Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4fba0b-7bee-4312-ab89-b4fcefd37ce1/1/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.mft
File:                     XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.mft (raw, json)
Hash identifier:          WWPt6nc+orsGeFAopWQF2dweWu0lyO6RXqBTvhmCRqk=
Subject key identifier:   9C:55:A8:C3:FE:60:EB:41:B4:4E:B0:65:23:40:CC:0C:7C:87:45:16
Authority key identifier: 5D:9F:8E:85:5B:F1:B0:43:09:C4:9C:41:F7:F4:30:DC:C8:F9:45:8D
Certificate issuer:       /CN=5d9f8e855bf1b04309c49c41f7f430dcc8f9458d
Certificate serial:       01974B8D3CE3964004319446EB561345C712
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4fba0b-7bee-4312-ab89-b4fcefd37ce1/1/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.mft
Manifest number:          7C
Signing time:             Sat 07 Jun 2025 18:00:36 +0000
Manifest this update:     Sat 07 Jun 2025 18:00:36 +0000
Manifest next update:     Sun 08 Jun 2025 18:00:36 +0000
Files and hashes:         1: XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.crl (hash: Y86UwaLlcZjr1pLuXZm20QeIwMAoK7cYu5oDQzBHTI0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4fba0b-7bee-4312-ab89-b4fcefd37ce1/1/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4fba0b-7bee-4312-ab89-b4fcefd37ce1/1/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:8d:3c:e3:96:40:04:31:94:46:eb:56:13:45:c7:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d9f8e855bf1b04309c49c41f7f430dcc8f9458d
        Validity
            Not Before: Jun  7 18:00:36 2025 GMT
            Not After : Jun  8 18:00:36 2025 GMT
        Subject: CN=9c55a8c3fe60eb41b44eb0652340cc0c7c874516
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:bf:ed:f8:06:c2:ac:e6:05:93:2a:b8:b3:1d:
                    16:b3:90:e1:f8:1f:1f:cb:37:49:a9:e0:9e:06:ca:
                    f9:db:a3:a6:8a:7c:c2:d4:2f:75:bc:d8:59:56:06:
                    cc:a1:bf:ba:e6:da:9c:6f:b1:5c:7c:9c:ca:87:42:
                    b3:06:21:91:32:75:e0:4e:65:e2:a8:5d:07:d7:4e:
                    36:fd:35:98:6f:af:91:d5:99:9b:fc:f9:c2:15:d3:
                    10:11:a7:82:ce:5d:ef:e7:14:f3:e3:17:54:31:09:
                    9b:69:96:76:68:dd:84:b4:4a:bb:6b:a3:c3:a1:50:
                    e0:5b:67:d2:09:15:93:f6:35:90:e2:fe:00:f2:f6:
                    a9:d1:6f:20:f8:6f:88:65:8d:ed:b9:67:87:9d:84:
                    06:24:42:23:b0:df:38:ab:9b:bd:5d:60:ee:b1:58:
                    43:95:db:15:0c:ef:b3:4a:ff:25:b2:f4:9c:f9:6a:
                    40:de:6d:68:d3:37:f2:7e:1e:e7:2a:52:3b:17:4f:
                    dd:6c:4b:67:99:d3:6d:4b:02:2e:77:92:cd:fb:b2:
                    e3:0a:3d:e5:95:92:ca:15:83:d1:1f:d6:be:3d:c6:
                    13:e6:e7:84:93:cd:90:35:57:e2:79:ab:44:09:90:
                    53:42:26:35:21:63:39:46:52:6a:53:df:8f:5a:88:
                    1c:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:55:A8:C3:FE:60:EB:41:B4:4E:B0:65:23:40:CC:0C:7C:87:45:16
