Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
File:                     xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft (raw, json)
Hash identifier:          fgIv308N3KemM17bXXNfmVu6/ck0iO3qhHr9HplHZbk=
Subject key identifier:   EA:C4:75:15:9F:8B:22:E1:FD:4E:31:66:34:08:C5:18:E5:25:7F:9C
Authority key identifier: C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82
Certificate issuer:       /CN=c413d7a3765ff9a22bbc2299e049691e2940cb82
Certificate serial:       019849D3C15254766AA7148866DEF295B322
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
Manifest number:          1372
Signing time:             Sun 27 Jul 2025 03:01:10 +0000
Manifest this update:     Sun 27 Jul 2025 03:01:10 +0000
Manifest next update:     Mon 28 Jul 2025 03:01:10 +0000
Files and hashes:         1: xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl (hash: oH8KixLn25gUD/J+z+Pyww3tQwK7i8mMNwH9JOASEgw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 03:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:d3:c1:52:54:76:6a:a7:14:88:66:de:f2:95:b3:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c413d7a3765ff9a22bbc2299e049691e2940cb82
        Validity
            Not Before: Jul 27 03:01:10 2025 GMT
            Not After : Jul 28 03:01:10 2025 GMT
        Subject: CN=eac475159f8b22e1fd4e31663408c518e5257f9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:ce:22:61:ea:f9:aa:49:80:c4:8c:1f:3e:12:
                    8f:f2:6e:66:6e:a3:e9:2f:f8:e1:cc:c9:b8:c1:41:
                    83:ca:71:87:48:7c:0d:51:22:2a:63:b6:bd:31:c3:
                    4e:28:64:04:27:e3:4e:31:38:89:01:ad:00:7f:79:
                    4b:4f:b3:e9:f1:d7:19:6f:f9:a1:e5:68:61:ba:c4:
                    c3:83:5f:5b:63:d6:a7:c4:79:b4:74:e1:ab:fc:76:
                    fd:7e:67:d4:d5:9a:d7:b1:a0:e2:55:ca:c1:ce:86:
                    d8:28:c4:67:b9:f2:8f:cb:d2:0c:04:80:11:51:d4:
                    6d:15:b7:ed:30:3b:3d:da:5f:a3:46:fa:9b:cd:b2:
                    2c:45:75:22:c2:f4:92:f5:df:76:13:03:ae:2f:7c:
                    8e:4c:87:7d:db:23:0b:df:26:64:e8:cd:fd:e8:56:
                    d8:31:3e:a6:30:fd:9e:5a:ef:4b:c6:58:ae:a2:42:
                    11:36:e3:8f:61:7a:e7:8a:5f:e3:f2:96:d5:4c:f0:
                    c2:e4:31:58:6c:cf:7e:06:ed:99:80:ff:76:b8:b3:
                    1c:46:14:d7:fb:aa:df:54:01:41:eb:7c:4b:cd:ab:
                    f3:d9:7f:18:b9:5f:39:e6:f8:24:dd:3d:1c:5c:11:
                    ac:ac:fe:3a:c3:44:42:4b:6e:72:97:24:05:c5:e2:
                    b5:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:C4:75:15:9F:8B:22:E1:FD:4E:31:66:34:08:C5:18:E5:25:7F:9C
            X509v3 Authority Key Identifier:
                keyid:C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:35:b3:ab:81:71:b1:dd:32:c2:77:5e:79:9c:6f:04:4b:49:
         3e:dc:20:5f:8c:12:9c:4a:78:52:97:98:1d:fa:5b:56:54:cf:
         ec:85:81:64:28:9f:d7:24:5c:79:86:3d:8b:fe:68:2a:9d:59:
         2c:8a:f0:62:29:5f:25:cf:2f:90:b2:43:ec:50:e6:99:b6:f8:
         f1:0c:fe:22:64:21:29:58:57:bd:2e:b8:95:f2:4a:bc:de:83:
         98:75:3f:05:a1:b2:dd:b9:ac:6d:ee:cd:2d:33:53:f1:9e:f4:
         44:6c:53:57:f8:c3:00:d5:16:aa:4c:ad:e7:51:ce:20:64:49:
         93:6a:8c:be:05:21:f0:d2:e1:eb:a1:61:e9:74:f0:ed:7b:f9:
         9d:28:51:51:7d:c8:67:10:d0:7b:87:86:e9:76:b2:4f:bc:50:
         fb:fc:67:f3:b1:23:96:17:8c:54:4a:ec:46:9f:0e:1b:d6:d0:
         86:96:e7:bb:b4:32:a8:e0:64:5d:7b:b0:0e:7f:01:0f:39:88:
         17:d7:91:fb:3b:c4:0d:54:4e:6d:dc:74:20:21:ba:af:9d:5e:
         32:76:03:2b:ba:f1:9b:d7:57:24:f7:e6:40:1d:89:fa:52:da:
         49:b3:f4:3c:07:7a:17:47:68:28:4e:fc:18:82:80:35:ae:7c:
         c1:4c:26:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJ08FSVHZqpxSIZt7ylbMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTNkN2EzNzY1ZmY5YTIyYmJjMjI5OWUwNDk2OTFlMjk0
MGNiODIwHhcNMjUwNzI3MDMwMTEwWhcNMjUwNzI4MDMwMTEwWjAzMTEwLwYDVQQD
EyhlYWM0NzUxNTlmOGIyMmUxZmQ0ZTMxNjYzNDA4YzUxOGU1MjU3ZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArc4iYer5qkmAxIwfPhKP8m5mbqPp
L/jhzMm4wUGDynGHSHwNUSIqY7a9McNOKGQEJ+NOMTiJAa0Af3lLT7Pp8dcZb/mh
5WhhusTDg19bY9anxHm0dOGr/Hb9fmfU1ZrXsaDiVcrBzobYKMRnufKPy9IMBIAR
UdRtFbftMDs92l+jRvqbzbIsRXUiwvSS9d92EwOuL3yOTId92yML3yZk6M396FbY
MT6mMP2eWu9LxliuokIRNuOPYXrnil/j8pbVTPDC5DFYbM9+Bu2ZgP92uLMcRhTX
+6rfVAFB63xLzavz2X8YuV855vgk3T0cXBGsrP46w0RCS25ylyQFxeK1tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOrEdRWfiyLh/U4xZjQIxRjlJX+cMB8GA1UdIwQY
MBaAFMQT16N2X/miK7wimeBJaR4pQMuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUt
ZTg2MGJlN2U3YzU0LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUtZTg2MGJlN2U3YzU0
LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVDWzq4Fx
sd0ywndeeZxvBEtJPtwgX4wSnEp4UpeYHfpbVlTP7IWBZCif1yRceYY9i/5oKp1Z
LIrwYilfJc8vkLJD7FDmmbb48Qz+ImQhKVhXvS64lfJKvN6DmHU/BaGy3bmsbe7N
LTNT8Z70RGxTV/jDANUWqkyt51HOIGRJk2qMvgUh8NLh66Fh6XTw7Xv5nShRUX3I
ZxDQe4eG6XayT7xQ+/xn87EjlheMVErsRp8OG9bQhpbnu7QyqOBkXXuwDn8BDzmI
F9eR+zvEDVRObdx0ICG6r51eMnYDK7rxm9dXJPfmQB2J+lLaSbP0PAd6F0doKE78
GIKANa58wUwmCw==
-----END CERTIFICATE-----