Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
File:                     XzoD6voEyDkjvYaTJGGFDfX3gUY.mft (raw, json)
Hash identifier:          21SPVVDe2v+Ak8JShh2CVPuz6btDxzXYpxK7SjPeiPM=
Subject key identifier:   DB:6C:63:56:D8:C9:7E:D0:CB:2C:E7:8E:1B:ED:F6:7B:EC:34:43:B0
Authority key identifier: 5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46
Certificate issuer:       /CN=5f3a03eafa04c83923bd86932461850df5f78146
Certificate serial:       01958BBB4AB13BD5E5E95CD530ED1DE70759
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
Manifest number:          10F0
Signing time:             Wed 12 Mar 2025 19:01:02 +0000
Manifest this update:     Wed 12 Mar 2025 19:01:02 +0000
Manifest next update:     Thu 13 Mar 2025 19:01:02 +0000
Files and hashes:         1: XzoD6voEyDkjvYaTJGGFDfX3gUY.crl (hash: CStc91at9rHfQGVtanuh7nEFvRb0oXUYkKg4LXm5mt0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:bb:4a:b1:3b:d5:e5:e9:5c:d5:30:ed:1d:e7:07:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f3a03eafa04c83923bd86932461850df5f78146
        Validity
            Not Before: Mar 12 19:01:02 2025 GMT
            Not After : Mar 13 19:01:02 2025 GMT
        Subject: CN=db6c6356d8c97ed0cb2ce78e1bedf67bec3443b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:91:a9:c1:b6:89:15:7f:95:fb:26:1c:64:42:
                    f8:1e:41:a2:2e:3a:57:61:d4:6a:4c:83:22:af:7e:
                    3f:20:b0:c7:2b:d7:8e:56:ec:4a:dc:33:71:eb:3f:
                    1f:f3:da:14:ce:aa:aa:a3:a8:c9:ec:bf:a3:ef:31:
                    e0:ee:58:d9:ad:48:57:7c:9c:9c:20:97:72:e1:41:
                    a7:4b:5f:9a:8f:36:23:e4:26:6b:c1:b5:d1:b9:a7:
                    66:95:75:fd:36:ec:fa:d6:a7:84:68:d1:e6:19:95:
                    94:84:82:e2:ed:fb:c8:b9:16:e6:84:43:e2:05:27:
                    e7:f8:01:93:0f:59:0c:f2:df:0f:98:12:18:c2:25:
                    5a:81:83:45:85:9b:41:d8:9b:34:b7:d7:86:24:be:
                    76:f1:12:4b:f1:07:ed:2b:16:a9:19:21:97:b7:fb:
                    8e:f4:14:bf:ba:2d:1d:41:88:08:4f:1b:95:cd:d5:
                    e8:cf:d5:67:66:b2:2f:cb:bf:18:e7:7d:15:3d:fd:
                    03:d1:79:26:d8:b2:f0:66:b5:8e:59:5e:75:11:8f:
                    6a:71:f9:fe:c3:10:41:d4:79:05:53:13:b3:ab:30:
                    82:70:36:1e:59:cd:df:43:09:9b:aa:05:3f:02:71:
                    26:2a:63:09:5b:18:71:ed:3c:a3:de:d5:0e:8d:c8:
                    98:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:6C:63:56:D8:C9:7E:D0:CB:2C:E7:8E:1B:ED:F6:7B:EC:34:43:B0
            X509v3 Authority Key Identifier:
                keyid:5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:3b:2d:0b:e6:7d:20:32:23:32:bc:79:fb:51:a4:2f:ff:eb:
         0e:5a:1e:a7:49:42:18:e4:f9:a7:00:47:f3:34:18:b6:b6:c0:
         6e:d7:c1:87:08:15:4f:56:56:f8:d4:bc:2f:27:37:be:db:d7:
         1f:2e:a6:69:75:f9:4c:c2:0f:cd:9e:42:4f:a0:a2:42:ec:f5:
         e2:39:e3:4b:45:0f:fe:23:23:5f:3a:37:f8:89:1a:8a:3e:5d:
         10:39:a6:bc:96:44:f3:5b:2e:35:d5:17:db:aa:9e:f7:76:34:
         41:3b:80:6a:2e:10:ba:83:79:67:1c:79:b3:d7:8a:bb:c9:aa:
         d0:46:86:53:43:a5:f7:69:eb:6b:c7:14:61:f7:fe:21:6a:51:
         49:aa:e9:de:b4:fa:e9:4a:ff:b9:7b:ce:58:e6:41:01:df:0b:
         cc:09:db:ee:76:9b:1d:30:6b:fc:a6:87:72:fd:fa:11:42:b1:
         bf:3e:3b:e5:aa:b0:a1:dd:9f:8f:3d:56:a5:d2:ef:73:87:23:
         ab:e5:8a:90:4e:d4:09:71:c0:37:25:1e:ee:3f:59:29:c1:3c:
         c1:be:48:f9:0b:19:6b:25:2e:30:58:90:0b:4d:b7:8c:3c:20:
         15:f6:63:e2:94:c4:c5:68:8f:1e:6f:a5:44:34:86:b9:9f:4b:
         a8:f2:2b:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLu0qxO9Xl6VzVMO0d5wdZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmM2EwM2VhZmEwNGM4MzkyM2JkODY5MzI0NjE4NTBkZjVm
NzgxNDYwHhcNMjUwMzEyMTkwMTAyWhcNMjUwMzEzMTkwMTAyWjAzMTEwLwYDVQQD
EyhkYjZjNjM1NmQ4Yzk3ZWQwY2IyY2U3OGUxYmVkZjY3YmVjMzQ0M2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZGpwbaJFX+V+yYcZEL4HkGiLjpX
YdRqTIMir34/ILDHK9eOVuxK3DNx6z8f89oUzqqqo6jJ7L+j7zHg7ljZrUhXfJyc
IJdy4UGnS1+ajzYj5CZrwbXRuadmlXX9Nuz61qeEaNHmGZWUhILi7fvIuRbmhEPi
BSfn+AGTD1kM8t8PmBIYwiVagYNFhZtB2Js0t9eGJL528RJL8QftKxapGSGXt/uO
9BS/ui0dQYgITxuVzdXoz9VnZrIvy78Y530VPf0D0Xkm2LLwZrWOWV51EY9qcfn+
wxBB1HkFUxOzqzCCcDYeWc3fQwmbqgU/AnEmKmMJWxhx7Tyj3tUOjciYOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNtsY1bYyX7Qyyznjhvt9nvsNEOwMB8GA1UdIwQY
MBaAFF86A+r6BMg5I72GkyRhhQ3194FGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTIt
ZDU0MGU4YjEzZjdkLzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTItZDU0MGU4YjEzZjdk
LzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuDstC+Z9
IDIjMrx5+1GkL//rDloep0lCGOT5pwBH8zQYtrbAbtfBhwgVT1ZW+NS8Lyc3vtvX
Hy6maXX5TMIPzZ5CT6CiQuz14jnjS0UP/iMjXzo3+Ikaij5dEDmmvJZE81suNdUX
26qe93Y0QTuAai4QuoN5Zxx5s9eKu8mq0EaGU0Ol92nra8cUYff+IWpRSarp3rT6
6Ur/uXvOWOZBAd8LzAnb7nabHTBr/KaHcv36EUKxvz475aqwod2fjz1WpdLvc4cj
q+WKkE7UCXHANyUe7j9ZKcE8wb5I+QsZayUuMFiQC023jDwgFfZj4pTExWiPHm+l
RDSGuZ9LqPIrbQ==
-----END CERTIFICATE-----