Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft
File:                     X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft (raw, json)
Hash identifier:          CEq5xHb4wd8pSpBNDD2TwAEm+6lOop7T/yPayRDLjak=
Subject key identifier:   B8:4D:3E:79:2B:C2:44:04:A9:75:B2:91:E1:9F:9F:2B:4F:4A:E3:BF
Authority key identifier: 5F:B7:46:6D:8E:92:B2:1C:7B:1A:A1:35:F3:0E:FE:6E:73:E1:F8:6C
Certificate issuer:       /CN=5fb7466d8e92b21c7b1aa135f30efe6e73e1f86c
Certificate serial:       0197499F33803AC7814F1487EC18A444B88C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X7dGbY6Sshx7GqE18w7-bnPh-Gw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft
Manifest number:          0B97
Signing time:             Sat 07 Jun 2025 09:00:59 +0000
Manifest this update:     Sat 07 Jun 2025 09:00:59 +0000
Manifest next update:     Sun 08 Jun 2025 09:00:59 +0000
Files and hashes:         1: X7dGbY6Sshx7GqE18w7-bnPh-Gw.crl (hash: kSipbXzqSyYNQ5yp8CzGNtW0fSOUCp68e3mOzqV0dUY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X7dGbY6Sshx7GqE18w7-bnPh-Gw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:9f:33:80:3a:c7:81:4f:14:87:ec:18:a4:44:b8:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fb7466d8e92b21c7b1aa135f30efe6e73e1f86c
        Validity
            Not Before: Jun  7 09:00:59 2025 GMT
            Not After : Jun  8 09:00:59 2025 GMT
        Subject: CN=b84d3e792bc24404a975b291e19f9f2b4f4ae3bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:b1:fc:cc:ef:39:0c:7e:a9:5f:17:67:1d:24:
                    a2:0a:dd:ea:70:dc:24:b0:03:9d:69:50:f1:93:97:
                    08:47:07:b1:31:fe:85:46:5a:93:e9:a3:ec:f9:48:
                    8a:8d:a6:a1:dc:1f:30:74:cd:bc:96:6e:e5:6a:d9:
                    39:a6:35:08:13:5f:cb:4c:65:36:15:bc:fe:05:a3:
                    2d:86:59:d5:54:e7:7a:ca:ed:b7:e1:48:a5:35:fc:
                    5b:55:86:dc:a0:53:59:98:ee:f3:5f:da:4b:cc:67:
                    22:92:f3:c2:5a:c6:49:16:b7:b4:0b:b7:f0:22:eb:
                    93:9b:b4:7c:3c:02:f8:f3:9a:77:e2:95:0d:1f:ca:
                    f4:95:24:b3:76:51:18:77:8f:66:b0:42:6a:0f:5c:
                    69:df:08:6c:39:5f:aa:2a:a8:a1:b1:74:0e:f8:17:
                    fb:37:1e:01:d4:40:5a:cf:93:65:d8:bb:10:f3:ff:
                    5c:a9:46:f9:7c:d4:58:df:ae:8f:2a:ad:e5:7c:43:
                    3a:9b:50:4b:e3:13:01:2b:1c:02:38:89:58:75:0c:
                    ab:a3:a1:26:09:e2:ec:b9:62:39:fd:ae:47:80:7c:
                    6f:15:87:9c:80:9f:64:92:24:a1:57:cc:4c:77:2a:
                    35:72:98:a5:bd:1f:27:2f:9a:ee:47:a3:9c:ca:22:
                    d0:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:4D:3E:79:2B:C2:44:04:A9:75:B2:91:E1:9F:9F:2B:4F:4A:E3:BF
            X509v3 Authority Key Identifier:
