQ==
-----END CERTIFICATE-----