Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
File:                     xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft (raw, json)
Hash identifier:          x9hZxOlnQhx5245fhqTqcafSi6ELmgCkiNE2mjiORyY=
Subject key identifier:   BD:B1:A2:B4:FF:9D:FE:D0:06:E9:1C:57:17:A1:D4:4F:17:5C:C1:F2
Authority key identifier: C5:D1:8E:1A:1D:C6:55:8C:4D:BA:73:1E:FA:32:76:9C:45:F5:4B:A0
Certificate issuer:       /CN=c5d18e1a1dc6558c4dba731efa32769c45f54ba0
Certificate serial:       0196895BE6D9A23E342DBF9A8C071C749006
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
Manifest number:          1516
Signing time:             Thu 01 May 2025 01:00:23 +0000
Manifest this update:     Thu 01 May 2025 01:00:23 +0000
Manifest next update:     Fri 02 May 2025 01:00:23 +0000
Files and hashes:         1: xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl (hash: C+h8RCybzWyrh+T7E/dPi4piMDB1lV2UVR88fsnYgb0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 21:27:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:89:5b:e6:d9:a2:3e:34:2d:bf:9a:8c:07:1c:74:90:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5d18e1a1dc6558c4dba731efa32769c45f54ba0
        Validity
            Not Before: May  1 01:00:23 2025 GMT
            Not After : May  2 01:00:23 2025 GMT
        Subject: CN=bdb1a2b4ff9dfed006e91c5717a1d44f175cc1f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:b7:5d:07:49:4e:83:f9:ad:c8:d7:5e:79:02:
                    f3:7f:8d:8c:a3:77:29:69:61:32:10:49:33:0f:35:
                    a2:1b:e8:5c:6d:0a:ee:d6:ec:62:71:7e:84:bf:1e:
                    97:9b:9b:77:7f:9d:fc:99:b7:f3:79:cc:a0:ed:7a:
                    16:e3:76:2a:8e:52:4b:1c:83:4b:8d:d3:c8:83:17:
                    8e:53:66:1f:c2:c8:b5:b0:48:f1:d0:d4:67:31:94:
                    01:6e:2d:31:18:58:92:ae:ad:30:fb:5d:61:e5:e8:
                    5a:a7:d5:48:a4:83:3b:45:d0:54:0f:78:e1:c5:3a:
                    ca:d8:1f:48:8b:ff:2f:d6:c6:71:63:c6:83:4d:94:
                    e9:93:bc:fc:71:c5:12:ad:55:89:90:df:c3:42:68:
                    24:bd:8b:33:d9:87:a2:63:f9:d1:e8:0a:14:0a:03:
                    1b:07:08:db:46:75:63:fc:5c:07:97:05:35:5f:fe:
                    dd:4e:f5:17:ba:5f:0b:30:3d:cd:32:5d:d2:99:08:
                    47:a9:df:fb:41:a2:2c:8f:5a:3c:5e:89:e0:63:51:
                    55:2b:3a:e9:e9:24:94:ea:6a:f1:55:c4:a5:68:50:
                    10:1d:76:b2:47:9f:f9:fa:6b:e6:55:2c:73:18:b9:
                    76:84:ca:ab:25:03:48:56:25:38:15:98:dd:f9:3b:
                    d0:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:B1:A2:B4:FF:9D:FE:D0:06:E9:1C:57:17:A1:D4:4F:17:5C:C1:F2
