Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
File:                     xq11SrfApAHA_x08Ensn1T_cyYE.mft (raw, json)
Hash identifier:          0DK2Evwo1d9AFbeUnrgoJpsUPCZN4rw5Hv+8JV/e2zs=
Subject key identifier:   6D:47:D7:14:B4:F9:23:CB:0B:BE:20:3C:A6:BF:C2:0F:B3:94:C0:C3
Authority key identifier: C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81
Certificate issuer:       /CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
Certificate serial:       01975B37286A78B9E90FA64D922F2F84B844
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
Manifest number:          1583
Signing time:             Tue 10 Jun 2025 19:00:30 +0000
Manifest this update:     Tue 10 Jun 2025 19:00:30 +0000
Manifest next update:     Wed 11 Jun 2025 19:00:30 +0000
Files and hashes:         1: xq11SrfApAHA_x08Ensn1T_cyYE.crl (hash: jOm/gLiKKFpmyDlGOhLNOvJoOjyTJCdTRWIwj6/WSEo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:37:28:6a:78:b9:e9:0f:a6:4d:92:2f:2f:84:b8:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
        Validity
            Not Before: Jun 10 19:00:30 2025 GMT
            Not After : Jun 11 19:00:30 2025 GMT
        Subject: CN=6d47d714b4f923cb0bbe203ca6bfc20fb394c0c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:3b:1a:66:9e:4f:e6:a9:86:51:e5:a0:be:5d:
                    d0:54:f4:f7:e0:88:2f:6f:39:36:a1:38:83:eb:95:
                    00:30:49:75:20:66:fa:f7:80:52:4e:3b:ba:82:eb:
                    4c:cf:07:ef:0c:5b:f2:1f:0e:a8:7f:3b:21:14:30:
                    9e:17:4e:d2:1c:24:07:d8:37:41:ad:79:1c:5c:a2:
                    d7:60:78:0d:bb:bf:f0:20:09:3f:a4:16:b1:14:62:
                    b9:dc:4d:12:01:70:f8:b2:91:b6:d8:29:4b:c9:ed:
                    ad:70:d9:05:e4:3a:79:69:00:e6:7c:43:48:84:0b:
                    5a:1e:fd:73:05:6a:5f:d1:dd:2e:87:02:9a:7a:00:
                    5d:d2:03:b3:d6:52:38:09:9f:59:8c:34:30:cb:1e:
                    32:11:ff:ff:f4:d9:a7:9f:1d:44:93:24:75:86:b1:
                    eb:1e:9d:d4:76:e4:d1:36:4c:d3:90:00:dd:3b:48:
                    16:e3:18:4d:f0:87:b5:6c:67:e7:c6:17:ac:d4:cd:
                    dc:8b:73:32:8b:6c:38:b9:b2:29:3c:ab:f5:07:14:
                    6d:64:4c:8f:e7:d5:54:b1:04:9c:23:25:c4:8e:f3:
                    29:84:03:e5:ca:ab:19:ab:0a:1e:ce:11:37:c1:e9:
                    7d:d2:d9:44:0e:fa:2a:dd:ea:a2:03:12:fc:63:97:
                    a6:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:47:D7:14:B4:F9:23:CB:0B:BE:20:3C:A6:BF:C2:0F:B3:94:C0:C3
            X509v3 Authority Key Identifier:
                keyid:C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:31:33:e9:60:64:09:61:d7:15:39:85:27:da:71:e4:aa:11:
         27:0b:f4:69:45:5b:44:61:a2:db:52:f1:de:68:76:9c:cc:d5:
         60:77:73:b7:4c:6d:a6:9d:ca:e2:ed:ea:49:3c:aa:f7:2f:17:
         d4:69:2f:a1:98:51:8a:83:80:65:14:48:ee:eb:11:9c:27:33:
         5a:6e:97:b4:be:f3:dd:c9:8e:31:df:8d:ea:ee:46:0e:0c:68:
         c5:fe:e7:2a:e8:e7:d6:da:47:4c:2c:0e:8c:1a:61:b7:e1:e0:
         9d:cf:88:1f:30:a3:67:47:82:a7:ec:39:db:45:f4:03:41:77:
         29:82:7e:32:9a:ce:d0:b8:e3:e7:f4:53:7e:e6:14:28:9e:df:
         c5:d3:db:31:8b:97:07:a5:17:07:04:98:50:1e:28:c8:f8:86:
         09:d4:d6:38:6c:8e:86:84:dc:46:42:df:67:9d:c3:a4:61:27:
         60:0b:6f:d4:9a:b8:be:6c:67:96:38:c4:b0:19:b5:a6:57:17:
         d5:0b:b0:9d:46:47:21:97:0c:c8:1f:2e:3a:08:9e:14:05:70:
         18:58:0e:86:10:52:d0:1d:75:2e:8a:57:61:1f:ba:f2:3f:0f:
         ad:f7:61:ee:00:5e:bc:aa:e9:ea:90:81:34:aa:1b:96:31:48:
         47:a7:48:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdbNyhqeLnpD6ZNki8vhLhEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YWQ3NTRhYjdjMGE0MDFjMGZmMWQzYzEyN2IyN2Q1M2Zk
Y2M5ODEwHhcNMjUwNjEwMTkwMDMwWhcNMjUwNjExMTkwMDMwWjAzMTEwLwYDVQQD
Eyg2ZDQ3ZDcxNGI0ZjkyM2NiMGJiZTIwM2NhNmJmYzIwZmIzOTRjMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDsaZp5P5qmGUeWgvl3QVPT34Igv
bzk2oTiD65UAMEl1IGb694BSTju6gutMzwfvDFvyHw6ofzshFDCeF07SHCQH2DdB
rXkcXKLXYHgNu7/wIAk/pBaxFGK53E0SAXD4spG22ClLye2tcNkF5Dp5aQDmfENI
hAtaHv1zBWpf0d0uhwKaegBd0gOz1lI4CZ9ZjDQwyx4yEf//9Nmnnx1EkyR1hrHr
Hp3UduTRNkzTkADdO0gW4xhN8Ie1bGfnxhes1M3ci3Myi2w4ubIpPKv1BxRtZEyP
59VUsQScIyXEjvMphAPlyqsZqwoezhE3wel90tlEDvoq3eqiAxL8Y5emzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG1H1xS0+SPLC74gPKa/wg+zlMDDMB8GA1UdIwQY
MBaAFMatdUq3wKQBwP8dPBJ7J9U/3MmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2Ut
YmEzM2QzNjc1NWRmLzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2UtYmEzM2QzNjc1NWRm
LzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMzEz6WBk
CWHXFTmFJ9px5KoRJwv0aUVbRGGi21Lx3mh2nMzVYHdzt0xtpp3K4u3qSTyq9y8X
1GkvoZhRioOAZRRI7usRnCczWm6XtL7z3cmOMd+N6u5GDgxoxf7nKujn1tpHTCwO
jBpht+Hgnc+IHzCjZ0eCp+w520X0A0F3KYJ+MprO0Ljj5/RTfuYUKJ7fxdPbMYuX
B6UXBwSYUB4oyPiGCdTWOGyOhoTcRkLfZ53DpGEnYAtv1Jq4vmxnljjEsBm1plcX
1QuwnUZHIZcMyB8uOgieFAVwGFgOhhBS0B11LopXYR+68j8Prfdh7gBevKrp6pCB
NKobljFIR6dIPQ==
-----END CERTIFICATE-----