Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft
File:                     XYHR_0WxVHwAqEtG75nsot-9Rbw.mft (raw, json)
Hash identifier:          OXaGUiwE82cS9XsofgD6a7adbVUELfoiLzlkhNOYDCc=
Subject key identifier:   F2:70:A8:CC:79:0E:CD:68:79:5F:86:03:36:C0:F2:AF:0D:D1:28:BC
Authority key identifier: 5D:81:D1:FF:45:B1:54:7C:00:A8:4B:46:EF:99:EC:A2:DF:BD:45:BC
Certificate issuer:       /CN=5d81d1ff45b1547c00a84b46ef99eca2dfbd45bc
Certificate serial:       01975CB79C271834C19565B71FA7720C69F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft
Manifest number:          1589
Signing time:             Wed 11 Jun 2025 02:00:26 +0000
Manifest this update:     Wed 11 Jun 2025 02:00:26 +0000
Manifest next update:     Thu 12 Jun 2025 02:00:26 +0000
Files and hashes:         1: C-JYvDSVCc5Zd_4Sd7FiFR4ridU.roa (hash: Fud1edK7T1C6PqdOPqDnlVWq4JxXY+eiVXIDYHC1t50=)
                          2: XYHR_0WxVHwAqEtG75nsot-9Rbw.crl (hash: onFNysQDIcEwseyWzRDEc3f+PT4V8i7jKmxfwKzPl9M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:b7:9c:27:18:34:c1:95:65:b7:1f:a7:72:0c:69:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d81d1ff45b1547c00a84b46ef99eca2dfbd45bc
        Validity
            Not Before: Jun 11 02:00:26 2025 GMT
            Not After : Jun 12 02:00:26 2025 GMT
        Subject: CN=f270a8cc790ecd68795f860336c0f2af0dd128bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:62:b5:07:fc:e7:d2:d4:32:ef:10:49:a1:23:
                    7c:88:f9:75:5a:3e:fa:82:6c:d6:72:0c:b8:82:05:
                    8e:5e:d2:1f:ce:6f:57:a9:e5:c4:9c:dd:49:13:bc:
                    9b:fc:ca:95:2e:1d:05:ea:1e:b1:e3:df:56:97:69:
                    97:d8:bf:b7:51:e5:d2:94:c8:8a:0f:88:34:6f:2d:
                    59:da:78:09:89:79:c8:8c:ff:d2:81:53:d8:b2:ee:
                    c5:e5:58:3a:5c:85:62:00:a4:10:30:75:78:1b:d5:
                    2e:14:45:bb:99:6f:f7:c9:7c:9a:fc:d9:e3:a3:85:
                    c3:74:8e:db:71:fd:23:9e:d9:be:71:cf:32:f8:f9:
                    94:b0:93:29:03:8d:39:5d:f5:4a:f5:39:db:c2:6d:
                    07:07:9b:9a:1e:32:bb:5b:8a:e9:ba:6d:dc:c8:a5:
                    7a:c6:fb:d2:d2:85:0c:77:b1:cb:87:35:5f:95:8f:
                    d2:e7:f6:39:b4:21:d5:63:55:19:3b:c7:59:5c:18:
                    0d:47:ac:d3:b9:5d:56:15:01:d5:dd:69:7d:d1:d1:
                    cd:e7:32:b6:10:5e:3f:72:e0:e3:84:8a:f5:a6:2d:
                    42:31:5c:5f:65:7f:91:fa:c4:83:60:65:34:30:2d:
                    46:4d:31:c7:99:8b:6e:ed:60:42:f5:a5:55:24:e6:
                    e3:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:70:A8:CC:79:0E:CD:68:79:5F:86:03:36:C0:F2:AF:0D:D1:28:BC