            X509v3 Authority Key Identifier:
                keyid:C5:D1:8E:1A:1D:C6:55:8C:4D:BA:73:1E:FA:32:76:9C:45:F5:4B:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:14:f7:cb:d8:de:b0:02:5f:b8:1c:77:2a:d7:ed:7a:42:ff:
         d5:b3:44:df:d2:c1:ff:b6:29:5c:e6:7e:a3:89:92:c5:3f:8e:
         dd:b2:5d:b8:f3:7b:d4:13:5c:4e:d4:6e:aa:82:53:e8:bc:bc:
         16:8f:15:ac:b1:50:6b:e2:2f:c0:f1:b4:58:ed:3b:21:ae:47:
         16:ef:01:4a:40:80:2d:e9:15:8c:d0:28:42:dc:a9:2a:42:2e:
         04:3a:88:86:94:ad:87:c5:13:5c:0d:07:c3:bb:a9:d6:0c:5e:
         93:ac:2b:b3:c4:4b:be:a1:69:d3:55:db:72:ce:7f:ff:32:e0:
         2c:95:c7:8b:57:b6:fd:c3:81:17:81:91:92:a4:61:fe:83:eb:
         d2:9e:40:78:0f:82:75:d6:49:84:f1:cf:15:d0:f2:f6:38:3c:
         cf:ab:8b:ed:c7:a7:ec:50:95:69:cb:37:8e:31:cb:63:9a:5e:
         75:ed:f1:b2:44:b0:01:4c:24:d8:ff:3f:ea:b2:02:da:d1:a9:
         de:be:8b:3f:6a:ae:f4:18:60:df:0d:dd:8c:79:7e:6d:9c:a3:
         39:41:49:dc:93:aa:17:7e:d2:f3:c0:de:a9:a9:d4:c0:c2:d3:
         d5:dd:5d:b2:5c:79:11:f8:a9:d6:b9:e8:bd:78:44:b4:f0:7e:
         4c:13:f9:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaJW+bZoj40Lb+ajAccdJAGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZDE4ZTFhMWRjNjU1OGM0ZGJhNzMxZWZhMzI3NjljNDVm
NTRiYTAwHhcNMjUwNTAxMDEwMDIzWhcNMjUwNTAyMDEwMDIzWjAzMTEwLwYDVQQD
EyhiZGIxYTJiNGZmOWRmZWQwMDZlOTFjNTcxN2ExZDQ0ZjE3NWNjMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLddB0lOg/mtyNdeeQLzf42Mo3cp
aWEyEEkzDzWiG+hcbQru1uxicX6Evx6Xm5t3f538mbfzecyg7XoW43YqjlJLHINL
jdPIgxeOU2Yfwsi1sEjx0NRnMZQBbi0xGFiSrq0w+11h5ehap9VIpIM7RdBUD3jh
xTrK2B9Ii/8v1sZxY8aDTZTpk7z8ccUSrVWJkN/DQmgkvYsz2YeiY/nR6AoUCgMb
BwjbRnVj/FwHlwU1X/7dTvUXul8LMD3NMl3SmQhHqd/7QaIsj1o8XongY1FVKzrp
6SSU6mrxVcSlaFAQHXayR5/5+mvmVSxzGLl2hMqrJQNIViU4FZjd+TvQKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL2xorT/nf7QBukcVxeh1E8XXMHyMB8GA1UdIwQY
MBaAFMXRjhodxlWMTbpzHvoydpxF9UugMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC82ZjZiMDctMmU0NS00MTBmLTkzMTgt
MWNiZTY2MWE2M2ZmLzEveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC82ZjZiMDctMmU0NS00MTBmLTkzMTgtMWNiZTY2MWE2M2Zm
LzEveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMBT3y9je
sAJfuBx3KtftekL/1bNE39LB/7YpXOZ+o4mSxT+O3bJduPN71BNcTtRuqoJT6Ly8
Fo8VrLFQa+IvwPG0WO07Ia5HFu8BSkCALekVjNAoQtypKkIuBDqIhpSth8UTXA0H
w7up1gxek6wrs8RLvqFp01Xbcs5//zLgLJXHi1e2/cOBF4GRkqRh/oPr0p5AeA+C
ddZJhPHPFdDy9jg8z6uL7cen7FCVacs3jjHLY5pede3xskSwAUwk2P8/6rIC2tGp
3r6LP2qu9Bhg3w3djHl+bZyjOUFJ3JOqF37S88DeqanUwMLT1d1dslx5Efip1rno
vXhEtPB+TBP50w==
-----END CERTIFICATE-----