Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
File:                     XzoD6voEyDkjvYaTJGGFDfX3gUY.mft (raw, json)
Hash identifier:          it4euc4mENA7iEBg6sl5KrEmoZnW3zneA64mZW3faG8=
Subject key identifier:   5A:A3:2A:34:A2:45:18:6B:5C:A0:3A:44:93:8F:24:E4:49:B0:0D:FC
Authority key identifier: 5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46
Certificate issuer:       /CN=5f3a03eafa04c83923bd86932461850df5f78146
Certificate serial:       019922FA561CE135670EEB75040F4531BB01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
Manifest number:          12CC
Signing time:             Sun 07 Sep 2025 07:00:55 +0000
Manifest this update:     Sun 07 Sep 2025 07:00:55 +0000
Manifest next update:     Mon 08 Sep 2025 07:00:55 +0000
Files and hashes:         1: XzoD6voEyDkjvYaTJGGFDfX3gUY.crl (hash: srTC8RN953yDkjQ5o0kAL8LHoppMSd6lK1ab5kiErNg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:56:1c:e1:35:67:0e:eb:75:04:0f:45:31:bb:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f3a03eafa04c83923bd86932461850df5f78146
        Validity
            Not Before: Sep  7 07:00:55 2025 GMT
            Not After : Sep  8 07:00:55 2025 GMT
        Subject: CN=5aa32a34a245186b5ca03a44938f24e449b00dfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:a8:cb:01:3e:4e:41:26:69:6a:42:42:c4:3d:
                    6b:7e:19:ec:da:06:39:4c:ec:fb:d8:65:6f:22:7c:
                    79:7e:d5:96:2e:90:21:31:1b:c3:f0:07:49:98:ac:
                    af:f9:11:af:ba:d1:2b:9d:0a:aa:15:01:86:c6:02:
                    0d:2f:d1:54:21:02:5c:c7:63:33:62:9a:30:21:9b:
                    b9:4b:9d:d4:a4:7e:12:84:81:87:db:d8:62:4e:84:
                    21:89:f8:dd:e8:8f:d5:74:d5:c1:e5:f2:35:d9:db:
                    19:13:63:36:4a:7a:a3:c9:15:fd:37:f5:c9:6e:c1:
                    32:c7:d6:7e:11:72:09:3c:17:db:9a:a0:95:6b:29:
                    c0:93:d3:bf:df:23:39:88:df:e6:35:c3:ea:c0:2a:
                    44:9c:85:c8:4c:27:39:29:56:ba:46:27:04:dc:46:
                    48:1f:01:d5:2e:00:c4:c5:f6:23:07:89:22:80:70:
                    b5:b5:91:7a:71:b1:da:6d:3c:f9:ce:c4:cd:b0:44:
                    09:ca:13:e7:9d:bc:28:cd:0b:01:3c:04:b9:6f:33:
                    ae:30:bd:fc:32:82:ff:91:43:7c:20:02:a0:91:41:
                    a4:87:48:c0:1c:ae:33:93:9a:5d:ae:82:07:fa:50:
                    1a:df:b4:76:af:35:e4:a4:af:e4:72:64:69:4e:64:
                    13:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:A3:2A:34:A2:45:18:6B:5C:A0:3A:44:93:8F:24:E4:49:B0:0D:FC
            X509v3 Authority Key Identifier:
                keyid:5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:bd:f3:42:7d:ed:6b:bb:22:fd:2a:7c:9a:71:39:e8:0a:5f:
         ec:cd:63:37:b6:3d:b7:5a:52:58:a5:c6:e6:38:83:9c:a4:8a:
         be:f9:0d:9a:86:3d:65:e2:14:5b:6e:da:1c:b1:70:04:91:00:
         3b:ff:99:32:18:9d:5a:b6:ba:5f:ec:fb:ac:6d:ab:6e:15:7b:
         bb:9c:18:39:d3:41:8d:9d:a1:7a:f2:e1:ea:7a:a9:88:f0:6f:
         0e:8f:0c:35:9a:3a:58:99:61:0a:e5:27:e5:23:f8:cd:d2:1e:
         f3:1c:97:ad:ba:77:e5:21:ae:e8:4d:dc:8b:06:6f:97:2b:07:
         92:a9:61:a2:be:08:19:1b:bc:94:72:e9:f1:9f:f1:b6:d5:82:
         03:76:a0:a2:6b:4e:da:fc:84:06:61:2a:c2:21:b4:b9:02:2e:
         25:cc:f9:5c:5d:22:a9:ea:f7:a9:9f:94:18:04:94:88:24:22:
         3d:d1:4c:bc:fd:23:3c:b2:50:4b:53:5e:fc:26:b6:1b:f3:cb:
         a8:dc:52:ef:d9:ee:29:36:07:7f:7e:68:3d:8f:bf:dc:74:4e:
         51:10:84:44:4f:0d:04:eb:98:ed:d7:c4:a2:b4:fe:c2:f2:24:
         b1:b8:22:0a:d4:79:eb:29:52:48:bb:21:e1:30:63:a5:75:7a:
         85:a0:4d:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+lYc4TVnDut1BA9FMbsBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmM2EwM2VhZmEwNGM4MzkyM2JkODY5MzI0NjE4NTBkZjVm
NzgxNDYwHhcNMjUwOTA3MDcwMDU1WhcNMjUwOTA4MDcwMDU1WjAzMTEwLwYDVQQD
Eyg1YWEzMmEzNGEyNDUxODZiNWNhMDNhNDQ5MzhmMjRlNDQ5YjAwZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKjLAT5OQSZpakJCxD1rfhns2gY5
TOz72GVvInx5ftWWLpAhMRvD8AdJmKyv+RGvutErnQqqFQGGxgINL9FUIQJcx2Mz
YpowIZu5S53UpH4ShIGH29hiToQhifjd6I/VdNXB5fI12dsZE2M2SnqjyRX9N/XJ
bsEyx9Z+EXIJPBfbmqCVaynAk9O/3yM5iN/mNcPqwCpEnIXITCc5KVa6RicE3EZI
HwHVLgDExfYjB4kigHC1tZF6cbHabTz5zsTNsEQJyhPnnbwozQsBPAS5bzOuML38
MoL/kUN8IAKgkUGkh0jAHK4zk5pdroIH+lAa37R2rzXkpK/kcmRpTmQTDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFqjKjSiRRhrXKA6RJOPJORJsA38MB8GA1UdIwQY
MBaAFF86A+r6BMg5I72GkyRhhQ3194FGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTIt
ZDU0MGU4YjEzZjdkLzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTItZDU0MGU4YjEzZjdk
LzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtr3zQn3t
a7si/Sp8mnE56Apf7M1jN7Y9t1pSWKXG5jiDnKSKvvkNmoY9ZeIUW27aHLFwBJEA
O/+ZMhidWra6X+z7rG2rbhV7u5wYOdNBjZ2hevLh6nqpiPBvDo8MNZo6WJlhCuUn
5SP4zdIe8xyXrbp35SGu6E3ciwZvlysHkqlhor4IGRu8lHLp8Z/xttWCA3agomtO
2vyEBmEqwiG0uQIuJcz5XF0iqer3qZ+UGASUiCQiPdFMvP0jPLJQS1Ne/Ca2G/PL
qNxS79nuKTYHf35oPY+/3HROURCERE8NBOuY7dfEorT+wvIksbgiCtR56ylSSLsh
4TBjpXV6haBNmA==
-----END CERTIFICATE-----