Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
File:                     XzoD6voEyDkjvYaTJGGFDfX3gUY.mft (raw, json)
Hash identifier:          29JjZCtp4AiSRBf067p4dEnPPRFoLmu+XjLMBsOKvTE=
Subject key identifier:   AD:F0:20:75:69:2E:BC:6A:3E:86:06:50:42:A6:04:1B:A1:CF:37:86
Authority key identifier: 5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46
Certificate issuer:       /CN=5f3a03eafa04c83923bd86932461850df5f78146
Certificate serial:       019764DF3A8A6FA1FD81064B93BBFF3132D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
Manifest number:          11E5
Signing time:             Thu 12 Jun 2025 16:00:40 +0000
Manifest this update:     Thu 12 Jun 2025 16:00:40 +0000
Manifest next update:     Fri 13 Jun 2025 16:00:40 +0000
Files and hashes:         1: XzoD6voEyDkjvYaTJGGFDfX3gUY.crl (hash: 2ou06lbR+iKR+ja4XpOWK2L2in5i5YQ1XVqFZtzBGpc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:df:3a:8a:6f:a1:fd:81:06:4b:93:bb:ff:31:32:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f3a03eafa04c83923bd86932461850df5f78146
        Validity
            Not Before: Jun 12 16:00:40 2025 GMT
            Not After : Jun 13 16:00:40 2025 GMT
        Subject: CN=adf02075692ebc6a3e86065042a6041ba1cf3786
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:a2:3a:1b:9c:4b:8e:09:71:72:89:48:8d:d1:
                    7d:d5:31:d0:a9:dd:7b:ed:27:ec:6e:ad:eb:5c:f5:
                    2a:e7:3c:7a:f5:e7:de:a4:d6:4e:f8:82:0d:c6:94:
                    75:89:74:cf:6c:74:63:d2:7c:71:1e:b0:9c:ec:45:
                    b3:9d:7a:b7:eb:7d:10:f4:25:0f:8c:36:1e:9f:ae:
                    44:15:e2:e7:8b:00:2f:85:42:50:10:f4:16:0a:49:
                    40:1b:f6:99:58:02:21:ff:79:fd:cc:63:6d:61:40:
                    41:84:0a:ce:81:f1:02:91:c2:7a:a1:7a:ef:d2:cf:
                    db:73:b5:03:ff:4b:78:da:16:69:02:4e:ea:15:6d:
                    b6:5b:02:8d:fb:7b:7e:d4:76:33:09:f9:e6:88:ef:
                    77:0e:b2:73:4e:34:46:a9:1b:64:ee:6a:d6:e1:f8:
                    b8:d7:cb:3c:bf:4d:4f:f1:98:d0:d7:1e:3e:14:18:
                    da:f0:c7:7d:ae:46:4b:a7:41:0a:5d:d4:ae:0d:82:
                    0d:6c:9c:c9:0e:4c:99:ef:87:ec:60:ec:f4:98:c4:
                    46:74:93:fd:42:b1:af:f3:5e:04:0c:07:38:01:59:
                    cf:e6:10:28:52:d4:d3:20:74:3e:79:d1:8f:f9:3c:
                    65:df:3b:65:e0:01:96:b7:a1:fb:3c:6c:58:58:f6:
                    2f:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:F0:20:75:69:2E:BC:6A:3E:86:06:50:42:A6:04:1B:A1:CF:37:86
            X509v3 Authority Key Identifier:
                keyid:5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:d3:ec:e2:e2:e0:8d:81:38:bf:ae:35:de:72:1e:a3:4c:87:
         e4:66:a5:c9:5d:a0:01:6d:13:1e:d9:75:bb:27:d8:35:61:95:
         a0:4e:72:3d:02:fe:1a:2c:89:c7:8f:46:db:65:a2:b0:4c:df:
         3d:0d:f0:ba:86:92:b5:00:17:37:72:36:6c:ad:8f:8c:f9:38:
         49:42:1f:bd:3a:e1:57:04:90:de:0e:e3:9d:7a:af:be:62:52:
         dd:1e:c7:60:79:af:71:43:78:c0:77:52:a5:d7:ac:d8:62:e8:
         8c:3b:cc:7e:2d:b6:35:d3:31:c4:cd:a3:ea:e4:eb:dc:f8:28:
         e2:be:1e:bb:bb:be:1a:85:3f:d3:ea:75:15:55:f1:1c:e0:91:
         95:8e:99:3d:7a:1c:d5:0e:57:12:a3:96:2f:c3:9c:17:e6:45:
         8a:d0:2c:52:e0:a5:c6:1b:8c:42:3c:5a:85:a8:cb:a4:98:59:
         1d:8a:cd:7d:e8:22:df:e2:b0:5a:c0:a8:f2:e2:c5:4f:92:9a:
         f8:db:39:d0:b2:db:ed:2c:cc:a2:74:75:73:af:37:4c:71:d7:
         96:8d:66:29:b8:34:91:f1:e5:c8:ec:db:2f:f0:50:11:94:32:
         51:d4:ac:91:01:60:61:2d:d4:76:16:37:15:f9:34:41:d5:0d:
         fc:8f:81:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdk3zqKb6H9gQZLk7v/MTLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmM2EwM2VhZmEwNGM4MzkyM2JkODY5MzI0NjE4NTBkZjVm
NzgxNDYwHhcNMjUwNjEyMTYwMDQwWhcNMjUwNjEzMTYwMDQwWjAzMTEwLwYDVQQD
EyhhZGYwMjA3NTY5MmViYzZhM2U4NjA2NTA0MmE2MDQxYmExY2YzNzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKI6G5xLjglxcolIjdF91THQqd17
7Sfsbq3rXPUq5zx69efepNZO+IINxpR1iXTPbHRj0nxxHrCc7EWznXq3630Q9CUP
jDYen65EFeLniwAvhUJQEPQWCklAG/aZWAIh/3n9zGNtYUBBhArOgfECkcJ6oXrv
0s/bc7UD/0t42hZpAk7qFW22WwKN+3t+1HYzCfnmiO93DrJzTjRGqRtk7mrW4fi4
18s8v01P8ZjQ1x4+FBja8Md9rkZLp0EKXdSuDYINbJzJDkyZ74fsYOz0mMRGdJP9
QrGv814EDAc4AVnP5hAoUtTTIHQ+edGP+Txl3ztl4AGWt6H7PGxYWPYv3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK3wIHVpLrxqPoYGUEKmBBuhzzeGMB8GA1UdIwQY
MBaAFF86A+r6BMg5I72GkyRhhQ3194FGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTIt
ZDU0MGU4YjEzZjdkLzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTItZDU0MGU4YjEzZjdk
LzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY9Ps4uLg
jYE4v6413nIeo0yH5GalyV2gAW0THtl1uyfYNWGVoE5yPQL+GiyJx49G22WisEzf
PQ3wuoaStQAXN3I2bK2PjPk4SUIfvTrhVwSQ3g7jnXqvvmJS3R7HYHmvcUN4wHdS
pdes2GLojDvMfi22NdMxxM2j6uTr3Pgo4r4eu7u+GoU/0+p1FVXxHOCRlY6ZPXoc
1Q5XEqOWL8OcF+ZFitAsUuClxhuMQjxahajLpJhZHYrNfegi3+KwWsCo8uLFT5Ka
+Ns50LLb7SzMonR1c683THHXlo1mKbg0kfHlyOzbL/BQEZQyUdSskQFgYS3UdhY3
Ffk0QdUN/I+B1g==
-----END CERTIFICATE-----