                keyid:5F:B7:46:6D:8E:92:B2:1C:7B:1A:A1:35:F3:0E:FE:6E:73:E1:F8:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X7dGbY6Sshx7GqE18w7-bnPh-Gw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:ad:07:ed:dd:de:7e:e8:fa:81:32:9c:99:7d:06:80:5b:42:
         11:28:d1:b4:d4:12:ca:34:19:11:9d:44:92:f8:f6:2c:8e:39:
         1a:5d:94:0a:88:99:f7:82:8e:2b:64:05:04:af:1c:63:6e:00:
         cf:52:7a:a6:b7:78:cb:a8:36:a5:84:3c:6b:5a:34:a7:7d:bf:
         09:6a:20:aa:21:fb:33:d5:20:33:33:ad:af:41:bd:10:02:62:
         3e:99:ae:5a:8f:d1:c4:d2:a7:71:82:8f:70:f0:48:47:00:ee:
         ca:79:a6:d8:ba:9f:bf:6d:e4:41:24:5b:3c:8e:85:86:06:95:
         ad:dc:9f:16:e9:4c:00:47:b4:14:5a:72:b1:d4:45:d3:61:d2:
         56:03:80:68:b7:67:04:ed:c0:97:2c:27:d3:49:c1:6d:bd:95:
         b5:3a:cd:f1:28:15:49:0a:af:dc:d5:33:49:9a:94:b5:fd:fa:
         93:c6:6e:7f:f0:44:2b:18:78:e3:85:81:43:40:e9:ff:06:d4:
         55:4f:8e:99:94:c0:88:7e:91:7b:46:a2:71:a4:1a:83:ba:f8:
         7c:c1:ef:1a:1f:d4:6b:a2:80:2b:c6:02:6c:b9:64:32:ce:1e:
         1a:b5:a5:70:b0:74:2c:0d:02:51:20:c1:8a:05:49:fb:4a:ab:
         50:fc:64:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJnzOAOseBTxSH7BikRLiMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYjc0NjZkOGU5MmIyMWM3YjFhYTEzNWYzMGVmZTZlNzNl
MWY4NmMwHhcNMjUwNjA3MDkwMDU5WhcNMjUwNjA4MDkwMDU5WjAzMTEwLwYDVQQD
EyhiODRkM2U3OTJiYzI0NDA0YTk3NWIyOTFlMTlmOWYyYjRmNGFlM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrH8zO85DH6pXxdnHSSiCt3qcNwk
sAOdaVDxk5cIRwexMf6FRlqT6aPs+UiKjaah3B8wdM28lm7latk5pjUIE1/LTGU2
Fbz+BaMthlnVVOd6yu234UilNfxbVYbcoFNZmO7zX9pLzGcikvPCWsZJFre0C7fw
IuuTm7R8PAL485p34pUNH8r0lSSzdlEYd49msEJqD1xp3whsOV+qKqihsXQO+Bf7
Nx4B1EBaz5Nl2LsQ8/9cqUb5fNRY366PKq3lfEM6m1BL4xMBKxwCOIlYdQyro6Em
CeLsuWI5/a5HgHxvFYecgJ9kkiShV8xMdyo1cpilvR8nL5ruR6OcyiLQowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLhNPnkrwkQEqXWykeGfnytPSuO/MB8GA1UdIwQY
MBaAFF+3Rm2OkrIcexqhNfMO/m5z4fhsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDdkR2JZNlNzaHg3R3FFMTh3Ny1iblBoLUd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZWQyODktZDY2MS00MzQzLWEyZTAt
MGI5MjY3OWQzNjI1LzEvWDdkR2JZNlNzaHg3R3FFMTh3Ny1iblBoLUd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZWQyODktZDY2MS00MzQzLWEyZTAtMGI5MjY3OWQzNjI1
LzEvWDdkR2JZNlNzaHg3R3FFMTh3Ny1iblBoLUd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARa0H7d3e
fuj6gTKcmX0GgFtCESjRtNQSyjQZEZ1Ekvj2LI45Gl2UCoiZ94KOK2QFBK8cY24A
z1J6prd4y6g2pYQ8a1o0p32/CWogqiH7M9UgMzOtr0G9EAJiPpmuWo/RxNKncYKP
cPBIRwDuynmm2Lqfv23kQSRbPI6FhgaVrdyfFulMAEe0FFpysdRF02HSVgOAaLdn
BO3Alywn00nBbb2VtTrN8SgVSQqv3NUzSZqUtf36k8Zuf/BEKxh444WBQ0Dp/wbU
VU+OmZTAiH6Re0aicaQag7r4fMHvGh/Ua6KAK8YCbLlkMs4eGrWlcLB0LA0CUSDB
igVJ+0qrUPxkmA==
-----END CERTIFICATE-----