Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft
File:                     XbomMhShFwVRmA7pFxn42Ixia14.mft (raw, json)
Hash identifier:          W+OY3UX1+LY8n2Weo7CAOkkUO4VgX2UCGpgaGMlx1LI=
Subject key identifier:   C3:E5:0E:CD:2C:36:A8:2D:B1:FA:BE:91:7F:0A:A9:D2:8D:87:9E:67
Authority key identifier: 5D:BA:26:32:14:A1:17:05:51:98:0E:E9:17:19:F8:D8:8C:62:6B:5E
Certificate issuer:       /CN=5dba263214a1170551980ee91719f8d88c626b5e
Certificate serial:       01988053EC079F72E68D93C6004AFA6701AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft
Manifest number:          1188
Signing time:             Wed 06 Aug 2025 17:00:40 +0000
Manifest this update:     Wed 06 Aug 2025 17:00:40 +0000
Manifest next update:     Thu 07 Aug 2025 17:00:40 +0000
Files and hashes:         1: XbomMhShFwVRmA7pFxn42Ixia14.crl (hash: u9jdqNIBqFRoTiCi+V9rNMwrZFR5vwOZtla6MvgXc/Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:80:53:ec:07:9f:72:e6:8d:93:c6:00:4a:fa:67:01:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dba263214a1170551980ee91719f8d88c626b5e
        Validity
            Not Before: Aug  6 17:00:40 2025 GMT
            Not After : Aug  7 17:00:40 2025 GMT
        Subject: CN=c3e50ecd2c36a82db1fabe917f0aa9d28d879e67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:97:76:d4:8d:2a:74:82:2c:77:a6:8c:56:35:
                    39:a0:0a:a6:18:f7:15:27:8f:49:ca:94:b6:04:29:
                    05:26:1d:e5:fd:84:ab:05:07:f5:0c:5f:0c:de:79:
                    12:2a:94:f2:7d:ca:13:7a:d3:db:0d:32:99:8e:c6:
                    21:7a:18:cf:ee:d2:56:8a:68:54:10:35:cd:67:12:
                    f2:cf:a2:74:65:cf:e5:a9:c1:0c:7d:71:ca:f1:13:
                    d2:6e:ca:ba:db:a0:8f:30:7e:68:1a:f4:1b:99:87:
                    b5:a7:11:e2:b9:d5:53:da:e7:f3:af:f6:c1:ab:bb:
                    88:b2:e8:83:f1:6b:9f:1d:fe:fa:e2:6c:60:7e:db:
                    2a:64:3f:89:b4:c2:08:de:f0:3e:72:89:12:25:0a:
                    ad:53:a1:59:94:1a:83:da:a4:cd:6d:56:d5:f9:89:
                    65:50:f1:cf:27:67:79:a1:44:85:29:0f:84:4a:5a:
                    64:e5:e7:27:7f:86:da:ad:36:69:45:a5:d6:79:9c:
                    e7:d6:2f:1a:44:cc:5d:3c:3e:56:d9:d2:8c:10:1b:
                    8c:83:2f:0a:45:31:a3:a9:c5:af:8d:3a:ad:e6:3a:
                    ed:38:47:7e:11:eb:bd:4d:3d:00:83:19:f0:45:9d:
                    50:7b:f6:7b:3f:c4:d4:37:50:ca:d6:55:8c:42:88:
                    bb:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:E5:0E:CD:2C:36:A8:2D:B1:FA:BE:91:7F:0A:A9:D2:8D:87:9E:67
            X509v3 Authority Key Identifier:
