Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/798da8-a0ba-488c-9184-58c189c6efed/1/xCSQ5pgLefpKsX5fZXNx2mbDavQ.mft
File:                     xCSQ5pgLefpKsX5fZXNx2mbDavQ.mft (raw, json)
Hash identifier:          xzWT+27eMAnfaKbular2PGoZLE/jw/Vyolwk5Sip3B8=
Subject key identifier:   1A:A1:FA:5E:5E:F3:ED:BE:42:F8:AD:86:41:1B:13:3C:B8:19:6C:28
Authority key identifier: C4:24:90:E6:98:0B:79:FA:4A:B1:7E:5F:65:73:71:DA:66:C3:6A:F4
Certificate issuer:       /CN=c42490e6980b79fa4ab17e5f657371da66c36af4
Certificate serial:       019849D3C9A56785FFF139210A02C91FA832
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xCSQ5pgLefpKsX5fZXNx2mbDavQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/798da8-a0ba-488c-9184-58c189c6efed/1/xCSQ5pgLefpKsX5fZXNx2mbDavQ.mft
Manifest number:          031B
Signing time:             Sun 27 Jul 2025 03:01:13 +0000
Manifest this update:     Sun 27 Jul 2025 03:01:13 +0000
Manifest next update:     Mon 28 Jul 2025 03:01:13 +0000
Files and hashes:         1: xCSQ5pgLefpKsX5fZXNx2mbDavQ.crl (hash: VUfvvQywViToG84g9IYj9TxMh9OmzuRfJPOCE+JGifQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/798da8-a0ba-488c-9184-58c189c6efed/1/xCSQ5pgLefpKsX5fZXNx2mbDavQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/798da8-a0ba-488c-9184-58c189c6efed/1/xCSQ5pgLefpKsX5fZXNx2mbDavQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xCSQ5pgLefpKsX5fZXNx2mbDavQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 03:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:d3:c9:a5:67:85:ff:f1:39:21:0a:02:c9:1f:a8:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c42490e6980b79fa4ab17e5f657371da66c36af4
        Validity
            Not Before: Jul 27 03:01:13 2025 GMT
            Not After : Jul 28 03:01:13 2025 GMT
        Subject: CN=1aa1fa5e5ef3edbe42f8ad86411b133cb8196c28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:6d:8b:6d:39:55:03:96:d0:c5:82:12:65:b8:
                    64:08:00:dd:2e:c7:b2:ba:ed:2b:14:d0:de:a2:61:
                    7c:af:ad:a9:45:19:88:38:ea:5b:7a:fb:93:89:05:
                    65:36:2d:40:8a:93:82:b7:78:f7:04:0c:43:63:a0:
                    b7:eb:ec:6f:a9:5d:87:64:37:71:c0:be:4c:c7:18:
                    cb:a9:1b:64:dd:4a:5e:8a:fe:c1:97:00:7f:87:92:
                    78:02:b0:95:2b:5a:2d:61:be:bf:e9:4e:75:1a:aa:
                    62:46:4c:f6:5e:62:5c:b1:5c:28:6a:a3:ab:e9:67:
                    ab:18:82:d1:4f:e8:28:07:42:79:9e:c4:de:45:19:
                    91:5c:c7:dc:30:f7:be:7b:27:ca:ad:ce:e6:77:69:
                    33:7b:e8:f1:d4:88:27:2e:60:18:0e:64:a0:8d:73:
                    2f:ff:67:26:23:2a:00:cb:8f:a8:64:cd:62:f5:ef:
                    d5:e5:38:60:95:5b:63:a7:53:ab:ed:0a:fe:51:1b:
                    91:fe:e4:96:64:34:2e:d8:d3:93:84:2d:ea:63:f7:
                    eb:bd:cd:b4:a0:43:26:c8:5e:7c:f2:d4:00:ae:aa:
                    44:84:16:0a:fc:ea:fe:f8:70:c4:94:95:14:dc:db:
                    b2:4a:20:98:0b:fb:26:1c:ea:7a:7d:5d:f2:57:db:
                    8c:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:A1:FA:5E:5E:F3:ED:BE:42:F8:AD:86:41:1B:13:3C:B8:19:6C:28
