Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
File:                     XYxMrtvxY99oiGrDtz8OTLQX4V4.mft (raw, json)
Hash identifier:          U9Dzh0MUXdnmsoiywoqH1AkJ3+VwWKbcNlJ8tQeHijc=
Subject key identifier:   0D:A4:1D:D8:2C:22:13:B0:D8:91:90:BA:C3:F5:1E:BE:02:2D:56:41
Authority key identifier: 5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E
Certificate issuer:       /CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
Certificate serial:       01967FB437AC5979470478E8B2963C0FF1E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
Manifest number:          0B51
Signing time:             Tue 29 Apr 2025 04:00:39 +0000
Manifest this update:     Tue 29 Apr 2025 04:00:39 +0000
Manifest next update:     Wed 30 Apr 2025 04:00:39 +0000
Files and hashes:         1: XYxMrtvxY99oiGrDtz8OTLQX4V4.crl (hash: rTlHEnZbRNTAYeS4bjx+88TECuISMFsGKJ8nBBLXg4s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7f:b4:37:ac:59:79:47:04:78:e8:b2:96:3c:0f:f1:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
        Validity
            Not Before: Apr 29 04:00:39 2025 GMT
            Not After : Apr 30 04:00:39 2025 GMT
        Subject: CN=0da41dd82c2213b0d89190bac3f51ebe022d5641
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:52:22:a3:ce:7d:38:dd:2d:98:8e:e9:8b:60:
                    07:80:01:ab:2f:c9:c8:15:12:7e:44:64:a6:47:b3:
                    d4:4e:0c:00:60:8f:0a:49:3e:cb:bc:92:64:70:7c:
                    1b:3d:94:6e:8b:12:37:e0:cc:42:89:6a:4c:8a:de:
                    4c:1f:67:00:9d:d7:df:30:99:20:06:27:cf:26:60:
                    31:34:d9:f7:a9:ff:dc:63:c6:5f:ea:7e:50:f1:e8:
                    42:8f:4f:19:9e:aa:dc:6a:05:17:2b:77:3d:3d:a5:
                    f6:85:0b:b2:d2:3a:fe:cc:82:bc:2f:20:41:f3:0f:
                    78:fa:98:0f:ae:eb:9a:15:21:59:81:80:58:7b:4e:
                    0c:f4:ba:1b:e3:3d:67:d7:8a:bd:13:02:51:55:99:
                    3c:35:7c:3b:76:e0:18:34:16:a2:53:1f:d5:54:ca:
                    ff:ad:00:fb:37:12:9a:34:0e:0f:84:d4:31:e4:98:
                    d5:15:16:90:fb:26:8a:7a:1a:09:6b:d2:50:92:4f:
                    92:68:df:55:db:ca:34:ae:72:98:48:00:a5:f9:b6:
                    4c:9f:52:c3:cc:9d:83:d7:53:ae:87:13:77:da:25:
                    65:4b:a8:5e:24:8e:3a:9d:3b:63:72:d9:eb:d6:6c:
                    27:0e:fd:c1:1a:33:a7:41:2d:d9:2b:a4:7f:6a:a9:
                    14:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:A4:1D:D8:2C:22:13:B0:D8:91:90:BA:C3:F5:1E:BE:02:2D:56:41
            X509v3 Authority Key Identifier:
                keyid:5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:3b:97:0c:31:92:22:5c:54:99:0c:d8:43:e4:61:51:fe:c0:
         4f:e1:33:0c:32:a1:f8:8e:b2:ea:ef:12:a7:a1:62:e6:1f:53:
         1d:d1:20:f9:cf:72:d0:70:22:fa:63:db:9c:ef:84:f0:0d:3d:
         ba:b3:69:0b:09:a4:b8:06:8a:ef:c8:94:75:83:4a:bf:6d:ea:
         87:49:e1:9b:13:8e:62:35:e9:7b:b6:4a:ac:38:58:6f:d4:46:
         20:f8:7a:09:bc:a3:61:22:ff:1b:a0:5a:b2:89:0b:1e:97:6e:
         e3:82:da:3b:ba:ff:16:1b:34:51:34:95:af:5d:1a:56:b5:9d:
         35:c5:33:7b:ca:30:00:b2:55:6e:58:d3:8b:ce:c1:f3:5a:63:
         71:a1:b1:76:a3:54:eb:38:cb:7f:22:3d:f8:22:cc:98:87:34:
         b0:1e:94:37:aa:f1:44:76:90:35:0d:2e:00:d1:7d:ec:1c:0f:
         fe:41:84:21:82:1f:61:d7:1c:da:6d:34:5b:81:38:50:aa:98:
         99:14:30:ee:0e:0f:22:e7:f7:26:d8:9b:d6:6a:10:7c:f6:09:
         e6:29:b2:ec:2c:b0:69:b2:95:ab:42:cd:16:e6:96:fd:8f:11:
         1d:fe:a4:30:38:e7:9d:86:5c:8c:52:a3:be:a6:5c:89:ec:18:
         59:5e:d4:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/tDesWXlHBHjospY8D/HiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGM0Y2FlZGJmMTYzZGY2ODg4NmFjM2I3M2YwZTRjYjQx
N2UxNWUwHhcNMjUwNDI5MDQwMDM5WhcNMjUwNDMwMDQwMDM5WjAzMTEwLwYDVQQD
EygwZGE0MWRkODJjMjIxM2IwZDg5MTkwYmFjM2Y1MWViZTAyMmQ1NjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFIio859ON0tmI7pi2AHgAGrL8nI
FRJ+RGSmR7PUTgwAYI8KST7LvJJkcHwbPZRuixI34MxCiWpMit5MH2cAndffMJkg
BifPJmAxNNn3qf/cY8Zf6n5Q8ehCj08ZnqrcagUXK3c9PaX2hQuy0jr+zIK8LyBB
8w94+pgPruuaFSFZgYBYe04M9Lob4z1n14q9EwJRVZk8NXw7duAYNBaiUx/VVMr/
rQD7NxKaNA4PhNQx5JjVFRaQ+yaKehoJa9JQkk+SaN9V28o0rnKYSACl+bZMn1LD
zJ2D11OuhxN32iVlS6heJI46nTtjctnr1mwnDv3BGjOnQS3ZK6R/aqkUrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2kHdgsIhOw2JGQusP1Hr4CLVZBMB8GA1UdIwQY
MBaAFF2MTK7b8WPfaIhqw7c/Dky0F+FeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAt
ZmQ2YzQ3MDI5NWQ0LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAtZmQ2YzQ3MDI5NWQ0
LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMTuXDDGS
IlxUmQzYQ+RhUf7AT+EzDDKh+I6y6u8Sp6Fi5h9THdEg+c9y0HAi+mPbnO+E8A09
urNpCwmkuAaK78iUdYNKv23qh0nhmxOOYjXpe7ZKrDhYb9RGIPh6CbyjYSL/G6Ba
sokLHpdu44LaO7r/Fhs0UTSVr10aVrWdNcUze8owALJVbljTi87B81pjcaGxdqNU
6zjLfyI9+CLMmIc0sB6UN6rxRHaQNQ0uANF97BwP/kGEIYIfYdcc2m00W4E4UKqY
mRQw7g4PIuf3Jtib1moQfPYJ5imy7CywabKVq0LNFuaW/Y8RHf6kMDjnnYZcjFKj
vqZciewYWV7UwQ==
-----END CERTIFICATE-----