Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft
File:                     xwy87PJahmXDWnjIIdEes6ZCNiE.mft (raw, json)
Hash identifier:          UrerTz+wvHk8gDy56YLKSneDdPnYrSVLyecEpNVqMuM=
Subject key identifier:   8C:62:35:C0:33:4B:8A:1C:75:02:29:CE:F2:64:78:0A:48:F0:80:02
Authority key identifier: C7:0C:BC:EC:F2:5A:86:65:C3:5A:78:C8:21:D1:1E:B3:A6:42:36:21
Certificate issuer:       /CN=c70cbcecf25a8665c35a78c821d11eb3a6423621
Certificate serial:       0198733D88EC6A5BAE46B697D7320253BCEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft
Manifest number:          1614
Signing time:             Mon 04 Aug 2025 04:01:09 +0000
Manifest this update:     Mon 04 Aug 2025 04:01:09 +0000
Manifest next update:     Tue 05 Aug 2025 04:01:09 +0000
Files and hashes:         1: xwy87PJahmXDWnjIIdEes6ZCNiE.crl (hash: Rl7Vi/7jA8zrOlnaHVOYmuNtXFwp5FhWHUiG2Sd+yd8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:3d:88:ec:6a:5b:ae:46:b6:97:d7:32:02:53:bc:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c70cbcecf25a8665c35a78c821d11eb3a6423621
        Validity
            Not Before: Aug  4 04:01:09 2025 GMT
            Not After : Aug  5 04:01:09 2025 GMT
        Subject: CN=8c6235c0334b8a1c750229cef264780a48f08002
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:b0:06:96:7d:5b:06:41:c4:6a:8c:03:57:45:
                    b5:a4:b8:7a:ad:66:25:4a:bd:72:90:50:03:25:f2:
                    ab:c7:c0:11:01:90:59:13:2e:e7:37:e6:7f:0c:54:
                    a3:26:63:0f:6f:78:13:a3:f9:19:79:92:83:3a:17:
                    ac:44:06:7d:06:cf:d0:12:3d:27:6f:d8:07:8e:9c:
                    eb:ae:fe:95:00:f8:b3:97:7a:d4:ef:1e:69:a0:34:
                    25:de:39:95:34:d7:e0:71:a4:b2:3a:58:d9:98:c8:
                    1e:e6:46:8e:e8:f4:ce:d7:77:99:62:6c:0b:43:56:
                    bc:48:48:af:0d:13:ca:eb:40:8a:2e:d5:41:96:cd:
                    8e:24:f5:51:4e:ef:e1:aa:14:5f:57:a2:48:8b:85:
                    69:81:7f:e5:8f:73:6e:61:1f:8f:d7:52:3c:83:2c:
                    d7:8b:18:71:36:27:9b:37:a0:31:16:2b:67:bd:3b:
                    ab:e8:2b:04:34:a3:88:76:22:40:0e:c9:8c:18:64:
                    28:90:35:50:a0:b1:43:f7:44:9d:c4:80:48:21:b2:
                    c3:c2:c0:f7:e2:78:5f:df:b3:50:d5:aa:0b:ad:de:
                    de:b0:75:d5:f7:2c:aa:d4:0e:7a:fc:d0:88:73:f9:
                    4c:6a:e9:2e:02:86:66:c0:2f:9d:41:63:3e:70:d2:
                    87:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:62:35:C0:33:4B:8A:1C:75:02:29:CE:F2:64:78:0A:48:F0:80:02
