Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
File:                     xndznw-VRrTwJXcsXCsXl4WSOFI.mft (raw, json)
Hash identifier:          xiizHjCcOdxfjp6zCJnFo/iGBWncfqtvxqpcev7ytMc=
Subject key identifier:   21:12:EF:B0:C2:B5:65:2E:8E:DF:D9:EE:12:30:71:D0:DE:CF:72:D1
Authority key identifier: C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52
Certificate issuer:       /CN=c677739f0f9546b4f025772c5c2b179785923852
Certificate serial:       01988BB3A67B661477B2044729D0ABF2CDCA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
Manifest number:          1435
Signing time:             Fri 08 Aug 2025 22:01:03 +0000
Manifest this update:     Fri 08 Aug 2025 22:01:03 +0000
Manifest next update:     Sat 09 Aug 2025 22:01:03 +0000
Files and hashes:         1: xndznw-VRrTwJXcsXCsXl4WSOFI.crl (hash: Awl4bsOgXhSNPIeSttxBG9kI35PbGBZSiuMSD9m962I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:b3:a6:7b:66:14:77:b2:04:47:29:d0:ab:f2:cd:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c677739f0f9546b4f025772c5c2b179785923852
        Validity
            Not Before: Aug  8 22:01:03 2025 GMT
            Not After : Aug  9 22:01:03 2025 GMT
        Subject: CN=2112efb0c2b5652e8edfd9ee123071d0decf72d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:29:ab:3b:cd:4a:82:c2:91:ed:3e:53:b9:a3:
                    66:22:d5:3f:63:00:b4:ea:da:be:7d:18:c1:6b:a5:
                    11:e0:1f:a6:8a:a7:31:58:92:c1:7c:b4:3d:c9:24:
                    68:3a:13:bd:db:05:3b:ba:30:f1:02:ec:b4:6e:3e:
                    25:84:5f:4e:32:67:dc:94:58:59:4a:a3:d2:ca:a7:
                    7f:30:dd:99:22:3a:b3:b6:94:97:35:75:8e:a9:77:
                    c7:89:91:cc:2d:3c:34:6e:9d:3e:f4:e1:c4:5a:1a:
                    93:de:73:76:bc:df:27:82:73:a1:0d:4a:f7:47:7d:
                    13:ee:02:88:a3:34:79:bc:66:39:cf:1c:7a:98:18:
                    94:65:c0:86:bc:87:bb:b7:30:f1:cd:1a:18:5e:87:
                    15:07:3c:61:c3:93:dc:8a:aa:47:00:07:98:7c:18:
                    84:67:13:bd:c4:f2:61:db:15:68:2b:c6:47:59:d2:
                    41:ee:f1:b8:75:f4:40:7d:8d:94:e4:02:f4:10:90:
                    a6:cc:c5:09:1c:71:2c:2a:c6:3e:10:4b:c8:60:93:
                    ab:e4:84:ed:23:e3:2c:b3:33:52:e9:4d:1c:30:57:
                    91:58:b5:ab:67:90:7f:24:f4:98:a9:f8:1d:e2:5d:
                    d9:04:67:05:57:53:12:02:30:11:64:84:7d:97:dc:
                    81:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:12:EF:B0:C2:B5:65:2E:8E:DF:D9:EE:12:30:71:D0:DE:CF:72:D1
            X509v3 Authority Key Identifier:
                keyid:C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:0e:32:dd:12:5a:ad:4e:80:ac:39:3c:a3:9d:71:5f:4d:f2:
         4c:23:a3:1f:e0:5a:99:b7:86:92:80:aa:e9:ee:f1:ae:1c:52:
         89:a1:71:45:d2:e9:a7:ad:7b:74:62:76:4e:9f:cd:f6:99:94:
         36:64:10:ac:f6:e4:5b:9c:74:0f:e9:6b:59:75:51:e3:9f:d3:
         99:cf:ba:04:9a:f1:0b:25:3c:3b:21:2d:a2:8a:31:f0:65:6c:
         82:d0:53:95:3d:fe:ff:83:2e:b2:b5:0b:11:41:a3:7f:bd:07:
         6d:a7:e7:8f:10:07:ea:42:08:64:54:fb:84:ce:33:4e:41:cf:
         b5:b0:b2:0b:07:98:78:83:23:52:37:05:4d:3a:a6:e3:7f:04:
         a2:2d:07:4a:56:80:84:e8:20:c8:8b:0a:ba:ec:53:7c:52:8e:
         ae:43:7e:6d:ef:5c:0a:2f:08:1e:0b:2a:df:df:ca:db:37:5f:
         05:16:fb:9a:fd:fc:84:e6:24:d9:47:65:af:e1:0f:d7:b8:d1:
         77:4a:fa:39:a9:09:6a:65:04:07:7e:54:e2:4f:a7:47:8d:25:
         da:9f:4b:1e:d6:b0:36:6b:bb:8d:04:fb:51:ed:1b:a4:89:90:
         a0:3d:eb:55:1e:cc:b7:0b:16:30:25:b3:a9:33:b0:a6:aa:7e:
         90:c5:41:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLs6Z7ZhR3sgRHKdCr8s3KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2Nzc3MzlmMGY5NTQ2YjRmMDI1NzcyYzVjMmIxNzk3ODU5
MjM4NTIwHhcNMjUwODA4MjIwMTAzWhcNMjUwODA5MjIwMTAzWjAzMTEwLwYDVQQD
EygyMTEyZWZiMGMyYjU2NTJlOGVkZmQ5ZWUxMjMwNzFkMGRlY2Y3MmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCmrO81KgsKR7T5TuaNmItU/YwC0
6tq+fRjBa6UR4B+miqcxWJLBfLQ9ySRoOhO92wU7ujDxAuy0bj4lhF9OMmfclFhZ
SqPSyqd/MN2ZIjqztpSXNXWOqXfHiZHMLTw0bp0+9OHEWhqT3nN2vN8ngnOhDUr3
R30T7gKIozR5vGY5zxx6mBiUZcCGvIe7tzDxzRoYXocVBzxhw5PciqpHAAeYfBiE
ZxO9xPJh2xVoK8ZHWdJB7vG4dfRAfY2U5AL0EJCmzMUJHHEsKsY+EEvIYJOr5ITt
I+MsszNS6U0cMFeRWLWrZ5B/JPSYqfgd4l3ZBGcFV1MSAjARZIR9l9yBcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCES77DCtWUujt/Z7hIwcdDez3LRMB8GA1UdIwQY
MBaAFMZ3c58PlUa08CV3LFwrF5eFkjhSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQt
YzY4NWZhOTE2YjA3LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQtYzY4NWZhOTE2YjA3
LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHg4y3RJa
rU6ArDk8o51xX03yTCOjH+BambeGkoCq6e7xrhxSiaFxRdLpp617dGJ2Tp/N9pmU
NmQQrPbkW5x0D+lrWXVR45/Tmc+6BJrxCyU8OyEtooox8GVsgtBTlT3+/4MusrUL
EUGjf70HbafnjxAH6kIIZFT7hM4zTkHPtbCyCweYeIMjUjcFTTqm438Eoi0HSlaA
hOggyIsKuuxTfFKOrkN+be9cCi8IHgsq39/K2zdfBRb7mv38hOYk2Udlr+EP17jR
d0r6OakJamUEB35U4k+nR40l2p9LHtawNmu7jQT7Ue0bpImQoD3rVR7MtwsWMCWz
qTOwpqp+kMVBXw==
-----END CERTIFICATE-----