Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
File:                     XNhYOyEXQQSea7GalG2DGqvxGtM.mft (raw, json)
Hash identifier:          WV/jcTiVqxs3e0am4tHU7+ihg9UD+WAahmwxM9TupZw=
Subject key identifier:   22:1A:52:50:B9:36:57:FA:85:CB:2D:9A:FA:C5:A7:EF:BF:CB:BE:F0
Authority key identifier: 5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
Certificate issuer:       /CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Certificate serial:       01976D066A2D43390EFBB93F8832FE6B8E46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
Manifest number:          14CE
Signing time:             Sat 14 Jun 2025 06:00:26 +0000
Manifest this update:     Sat 14 Jun 2025 06:00:26 +0000
Manifest next update:     Sun 15 Jun 2025 06:00:26 +0000
Files and hashes:         1: XNhYOyEXQQSea7GalG2DGqvxGtM.crl (hash: k2Vn7Mc+OCF+8O74DIEBZMJOFn3d0tRFKYDfqRpwSTY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:06:6a:2d:43:39:0e:fb:b9:3f:88:32:fe:6b:8e:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cd8583b211741049e6bb19a946d831aabf11ad3
        Validity
            Not Before: Jun 14 06:00:26 2025 GMT
            Not After : Jun 15 06:00:26 2025 GMT
        Subject: CN=221a5250b93657fa85cb2d9afac5a7efbfcbbef0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:85:ec:ec:69:ce:98:81:56:f2:bc:6a:31:2d:
                    47:40:f8:4d:ff:61:5d:2f:4f:75:25:13:9c:9c:19:
                    8e:81:bb:bc:27:00:68:a9:24:32:71:4e:68:77:eb:
                    9f:d5:aa:cd:bd:c7:3f:2b:56:91:1d:5b:42:a6:6b:
                    b5:5a:47:4d:8d:20:04:e5:97:56:b8:5f:12:be:8e:
                    7d:86:fe:1a:6a:ca:20:95:d8:e3:a2:b8:ee:78:57:
                    08:ae:6f:ce:44:89:38:3b:bb:81:5b:b2:e2:31:bc:
                    e1:70:03:23:df:0f:4b:7d:f8:fd:35:64:8d:8a:33:
                    10:d3:f6:f7:ae:f4:3f:07:5b:dd:3e:73:96:00:4b:
                    fb:d5:3e:07:34:fa:47:b9:98:28:24:50:49:4f:ba:
                    0a:59:a1:47:c3:d6:e9:0d:55:62:b9:94:9a:06:c6:
                    13:dd:f4:d7:a4:10:cd:d0:8b:67:28:42:0c:01:c6:
                    51:ff:f0:ce:ca:88:62:b3:8c:8c:2c:ec:97:54:93:
                    d2:25:81:2c:26:7a:80:6f:e8:6a:99:ed:93:e1:7a:
                    c8:bb:8e:dd:6c:ee:20:ca:4c:06:2e:f4:10:7e:4c:
                    35:c4:66:a7:07:3a:4c:d5:98:01:f1:36:cc:9f:a5:
                    f5:67:c3:53:26:68:65:6a:c1:1c:80:6f:4e:73:69:
                    e5:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:1A:52:50:B9:36:57:FA:85:CB:2D:9A:FA:C5:A7:EF:BF:CB:BE:F0
            X509v3 Authority Key Identifier:
                keyid:5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:60:f6:bf:8b:e8:86:66:45:6c:fa:1a:27:5c:e8:ef:6c:05:
         df:3a:3e:9f:c3:96:61:4a:c6:ba:8a:db:60:40:1c:96:8c:b8:
         59:a8:13:e9:65:83:49:0c:39:22:c8:89:3f:31:f2:a9:a6:d8:
         a0:e9:7f:40:3a:33:da:ec:b3:9e:19:9f:1b:f3:18:8d:e0:88:
         8b:6d:34:b0:8c:91:bb:4a:c0:bd:76:59:a6:a1:f5:a0:d7:c8:
         d3:f9:af:62:be:ad:83:b9:92:d1:da:5e:f0:28:f9:7d:93:5a:
         35:d4:fd:d3:59:16:26:0b:1a:fe:db:b3:c8:f6:0b:c7:20:46:
         6b:b5:f5:94:72:a4:15:d1:99:4b:17:fa:17:bb:7e:4d:82:7d:
         ea:e8:16:3d:33:5d:a0:a2:02:a1:c5:0f:af:21:61:11:81:cb:
         c6:93:3f:bb:de:53:52:be:0f:bc:78:a9:55:85:a8:61:0b:53:
         29:0a:a5:64:60:d3:f4:c2:1f:8e:6e:2f:81:1d:d1:a7:55:b3:
         12:76:0f:a0:8a:20:96:dd:46:46:d6:65:7f:e5:a0:e6:8d:5f:
         98:5d:16:0c:70:1c:ce:2f:fa:53:7c:4c:94:0e:44:0e:6a:a3:
         3c:07:a4:a3:1c:1c:95:e0:4e:49:6f:a7:29:fa:3e:48:c9:4a:
         1c:ed:15:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtBmotQzkO+7k/iDL+a45GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZDg1ODNiMjExNzQxMDQ5ZTZiYjE5YTk0NmQ4MzFhYWJm
MTFhZDMwHhcNMjUwNjE0MDYwMDI2WhcNMjUwNjE1MDYwMDI2WjAzMTEwLwYDVQQD
EygyMjFhNTI1MGI5MzY1N2ZhODVjYjJkOWFmYWM1YTdlZmJmY2JiZWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIXs7GnOmIFW8rxqMS1HQPhN/2Fd
L091JROcnBmOgbu8JwBoqSQycU5od+uf1arNvcc/K1aRHVtCpmu1WkdNjSAE5ZdW
uF8Svo59hv4aasogldjjorjueFcIrm/ORIk4O7uBW7LiMbzhcAMj3w9Lffj9NWSN
ijMQ0/b3rvQ/B1vdPnOWAEv71T4HNPpHuZgoJFBJT7oKWaFHw9bpDVViuZSaBsYT
3fTXpBDN0ItnKEIMAcZR//DOyohis4yMLOyXVJPSJYEsJnqAb+hqme2T4XrIu47d
bO4gykwGLvQQfkw1xGanBzpM1ZgB8TbMn6X1Z8NTJmhlasEcgG9Oc2nlYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCIaUlC5Nlf6hcstmvrFp++/y77wMB8GA1UdIwQY
MBaAFFzYWDshF0EEnmuxmpRtgxqr8RrTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUt
NTA5NzRiY2RjMjQ4LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUtNTA5NzRiY2RjMjQ4
LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlWD2v4vo
hmZFbPoaJ1zo72wF3zo+n8OWYUrGuorbYEAcloy4WagT6WWDSQw5IsiJPzHyqabY
oOl/QDoz2uyznhmfG/MYjeCIi200sIyRu0rAvXZZpqH1oNfI0/mvYr6tg7mS0dpe
8Cj5fZNaNdT901kWJgsa/tuzyPYLxyBGa7X1lHKkFdGZSxf6F7t+TYJ96ugWPTNd
oKICocUPryFhEYHLxpM/u95TUr4PvHipVYWoYQtTKQqlZGDT9MIfjm4vgR3Rp1Wz
EnYPoIoglt1GRtZlf+Wg5o1fmF0WDHAczi/6U3xMlA5EDmqjPAekoxwcleBOSW+n
Kfo+SMlKHO0VNg==
-----END CERTIFICATE-----