            X509v3 Authority Key Identifier:
                keyid:C7:0C:BC:EC:F2:5A:86:65:C3:5A:78:C8:21:D1:1E:B3:A6:42:36:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:5c:dc:45:74:60:b5:06:50:bf:cd:90:44:6c:08:c2:78:6f:
         e1:96:46:49:a0:b3:f8:03:b7:4b:7f:ff:13:36:70:c9:36:50:
         47:93:44:48:bf:53:68:7d:1f:be:a3:7c:20:f8:9f:e3:67:d4:
         eb:ef:ea:f3:90:e8:73:5e:1c:1b:23:14:2a:53:aa:25:d8:33:
         ad:c9:ae:54:a8:70:f8:8a:7b:a2:f0:69:74:bc:dc:ee:5f:45:
         d0:17:05:8c:39:33:0d:36:83:60:78:48:da:c9:40:6b:29:5e:
         e2:bc:66:5b:6e:4e:ca:4a:57:e0:db:9c:0f:fe:e7:45:8f:ef:
         03:1d:3e:bc:0d:8a:8f:79:91:cc:df:e3:79:f4:69:2b:8b:ce:
         21:b6:4a:ce:52:db:75:79:8e:ef:50:d3:ef:77:ef:68:49:a6:
         b9:ab:e5:58:7d:68:a1:fe:b4:7c:25:94:78:0f:ee:97:11:ce:
         b9:8c:b5:4e:3c:7d:bf:b2:fa:c9:c4:1d:0a:38:64:67:aa:a6:
         63:7f:8d:07:22:57:76:5f:e0:41:8c:0b:27:84:31:32:b9:2c:
         df:99:06:c7:b0:d0:8a:5a:9f:4a:7c:9c:f1:49:d0:b3:51:6e:
         00:c1:a1:5f:85:a2:50:23:6d:5d:21:16:fb:55:3d:f5:cd:a8:
         e3:b6:14:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzPYjsaluuRraX1zICU7zuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MGNiY2VjZjI1YTg2NjVjMzVhNzhjODIxZDExZWIzYTY0
MjM2MjEwHhcNMjUwODA0MDQwMTA5WhcNMjUwODA1MDQwMTA5WjAzMTEwLwYDVQQD
Eyg4YzYyMzVjMDMzNGI4YTFjNzUwMjI5Y2VmMjY0NzgwYTQ4ZjA4MDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7LAGln1bBkHEaowDV0W1pLh6rWYl
Sr1ykFADJfKrx8ARAZBZEy7nN+Z/DFSjJmMPb3gTo/kZeZKDOhesRAZ9Bs/QEj0n
b9gHjpzrrv6VAPizl3rU7x5poDQl3jmVNNfgcaSyOljZmMge5kaO6PTO13eZYmwL
Q1a8SEivDRPK60CKLtVBls2OJPVRTu/hqhRfV6JIi4VpgX/lj3NuYR+P11I8gyzX
ixhxNiebN6AxFitnvTur6CsENKOIdiJADsmMGGQokDVQoLFD90SdxIBIIbLDwsD3
4nhf37NQ1aoLrd7esHXV9yyq1A56/NCIc/lMaukuAoZmwC+dQWM+cNKHCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIxiNcAzS4ocdQIpzvJkeApI8IACMB8GA1UdIwQY
MBaAFMcMvOzyWoZlw1p4yCHRHrOmQjYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy82OGU2NTMtMThjNS00NDllLTk1ZDgt
ZTY5N2JiNTc2NGMzLzEveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy82OGU2NTMtMThjNS00NDllLTk1ZDgtZTY5N2JiNTc2NGMz
LzEveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFFzcRXRg
tQZQv82QRGwIwnhv4ZZGSaCz+AO3S3//EzZwyTZQR5NESL9TaH0fvqN8IPif42fU
6+/q85Doc14cGyMUKlOqJdgzrcmuVKhw+Ip7ovBpdLzc7l9F0BcFjDkzDTaDYHhI
2slAayle4rxmW25OykpX4NucD/7nRY/vAx0+vA2Kj3mRzN/jefRpK4vOIbZKzlLb
dXmO71DT73fvaEmmuavlWH1oof60fCWUeA/ulxHOuYy1Tjx9v7L6ycQdCjhkZ6qm
Y3+NByJXdl/gQYwLJ4QxMrks35kGx7DQilqfSnyc8UnQs1FuAMGhX4WiUCNtXSEW
+1U99c2o47YUzw==
-----END CERTIFICATE-----