Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft
File:                     XlTVGjJHsX9vlqDM4lMBktyfdCI.mft (raw, json)
Hash identifier:          Q/kF2wCasz4yDQk+/qQxj8W0qLL4bZqYgYzWM05QcLI=
Subject key identifier:   BA:24:6E:3D:2A:B7:22:23:3C:9E:49:1F:AE:FE:85:27:A1:95:95:1F
Authority key identifier: 5E:54:D5:1A:32:47:B1:7F:6F:96:A0:CC:E2:53:01:92:DC:9F:74:22
Certificate issuer:       /CN=5e54d51a3247b17f6f96a0cce2530192dc9f7422
Certificate serial:       0197B70EC6BDE57BC661C562B1DB2C597877
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XlTVGjJHsX9vlqDM4lMBktyfdCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft
Manifest number:          0586
Signing time:             Sat 28 Jun 2025 15:01:28 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:28 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:28 +0000
Files and hashes:         1: XlTVGjJHsX9vlqDM4lMBktyfdCI.crl (hash: +EH9gdB1pdLI2Np0Pvbu3RgL3ZNvE58wDyvK/z+KguA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XlTVGjJHsX9vlqDM4lMBktyfdCI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:c6:bd:e5:7b:c6:61:c5:62:b1:db:2c:59:78:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e54d51a3247b17f6f96a0cce2530192dc9f7422
        Validity
            Not Before: Jun 28 15:01:28 2025 GMT
            Not After : Jun 29 15:01:28 2025 GMT
        Subject: CN=ba246e3d2ab722233c9e491faefe8527a195951f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:16:a0:96:46:4a:98:00:97:7b:a3:57:a3:36:
                    b0:fa:60:06:9d:c5:1b:bf:05:71:3e:b3:ac:4a:82:
                    27:56:3b:92:ff:67:e2:41:36:db:4f:95:a0:70:b8:
                    54:80:fa:f7:5a:b8:29:1e:74:20:8c:42:66:94:69:
                    02:b4:7b:62:48:43:ff:ac:2b:4a:2b:67:c0:df:ca:
                    71:62:44:5d:79:74:98:41:68:f1:4d:2c:6c:5e:ab:
                    97:56:ad:4e:f6:a0:44:71:e1:9c:79:15:82:23:0a:
                    47:8a:5f:0e:8f:b9:28:37:a7:36:98:e4:f2:30:27:
                    36:28:d7:b7:16:99:90:7e:a6:04:78:8b:29:20:42:
                    06:c5:5e:ab:83:ef:36:a8:90:e9:01:eb:9f:a8:c6:
                    81:f7:49:fa:76:38:9a:32:50:cc:b7:c3:73:be:9f:
                    bc:3b:76:84:2d:4e:98:06:a0:f1:50:3f:62:e8:51:
                    1b:69:65:ee:05:24:e4:1d:b3:43:65:32:84:6f:32:
                    bb:00:28:74:17:53:05:34:ff:dc:97:e2:b2:08:eb:
                    f4:20:f8:83:ea:03:45:92:bd:3b:aa:03:6f:21:42:
                    a0:9e:e0:4e:36:03:83:13:90:c6:65:bd:76:d8:3d:
                    a7:fa:69:bb:47:e8:75:ee:c9:35:7c:06:c5:db:95:
                    04:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:24:6E:3D:2A:B7:22:23:3C:9E:49:1F:AE:FE:85:27:A1:95:95:1F
            X509v3 Authority Key Identifier:
                keyid:5E:54:D5:1A:32:47:B1:7F:6F:96:A0:CC:E2:53:01:92:DC:9F:74:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlTVGjJHsX9vlqDM4lMBktyfdCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:54:d7:89:0d:1d:33:0f:be:34:61:dd:fb:bc:ac:25:94:eb:
         fa:e8:01:29:a9:31:09:2e:3c:6d:c2:40:9c:29:89:19:6a:d1:
         e7:30:6d:b3:85:30:8a:a8:46:1e:02:e3:a3:7b:78:e9:4f:e0:
         d5:d6:c8:89:93:32:4c:bd:90:2d:07:2c:f5:52:d1:a3:56:c1:
         a1:da:ba:63:5e:1f:c3:90:43:39:ca:10:c2:bf:58:83:59:5f:
         d4:54:f7:f4:e5:f8:24:d6:3f:0a:b3:86:e9:d7:9c:5a:76:c4:
         98:c2:9e:1d:b0:6c:46:15:21:a8:bb:55:cb:fd:27:45:3a:ff:
         db:30:97:b4:ab:df:8c:4d:7b:92:23:ba:7a:3c:14:64:17:03:
         c0:ab:a6:4e:c9:21:c9:95:6a:8f:0c:db:4f:56:b6:6d:f4:c1:
         a9:10:b9:69:cb:c4:ef:4b:49:b3:b5:a3:d8:79:b7:35:0b:20:
         36:73:ae:16:95:2d:9c:ba:a4:75:cd:50:c3:fa:fe:6b:3c:d7:
         dd:0d:9e:f5:b1:d5:24:3a:71:e4:be:1c:40:f8:24:0a:98:25:
         ae:96:36:b8:52:1b:4b:00:24:92:67:73:e6:9f:60:fc:42:4c:
         20:27:6a:c9:ee:53:61:89:a3:48:b2:f3:4f:21:f1:37:c8:40:
         50:c0:29:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Dsa95XvGYcVisdssWXh3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNTRkNTFhMzI0N2IxN2Y2Zjk2YTBjY2UyNTMwMTkyZGM5
Zjc0MjIwHhcNMjUwNjI4MTUwMTI4WhcNMjUwNjI5MTUwMTI4WjAzMTEwLwYDVQQD
EyhiYTI0NmUzZDJhYjcyMjIzM2M5ZTQ5MWZhZWZlODUyN2ExOTU5NTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghaglkZKmACXe6NXozaw+mAGncUb
vwVxPrOsSoInVjuS/2fiQTbbT5WgcLhUgPr3WrgpHnQgjEJmlGkCtHtiSEP/rCtK
K2fA38pxYkRdeXSYQWjxTSxsXquXVq1O9qBEceGceRWCIwpHil8Oj7koN6c2mOTy
MCc2KNe3FpmQfqYEeIspIEIGxV6rg+82qJDpAeufqMaB90n6djiaMlDMt8Nzvp+8
O3aELU6YBqDxUD9i6FEbaWXuBSTkHbNDZTKEbzK7ACh0F1MFNP/cl+KyCOv0IPiD
6gNFkr07qgNvIUKgnuBONgODE5DGZb122D2n+mm7R+h17sk1fAbF25UERwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLokbj0qtyIjPJ5JH67+hSehlZUfMB8GA1UdIwQY
MBaAFF5U1RoyR7F/b5agzOJTAZLcn3QiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGxUVkdqSkhzWDl2bHFETTRsTUJrdHlmZENJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy82NTI0ZjYtNTMyMC00Njg2LWE1YzMt
NzJlMWZjNGEzMDZlLzEvWGxUVkdqSkhzWDl2bHFETTRsTUJrdHlmZENJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy82NTI0ZjYtNTMyMC00Njg2LWE1YzMtNzJlMWZjNGEzMDZl
LzEvWGxUVkdqSkhzWDl2bHFETTRsTUJrdHlmZENJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYlTXiQ0d
Mw++NGHd+7ysJZTr+ugBKakxCS48bcJAnCmJGWrR5zBts4UwiqhGHgLjo3t46U/g
1dbIiZMyTL2QLQcs9VLRo1bBodq6Y14fw5BDOcoQwr9Yg1lf1FT39OX4JNY/CrOG
6decWnbEmMKeHbBsRhUhqLtVy/0nRTr/2zCXtKvfjE17kiO6ejwUZBcDwKumTskh
yZVqjwzbT1a2bfTBqRC5acvE70tJs7Wj2Hm3NQsgNnOuFpUtnLqkdc1Qw/r+azzX
3Q2e9bHVJDpx5L4cQPgkCpglrpY2uFIbSwAkkmdz5p9g/EJMICdqye5TYYmjSLLz
TyHxN8hAUMAp1Q==
-----END CERTIFICATE-----