Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
File:                     XHOCiOHdRuIcmgORGXJEtHjQqyY.mft (raw, json)
Hash identifier:          8ebghAoFvJnPGdin8QN0G+UbvMD0jabvkNP5q69JV1w=
Subject key identifier:   5A:3B:22:7F:C0:88:5C:24:B3:51:B6:A6:D9:43:2D:02:C4:C3:EA:55
Authority key identifier: 5C:73:82:88:E1:DD:46:E2:1C:9A:03:91:19:72:44:B4:78:D0:AB:26
Certificate issuer:       /CN=5c738288e1dd46e21c9a0391197244b478d0ab26
Certificate serial:       0196857F341B5BB307B2CA8C6D2E94C33823
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
Manifest number:          1513
Signing time:             Wed 30 Apr 2025 07:00:28 +0000
Manifest this update:     Wed 30 Apr 2025 07:00:28 +0000
Manifest next update:     Thu 01 May 2025 07:00:28 +0000
Files and hashes:         1: XHOCiOHdRuIcmgORGXJEtHjQqyY.crl (hash: 05wFdbrgbhpSe4/NaH23ttUwsZyvKOcYRRwFw/DKGVI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:85:7f:34:1b:5b:b3:07:b2:ca:8c:6d:2e:94:c3:38:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c738288e1dd46e21c9a0391197244b478d0ab26
        Validity
            Not Before: Apr 30 07:00:28 2025 GMT
            Not After : May  1 07:00:28 2025 GMT
        Subject: CN=5a3b227fc0885c24b351b6a6d9432d02c4c3ea55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:5f:49:cc:90:18:37:9d:1f:93:31:a7:80:05:
                    65:2a:43:2c:ee:31:be:ba:02:2c:f6:3a:cb:1c:d1:
                    01:1b:a4:3a:16:ec:85:ef:a4:8f:37:9a:2a:73:09:
                    a1:b2:c4:d5:1f:67:4a:b2:58:c2:61:59:28:1f:a2:
                    a3:81:54:40:b7:53:ce:d3:48:e6:6f:29:52:d1:c2:
                    87:cc:c5:86:b2:c0:77:8e:fc:6c:a0:d6:97:aa:6f:
                    9c:5d:6c:b4:a0:3d:09:06:65:c0:28:86:2c:1c:80:
                    af:97:31:d0:b7:53:8d:ba:39:fc:2e:c9:62:0e:b9:
                    49:f7:8b:e6:c0:2c:f0:04:bc:b5:ac:a3:14:11:6d:
                    e3:48:70:c8:f8:a3:6a:0e:86:b7:21:a7:10:d7:8c:
                    d4:81:76:87:3a:97:34:e0:1e:f3:df:35:a2:12:44:
                    e1:64:67:fb:6a:7c:8f:f4:bf:c7:6b:96:b9:7f:4e:
                    af:fe:75:1d:98:b8:74:e6:ae:50:6e:8a:97:9e:42:
                    47:f2:a1:06:5a:9d:cf:87:dd:56:30:a3:06:75:9c:
                    37:92:5b:a1:fb:bc:50:89:fb:2f:6e:74:28:85:77:
                    f3:dd:2e:c4:b0:e9:ae:77:0f:7d:98:4a:85:04:a8:
                    86:0e:bf:44:95:65:6f:78:7e:5a:83:3f:a8:e7:75:
                    87:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:3B:22:7F:C0:88:5C:24:B3:51:B6:A6:D9:43:2D:02:C4:C3:EA:55
