Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ea71c4-3d5e-4e68-8779-dc33942ca197/1/xqnvrGfjS7iro4n_jw16HFZUM_0.mft
File:                     xqnvrGfjS7iro4n_jw16HFZUM_0.mft (raw, json)
Hash identifier:          Ym0P/P5Lm9tSMceWeVTTUxvbaTJomeoYgG4WtoNaRPA=
Subject key identifier:   6E:99:B2:19:7D:D1:AB:EC:6F:52:23:48:DF:55:B0:B1:1C:C3:62:AC
Authority key identifier: C6:A9:EF:AC:67:E3:4B:B8:AB:A3:89:FF:8F:0D:7A:1C:56:54:33:FD
Certificate issuer:       /CN=c6a9efac67e34bb8aba389ff8f0d7a1c565433fd
Certificate serial:       01976FD0B624CEA573B47F21AD92D32BE262
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xqnvrGfjS7iro4n_jw16HFZUM_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/ea71c4-3d5e-4e68-8779-dc33942ca197/1/xqnvrGfjS7iro4n_jw16HFZUM_0.mft
Manifest number:          0C9C
Signing time:             Sat 14 Jun 2025 19:00:38 +0000
Manifest this update:     Sat 14 Jun 2025 19:00:38 +0000
Manifest next update:     Sun 15 Jun 2025 19:00:38 +0000
Files and hashes:         1: xqnvrGfjS7iro4n_jw16HFZUM_0.crl (hash: BRKSKk2w5vPswgEspnZGSBjrkzo1jVddbw2OHVgRsrE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/ea71c4-3d5e-4e68-8779-dc33942ca197/1/xqnvrGfjS7iro4n_jw16HFZUM_0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/ea71c4-3d5e-4e68-8779-dc33942ca197/1/xqnvrGfjS7iro4n_jw16HFZUM_0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xqnvrGfjS7iro4n_jw16HFZUM_0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:d0:b6:24:ce:a5:73:b4:7f:21:ad:92:d3:2b:e2:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6a9efac67e34bb8aba389ff8f0d7a1c565433fd
        Validity
            Not Before: Jun 14 19:00:38 2025 GMT
            Not After : Jun 15 19:00:38 2025 GMT
        Subject: CN=6e99b2197dd1abec6f522348df55b0b11cc362ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:2d:2d:ee:14:a3:14:77:a9:2c:ef:72:72:a8:
                    93:1e:67:ca:88:b6:5a:45:cf:ef:85:49:a2:78:82:
                    d7:b1:0d:52:13:9f:7b:3d:11:bb:d8:5e:52:a9:d9:
                    af:9b:bc:bc:0c:8d:6f:5d:31:94:f9:70:ff:04:35:
                    1e:ba:f0:5d:b1:a6:98:d9:62:85:dd:f7:f1:43:8f:
                    65:b0:50:7a:88:7c:47:c1:4e:1d:bd:ec:f9:fd:7e:
                    87:5c:c3:7c:04:51:13:9c:82:e8:d5:b1:cc:db:6a:
                    ba:83:ed:5f:cc:14:a6:9b:5c:c8:8d:74:72:5a:19:
                    95:ce:e2:79:ee:f8:ee:46:2e:12:4e:ec:6a:60:21:
                    ff:5c:aa:1a:ac:ff:fe:02:27:c6:cc:16:9f:97:11:
                    c2:18:11:b3:53:9f:6e:8b:15:b3:c4:60:90:42:f8:
                    5e:88:8c:70:8f:71:50:c7:64:5e:6d:b7:10:7b:b7:
                    db:ac:fc:04:b0:5c:7a:08:3b:b6:a0:19:56:44:3b:
                    7b:1b:8b:01:8a:d0:5e:55:f2:9c:2f:61:6a:8e:5e:
                    cc:e1:af:e7:ec:6c:87:10:85:5b:35:8e:92:98:58:
                    5c:c1:08:44:6b:9d:8d:ab:87:2c:79:29:52:59:1e:
                    e1:b4:3e:53:43:29:7c:5b:ba:76:20:8c:15:b1:54:
                    1b:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:99:B2:19:7D:D1:AB:EC:6F:52:23:48:DF:55:B0:B1:1C:C3:62:AC
