Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
File:                     XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft (raw, json)
Hash identifier:          Gkd4kCU4G8gatjqhX3Hs7RDtnxNBW7HHhP8aBj9R2ms=
Subject key identifier:   86:40:4E:7E:FA:4C:2C:8F:51:2A:29:E0:03:82:22:0E:A5:AE:35:9F
Authority key identifier: 5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B
Certificate issuer:       /CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
Certificate serial:       01976F2C1AAFDC64C548433E1CF9B131BFDE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
Manifest number:          158E
Signing time:             Sat 14 Jun 2025 16:00:50 +0000
Manifest this update:     Sat 14 Jun 2025 16:00:50 +0000
Manifest next update:     Sun 15 Jun 2025 16:00:50 +0000
Files and hashes:         1: XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl (hash: 1lwj94oE/nZeqZCNRnfg6R99jw1xj2TMiyxKXmFSlaI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 10:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2c:1a:af:dc:64:c5:48:43:3e:1c:f9:b1:31:bf:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
        Validity
            Not Before: Jun 14 16:00:50 2025 GMT
            Not After : Jun 15 16:00:50 2025 GMT
        Subject: CN=86404e7efa4c2c8f512a29e00382220ea5ae359f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:47:60:f0:61:ca:9e:63:28:a8:08:6c:c2:1a:
                    2d:dd:fa:a1:8e:89:dd:90:13:c4:11:84:0e:e5:87:
                    95:c0:00:1d:e9:b6:a7:b7:96:c6:a4:7d:f8:63:ca:
                    7d:89:88:86:d8:33:b7:d2:1d:c5:b7:cd:6a:57:fe:
                    58:7f:ff:97:1d:65:3f:3f:cc:61:46:09:20:ca:fd:
                    f8:93:a3:ee:19:1b:c2:f7:0c:ca:8d:df:3e:6b:9d:
                    ba:0b:ca:76:17:8e:11:a4:6d:f8:a0:67:d5:70:8b:
                    ac:44:e1:24:eb:ac:d3:54:c2:82:f6:db:3b:09:b5:
                    d3:c1:23:09:8b:98:07:7f:7e:84:bd:72:e2:75:c9:
                    c8:41:e7:f9:ca:66:5f:b1:03:50:c8:42:0e:90:70:
                    34:6e:02:54:22:cf:b6:ca:53:bb:c2:f8:9a:87:6a:
                    d9:c5:eb:53:a4:63:3d:9c:0d:b2:d6:97:ef:3c:9b:
                    ee:ac:18:24:0b:88:10:4c:e3:99:48:68:40:80:78:
                    f6:12:60:3f:bd:dc:cf:f9:51:b4:34:18:db:9a:a4:
                    2d:08:7f:c6:94:d6:e9:d1:3a:24:5b:77:6a:7a:db:
                    d9:46:7b:a5:6e:da:7b:d3:da:66:a2:e3:73:e6:82:
                    23:c1:cd:7b:12:2d:43:6f:ec:7b:dd:1e:f7:1c:df:
                    87:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:40:4E:7E:FA:4C:2C:8F:51:2A:29:E0:03:82:22:0E:A5:AE:35:9F
            X509v3 Authority Key Identifier:
                keyid:5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:41:85:54:26:30:75:54:68:19:bd:a1:72:46:c0:f3:ad:2d:
         55:05:d5:d2:a6:32:88:43:24:e7:75:ce:66:63:3c:b2:e2:03:
         56:b7:11:fe:dc:f7:8c:dc:a8:99:03:e3:c5:12:27:f6:17:71:
         8b:33:4f:fe:b2:f8:33:79:c3:23:c6:ca:17:24:31:ea:ab:de:
         31:42:59:e4:ce:19:0a:ba:98:b5:e9:92:21:05:43:00:f7:43:
         01:42:20:b4:ee:69:cc:7b:c3:58:b2:1e:e6:85:4a:25:5a:27:
         b1:14:cc:66:da:70:04:ad:1d:b9:18:d5:4d:23:06:63:6a:27:
         07:2d:4f:67:6d:11:43:5d:ec:20:39:b7:e0:17:e4:99:53:52:
         2c:f9:0d:a9:d8:29:50:f4:99:53:97:c4:f6:56:1f:d5:04:54:
         6c:c8:4f:82:f4:67:a9:12:03:98:58:a7:ac:89:36:77:d0:ee:
         fd:cb:08:08:55:94:91:64:2e:89:2a:1f:2c:46:c4:8b:dd:31:
         46:39:3b:8d:47:63:cf:51:d4:90:9f:6d:11:fd:68:2c:da:23:
         8f:4e:5f:0e:25:13:98:b4:6b:66:72:94:04:33:45:73:62:45:
         80:c0:97:87:68:57:82:b0:71:19:05:23:1e:c0:fc:9e:01:8a:
         68:dc:12:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvLBqv3GTFSEM+HPmxMb/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMzQ0YTFhYzBjYmZjNDBjNzVhMGNmYzdiZWM5NmM3YzM1
YmQyN2IwHhcNMjUwNjE0MTYwMDUwWhcNMjUwNjE1MTYwMDUwWjAzMTEwLwYDVQQD
Eyg4NjQwNGU3ZWZhNGMyYzhmNTEyYTI5ZTAwMzgyMjIwZWE1YWUzNTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Udg8GHKnmMoqAhswhot3fqhjond
kBPEEYQO5YeVwAAd6bant5bGpH34Y8p9iYiG2DO30h3Ft81qV/5Yf/+XHWU/P8xh
Rgkgyv34k6PuGRvC9wzKjd8+a526C8p2F44RpG34oGfVcIusROEk66zTVMKC9ts7
CbXTwSMJi5gHf36EvXLidcnIQef5ymZfsQNQyEIOkHA0bgJUIs+2ylO7wviah2rZ
xetTpGM9nA2y1pfvPJvurBgkC4gQTOOZSGhAgHj2EmA/vdzP+VG0NBjbmqQtCH/G
lNbp0TokW3dqetvZRnulbtp709pmouNz5oIjwc17Ei1Db+x73R73HN+HDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZATn76TCyPUSop4AOCIg6lrjWfMB8GA1UdIwQY
MBaAFFw0ShrAy/xAx1oM/HvslsfDW9J7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5Yzgt
Y2QxODUxMGVkY2RmLzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5YzgtY2QxODUxMGVkY2Rm
LzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB0GFVCYw
dVRoGb2hckbA860tVQXV0qYyiEMk53XOZmM8suIDVrcR/tz3jNyomQPjxRIn9hdx
izNP/rL4M3nDI8bKFyQx6qveMUJZ5M4ZCrqYtemSIQVDAPdDAUIgtO5pzHvDWLIe
5oVKJVonsRTMZtpwBK0duRjVTSMGY2onBy1PZ20RQ13sIDm34BfkmVNSLPkNqdgp
UPSZU5fE9lYf1QRUbMhPgvRnqRIDmFinrIk2d9Du/csICFWUkWQuiSofLEbEi90x
Rjk7jUdjz1HUkJ9tEf1oLNojj05fDiUTmLRrZnKUBDNFc2JFgMCXh2hXgrBxGQUj
HsD8ngGKaNwSyA==
-----END CERTIFICATE-----