            X509v3 Authority Key Identifier:
                keyid:5D:81:D1:FF:45:B1:54:7C:00:A8:4B:46:EF:99:EC:A2:DF:BD:45:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:4b:45:6d:3d:41:2c:1f:3b:80:01:ac:ef:d6:41:34:d9:80:
         dc:02:1c:40:cf:da:bd:64:1b:13:53:2d:31:20:18:13:e6:4d:
         24:0a:72:3b:8f:94:48:72:3f:94:90:ce:e9:6f:e1:0d:ed:dc:
         36:f4:28:6e:83:33:65:9d:ac:2e:80:c0:8d:53:7b:19:62:4b:
         e8:66:c3:c0:fc:c4:81:a3:18:b2:56:e6:bb:79:c2:8c:3a:8b:
         57:97:bb:f7:a0:52:bb:e3:de:2d:95:37:f0:43:0d:fa:d8:3b:
         5f:77:13:67:d1:40:eb:03:51:e1:fb:ae:9e:8b:c1:f3:75:0f:
         a1:c9:8c:b1:22:9b:21:1f:1b:79:87:0a:80:97:e1:aa:37:23:
         77:c9:96:ab:26:c2:e4:dc:fb:83:af:53:da:12:e6:97:13:b5:
         b8:8e:b5:de:cc:99:cf:9c:dc:31:7b:aa:10:b2:12:14:cf:ae:
         52:df:42:b4:5a:27:00:ca:97:e0:e3:aa:70:63:93:42:e3:52:
         24:35:29:d0:40:0d:16:06:0c:d1:58:ff:aa:6e:35:84:a9:f2:
         64:49:eb:16:6c:cc:b2:b3:93:6f:77:be:77:7e:90:61:f3:23:
         4e:89:a6:14:92:a1:e1:ff:51:e1:69:c7:7c:31:0d:75:ef:e4:
         fa:ca:1b:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdct5wnGDTBlWW3H6dyDGn0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODFkMWZmNDViMTU0N2MwMGE4NGI0NmVmOTllY2EyZGZi
ZDQ1YmMwHhcNMjUwNjExMDIwMDI2WhcNMjUwNjEyMDIwMDI2WjAzMTEwLwYDVQQD
EyhmMjcwYThjYzc5MGVjZDY4Nzk1Zjg2MDMzNmMwZjJhZjBkZDEyOGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmK1B/zn0tQy7xBJoSN8iPl1Wj76
gmzWcgy4ggWOXtIfzm9XqeXEnN1JE7yb/MqVLh0F6h6x499Wl2mX2L+3UeXSlMiK
D4g0by1Z2ngJiXnIjP/SgVPYsu7F5Vg6XIViAKQQMHV4G9UuFEW7mW/3yXya/Nnj
o4XDdI7bcf0jntm+cc8y+PmUsJMpA405XfVK9Tnbwm0HB5uaHjK7W4rpum3cyKV6
xvvS0oUMd7HLhzVflY/S5/Y5tCHVY1UZO8dZXBgNR6zTuV1WFQHV3Wl90dHN5zK2
EF4/cuDjhIr1pi1CMVxfZX+R+sSDYGU0MC1GTTHHmYtu7WBC9aVVJObj0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPJwqMx5Ds1oeV+GAzbA8q8N0Si8MB8GA1UdIwQY
MBaAFF2B0f9FsVR8AKhLRu+Z7KLfvUW8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9hY2Q3ZTMtOWM3Ni00ZmY2LWI1YWUt
ZWU4MGEyZDI5NTJkLzEvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9hY2Q3ZTMtOWM3Ni00ZmY2LWI1YWUtZWU4MGEyZDI5NTJk
LzEvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq0tFbT1B
LB87gAGs79ZBNNmA3AIcQM/avWQbE1MtMSAYE+ZNJApyO4+USHI/lJDO6W/hDe3c
NvQoboMzZZ2sLoDAjVN7GWJL6GbDwPzEgaMYslbmu3nCjDqLV5e796BSu+PeLZU3
8EMN+tg7X3cTZ9FA6wNR4fuunovB83UPocmMsSKbIR8beYcKgJfhqjcjd8mWqybC
5Nz7g69T2hLmlxO1uI613syZz5zcMXuqELISFM+uUt9CtFonAMqX4OOqcGOTQuNS
JDUp0EANFgYM0Vj/qm41hKnyZEnrFmzMsrOTb3e+d36QYfMjTommFJKh4f9R4WnH
fDENde/k+sob9A==
-----END CERTIFICATE-----
Generated at Wed Jun 11 08:44:51 2025 by rpki-client