            X509v3 Authority Key Identifier:
                keyid:5C:73:82:88:E1:DD:46:E2:1C:9A:03:91:19:72:44:B4:78:D0:AB:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:56:0a:24:33:49:3a:11:df:fd:4e:4b:b7:e9:d6:14:b0:c9:
         03:dc:c8:a4:66:f9:83:b6:c6:a6:24:97:e6:08:27:c0:bf:01:
         1c:25:36:30:4a:6b:88:f0:b4:56:20:d9:a5:36:6c:37:2d:9e:
         53:65:7a:f6:c9:ae:31:fd:fa:f2:34:d0:ea:d4:5f:4d:14:b8:
         d0:cc:a8:48:0e:b6:81:63:c5:54:0f:a2:38:7d:c8:72:a4:f6:
         ff:b0:d7:bf:bf:14:b6:09:a8:85:f3:37:37:79:ce:3a:47:aa:
         8d:ee:10:01:2a:9f:6b:c4:4b:ad:7a:91:2a:c6:9d:c3:06:58:
         e6:23:b7:5e:b5:84:57:3a:37:b4:fb:21:70:91:01:49:0c:3b:
         90:6f:09:6d:1d:3a:86:42:93:04:19:3f:00:29:21:17:cb:2b:
         95:ea:9e:22:26:51:68:d5:dd:4b:4c:ed:c0:a4:16:c8:f4:c5:
         6a:9d:3c:0d:f7:17:94:ce:41:ad:a5:4d:ab:64:3a:11:9b:c0:
         fa:16:f0:b3:86:40:f2:08:25:dc:74:db:91:36:20:39:77:46:
         46:92:d7:89:6c:0c:82:65:b2:c7:51:a6:59:c2:75:cb:64:17:
         37:fb:d2:df:5d:7f:d4:29:22:dd:85:4b:c5:9f:5e:d6:11:f7:
         38:b5:62:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaFfzQbW7MHssqMbS6UwzgjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzM4Mjg4ZTFkZDQ2ZTIxYzlhMDM5MTE5NzI0NGI0Nzhk
MGFiMjYwHhcNMjUwNDMwMDcwMDI4WhcNMjUwNTAxMDcwMDI4WjAzMTEwLwYDVQQD
Eyg1YTNiMjI3ZmMwODg1YzI0YjM1MWI2YTZkOTQzMmQwMmM0YzNlYTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwV9JzJAYN50fkzGngAVlKkMs7jG+
ugIs9jrLHNEBG6Q6FuyF76SPN5oqcwmhssTVH2dKsljCYVkoH6KjgVRAt1PO00jm
bylS0cKHzMWGssB3jvxsoNaXqm+cXWy0oD0JBmXAKIYsHICvlzHQt1ONujn8Lsli
DrlJ94vmwCzwBLy1rKMUEW3jSHDI+KNqDoa3IacQ14zUgXaHOpc04B7z3zWiEkTh
ZGf7anyP9L/Ha5a5f06v/nUdmLh05q5QboqXnkJH8qEGWp3Ph91WMKMGdZw3kluh
+7xQifsvbnQohXfz3S7EsOmudw99mEqFBKiGDr9ElWVveH5agz+o53WH0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFo7In/AiFwks1G2ptlDLQLEw+pVMB8GA1UdIwQY
MBaAFFxzgojh3UbiHJoDkRlyRLR40KsmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9lMzUxMjEtOWQxNi00YTI2LWE3Yjct
NTAxNDBjNjgxYWNhLzEvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9lMzUxMjEtOWQxNi00YTI2LWE3YjctNTAxNDBjNjgxYWNh
LzEvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGVYKJDNJ
OhHf/U5Lt+nWFLDJA9zIpGb5g7bGpiSX5ggnwL8BHCU2MEpriPC0ViDZpTZsNy2e
U2V69smuMf368jTQ6tRfTRS40MyoSA62gWPFVA+iOH3IcqT2/7DXv78UtgmohfM3
N3nOOkeqje4QASqfa8RLrXqRKsadwwZY5iO3XrWEVzo3tPshcJEBSQw7kG8JbR06
hkKTBBk/ACkhF8srleqeIiZRaNXdS0ztwKQWyPTFap08DfcXlM5BraVNq2Q6EZvA
+hbws4ZA8ggl3HTbkTYgOXdGRpLXiWwMgmWyx1GmWcJ1y2QXN/vS311/1Cki3YVL
xZ9e1hH3OLViqQ==
-----END CERTIFICATE-----