            X509v3 Authority Key Identifier:
                keyid:C6:A9:EF:AC:67:E3:4B:B8:AB:A3:89:FF:8F:0D:7A:1C:56:54:33:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqnvrGfjS7iro4n_jw16HFZUM_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ea71c4-3d5e-4e68-8779-dc33942ca197/1/xqnvrGfjS7iro4n_jw16HFZUM_0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ea71c4-3d5e-4e68-8779-dc33942ca197/1/xqnvrGfjS7iro4n_jw16HFZUM_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:08:f5:6a:12:84:3e:32:70:5c:50:0b:60:02:03:49:00:5e:
         79:4e:60:d2:ce:37:7f:f5:3c:7b:82:d9:4e:3e:0d:00:2a:e6:
         a6:40:62:a5:d6:05:c9:28:65:e7:52:63:29:13:27:b6:b1:7f:
         83:0f:ad:f7:6f:da:b8:56:4a:25:66:92:a0:d0:7a:71:68:27:
         a3:bc:a5:a2:5c:24:9f:a0:d9:d3:45:09:7a:6a:28:7a:79:08:
         21:c2:80:77:4f:26:3b:7b:b9:94:d4:72:c3:79:31:c7:e2:57:
         d7:95:c8:86:fd:48:06:d2:27:2c:bc:42:a1:ab:8d:90:6a:7c:
         e4:68:21:5f:74:4b:6d:8a:f9:63:8d:e4:61:6f:81:7b:b0:e8:
         55:82:d9:67:21:2f:b9:7f:c5:37:2b:2d:25:1c:8d:c2:8b:78:
         36:f8:95:de:e9:32:55:8f:f9:5b:97:e1:f0:a0:75:4f:44:ff:
         b8:ba:e2:71:e6:28:c4:c9:6b:ae:1f:4e:09:d4:c7:65:c2:c2:
         86:c6:27:f0:97:c1:70:09:7e:44:2a:85:3f:71:7a:c3:d0:36:
         29:f3:80:4c:f3:d1:1e:56:ff:96:57:d4:90:36:e7:1e:dd:5b:
         c8:75:06:b5:f7:67:ef:97:02:98:93:c0:3b:b7:d4:ea:ef:1a:
         8d:1b:4b:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdv0LYkzqVztH8hrZLTK+JiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTllZmFjNjdlMzRiYjhhYmEzODlmZjhmMGQ3YTFjNTY1
NDMzZmQwHhcNMjUwNjE0MTkwMDM4WhcNMjUwNjE1MTkwMDM4WjAzMTEwLwYDVQQD
Eyg2ZTk5YjIxOTdkZDFhYmVjNmY1MjIzNDhkZjU1YjBiMTFjYzM2MmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2i0t7hSjFHepLO9ycqiTHmfKiLZa
Rc/vhUmieILXsQ1SE597PRG72F5Sqdmvm7y8DI1vXTGU+XD/BDUeuvBdsaaY2WKF
3ffxQ49lsFB6iHxHwU4dvez5/X6HXMN8BFETnILo1bHM22q6g+1fzBSmm1zIjXRy
WhmVzuJ57vjuRi4STuxqYCH/XKoarP/+AifGzBaflxHCGBGzU59uixWzxGCQQvhe
iIxwj3FQx2RebbcQe7fbrPwEsFx6CDu2oBlWRDt7G4sBitBeVfKcL2Fqjl7M4a/n
7GyHEIVbNY6SmFhcwQhEa52Nq4cseSlSWR7htD5TQyl8W7p2IIwVsVQbmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG6Zshl90avsb1IjSN9VsLEcw2KsMB8GA1UdIwQY
MBaAFMap76xn40u4q6OJ/48NehxWVDP9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFudnJHZmpTN2lybzRuX2p3MTZIRlpVTV8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9lYTcxYzQtM2Q1ZS00ZTY4LTg3Nzkt
ZGMzMzk0MmNhMTk3LzEveHFudnJHZmpTN2lybzRuX2p3MTZIRlpVTV8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9lYTcxYzQtM2Q1ZS00ZTY4LTg3NzktZGMzMzk0MmNhMTk3
LzEveHFudnJHZmpTN2lybzRuX2p3MTZIRlpVTV8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdAj1ahKE
PjJwXFALYAIDSQBeeU5g0s43f/U8e4LZTj4NACrmpkBipdYFyShl51JjKRMntrF/
gw+t92/auFZKJWaSoNB6cWgno7ylolwkn6DZ00UJemooenkIIcKAd08mO3u5lNRy
w3kxx+JX15XIhv1IBtInLLxCoauNkGp85GghX3RLbYr5Y43kYW+Be7DoVYLZZyEv
uX/FNystJRyNwot4NviV3ukyVY/5W5fh8KB1T0T/uLriceYoxMlrrh9OCdTHZcLC
hsYn8JfBcAl+RCqFP3F6w9A2KfOATPPRHlb/llfUkDbnHt1byHUGtfdn75cCmJPA
O7fU6u8ajRtLww==
-----END CERTIFICATE-----