            X509v3 Authority Key Identifier:
                keyid:5D:9F:8E:85:5B:F1:B0:43:09:C4:9C:41:F7:F4:30:DC:C8:F9:45:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4fba0b-7bee-4312-ab89-b4fcefd37ce1/1/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4fba0b-7bee-4312-ab89-b4fcefd37ce1/1/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:24:d9:1d:32:7f:d7:1d:0a:9f:61:44:bc:ce:d0:ab:04:5b:
         34:6c:5b:02:d1:f1:70:5a:8e:11:ce:0a:c3:3e:30:ff:9e:97:
         76:39:5c:3a:73:50:0b:eb:1a:93:64:59:15:da:6f:0a:7d:48:
         97:26:15:69:d9:78:75:16:f6:c8:49:2f:ce:ca:9c:50:74:c6:
         12:21:22:27:ee:04:37:6d:28:fc:1f:21:ec:85:0b:e1:5f:bd:
         c7:51:c0:27:70:cf:bf:e5:62:67:25:a2:7a:eb:24:47:0f:3f:
         73:5c:62:e4:0d:f0:40:22:f9:2f:87:10:2e:ce:a1:a5:11:7f:
         62:c8:66:96:f5:02:dc:5c:13:be:90:d7:bb:1e:aa:3e:92:c5:
         c8:a2:31:d2:a6:24:29:0e:ff:1e:3f:fd:c1:a4:f7:16:78:5b:
         44:f1:42:26:06:04:4a:6f:0f:f4:49:3a:e0:17:9c:f7:2f:b2:
         51:6e:76:30:0f:6b:80:5b:ce:35:83:1e:eb:e4:f0:4e:e4:d5:
         06:84:bd:6c:8e:ff:b6:dc:a4:5e:e9:f0:b2:f0:f5:e9:ad:47:
         ee:8e:80:68:d6:3c:5c:d8:00:66:a8:4a:43:46:9a:57:c3:45:
         56:1f:df:b5:9d:65:98:20:9d:af:00:b5:73:7a:6a:ca:6e:a2:
         a4:91:74:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLjTzjlkAEMZRG61YTRccSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOWY4ZTg1NWJmMWIwNDMwOWM0OWM0MWY3ZjQzMGRjYzhm
OTQ1OGQwHhcNMjUwNjA3MTgwMDM2WhcNMjUwNjA4MTgwMDM2WjAzMTEwLwYDVQQD
Eyg5YzU1YThjM2ZlNjBlYjQxYjQ0ZWIwNjUyMzQwY2MwYzdjODc0NTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwL/t+AbCrOYFkyq4sx0Ws5Dh+B8f
yzdJqeCeBsr526OminzC1C91vNhZVgbMob+65tqcb7FcfJzKh0KzBiGRMnXgTmXi
qF0H1042/TWYb6+R1Zmb/PnCFdMQEaeCzl3v5xTz4xdUMQmbaZZ2aN2EtEq7a6PD
oVDgW2fSCRWT9jWQ4v4A8vap0W8g+G+IZY3tuWeHnYQGJEIjsN84q5u9XWDusVhD
ldsVDO+zSv8lsvSc+WpA3m1o0zfyfh7nKlI7F0/dbEtnmdNtSwIud5LN+7LjCj3l
lZLKFYPRH9a+PcYT5ueEk82QNVfieatECZBTQiY1IWM5RlJqU9+PWogcCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJxVqMP+YOtBtE6wZSNAzAx8h0UWMB8GA1UdIwQY
MBaAFF2fjoVb8bBDCcScQff0MNzI+UWNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFotT2hWdnhzRU1KeEp4QjlfUXczTWo1UlkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80ZmJhMGItN2JlZS00MzEyLWFiODkt
YjRmY2VmZDM3Y2UxLzEvWFotT2hWdnhzRU1KeEp4QjlfUXczTWo1UlkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80ZmJhMGItN2JlZS00MzEyLWFiODktYjRmY2VmZDM3Y2Ux
LzEvWFotT2hWdnhzRU1KeEp4QjlfUXczTWo1UlkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAASTZHTJ/
1x0Kn2FEvM7QqwRbNGxbAtHxcFqOEc4Kwz4w/56XdjlcOnNQC+sak2RZFdpvCn1I
lyYVadl4dRb2yEkvzsqcUHTGEiEiJ+4EN20o/B8h7IUL4V+9x1HAJ3DPv+ViZyWi
euskRw8/c1xi5A3wQCL5L4cQLs6hpRF/YshmlvUC3FwTvpDXux6qPpLFyKIx0qYk
KQ7/Hj/9waT3FnhbRPFCJgYESm8P9Ek64Bec9y+yUW52MA9rgFvONYMe6+TwTuTV
BoS9bI7/ttykXunwsvD16a1H7o6AaNY8XNgAZqhKQ0aaV8NFVh/ftZ1lmCCdrwC1
c3pqym6ipJF0ow==
-----END CERTIFICATE-----