            X509v3 Authority Key Identifier:
                keyid:C4:24:90:E6:98:0B:79:FA:4A:B1:7E:5F:65:73:71:DA:66:C3:6A:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCSQ5pgLefpKsX5fZXNx2mbDavQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/798da8-a0ba-488c-9184-58c189c6efed/1/xCSQ5pgLefpKsX5fZXNx2mbDavQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/798da8-a0ba-488c-9184-58c189c6efed/1/xCSQ5pgLefpKsX5fZXNx2mbDavQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:64:9a:3e:94:93:b4:be:0d:1f:c3:91:f2:ca:ee:72:dd:00:
         e3:c2:3d:8d:f5:f6:0e:40:ad:9e:35:6c:6b:b3:17:62:c6:d7:
         c4:89:51:d1:84:39:f7:43:e2:3d:f7:e6:e4:a4:f6:c4:75:28:
         75:7d:e4:d3:94:c4:e9:11:04:86:e6:99:49:8f:cb:4e:a9:51:
         6b:9d:e3:c4:63:eb:1a:7b:bf:da:91:31:63:69:88:20:65:f9:
         16:33:64:5b:d5:77:81:63:dd:88:cf:a5:ad:dd:fc:af:fb:d0:
         5d:1c:2f:bf:da:30:fe:67:cb:ec:88:e2:4e:b3:36:0d:79:4b:
         56:aa:d2:d6:79:bc:15:42:11:9c:9b:8a:41:55:49:1f:95:0c:
         7f:74:9e:a2:ac:12:78:ce:df:c7:7f:47:3e:ed:26:ff:ce:7d:
         95:dc:48:75:6f:f6:ed:ce:a9:4e:6b:32:88:98:6f:63:bb:65:
         66:f0:01:e6:83:19:1b:7a:c5:42:8a:3e:73:41:98:08:24:2d:
         26:c5:f5:23:4f:38:61:5d:4e:fe:69:ee:61:05:39:fd:d7:6f:
         2f:e0:4c:58:bf:77:fe:14:bd:e3:0a:16:d1:4e:91:32:81:87:
         b5:7e:95:f3:4d:6d:bc:c8:72:1a:ae:3f:25:2d:87:b9:9f:e0:
         44:b3:e3:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJ08mlZ4X/8TkhCgLJH6gyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjQ5MGU2OTgwYjc5ZmE0YWIxN2U1ZjY1NzM3MWRhNjZj
MzZhZjQwHhcNMjUwNzI3MDMwMTEzWhcNMjUwNzI4MDMwMTEzWjAzMTEwLwYDVQQD
EygxYWExZmE1ZTVlZjNlZGJlNDJmOGFkODY0MTFiMTMzY2I4MTk2YzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0m2LbTlVA5bQxYISZbhkCADdLsey
uu0rFNDeomF8r62pRRmIOOpbevuTiQVlNi1AipOCt3j3BAxDY6C36+xvqV2HZDdx
wL5MxxjLqRtk3Upeiv7BlwB/h5J4ArCVK1otYb6/6U51GqpiRkz2XmJcsVwoaqOr
6WerGILRT+goB0J5nsTeRRmRXMfcMPe+eyfKrc7md2kze+jx1IgnLmAYDmSgjXMv
/2cmIyoAy4+oZM1i9e/V5ThglVtjp1Or7Qr+URuR/uSWZDQu2NOThC3qY/frvc20
oEMmyF588tQArqpEhBYK/Or++HDElJUU3NuySiCYC/smHOp6fV3yV9uMyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBqh+l5e8+2+QvithkEbEzy4GWwoMB8GA1UdIwQY
MBaAFMQkkOaYC3n6SrF+X2Vzcdpmw2r0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENTUTVwZ0xlZnBLc1g1ZlpYTngybWJEYXZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83OThkYTgtYTBiYS00ODhjLTkxODQt
NThjMTg5YzZlZmVkLzEveENTUTVwZ0xlZnBLc1g1ZlpYTngybWJEYXZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83OThkYTgtYTBiYS00ODhjLTkxODQtNThjMTg5YzZlZmVk
LzEveENTUTVwZ0xlZnBLc1g1ZlpYTngybWJEYXZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApGSaPpST
tL4NH8OR8sruct0A48I9jfX2DkCtnjVsa7MXYsbXxIlR0YQ590PiPffm5KT2xHUo
dX3k05TE6REEhuaZSY/LTqlRa53jxGPrGnu/2pExY2mIIGX5FjNkW9V3gWPdiM+l
rd38r/vQXRwvv9ow/mfL7IjiTrM2DXlLVqrS1nm8FUIRnJuKQVVJH5UMf3SeoqwS
eM7fx39HPu0m/859ldxIdW/27c6pTmsyiJhvY7tlZvAB5oMZG3rFQoo+c0GYCCQt
JsX1I084YV1O/mnuYQU5/ddvL+BMWL93/hS94woW0U6RMoGHtX6V801tvMhyGq4/
JS2HuZ/gRLPjjQ==
-----END CERTIFICATE-----