Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
File:                     XzoD6voEyDkjvYaTJGGFDfX3gUY.mft (raw, json)
Hash identifier:          dT7JNh9I3+gSu1Qiy+JEIN5oaE1++uLoBiWXwNbd/EI=
Subject key identifier:   8D:53:85:33:58:87:FF:CA:F2:CB:C8:18:D2:92:F5:2F:C3:8B:FC:CC
Authority key identifier: 5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46
Certificate issuer:       /CN=5f3a03eafa04c83923bd86932461850df5f78146
Certificate serial:       019688B7291D50BBC358D4E2AC3129841577
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
Manifest number:          1173
Signing time:             Wed 30 Apr 2025 22:00:27 +0000
Manifest this update:     Wed 30 Apr 2025 22:00:27 +0000
Manifest next update:     Thu 01 May 2025 22:00:27 +0000
Files and hashes:         1: XzoD6voEyDkjvYaTJGGFDfX3gUY.crl (hash: jOlyDSyALFgynEqa/yMA+iNRlYGPe4tVPWd5g+budQU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 21:27:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:88:b7:29:1d:50:bb:c3:58:d4:e2:ac:31:29:84:15:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f3a03eafa04c83923bd86932461850df5f78146
        Validity
            Not Before: Apr 30 22:00:27 2025 GMT
            Not After : May  1 22:00:27 2025 GMT
        Subject: CN=8d5385335887ffcaf2cbc818d292f52fc38bfccc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:d7:28:05:84:c6:db:b7:2e:ef:19:ab:aa:40:
                    fc:44:26:d6:a9:3f:b9:9e:31:bf:da:6b:0f:59:69:
                    dd:f3:f4:0e:06:84:c1:33:c9:8d:fd:45:9f:a5:d2:
                    8e:4d:aa:1f:7c:ca:ab:69:f9:14:ae:64:18:3c:95:
                    90:ad:03:dd:25:6f:ab:9a:80:1c:15:ef:8a:0c:3b:
                    f4:71:2d:6d:37:bd:55:68:fe:b0:8e:21:fa:07:5e:
                    6b:68:c1:82:81:59:6e:e9:31:4c:12:ca:d1:5c:1b:
                    da:61:6a:74:2b:75:09:1f:3a:51:1f:ee:84:62:45:
                    86:db:dd:70:5c:a5:bd:5f:9a:03:28:df:ab:27:23:
                    0b:01:fa:30:30:77:33:5d:76:45:fe:c1:a3:3f:16:
                    05:e5:71:ff:a8:9d:ef:2c:e1:77:3e:2d:a5:74:3a:
                    15:c3:5e:70:df:a4:09:1f:4b:68:11:53:7b:46:20:
                    0f:4c:a7:07:5c:51:69:c8:c1:08:df:a6:13:a6:86:
                    01:d3:81:e5:44:b0:80:ef:cc:49:5d:70:c0:7b:15:
                    2f:09:61:bb:2d:e6:22:66:d5:43:21:ea:0b:81:00:
                    bc:fe:38:be:68:72:4a:10:8f:0d:3d:d3:52:1f:9b:
                    a1:e5:6f:1d:d6:c9:b6:77:3e:85:b7:27:83:b9:2d:
                    1e:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:53:85:33:58:87:FF:CA:F2:CB:C8:18:D2:92:F5:2F:C3:8B:FC:CC
            X509v3 Authority Key Identifier:
                keyid:5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:38:e1:63:9a:4d:47:56:e9:b2:05:71:e9:c1:fd:bc:a4:12:
         cb:42:59:5f:1c:a6:2e:31:c5:d5:e9:14:e5:8f:6f:63:7d:55:
         51:e9:f9:62:50:04:b6:67:03:64:72:38:22:fd:d9:1a:04:df:
         85:fc:78:a0:e5:f4:ae:9a:d3:87:a1:f6:e6:b8:f1:96:1b:96:
         4a:38:50:6b:a3:f1:70:5d:c2:08:6c:b3:6c:80:5e:f9:a5:80:
         57:5c:c7:50:ce:4e:51:36:c3:d8:ad:de:70:c9:a2:df:d3:0c:
         45:55:2d:51:93:6f:d2:e6:33:ba:16:3a:05:f9:a5:54:2f:b6:
         9f:ab:17:86:68:2a:03:01:2e:18:51:76:e7:13:41:eb:f8:21:
         6c:ba:c1:c6:10:65:c5:50:64:fc:f9:2b:f2:da:44:06:3a:5e:
         13:5b:9c:c1:98:34:45:6c:5f:8b:e0:6f:2d:96:73:f0:28:8f:
         bc:60:e0:7c:93:94:73:f2:eb:2a:fa:01:76:98:b2:fd:e9:26:
         14:c1:ac:87:81:de:3c:4e:b7:91:fd:f5:93:e1:3b:cd:13:83:
         cd:d6:eb:7a:ff:11:36:6b:3b:47:8d:c0:46:5f:67:14:e0:dc:
         e4:cf:e9:9f:c5:aa:8a:c1:42:c7:6d:d6:67:ba:89:cb:cb:d8:
         37:dd:28:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaItykdULvDWNTirDEphBV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmM2EwM2VhZmEwNGM4MzkyM2JkODY5MzI0NjE4NTBkZjVm
NzgxNDYwHhcNMjUwNDMwMjIwMDI3WhcNMjUwNTAxMjIwMDI3WjAzMTEwLwYDVQQD
Eyg4ZDUzODUzMzU4ODdmZmNhZjJjYmM4MThkMjkyZjUyZmMzOGJmY2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9coBYTG27cu7xmrqkD8RCbWqT+5
njG/2msPWWnd8/QOBoTBM8mN/UWfpdKOTaoffMqrafkUrmQYPJWQrQPdJW+rmoAc
Fe+KDDv0cS1tN71VaP6wjiH6B15raMGCgVlu6TFMEsrRXBvaYWp0K3UJHzpRH+6E
YkWG291wXKW9X5oDKN+rJyMLAfowMHczXXZF/sGjPxYF5XH/qJ3vLOF3Pi2ldDoV
w15w36QJH0toEVN7RiAPTKcHXFFpyMEI36YTpoYB04HlRLCA78xJXXDAexUvCWG7
LeYiZtVDIeoLgQC8/ji+aHJKEI8NPdNSH5uh5W8d1sm2dz6FtyeDuS0eEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1ThTNYh//K8svIGNKS9S/Di/zMMB8GA1UdIwQY
MBaAFF86A+r6BMg5I72GkyRhhQ3194FGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTIt
ZDU0MGU4YjEzZjdkLzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTItZDU0MGU4YjEzZjdk
LzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAizjhY5pN
R1bpsgVx6cH9vKQSy0JZXxymLjHF1ekU5Y9vY31VUen5YlAEtmcDZHI4Iv3ZGgTf
hfx4oOX0rprTh6H25rjxlhuWSjhQa6PxcF3CCGyzbIBe+aWAV1zHUM5OUTbD2K3e
cMmi39MMRVUtUZNv0uYzuhY6BfmlVC+2n6sXhmgqAwEuGFF25xNB6/ghbLrBxhBl
xVBk/Pkr8tpEBjpeE1ucwZg0RWxfi+BvLZZz8CiPvGDgfJOUc/LrKvoBdpiy/ekm
FMGsh4HePE63kf31k+E7zRODzdbrev8RNms7R43ARl9nFODc5M/pn8WqisFCx23W
Z7qJy8vYN90oYQ==
-----END CERTIFICATE-----