                keyid:5D:BA:26:32:14:A1:17:05:51:98:0E:E9:17:19:F8:D8:8C:62:6B:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:b6:36:2d:7c:4a:dd:81:14:a2:ef:b9:90:22:e4:e6:89:f9:
         ef:19:8f:91:84:64:ee:35:7c:04:95:5c:25:8b:76:da:3a:a9:
         c8:a4:fa:66:82:ab:27:39:fb:c5:70:07:11:48:17:67:6c:7e:
         b8:01:9e:1a:2f:13:f3:99:7d:70:cc:eb:01:32:6c:24:ac:98:
         ee:ab:ff:10:bf:26:80:c2:34:17:e0:9d:96:e5:6c:38:37:f5:
         fc:50:3b:31:d5:25:eb:e2:7c:17:45:6c:4b:8e:ec:f4:70:40:
         e7:60:db:8e:13:41:1f:a2:fb:6d:78:95:93:b9:00:aa:1e:e5:
         d4:8f:28:07:c5:5a:17:ee:2a:f7:9a:4c:21:cf:6d:1b:57:30:
         9e:00:ac:36:2a:48:ac:c8:6a:c1:69:6a:27:14:47:16:1d:a9:
         c8:9e:01:69:d5:65:3e:1b:7d:c3:c0:1f:f0:59:99:1a:24:28:
         2e:3c:6c:01:c6:ea:9a:b4:a8:2b:b3:cc:fa:d8:c3:79:e6:5c:
         b6:0b:2e:a2:ec:22:5a:4c:ee:11:7e:bb:95:5e:51:04:60:5c:
         a6:bd:16:04:9a:61:9c:e4:c3:b6:05:dc:21:f6:c7:3e:4a:c4:
         4a:8f:b3:d5:da:33:a3:fa:5f:04:38:dd:c8:83:ce:63:1c:8f:
         9c:62:60:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiAU+wHn3LmjZPGAEr6ZwGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYmEyNjMyMTRhMTE3MDU1MTk4MGVlOTE3MTlmOGQ4OGM2
MjZiNWUwHhcNMjUwODA2MTcwMDQwWhcNMjUwODA3MTcwMDQwWjAzMTEwLwYDVQQD
EyhjM2U1MGVjZDJjMzZhODJkYjFmYWJlOTE3ZjBhYTlkMjhkODc5ZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZd21I0qdIIsd6aMVjU5oAqmGPcV
J49JypS2BCkFJh3l/YSrBQf1DF8M3nkSKpTyfcoTetPbDTKZjsYhehjP7tJWimhU
EDXNZxLyz6J0Zc/lqcEMfXHK8RPSbsq626CPMH5oGvQbmYe1pxHiudVT2ufzr/bB
q7uIsuiD8WufHf764mxgftsqZD+JtMII3vA+cokSJQqtU6FZlBqD2qTNbVbV+Yll
UPHPJ2d5oUSFKQ+ESlpk5ecnf4barTZpRaXWeZzn1i8aRMxdPD5W2dKMEBuMgy8K
RTGjqcWvjTqt5jrtOEd+Eeu9TT0AgxnwRZ1Qe/Z7P8TUN1DK1lWMQoi7UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMPlDs0sNqgtsfq+kX8KqdKNh55nMB8GA1UdIwQY
MBaAFF26JjIUoRcFUZgO6RcZ+NiMYmteMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80ZTQxNGYtMGE3Ni00ZmU5LThiN2It
MTM1YTkzOTgyOTMxLzEvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80ZTQxNGYtMGE3Ni00ZmU5LThiN2ItMTM1YTkzOTgyOTMx
LzEvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANLY2LXxK
3YEUou+5kCLk5on57xmPkYRk7jV8BJVcJYt22jqpyKT6ZoKrJzn7xXAHEUgXZ2x+
uAGeGi8T85l9cMzrATJsJKyY7qv/EL8mgMI0F+CdluVsODf1/FA7MdUl6+J8F0Vs
S47s9HBA52DbjhNBH6L7bXiVk7kAqh7l1I8oB8VaF+4q95pMIc9tG1cwngCsNipI
rMhqwWlqJxRHFh2pyJ4BadVlPht9w8Af8FmZGiQoLjxsAcbqmrSoK7PM+tjDeeZc
tgsuouwiWkzuEX67lV5RBGBcpr0WBJphnOTDtgXcIfbHPkrESo+z1dozo/pfBDjd
yIPOYxyPnGJgiQ==
-----END CERTIFICATE-----
Generated at Thu Aug 7 03:22:52 2025 by rpki-client